Documentation
¶
Index ¶
- type AuthOIDC
- func (a *AuthOIDC) AuthenticatorID() (id string)
- func (a *AuthOIDC) Configure(yamlSource []byte) (err error)
- func (a *AuthOIDC) DetectUser(res http.ResponseWriter, r *http.Request) (user string, groups []string, err error)
- func (a *AuthOIDC) Login(res http.ResponseWriter, r *http.Request) (user string, mfaConfigs []plugins.MFAConfig, err error)
- func (a *AuthOIDC) LoginFields() (fields []plugins.LoginField)
- func (a *AuthOIDC) Logout(res http.ResponseWriter, r *http.Request) (err error)
- func (a *AuthOIDC) SupportsMFA() bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthOIDC ¶
type AuthOIDC struct {
ClientID string `yaml:"client_id"`
ClientSecret string `yaml:"client_secret"`
IssuerName string `yaml:"issuer_name"`
IssuerURL string `yaml:"issuer_url"`
RedirectURL string `yaml:"redirect_url"`
RequireDomain string `yaml:"require_domain"`
UserIDMethod string `yaml:"user_id_method"`
// contains filtered or unexported fields
}
func New ¶
func New(cs *sessions.CookieStore) *AuthOIDC
func (*AuthOIDC) AuthenticatorID ¶
AuthenticatorID needs to return an unique string to identify this special authenticator
func (*AuthOIDC) Configure ¶
Configure loads the configuration for the Authenticator from the global config.yaml file which is passed as a byte-slice. If no configuration for the Authenticator is supplied the function needs to return the ErrProviderUnconfigured
func (*AuthOIDC) DetectUser ¶
func (a *AuthOIDC) DetectUser(res http.ResponseWriter, r *http.Request) (user string, groups []string, err error)
DetectUser is used to detect a user without a login form from a cookie, header or other methods If no user was detected the ErrNoValidUserFound needs to be returned
func (*AuthOIDC) Login ¶
func (a *AuthOIDC) Login(res http.ResponseWriter, r *http.Request) (user string, mfaConfigs []plugins.MFAConfig, err error)
Login is called when the user submits the login form and needs to authenticate the user or throw an error. If the user has successfully logged in the persistent cookie should be written in order to use DetectUser for the next login. With the login result an array of mfaConfig must be returned. In case there is no MFA config or the provider does not support MFA return nil. If the user did not login correctly the ErrNoValidUserFound needs to be returned
func (*AuthOIDC) LoginFields ¶
func (a *AuthOIDC) LoginFields() (fields []plugins.LoginField)
LoginFields needs to return the fields required for this login method. If no login using this method is possible the function needs to return nil.
func (*AuthOIDC) Logout ¶
Logout is called when the user visits the logout endpoint and needs to destroy any persistent stored cookies
func (*AuthOIDC) SupportsMFA ¶
SupportsMFA returns the MFA detection capabilities of the login provider. If the provider can provide mfaConfig objects from its configuration return true. If this is true the login interface will display an additional field for this provider for the user to fill in their MFA token.
Source Files