Versions in this module Expand all Collapse all v0 v0.3.0 Apr 5, 2020 Changes in this version + const Bearer + var ErrInvalidAccessToken = fmt.Errorf(`%w: access token is invalid`, oidc.ErrInvalidGrant) + var ErrInvalidAccessTokenSession = fmt.Errorf(`%w: failed to restore session for access token`, oidc.ErrInvalidGrant) + var ErrInvalidCode = fmt.Errorf(`%w: "code" is invalid`, oidc.ErrInvalidGrant) + var ErrInvalidCodeRedeemer = fmt.Errorf(`%w: "code" was issued to a different client or redirect uri`, ...) + var ErrInvalidCodeVerifier = fmt.Errorf(`%w: verifier for "code" is invalid`, oidc.ErrInvalidGrant) + var ErrInvalidRefreshToken = fmt.Errorf(`%w: "refresh_token" is invalid`, oidc.ErrInvalidGrant) + var ErrInvalidRefreshTokenRedeemer = fmt.Errorf(`%w: "refresh_token" was issued to a different client or redirect uri`, ...) + var ErrSessionNotFound = fmt.Errorf("%w: session not found", oidc.ErrInvalidGrant) + type AccessToken struct + Created time.Time + Expiry time.Time + Session *Session + Type string + func (t *AccessToken) Expired() bool + func (t *AccessToken) ExpiresIn() int64 + type AccessTokenStrategy interface + Export func(ctx context.Context, token *AccessToken) (exported string, err error) + Import func(ctx context.Context, exported string) (*AccessToken, error) + Invalidate func(ctx context.Context, exported string) error + type Code struct + Challenge string + ChallengeMethod oidc.CodeChallengeMethod + Expiry time.Time + Session *Session + func (c *Code) Expired() bool + func (c *Code) Validate(tr *token.Request) error + type CodeStorage interface + Delete func(ctx context.Context, id string) error + Get func(ctx context.Context, id string) (*Code, error) + Insert func(ctx context.Context, id string, code *Code) error + func MemoryCodeStorage() CodeStorage + type CodeStrategy interface + Export func(ctx context.Context, code *Code) (exported string, err error) + Import func(ctx context.Context, exported string) (*Code, error) + Invalidate func(ctx context.Context, exported string) error + func StatefulCodeStrategy(entropy int, storage CodeStorage) CodeStrategy + type IdToken struct + AccessToken string + Client *client.Client + Code string + Created time.Time + Expiry time.Time + ExtraClaims map[string]interface{} + Session *Session + func (t *IdToken) SubjectOrObfuscated(pairwiseSalt []byte) (string, error) + type IdTokenStrategy interface + Export func(ctx context.Context, token *IdToken) (exported string, err error) + func DefaultIdTokenStrategy(issuer string, pairwiseSalt []byte, serverJwks *gojosev2.JSONWebKeySet, ...) IdTokenStrategy + type JwtAccessTokenClaims struct + ClientId string + Scopes string + SessionId string + type JwtAccessTokenStrategy struct + Issuer string + ServerJwks *gojosev2.JSONWebKeySet + SessionLookup SessionLookup + SigningAlg jose.SignatureAlgorithm + func (s *JwtAccessTokenStrategy) Export(_ context.Context, token *AccessToken) (exported string, err error) + func (s *JwtAccessTokenStrategy) Import(ctx context.Context, exported string) (*AccessToken, error) + func (s *JwtAccessTokenStrategy) Invalidate(_ context.Context, _ string) error + type RedisCodeStorage struct + Client redis.UniversalClient + Logger *zerolog.Logger + RedisSessionStorage *RedisSessionStorage + func (s *RedisCodeStorage) Delete(ctx context.Context, id string) error + func (s *RedisCodeStorage) Get(ctx context.Context, id string) (*Code, error) + func (s *RedisCodeStorage) Insert(ctx context.Context, id string, code *Code) error + type RedisRefreshTokenStorage struct + Client redis.UniversalClient + Logger *zerolog.Logger + RedisSessionStorage *RedisSessionStorage + func (s *RedisRefreshTokenStorage) Delete(_ context.Context, id string) error + func (s *RedisRefreshTokenStorage) Get(ctx context.Context, id string) (*RefreshToken, error) + func (s *RedisRefreshTokenStorage) Insert(ctx context.Context, id string, token *RefreshToken) error + type RedisSessionStorage struct + Client redis.UniversalClient + Logger *zerolog.Logger + func (s *RedisSessionStorage) Delete(ctx context.Context, sessionId string) error + func (s *RedisSessionStorage) ExtendExpiry(ctx context.Context, sessionId string, expiry time.Time) error + func (s *RedisSessionStorage) Get(ctx context.Context, sessionId string) (*Session, error) + func (s *RedisSessionStorage) Insert(ctx context.Context, session *Session, expiry time.Time) error + func (s *RedisSessionStorage) Key(sessionId string) string + type RefreshToken struct + Created time.Time + Expiry time.Time + Session *Session + func (t *RefreshToken) Expired() bool + func (t *RefreshToken) Validate(tr *token.Request) error + type RefreshTokenStorage interface + Delete func(ctx context.Context, id string) error + Get func(ctx context.Context, id string) (*RefreshToken, error) + Insert func(ctx context.Context, id string, token *RefreshToken) error + func MemoryRefreshTokenStorage() RefreshTokenStorage + type RefreshTokenStrategy interface + Export func(ctx context.Context, token *RefreshToken) (exported string, err error) + Import func(ctx context.Context, exported string) (*RefreshToken, error) + Invalidate func(ctx context.Context, exported string) error + func StatefulRefreshTokenStrategy(entropy int, storage RefreshTokenStorage) RefreshTokenStrategy + type Session struct + AudienceHint []string + ClientId string + GrantedScopes map[oidc.Scope]struct{} + Id string + IdTokenClaims map[string]interface{} + RedirectUri oidc.RedirectUri + Subject string + UserInfoClaims map[string]interface{} + func NewSession() *Session + func (s *Session) HasClaim(claimName string) bool + func (s *Session) HasGrantedScope(scope oidc.Scope) bool + func (s *Session) InitByAuthorizeRequest(req *auth.Request) + func (s *Session) MarshalJSON() ([]byte, error) + func (s *Session) UnmarshalJSON(raw []byte) error + type SessionLookup interface + Get func(ctx context.Context, sessionId string) (*Session, error) + type SessionStorage interface + Delete func(ctx context.Context, sessionId string) error + ExtendExpiry func(ctx context.Context, sessionId string, expiry time.Time) error + Insert func(ctx context.Context, session *Session, expiry time.Time) error + func MemorySessionStorage() SessionStorage