Documentation ¶
Index ¶
- type Config
- type IdentityProvider
- func (b *IdentityProvider) Authenticate(r *requests.Request) error
- func (b *IdentityProvider) Configure() error
- func (b *IdentityProvider) Configured() bool
- func (b *IdentityProvider) GetConfig() map[string]interface{}
- func (b *IdentityProvider) GetDriver() string
- func (b *IdentityProvider) GetIdentityTokenCookieName() string
- func (b *IdentityProvider) GetKind() string
- func (b *IdentityProvider) GetLoginIcon() *icons.LoginIcon
- func (b *IdentityProvider) GetLogoutURL() string
- func (b *IdentityProvider) GetName() string
- func (b *IdentityProvider) GetRealm() string
- func (b *IdentityProvider) GetRefreshTokenCookieName() string
- func (b *IdentityProvider) Request(op operator.Type, r *requests.Request) error
- func (b *IdentityProvider) ScopeExists(scopes ...string) bool
- type JwksKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { Name string `json:"name,omitempty" xml:"name,omitempty" yaml:"name,omitempty"` Realm string `json:"realm,omitempty" xml:"realm,omitempty" yaml:"realm,omitempty"` Driver string `json:"driver,omitempty" xml:"driver,omitempty" yaml:"driver,omitempty"` DomainName string `json:"domain_name,omitempty" xml:"domain_name,omitempty" yaml:"domain_name,omitempty"` ClientID string `json:"client_id,omitempty" xml:"client_id,omitempty" yaml:"client_id,omitempty"` ClientSecret string `json:"client_secret,omitempty" xml:"client_secret,omitempty" yaml:"client_secret,omitempty"` ServerID string `json:"server_id,omitempty" xml:"server_id,omitempty" yaml:"server_id,omitempty"` ServerName string `json:"server_name,omitempty" xml:"server_name,omitempty" yaml:"server_name,omitempty"` AppSecret string `json:"app_secret,omitempty" xml:"app_secret,omitempty" yaml:"app_secret,omitempty"` TenantID string `json:"tenant_id,omitempty" xml:"tenant_id,omitempty" yaml:"tenant_id,omitempty"` IdentityTokenName string `json:"identity_token_name,omitempty" xml:"identity_token_name,omitempty" yaml:"identity_token_name,omitempty"` // AWS Cognito User Pool ID UserPoolID string `json:"user_pool_id,omitempty" xml:"user_pool_id,omitempty" yaml:"user_pool_id,omitempty"` // AWS Region Region string `json:"region,omitempty" xml:"region,omitempty" yaml:"region,omitempty"` Scopes []string `json:"scopes,omitempty" xml:"scopes,omitempty" yaml:"scopes,omitempty"` // The number if seconds to wait before getting key material // from an OAuth 2.0 identity provider. DelayStart int `json:"delay_start,omitempty" xml:"delay_start,omitempty" yaml:"delay_start,omitempty"` // The number of the retry attempts getting key material // from an OAuth 2.0 identity provider. RetryAttempts int `json:"retry_attempts,omitempty" xml:"retry_attempts,omitempty" yaml:"retry_attempts,omitempty"` // The number of seconds to wait until the retrying. RetryInterval int `json:"retry_interval,omitempty" xml:"retry_interval,omitempty" yaml:"retry_interval,omitempty"` UserRoleMapList []map[string]interface{} `json:"user_roles,omitempty" xml:"user_roles,omitempty" yaml:"user_roles,omitempty"` // The URL to OAuth 2.0 Custom Authorization Server. BaseAuthURL string `json:"base_auth_url,omitempty" xml:"base_auth_url,omitempty" yaml:"base_auth_url,omitempty"` // The URL to OAuth 2.0 metadata related to your Custom Authorization Server. MetadataURL string `json:"metadata_url,omitempty" xml:"metadata_url,omitempty" yaml:"metadata_url,omitempty"` // The regex filters for user groups extracted via IdP API. UserGroupFilters []string `json:"user_group_filters,omitempty" xml:"user_group_filters,omitempty" yaml:"user_group_filters,omitempty"` // The regex filters for user orgs extracted via IdP API. UserOrgFilters []string `json:"user_org_filters,omitempty" xml:"user_org_filters,omitempty" yaml:"user_org_filters,omitempty"` // Disables metadata discovery via public metadata URL. MetadataDiscoveryDisabled bool `` /* 133-byte string literal not displayed */ KeyVerificationDisabled bool `` /* 127-byte string literal not displayed */ PassGrantTypeDisabled bool `json:"pass_grant_type_disabled,omitempty" xml:"pass_grant_type_disabled,omitempty" yaml:"pass_grant_type_disabled,omitempty"` ResponseTypeDisabled bool `json:"response_type_disabled,omitempty" xml:"response_type_disabled,omitempty" yaml:"response_type_disabled,omitempty"` NonceDisabled bool `json:"nonce_disabled,omitempty" xml:"nonce_disabled,omitempty" yaml:"nonce_disabled,omitempty"` ScopeDisabled bool `json:"scope_disabled,omitempty" xml:"scope_disabled,omitempty" yaml:"scope_disabled,omitempty"` AcceptHeaderEnabled bool `json:"accept_header_enabled,omitempty" xml:"accept_header_enabled,omitempty" yaml:"accept_header_enabled,omitempty"` JsCallbackEnabled bool `json:"js_callback_enabled,omitempty" xml:"js_callback_enabled,omitempty" yaml:"js_callback_enabled,omitempty"` // If enabled, portal redirects to identity provider logout URL. This would end the session with the provider. LogoutEnabled bool `json:"logout_enabled,omitempty" xml:"logout_enabled,omitempty" yaml:"logout_enabled,omitempty"` ResponseType []string `json:"response_type,omitempty" xml:"response_type,omitempty" yaml:"response_type,omitempty"` AuthorizationURL string `json:"authorization_url,omitempty" xml:"authorization_url,omitempty" yaml:"authorization_url,omitempty"` TokenURL string `json:"token_url,omitempty" xml:"token_url,omitempty" yaml:"token_url,omitempty"` RequiredTokenFields []string `json:"required_token_fields,omitempty" xml:"required_token_fields,omitempty" yaml:"required_token_fields,omitempty"` TLSInsecureSkipVerify bool `json:"tls_insecure_skip_verify,omitempty" xml:"tls_insecure_skip_verify,omitempty" yaml:"tls_insecure_skip_verify,omitempty"` // The predefined public RSA based JWKS keys. JwksKeys map[string]string `json:"jwks_keys,omitempty" xml:"jwks_keys,omitempty" yaml:"jwks_keys,omitempty"` // Disables the check for the presence of email field in a token. EmailClaimCheckDisabled bool `` /* 130-byte string literal not displayed */ // LoginIcon is the UI login icon attributes. LoginIcon *icons.LoginIcon `json:"login_icon,omitempty" xml:"login_icon,omitempty" yaml:"login_icon,omitempty"` UserInfoFields []string `json:"user_info_fields,omitempty" xml:"user_info_fields,omitempty" yaml:"user_info_fields,omitempty"` UserInfoRolesFieldName string `` /* 130-byte string literal not displayed */ // The name of the cookie storing id_token from OAuth provider. IdentityTokenCookieName string `` /* 130-byte string literal not displayed */ // Enables the storing of id_token from OAuth provider in a HTTP cookie. IdentityTokenCookieEnabled bool `` /* 139-byte string literal not displayed */ // The name of the cookie storing id_token from OAuth provider. RefreshTokenCookieName string `` /* 127-byte string literal not displayed */ // Enables the storing of id_token from OAuth provider in a HTTP cookie. RefreshTokenCookieEnabled bool `` /* 136-byte string literal not displayed */ }
Config holds the configuration for the IdentityProvider.
type IdentityProvider ¶
type IdentityProvider struct {
// contains filtered or unexported fields
}
IdentityProvider represents OAuth-based identity provider.
func NewIdentityProvider ¶
func NewIdentityProvider(cfg *Config, logger *zap.Logger) (*IdentityProvider, error)
NewIdentityProvider returns an instance of IdentityProvider.
func (*IdentityProvider) Authenticate ¶
func (b *IdentityProvider) Authenticate(r *requests.Request) error
Authenticate performs authentication.
func (*IdentityProvider) Configure ¶
func (b *IdentityProvider) Configure() error
Configure configures IdentityProvider.
func (*IdentityProvider) Configured ¶
func (b *IdentityProvider) Configured() bool
Configured returns true if the identity provider was configured.
func (*IdentityProvider) GetConfig ¶
func (b *IdentityProvider) GetConfig() map[string]interface{}
GetConfig returns IdentityProvider configuration.
func (*IdentityProvider) GetDriver ¶
func (b *IdentityProvider) GetDriver() string
GetDriver returns the name of the driver associated with the provider.
func (*IdentityProvider) GetIdentityTokenCookieName ¶
func (b *IdentityProvider) GetIdentityTokenCookieName() string
GetIdentityTokenCookieName returns the name of the identity token cookie associated with the provider.
func (*IdentityProvider) GetKind ¶
func (b *IdentityProvider) GetKind() string
GetKind returns the authentication method associated with this identity provider.
func (*IdentityProvider) GetLoginIcon ¶
func (b *IdentityProvider) GetLoginIcon() *icons.LoginIcon
GetLoginIcon returns the instance of the icon associated with the provider.
func (*IdentityProvider) GetLogoutURL ¶
func (b *IdentityProvider) GetLogoutURL() string
GetLogoutURL returns the logout URL associated with the provider.
func (*IdentityProvider) GetName ¶
func (b *IdentityProvider) GetName() string
GetName return the name associated with this identity provider.
func (*IdentityProvider) GetRealm ¶
func (b *IdentityProvider) GetRealm() string
GetRealm return authentication realm.
func (*IdentityProvider) GetRefreshTokenCookieName ¶
func (b *IdentityProvider) GetRefreshTokenCookieName() string
GetRefreshTokenCookieName returns the name of the refresh token cookie associated with the provider.
func (*IdentityProvider) ScopeExists ¶
func (b *IdentityProvider) ScopeExists(scopes ...string) bool
ScopeExists returns true if any of the provided scopes exist.
type JwksKey ¶
type JwksKey struct { Algorithm string `json:"alg,omitempty" xml:"alg,omitempty" yaml:"alg,omitempty"` Exponent string `json:"e,omitempty" xml:"e,omitempty" yaml:"e,omitempty"` KeyID string `json:"kid,omitempty" xml:"kid,omitempty" yaml:"kid,omitempty"` KeyType string `json:"kty,omitempty" xml:"kty,omitempty" yaml:"kty,omitempty"` Modulus string `json:"n,omitempty" xml:"n,omitempty" yaml:"n,omitempty"` PublicKeyUse string `json:"use,omitempty" xml:"use,omitempty" yaml:"use,omitempty"` NotBefore string `json:"nbf,omitempty" xml:"nbf,omitempty" yaml:"nbf,omitempty"` Curve string `json:"crv,omitempty" xml:"crv,omitempty" yaml:"crv,omitempty"` CoordX string `json:"x,omitempty" xml:"x,omitempty" yaml:"x,omitempty"` CoordY string `json:"y,omitempty" xml:"y,omitempty" yaml:"y,omitempty"` // contains filtered or unexported fields }
JwksKey is a JSON object that represents a cryptographic key. See https://tools.ietf.org/html/rfc7517#section-4, https://tools.ietf.org/html/rfc7518#section-6.3
func NewJwksKeyFromRSAPrivateKey ¶
func NewJwksKeyFromRSAPrivateKey(privKey *rsa.PrivateKey) (*JwksKey, error)
NewJwksKeyFromRSAPrivateKey returns an instance of Jwks from RSA private key.
func NewJwksKeyFromRSAPublicKeyPEM ¶
NewJwksKeyFromRSAPublicKeyPEM returns an instance of Jwks from RSA public key in PEM format.