oidc

package

v0.0.0-...-0c4ea9a Latest Latest Go to latest Published: Mar 13, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/arrikto/oidc-authservice

Links

Open Source Insights

Documentation ¶

Index ¶

func NewConfig(clientID string) *oidc.Config
func RevocationEndpoint(p Provider) (string, error)
func RevokeTokens(ctx context.Context, revocationEndpoint string, token *oauth2.Token, ...) error
func TokenSource(ctx context.Context, config *oauth2.Config, token *oauth2.Token) (*oauth2.Token, bool, error)
type Provider
- func NewProvider(ctx context.Context, u *url.URL) Provider
type UserInfo
- func GetUserInfo(ctx context.Context, provider Provider, token *oauth2.Token) (*UserInfo, error)
- func ParseUserInfo(body []byte) (*UserInfo, error)
- func (u *UserInfo) Claims(v interface{}) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewConfig ¶

func NewConfig(clientID string) *oidc.Config

func RevocationEndpoint ¶

func RevocationEndpoint(p Provider) (string, error)

RevocationEndpoint parses the OIDC Provider claims from the discovery document and tries to find the revocation_endpoint.

func RevokeTokens ¶

func RevokeTokens(ctx context.Context, revocationEndpoint string, token *oauth2.Token, clientID, clientSecret string) error

RevokeTokens is a helper that takes an oauth2.Token and revokes the access and refresh tokens. If no tokens are found, it succeeds.

func TokenSource ¶

func TokenSource(ctx context.Context, config *oauth2.Config,
	token *oauth2.Token) (*oauth2.Token, bool, error)

TokenSource is a wrapper around oauth2.Config.TokenSource that additionally returns a boolean indicator for a token refresh.

Types ¶

type Provider ¶

type Provider interface {
	Claims(v interface{}) error
	Endpoint() oauth2.Endpoint
	Verifier(config *oidc.Config) *oidc.IDTokenVerifier
}

func NewProvider ¶

func NewProvider(ctx context.Context, u *url.URL) Provider

type UserInfo ¶

type UserInfo struct {
	Subject       string `json:"sub"`
	Profile       string `json:"profile"`
	Email         string `json:"email"`
	EmailVerified bool   `json:"email_verified"`

	RawClaims []byte
}

UserInfo represents the OpenID Connect userinfo claims.

func GetUserInfo ¶

func GetUserInfo(ctx context.Context, provider Provider, token *oauth2.Token) (*UserInfo, error)

GetUserInfo uses the token source to query the provider's user info endpoint. We reimplement UserInfo 1 instead of using the go-oidc's library UserInfo, in order to include HTTP response information in case of an error during contacting the UserInfo endpoint.

func ParseUserInfo ¶

func ParseUserInfo(body []byte) (*UserInfo, error)

ParseUserInfo unmarshals the response of the UserInfo endpoint and enforces boolean value for the EmailVerified claim.

func (*UserInfo) Claims ¶

func (u *UserInfo) Claims(v interface{}) error

Claims unmarshals the raw JSON object claims into the provided object.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL