oidc

package

v0.1.0 Latest Latest Go to latest Published: Mar 30, 2021 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/bobvawter/cacheroach

Links

Open Source Insights

Documentation ¶

Overview ¶

Package oidc provide OpenID Connect integration for cacheroach.

Index ¶

Constants
Variables
type Connector
- func ProvideConnector(ctx context.Context, auto promauto.Factory, bt *bootstrap.Bootstrapper, ...) (*Connector, error)

Constants ¶

View Source

const (
	AuthorizationCookie = "authorization"
	DestinationCookie   = "cacheroach-destination"
	NonceCookie         = "cacheroach-oidc-nonce"
	StateCookie         = "cacheroach-oidc-state"
)

These cookies are used during the authentication flow.

View Source

const ReceivePath = "/_/oidc/receive"

ReceivePath will be added to the redirect path.

Variables ¶

View Source

var ErrPermanentFailure = errors.New("OIDC refresh needed")

ErrPermanentFailure indicates that the principal must be reauthorized by the OIDC provider in order to be usable.

View Source

var Set = wire.NewSet(
	ProvideConnector,
)

Set is used by wire.

Functions ¶

This section is empty.

Types ¶

type Connector ¶

type Connector struct {
	// contains filtered or unexported fields
}

Connector encapsulates the OIDC integration.

func ProvideConnector ¶

func ProvideConnector(
	ctx context.Context,
	auto promauto.Factory,
	bt *bootstrap.Bootstrapper,
	cfg *common.Config,
	logger *log.Logger,
	principals principal.PrincipalsServer,
	tokens token.TokensServer,
) (*Connector, error)

ProvideConnector is called by wire.

func (*Connector) Receive ¶

func (c *Connector) Receive(w http.ResponseWriter, r *http.Request)

Receive a JWT token from the OIDC provider to create a principal and issue a session token.

func (*Connector) Redirect ¶

func (c *Connector) Redirect(w http.ResponseWriter, r *http.Request, dest *url.URL) bool

Redirect implements an endpoint to redirect a caller to the OIDC provider. Once the flow has been successfully completed, the caller will be redirected to the given destination.

This method returns true if it was able to generate a response.

func (*Connector) Validate ¶

func (c *Connector) Validate(ctx context.Context, pID *principal.ID) error

Validate ensures that the Principal is still valid, according to the OIDC provider.

Source Files ¶

View all Source files

connector.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL