oidcx

package
v0.0.0-...-6606c74 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 30, 2023 License: MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MaxAgeToInternal

func MaxAgeToInternal(maxAge *uint) *time.Duration

func PromptToInternal

func PromptToInternal(oidcPrompt oidc.SpaceDelimitedArray) []string

func RedirectGlobsClient

func RedirectGlobsClient(client *Client) op.Client

RedirectGlobsClient wraps the client in a op.HasRedirectGlobs only if DevMode is enabled.

func RefreshTokenRequestFromBusiness

func RefreshTokenRequestFromBusiness(token *RefreshToken) op.RefreshTokenRequest

RefreshTokenRequestFromBusiness will simply wrap the storage RefreshToken to implement the op.RefreshTokenRequest interface

func SetupServer

func SetupServer(issuer string, storage *Storage, extraOptions ...op.Option) *mux.Router

SetupServer creates an OIDC server with Issuer=http://localhost:<port> Use one of the pre-made clients in storage/clients.go or register a new one.

Types

type AuthRequest

type AuthRequest struct {
	gormx.BaseFields
	ApplicationID string
	CallbackURI   string
	TransferState string
	Prompt        []string
	UiLocales     []language.Tag
	LoginHint     string
	MaxAuthAge    *time.Duration
	UserID        string
	Scopes        []string
	ResponseType  oidc.ResponseType
	Nonce         string
	CodeChallenge *OIDCCodeChallenge
	// contains filtered or unexported fields
}

func (*AuthRequest) Done

func (ar *AuthRequest) Done() bool

func (*AuthRequest) GetACR

func (ar *AuthRequest) GetACR() string

func (*AuthRequest) GetAMR

func (ar *AuthRequest) GetAMR() []string

func (*AuthRequest) GetAudience

func (ar *AuthRequest) GetAudience() []string

func (*AuthRequest) GetAuthTime

func (ar *AuthRequest) GetAuthTime() time.Time

func (*AuthRequest) GetClientID

func (ar *AuthRequest) GetClientID() string

func (*AuthRequest) GetCodeChallenge

func (ar *AuthRequest) GetCodeChallenge() *oidc.CodeChallenge

func (*AuthRequest) GetID

func (ar *AuthRequest) GetID() string

func (*AuthRequest) GetNonce

func (ar *AuthRequest) GetNonce() string

func (*AuthRequest) GetRedirectURI

func (ar *AuthRequest) GetRedirectURI() string

func (*AuthRequest) GetResponseMode

func (ar *AuthRequest) GetResponseMode() oidc.ResponseMode

func (*AuthRequest) GetResponseType

func (ar *AuthRequest) GetResponseType() oidc.ResponseType

func (*AuthRequest) GetScopes

func (ar *AuthRequest) GetScopes() []string

func (*AuthRequest) GetState

func (ar *AuthRequest) GetState() string

func (*AuthRequest) GetSubject

func (ar *AuthRequest) GetSubject() string

func (*AuthRequest) SetID

func (ar *AuthRequest) SetID(id string)

type AuthRequestCacher

type AuthRequestCacher interface {
	Get(string) *AuthRequest
}

type Client

type Client struct {
	gormx.BaseFields
	Name   string `json:"name" gorm:"column:name;type:varchar(256);not null"`
	Secret string `json:"secret" gorm:"column:secret;type:varchar(256);not null"`

	OrganizationId string `json:"oid"`
	// contains filtered or unexported fields
}

func (*Client) AccessTokenType

func (c *Client) AccessTokenType() op.AccessTokenType

AccessTokenType implements op.Client.

func (*Client) ApplicationType

func (c *Client) ApplicationType() op.ApplicationType

ApplicationType implements op.Client.

func (*Client) AuthMethod

func (c *Client) AuthMethod() oidc.AuthMethod

AuthMethod implements op.Client.

func (*Client) ClockSkew

func (c *Client) ClockSkew() time.Duration

ClockSkew implements op.Client.

func (*Client) DevMode

func (c *Client) DevMode() bool

DevMode implements op.Client.

func (*Client) GetID

func (c *Client) GetID() string

GetID implements op.Client.

func (*Client) GrantTypes

func (c *Client) GrantTypes() []oidc.GrantType

GrantTypes implements op.Client.

func (*Client) IDTokenLifetime

func (c *Client) IDTokenLifetime() time.Duration

IDTokenLifetime implements op.Client.

func (*Client) IDTokenUserinfoClaimsAssertion

func (c *Client) IDTokenUserinfoClaimsAssertion() bool

IDTokenUserinfoClaimsAssertion implements op.Client.

func (*Client) IsScopeAllowed

func (c *Client) IsScopeAllowed(scope string) bool

IsScopeAllowed implements op.Client.

func (*Client) LoginURL

func (c *Client) LoginURL(id string) string

重定向到登陆页面 LoginURL implements op.Client.

func (*Client) PostLogoutRedirectURIs

func (c *Client) PostLogoutRedirectURIs() []string

PostLogoutRedirectURIs implements op.Client.

func (*Client) RedirectURIs

func (c *Client) RedirectURIs() []string

RedirectURIs implements op.Client.

func (*Client) ResponseTypes

func (c *Client) ResponseTypes() []oidc.ResponseType

ResponseTypes implements op.Client.

func (*Client) RestrictAdditionalAccessTokenScopes

func (c *Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string

RestrictAdditionalAccessTokenScopes implements op.Client.

func (*Client) RestrictAdditionalIdTokenScopes

func (c *Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string

RestrictAdditionalIdTokenScopes implements op.Client.

type DefaultClientRepository

type DefaultClientRepository interface {
	gormx.BaseRepository[Client]
	GetOneByName(context.Context, string) (*Client, error)
	GetAllByName(context.Context, httpx.Pageable, string) []Client
}

type GormClientRepository

type GormClientRepository struct {
	// contains filtered or unexported fields
}

func NewGormClientRepository

func NewGormClientRepository() *GormClientRepository

func (*GormClientRepository) CreateOne

func (r *GormClientRepository) CreateOne(ctx context.Context, client *Client) error

CreateOne implements DefaultClientRepository.

func (*GormClientRepository) DeleteOneById

func (r *GormClientRepository) DeleteOneById(context.Context, string) error

DeleteOneById implements DefaultClientRepository.

func (*GormClientRepository) GetAllByName

GetAllByName implements DefaultClientRepository.

func (*GormClientRepository) GetOneById

func (r *GormClientRepository) GetOneById(context.Context, string) (*Client, error)

GetOneById implements DefaultClientRepository.

func (*GormClientRepository) GetOneByName

func (r *GormClientRepository) GetOneByName(context.Context, string) (*Client, error)

GetOneByName implements DefaultClientRepository.

func (*GormClientRepository) InitDB

func (r *GormClientRepository) InitDB() error

InitDB implements DefaultClientRepository.

func (*GormClientRepository) UpdateOneById

func (r *GormClientRepository) UpdateOneById(context.Context, string, *Client) error

UpdateOneById implements DefaultClientRepository.

type OIDCCodeChallenge

type OIDCCodeChallenge struct {
	Challenge string
	Method    string
}

type OidcClientRepository

type OidcClientRepository interface {
	gormx.BaseRepository[Client]
	FindByOidAndName(string, string) *Client
}

type RefreshToken

type RefreshToken struct {
	ID            string
	Token         string
	AuthTime      time.Time
	AMR           []string
	Audience      []string
	UserID        string
	ApplicationID string
	Expiration    time.Time
	Scopes        []string
}

type RefreshTokenRequest

type RefreshTokenRequest struct {
	*RefreshToken
}

func (*RefreshTokenRequest) GetAMR

func (r *RefreshTokenRequest) GetAMR() []string

func (*RefreshTokenRequest) GetAudience

func (r *RefreshTokenRequest) GetAudience() []string

func (*RefreshTokenRequest) GetAuthTime

func (r *RefreshTokenRequest) GetAuthTime() time.Time

func (*RefreshTokenRequest) GetClientID

func (r *RefreshTokenRequest) GetClientID() string

func (*RefreshTokenRequest) GetScopes

func (r *RefreshTokenRequest) GetScopes() []string

func (*RefreshTokenRequest) GetSubject

func (r *RefreshTokenRequest) GetSubject() string

func (*RefreshTokenRequest) SetCurrentScopes

func (r *RefreshTokenRequest) SetCurrentScopes(scopes []string)

type Service

type Service struct {
	// contains filtered or unexported fields
}

type SigninRequest

type SigninRequest struct {
	gormx.BaseFields
}

type Storage

type Storage struct {
	// contains filtered or unexported fields
}

func NewStorage

func NewStorage() *Storage

func (*Storage) AuthRequestByCode

func (s *Storage) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)

AuthRequestByCode implements op.Storage.

func (*Storage) AuthRequestByID

func (s *Storage) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)

AuthRequestByID implements op.Storage.

func (*Storage) AuthorizeClientIDSecret

func (s *Storage) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error

AuthorizeClientIDSecret implements op.Storage.

func (*Storage) ClientCredentials

func (s *Storage) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)

ClientCredentials implements op.ClientCredentialsStorage.

func (*Storage) ClientCredentialsTokenRequest

func (s *Storage) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)

ClientCredentialsTokenRequest implements op.ClientCredentialsStorage.

func (*Storage) CreateAccessAndRefreshTokens

func (s *Storage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error)

CreateAccessAndRefreshTokens implements op.Storage.

func (*Storage) CreateAccessToken

func (s *Storage) CreateAccessToken(ctx context.Context, request op.TokenRequest) (accessTokenID string, expiration time.Time, err error)

CreateAccessToken implements op.Storage.

func (*Storage) CreateAuthRequest

func (s *Storage) CreateAuthRequest(ctx context.Context, authReq *oidc.AuthRequest, userID string) (op.AuthRequest, error)

CreateAuthRequest implements op.Storage.

func (*Storage) DeleteAuthRequest

func (s *Storage) DeleteAuthRequest(ctx context.Context, id string) error

DeleteAuthRequest implements op.Storage.

func (*Storage) GetClientByClientID

func (s *Storage) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)

GetClientByClientID implements op.Storage.

func (*Storage) GetKeyByIDAndClientID

func (s *Storage) GetKeyByIDAndClientID(ctx context.Context, keyID string, clientID string) (*jose.JSONWebKey, error)

GetKeyByIDAndClientID implements op.Storage.

func (*Storage) GetPrivateClaimsFromScopes

func (s *Storage) GetPrivateClaimsFromScopes(ctx context.Context, userID string, clientID string, scopes []string) (map[string]interface{}, error)

GetPrivateClaimsFromScopes implements op.Storage.

func (*Storage) GetRefreshTokenInfo

func (s *Storage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)

GetRefreshTokenInfo implements op.Storage.

func (*Storage) Health

func (s *Storage) Health(ctx context.Context) error

Health implements op.Storage.

func (*Storage) KeySet

func (s *Storage) KeySet(ctx context.Context) ([]op.Key, error)

KeySet implements op.Storage.

func (*Storage) RevokeToken

func (s *Storage) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error

RevokeToken implements op.Storage.

func (*Storage) SaveAuthCode

func (s *Storage) SaveAuthCode(ctx context.Context, id string, code string) error

SaveAuthCode implements op.Storage.

func (*Storage) SetIntrospectionFromToken

func (s *Storage) SetIntrospectionFromToken(ctx context.Context, introspection *oidc.IntrospectionResponse, tokenID, subject, clientID string) error

SetIntrospectionFromToken implements op.Storage.

func (*Storage) SetUserinfoFromScopes

func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo *oidc.UserInfo, userID string, clientID string, scopes []string) error

SetUserinfoFromScopes implements op.Storage.

func (*Storage) SetUserinfoFromToken

func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo *oidc.UserInfo, tokenID string, subject string, origin string) error

SetUserinfoFromToken implements op.Storage.

func (*Storage) SignatureAlgorithms

func (s *Storage) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)

SignatureAlgorithms implements op.Storage.

func (*Storage) SigningKey

func (s *Storage) SigningKey(ctx context.Context) (op.SigningKey, error)

SigningKey implements op.Storage.

func (*Storage) TerminateSession

func (s *Storage) TerminateSession(ctx context.Context, userID string, clientID string) error

TerminateSession implements op.Storage.

func (*Storage) TokenRequestByRefreshToken

func (s *Storage) TokenRequestByRefreshToken(ctx context.Context, refreshToken string) (op.RefreshTokenRequest, error)

TokenRequestByRefreshToken implements op.Storage.

func (*Storage) ValidateJWTProfileScopes

func (s *Storage) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)

ValidateJWTProfileScopes implements op.Storage.

type Token

type Token struct {
	ID             string
	ApplicationID  string
	Subject        string
	RefreshTokenID string
	Audience       []string
	Expiration     time.Time
	Scopes         []string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL