Documentation ¶
Index ¶
- func MaxAgeToInternal(maxAge *uint) *time.Duration
- func PromptToInternal(oidcPrompt oidc.SpaceDelimitedArray) []string
- func RedirectGlobsClient(client *Client) op.Client
- func RefreshTokenRequestFromBusiness(token *RefreshToken) op.RefreshTokenRequest
- func SetupServer(issuer string, storage *Storage, extraOptions ...op.Option) *mux.Router
- type AuthRequest
- func (ar *AuthRequest) Done() bool
- func (ar *AuthRequest) GetACR() string
- func (ar *AuthRequest) GetAMR() []string
- func (ar *AuthRequest) GetAudience() []string
- func (ar *AuthRequest) GetAuthTime() time.Time
- func (ar *AuthRequest) GetClientID() string
- func (ar *AuthRequest) GetCodeChallenge() *oidc.CodeChallenge
- func (ar *AuthRequest) GetID() string
- func (ar *AuthRequest) GetNonce() string
- func (ar *AuthRequest) GetRedirectURI() string
- func (ar *AuthRequest) GetResponseMode() oidc.ResponseMode
- func (ar *AuthRequest) GetResponseType() oidc.ResponseType
- func (ar *AuthRequest) GetScopes() []string
- func (ar *AuthRequest) GetState() string
- func (ar *AuthRequest) GetSubject() string
- func (ar *AuthRequest) SetID(id string)
- type AuthRequestCacher
- type Client
- func (c *Client) AccessTokenType() op.AccessTokenType
- func (c *Client) ApplicationType() op.ApplicationType
- func (c *Client) AuthMethod() oidc.AuthMethod
- func (c *Client) ClockSkew() time.Duration
- func (c *Client) DevMode() bool
- func (c *Client) GetID() string
- func (c *Client) GrantTypes() []oidc.GrantType
- func (c *Client) IDTokenLifetime() time.Duration
- func (c *Client) IDTokenUserinfoClaimsAssertion() bool
- func (c *Client) IsScopeAllowed(scope string) bool
- func (c *Client) LoginURL(id string) string
- func (c *Client) PostLogoutRedirectURIs() []string
- func (c *Client) RedirectURIs() []string
- func (c *Client) ResponseTypes() []oidc.ResponseType
- func (c *Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string
- func (c *Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string
- type DefaultClientRepository
- type GormClientRepository
- func (r *GormClientRepository) CreateOne(ctx context.Context, client *Client) error
- func (r *GormClientRepository) DeleteOneById(context.Context, string) error
- func (r *GormClientRepository) GetAllByName(context.Context, httpx.Pageable, string) []Client
- func (r *GormClientRepository) GetOneById(context.Context, string) (*Client, error)
- func (r *GormClientRepository) GetOneByName(context.Context, string) (*Client, error)
- func (r *GormClientRepository) InitDB() error
- func (r *GormClientRepository) UpdateOneById(context.Context, string, *Client) error
- type OIDCCodeChallenge
- type OidcClientRepository
- type RefreshToken
- type RefreshTokenRequest
- func (r *RefreshTokenRequest) GetAMR() []string
- func (r *RefreshTokenRequest) GetAudience() []string
- func (r *RefreshTokenRequest) GetAuthTime() time.Time
- func (r *RefreshTokenRequest) GetClientID() string
- func (r *RefreshTokenRequest) GetScopes() []string
- func (r *RefreshTokenRequest) GetSubject() string
- func (r *RefreshTokenRequest) SetCurrentScopes(scopes []string)
- type Service
- type SigninRequest
- type Storage
- func (s *Storage) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)
- func (s *Storage) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)
- func (s *Storage) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error
- func (s *Storage) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)
- func (s *Storage) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)
- func (s *Storage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, ...)
- func (s *Storage) CreateAccessToken(ctx context.Context, request op.TokenRequest) (accessTokenID string, expiration time.Time, err error)
- func (s *Storage) CreateAuthRequest(ctx context.Context, authReq *oidc.AuthRequest, userID string) (op.AuthRequest, error)
- func (s *Storage) DeleteAuthRequest(ctx context.Context, id string) error
- func (s *Storage) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)
- func (s *Storage) GetKeyByIDAndClientID(ctx context.Context, keyID string, clientID string) (*jose.JSONWebKey, error)
- func (s *Storage) GetPrivateClaimsFromScopes(ctx context.Context, userID string, clientID string, scopes []string) (map[string]interface{}, error)
- func (s *Storage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)
- func (s *Storage) Health(ctx context.Context) error
- func (s *Storage) KeySet(ctx context.Context) ([]op.Key, error)
- func (s *Storage) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error
- func (s *Storage) SaveAuthCode(ctx context.Context, id string, code string) error
- func (s *Storage) SetIntrospectionFromToken(ctx context.Context, introspection *oidc.IntrospectionResponse, ...) error
- func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo *oidc.UserInfo, userID string, clientID string, ...) error
- func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo *oidc.UserInfo, tokenID string, subject string, ...) error
- func (s *Storage) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)
- func (s *Storage) SigningKey(ctx context.Context) (op.SigningKey, error)
- func (s *Storage) TerminateSession(ctx context.Context, userID string, clientID string) error
- func (s *Storage) TokenRequestByRefreshToken(ctx context.Context, refreshToken string) (op.RefreshTokenRequest, error)
- func (s *Storage) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)
- type Token
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MaxAgeToInternal ¶
func PromptToInternal ¶
func PromptToInternal(oidcPrompt oidc.SpaceDelimitedArray) []string
func RedirectGlobsClient ¶
RedirectGlobsClient wraps the client in a op.HasRedirectGlobs only if DevMode is enabled.
func RefreshTokenRequestFromBusiness ¶
func RefreshTokenRequestFromBusiness(token *RefreshToken) op.RefreshTokenRequest
RefreshTokenRequestFromBusiness will simply wrap the storage RefreshToken to implement the op.RefreshTokenRequest interface
func SetupServer ¶
SetupServer creates an OIDC server with Issuer=http://localhost:<port> Use one of the pre-made clients in storage/clients.go or register a new one.
Types ¶
type AuthRequest ¶
type AuthRequest struct { gormx.BaseFields ApplicationID string CallbackURI string TransferState string Prompt []string UiLocales []language.Tag LoginHint string MaxAuthAge *time.Duration UserID string Scopes []string ResponseType oidc.ResponseType Nonce string CodeChallenge *OIDCCodeChallenge // contains filtered or unexported fields }
func (*AuthRequest) Done ¶
func (ar *AuthRequest) Done() bool
func (*AuthRequest) GetACR ¶
func (ar *AuthRequest) GetACR() string
func (*AuthRequest) GetAMR ¶
func (ar *AuthRequest) GetAMR() []string
func (*AuthRequest) GetAudience ¶
func (ar *AuthRequest) GetAudience() []string
func (*AuthRequest) GetAuthTime ¶
func (ar *AuthRequest) GetAuthTime() time.Time
func (*AuthRequest) GetClientID ¶
func (ar *AuthRequest) GetClientID() string
func (*AuthRequest) GetCodeChallenge ¶
func (ar *AuthRequest) GetCodeChallenge() *oidc.CodeChallenge
func (*AuthRequest) GetID ¶
func (ar *AuthRequest) GetID() string
func (*AuthRequest) GetNonce ¶
func (ar *AuthRequest) GetNonce() string
func (*AuthRequest) GetRedirectURI ¶
func (ar *AuthRequest) GetRedirectURI() string
func (*AuthRequest) GetResponseMode ¶
func (ar *AuthRequest) GetResponseMode() oidc.ResponseMode
func (*AuthRequest) GetResponseType ¶
func (ar *AuthRequest) GetResponseType() oidc.ResponseType
func (*AuthRequest) GetScopes ¶
func (ar *AuthRequest) GetScopes() []string
func (*AuthRequest) GetState ¶
func (ar *AuthRequest) GetState() string
func (*AuthRequest) GetSubject ¶
func (ar *AuthRequest) GetSubject() string
func (*AuthRequest) SetID ¶
func (ar *AuthRequest) SetID(id string)
type AuthRequestCacher ¶
type AuthRequestCacher interface {
Get(string) *AuthRequest
}
type Client ¶
type Client struct { gormx.BaseFields Name string `json:"name" gorm:"column:name;type:varchar(256);not null"` Secret string `json:"secret" gorm:"column:secret;type:varchar(256);not null"` OrganizationId string `json:"oid"` // contains filtered or unexported fields }
func (*Client) AccessTokenType ¶
func (c *Client) AccessTokenType() op.AccessTokenType
AccessTokenType implements op.Client.
func (*Client) ApplicationType ¶
func (c *Client) ApplicationType() op.ApplicationType
ApplicationType implements op.Client.
func (*Client) AuthMethod ¶
func (c *Client) AuthMethod() oidc.AuthMethod
AuthMethod implements op.Client.
func (*Client) GrantTypes ¶
GrantTypes implements op.Client.
func (*Client) IDTokenLifetime ¶
IDTokenLifetime implements op.Client.
func (*Client) IDTokenUserinfoClaimsAssertion ¶
IDTokenUserinfoClaimsAssertion implements op.Client.
func (*Client) IsScopeAllowed ¶
IsScopeAllowed implements op.Client.
func (*Client) PostLogoutRedirectURIs ¶
PostLogoutRedirectURIs implements op.Client.
func (*Client) RedirectURIs ¶
RedirectURIs implements op.Client.
func (*Client) ResponseTypes ¶
func (c *Client) ResponseTypes() []oidc.ResponseType
ResponseTypes implements op.Client.
func (*Client) RestrictAdditionalAccessTokenScopes ¶
RestrictAdditionalAccessTokenScopes implements op.Client.
func (*Client) RestrictAdditionalIdTokenScopes ¶
RestrictAdditionalIdTokenScopes implements op.Client.
type DefaultClientRepository ¶
type GormClientRepository ¶
type GormClientRepository struct {
// contains filtered or unexported fields
}
func NewGormClientRepository ¶
func NewGormClientRepository() *GormClientRepository
func (*GormClientRepository) CreateOne ¶
func (r *GormClientRepository) CreateOne(ctx context.Context, client *Client) error
CreateOne implements DefaultClientRepository.
func (*GormClientRepository) DeleteOneById ¶
func (r *GormClientRepository) DeleteOneById(context.Context, string) error
DeleteOneById implements DefaultClientRepository.
func (*GormClientRepository) GetAllByName ¶
GetAllByName implements DefaultClientRepository.
func (*GormClientRepository) GetOneById ¶
GetOneById implements DefaultClientRepository.
func (*GormClientRepository) GetOneByName ¶
GetOneByName implements DefaultClientRepository.
func (*GormClientRepository) InitDB ¶
func (r *GormClientRepository) InitDB() error
InitDB implements DefaultClientRepository.
func (*GormClientRepository) UpdateOneById ¶
UpdateOneById implements DefaultClientRepository.
type OIDCCodeChallenge ¶
type OidcClientRepository ¶
type RefreshToken ¶
type RefreshTokenRequest ¶
type RefreshTokenRequest struct {
*RefreshToken
}
func (*RefreshTokenRequest) GetAMR ¶
func (r *RefreshTokenRequest) GetAMR() []string
func (*RefreshTokenRequest) GetAudience ¶
func (r *RefreshTokenRequest) GetAudience() []string
func (*RefreshTokenRequest) GetAuthTime ¶
func (r *RefreshTokenRequest) GetAuthTime() time.Time
func (*RefreshTokenRequest) GetClientID ¶
func (r *RefreshTokenRequest) GetClientID() string
func (*RefreshTokenRequest) GetScopes ¶
func (r *RefreshTokenRequest) GetScopes() []string
func (*RefreshTokenRequest) GetSubject ¶
func (r *RefreshTokenRequest) GetSubject() string
func (*RefreshTokenRequest) SetCurrentScopes ¶
func (r *RefreshTokenRequest) SetCurrentScopes(scopes []string)
type SigninRequest ¶
type SigninRequest struct {
gormx.BaseFields
}
type Storage ¶
type Storage struct {
// contains filtered or unexported fields
}
func NewStorage ¶
func NewStorage() *Storage
func (*Storage) AuthRequestByCode ¶
AuthRequestByCode implements op.Storage.
func (*Storage) AuthRequestByID ¶
AuthRequestByID implements op.Storage.
func (*Storage) AuthorizeClientIDSecret ¶
func (s *Storage) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error
AuthorizeClientIDSecret implements op.Storage.
func (*Storage) ClientCredentials ¶
func (s *Storage) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)
ClientCredentials implements op.ClientCredentialsStorage.
func (*Storage) ClientCredentialsTokenRequest ¶
func (s *Storage) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)
ClientCredentialsTokenRequest implements op.ClientCredentialsStorage.
func (*Storage) CreateAccessAndRefreshTokens ¶
func (s *Storage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshTokenID string, expiration time.Time, err error)
CreateAccessAndRefreshTokens implements op.Storage.
func (*Storage) CreateAccessToken ¶
func (s *Storage) CreateAccessToken(ctx context.Context, request op.TokenRequest) (accessTokenID string, expiration time.Time, err error)
CreateAccessToken implements op.Storage.
func (*Storage) CreateAuthRequest ¶
func (s *Storage) CreateAuthRequest(ctx context.Context, authReq *oidc.AuthRequest, userID string) (op.AuthRequest, error)
CreateAuthRequest implements op.Storage.
func (*Storage) DeleteAuthRequest ¶
DeleteAuthRequest implements op.Storage.
func (*Storage) GetClientByClientID ¶
GetClientByClientID implements op.Storage.
func (*Storage) GetKeyByIDAndClientID ¶
func (s *Storage) GetKeyByIDAndClientID(ctx context.Context, keyID string, clientID string) (*jose.JSONWebKey, error)
GetKeyByIDAndClientID implements op.Storage.
func (*Storage) GetPrivateClaimsFromScopes ¶
func (s *Storage) GetPrivateClaimsFromScopes(ctx context.Context, userID string, clientID string, scopes []string) (map[string]interface{}, error)
GetPrivateClaimsFromScopes implements op.Storage.
func (*Storage) GetRefreshTokenInfo ¶
func (s *Storage) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)
GetRefreshTokenInfo implements op.Storage.
func (*Storage) RevokeToken ¶
func (s *Storage) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error
RevokeToken implements op.Storage.
func (*Storage) SaveAuthCode ¶
SaveAuthCode implements op.Storage.
func (*Storage) SetIntrospectionFromToken ¶
func (s *Storage) SetIntrospectionFromToken(ctx context.Context, introspection *oidc.IntrospectionResponse, tokenID, subject, clientID string) error
SetIntrospectionFromToken implements op.Storage.
func (*Storage) SetUserinfoFromScopes ¶
func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo *oidc.UserInfo, userID string, clientID string, scopes []string) error
SetUserinfoFromScopes implements op.Storage.
func (*Storage) SetUserinfoFromToken ¶
func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo *oidc.UserInfo, tokenID string, subject string, origin string) error
SetUserinfoFromToken implements op.Storage.
func (*Storage) SignatureAlgorithms ¶
SignatureAlgorithms implements op.Storage.
func (*Storage) SigningKey ¶
SigningKey implements op.Storage.
func (*Storage) TerminateSession ¶
TerminateSession implements op.Storage.
func (*Storage) TokenRequestByRefreshToken ¶
func (s *Storage) TokenRequestByRefreshToken(ctx context.Context, refreshToken string) (op.RefreshTokenRequest, error)
TokenRequestByRefreshToken implements op.Storage.