oidc

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 8, 2024 License: MIT Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client added in v0.0.29

type Client struct {
	ID          string
	Secret      string
	RedirectURI []string
}

type Config

type Config struct {
	// DiscoveryURL is the discovery URL of the OIDC provider. If set, it
	// is used to discover the values of AuthEndpoint and TokenEndpoint.
	DiscoveryURL string
	// AuthEndpoint is the authorization endpoint. It must be set only if
	// DiscoveryURL is not set.
	AuthEndpoint string
	// Scopes is the list of scopes to request. The default list is:
	// openid, email.
	Scopes []string
	// TokenEndpoint is the token endpoint. It must be set only if
	// DiscoveryURL is not set.
	TokenEndpoint string
	// UserinfoEndpoint is the userinfo endpoint. It must be set only if
	// DiscoveryURL is not set and the token endpoint doesn't return an
	// ID token.
	UserinfoEndpoint string
	// RedirectURL is the OAUTH2 redirect URL. It must be managed by the
	// proxy.
	RedirectURL string
	// ClientID is the Client ID.
	ClientID string
	// ClientSecret is the Client Secret.
	ClientSecret string
	// HostedDomain specifies that the HD param should be used.
	// https://developers.google.com/identity/openid-connect/openid-connect#hd-param
	HostedDomain string
}

Config contains the parameters of an OIDC provider.

type CookieManager

type CookieManager interface {
	SetAuthTokenCookie(w http.ResponseWriter, userID, email, sessionID, host string, extraClaims map[string]any) error
	SetNonce(w http.ResponseWriter, nonce string)
	Nonce(w http.ResponseWriter, req *http.Request) string
	ClearCookies(w http.ResponseWriter) error
}

CookieManager is the interface to set and clear the auth token.

type EventRecorder

type EventRecorder interface {
	Record(string)
}

EventRecorder is used to record events.

type ProviderClient added in v0.0.29

type ProviderClient struct {
	// contains filtered or unexported fields
}

ProviderClient handles the OIDC authentication code flow based on information from https://developers.google.com/identity/openid-connect/openid-connect and https://developers.facebook.com/docs/facebook-login/guides/advanced/oidc-token/

func New

New returns a new ProviderClient.

func (*ProviderClient) HandleCallback added in v0.0.29

func (p *ProviderClient) HandleCallback(w http.ResponseWriter, req *http.Request)

func (*ProviderClient) RequestLogin added in v0.0.29

func (p *ProviderClient) RequestLogin(w http.ResponseWriter, req *http.Request, originalURL string)

type ProviderServer added in v0.0.29

type ProviderServer struct {
	// contains filtered or unexported fields
}

ProviderServer is a OpenID Connect server implementation. https://openid.net/specs/openid-connect-discovery-1_0.html https://openid.net/specs/openid-connect-basic-1_0.html

func NewServer added in v0.0.29

func NewServer(opts ServerOptions) *ProviderServer

NewServer returns a new ProviderServer.

func (*ProviderServer) ServeAuthorization added in v0.0.29

func (s *ProviderServer) ServeAuthorization(w http.ResponseWriter, req *http.Request)

func (*ProviderServer) ServeConfig added in v0.0.29

func (s *ProviderServer) ServeConfig(w http.ResponseWriter, req *http.Request)

func (*ProviderServer) ServeToken added in v0.0.29

func (s *ProviderServer) ServeToken(w http.ResponseWriter, req *http.Request)

func (*ProviderServer) ServeUserInfo added in v0.0.29

func (s *ProviderServer) ServeUserInfo(w http.ResponseWriter, req *http.Request)

type RewriteRule added in v0.0.29

type RewriteRule struct {
	InputClaim  string
	OutputClaim string
	Regex       string
	Value       string
}

RewriteRule is used to apply a regular expression on an existing JWT claim to create or overwrite another claim, or possibly the same claim.

type ServerOptions added in v0.0.29

type ServerOptions struct {
	TokenManager  *tokenmanager.TokenManager
	Issuer        string
	PathPrefix    string
	ClaimsFromCtx func(context.Context) jwt.MapClaims
	Clients       []Client
	RewriteRules  []RewriteRule

	EventRecorder EventRecorder
	Logger        interface {
		Errorf(string, ...any)
	}
}

ServerOptions contains the parameters needed to configure a ProviderServer.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL