Documentation ¶
Index ¶
- type Client
- type Config
- type CookieManager
- type EventRecorder
- type ProviderClient
- type ProviderServer
- func (s *ProviderServer) ServeAuthorization(w http.ResponseWriter, req *http.Request)
- func (s *ProviderServer) ServeConfig(w http.ResponseWriter, req *http.Request)
- func (s *ProviderServer) ServeToken(w http.ResponseWriter, req *http.Request)
- func (s *ProviderServer) ServeUserInfo(w http.ResponseWriter, req *http.Request)
- type RewriteRule
- type ServerOptions
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // DiscoveryURL is the discovery URL of the OIDC provider. If set, it // is used to discover the values of AuthEndpoint and TokenEndpoint. DiscoveryURL string // AuthEndpoint is the authorization endpoint. It must be set only if // DiscoveryURL is not set. AuthEndpoint string // Scopes is the list of scopes to request. The default list is: // openid, email. Scopes []string // TokenEndpoint is the token endpoint. It must be set only if // DiscoveryURL is not set. TokenEndpoint string // UserinfoEndpoint is the userinfo endpoint. It must be set only if // DiscoveryURL is not set and the token endpoint doesn't return an // ID token. UserinfoEndpoint string // RedirectURL is the OAUTH2 redirect URL. It must be managed by the // proxy. RedirectURL string // ClientID is the Client ID. ClientID string // ClientSecret is the Client Secret. ClientSecret string // HostedDomain specifies that the HD param should be used. // https://developers.google.com/identity/openid-connect/openid-connect#hd-param HostedDomain string }
Config contains the parameters of an OIDC provider.
type CookieManager ¶
type CookieManager interface { SetAuthTokenCookie(w http.ResponseWriter, userID, email, sessionID, host string, extraClaims map[string]any) error SetNonce(w http.ResponseWriter, nonce string) Nonce(w http.ResponseWriter, req *http.Request) string ClearCookies(w http.ResponseWriter) error }
CookieManager is the interface to set and clear the auth token.
type EventRecorder ¶
type EventRecorder interface {
Record(string)
}
EventRecorder is used to record events.
type ProviderClient ¶ added in v0.0.29
type ProviderClient struct {
// contains filtered or unexported fields
}
ProviderClient handles the OIDC authentication code flow based on information from https://developers.google.com/identity/openid-connect/openid-connect and https://developers.facebook.com/docs/facebook-login/guides/advanced/oidc-token/
func New ¶
func New(cfg Config, er EventRecorder, cm CookieManager) (*ProviderClient, error)
New returns a new ProviderClient.
func (*ProviderClient) HandleCallback ¶ added in v0.0.29
func (p *ProviderClient) HandleCallback(w http.ResponseWriter, req *http.Request)
func (*ProviderClient) RequestLogin ¶ added in v0.0.29
func (p *ProviderClient) RequestLogin(w http.ResponseWriter, req *http.Request, originalURL string, opts ...idp.Option)
type ProviderServer ¶ added in v0.0.29
type ProviderServer struct {
// contains filtered or unexported fields
}
ProviderServer is a OpenID Connect server implementation. https://openid.net/specs/openid-connect-discovery-1_0.html https://openid.net/specs/openid-connect-basic-1_0.html
func NewServer ¶ added in v0.0.29
func NewServer(opts ServerOptions) *ProviderServer
NewServer returns a new ProviderServer.
func (*ProviderServer) ServeAuthorization ¶ added in v0.0.29
func (s *ProviderServer) ServeAuthorization(w http.ResponseWriter, req *http.Request)
func (*ProviderServer) ServeConfig ¶ added in v0.0.29
func (s *ProviderServer) ServeConfig(w http.ResponseWriter, req *http.Request)
func (*ProviderServer) ServeToken ¶ added in v0.0.29
func (s *ProviderServer) ServeToken(w http.ResponseWriter, req *http.Request)
func (*ProviderServer) ServeUserInfo ¶ added in v0.0.29
func (s *ProviderServer) ServeUserInfo(w http.ResponseWriter, req *http.Request)
type RewriteRule ¶ added in v0.0.29
RewriteRule is used to apply a regular expression on an existing JWT claim to create or overwrite another claim, or possibly the same claim.
type ServerOptions ¶ added in v0.0.29
type ServerOptions struct { TokenManager *tokenmanager.TokenManager Issuer string PathPrefix string ClaimsFromCtx func(context.Context) jwt.MapClaims Clients []Client RewriteRules []RewriteRule EventRecorder EventRecorder Logger interface { Errorf(string, ...any) } }
ServerOptions contains the parameters needed to configure a ProviderServer.