Documentation
¶
Index ¶
- Constants
- func JwtResponseEncoder() web.EncodeResponseFunc
- func StringResponseEncoder() web.EncodeResponseFunc
- type CheckTokenClaims
- func (c *CheckTokenClaims) Get(claim string) interface{}
- func (c *CheckTokenClaims) Has(claim string) bool
- func (c *CheckTokenClaims) MarshalJSON() ([]byte, error)
- func (c *CheckTokenClaims) Set(claim string, value interface{})
- func (c *CheckTokenClaims) UnmarshalJSON(bytes []byte) error
- func (c *CheckTokenClaims) Values() map[string]interface{}
- type CheckTokenEndpoint
- type CheckTokenRequest
- type HierarchyRequest
- type JwkSetEndpoint
- type JwkSetRequest
- type JwkSetResponse
- type TenantHierarchyEndpoint
- func (endpoint *TenantHierarchyEndpoint) GetAncestors(ctx context.Context, req *HierarchyRequest) (interface{}, error)
- func (endpoint *TenantHierarchyEndpoint) GetChildren(ctx context.Context, req *HierarchyRequest) (interface{}, error)
- func (endpoint *TenantHierarchyEndpoint) GetDescendants(ctx context.Context, req *HierarchyRequest) (interface{}, error)
- func (endpoint *TenantHierarchyEndpoint) GetParent(ctx context.Context, req *HierarchyRequest) (string, error)
- func (endpoint *TenantHierarchyEndpoint) GetRoot(ctx context.Context, _ *web.EmptyRequest) (string, error)
- type UserInfoClaims
- func (c UserInfoClaims) Get(claim string) interface{}
- func (c UserInfoClaims) Has(claim string) bool
- func (c UserInfoClaims) MarshalJSON() ([]byte, error)
- func (c *UserInfoClaims) Set(claim string, value interface{})
- func (c *UserInfoClaims) UnmarshalJSON(bytes []byte) error
- func (c UserInfoClaims) Values() map[string]interface{}
- type UserInfoEndpoint
- type UserInfoJwtResponse
- type UserInfoPlainResponse
- type UserInfoRequest
- type WellKnownEndpoint
Constants ¶
View Source
const (
JwkTypeRSA = "RSA"
)
Variables ¶
This section is empty.
Functions ¶
func JwtResponseEncoder ¶
func JwtResponseEncoder() web.EncodeResponseFunc
func StringResponseEncoder ¶
func StringResponseEncoder() web.EncodeResponseFunc
Types ¶
type CheckTokenClaims ¶
type CheckTokenClaims struct {
oauth2.FieldClaimsMapper
/*******************************
* Standard Check Token claims
*******************************/
oauth2.BasicClaims
Active *bool `claim:"active"`
Username string `claim:"username"`
/*******************************
* Standard OIDC claims
*******************************/
FirstName string `claim:"given_name"`
LastName string `claim:"family_name"`
Email string `claim:"email"`
Locale string `claim:"locale"` // Typically ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1
AuthTime time.Time `claim:"auth_time"`
/*******************************
* NFV Additional Claims
*******************************/
UserId string `claim:"user_id"`
AccountType string `claim:"account_type"`
Currency string `claim:"currency"`
TenantId string `claim:"tenant_id"`
TenantExternalId string `claim:"tenant_name"` //This maps to Tenant's ExternalId for backward compatibility
TenantSuspended *bool `claim:"tenant_suspended"`
ProviderId string `claim:"provider_id"`
ProviderName string `claim:"provider_name"`
ProviderDisplayName string `claim:"provider_display_name"`
ProviderDescription string `claim:"provider_description"`
ProviderNotificationType string `claim:"provider_notification_type"`
ProviderEmail string `claim:"provider_email"`
AssignedTenants utils.StringSet `claim:"assigned_tenants"`
Roles utils.StringSet `claim:"roles"`
Permissions utils.StringSet `claim:"permissions"`
OrigUsername string `claim:"original_username"`
}
CheckTokenClaims implemnts oauth2.Claims
func (*CheckTokenClaims) Get ¶
func (c *CheckTokenClaims) Get(claim string) interface{}
func (*CheckTokenClaims) Has ¶
func (c *CheckTokenClaims) Has(claim string) bool
func (*CheckTokenClaims) MarshalJSON ¶
func (c *CheckTokenClaims) MarshalJSON() ([]byte, error)
func (*CheckTokenClaims) Set ¶
func (c *CheckTokenClaims) Set(claim string, value interface{})
func (*CheckTokenClaims) UnmarshalJSON ¶
func (c *CheckTokenClaims) UnmarshalJSON(bytes []byte) error
func (*CheckTokenClaims) Values ¶
func (c *CheckTokenClaims) Values() map[string]interface{}
type CheckTokenEndpoint ¶
type CheckTokenEndpoint struct {
// contains filtered or unexported fields
}
func NewCheckTokenEndpoint ¶
func NewCheckTokenEndpoint(issuer security.Issuer, tokenStoreReader oauth2.TokenStoreReader) *CheckTokenEndpoint
func (*CheckTokenEndpoint) CheckToken ¶
func (ep *CheckTokenEndpoint) CheckToken(c context.Context, request *CheckTokenRequest) (response *CheckTokenClaims, err error)
CheckToken is the token introspection end point as defined in https://datatracker.ietf.org/doc/html/rfc7662 This endpoint is used by protected resources to query the authorization server to determine the state and metadata of a token. Because this request is issued by a protected resource, the client used by the protected resource is not going to be the same as the client the token is issued for. The auth server require the protected resource to be specifically authorized to call this endpoint by means of client authentication and client scope (token_details). This end point is not meant to be used for other means. Any client that's not a protected resource should not be given this scope.
type CheckTokenRequest ¶
type HierarchyRequest ¶
type HierarchyRequest struct {
TenantId string `form:"tenantId"`
}
type JwkSetEndpoint ¶
type JwkSetEndpoint struct {
// contains filtered or unexported fields
}
func NewJwkSetEndpoint ¶
func NewJwkSetEndpoint(jwkStore jwt.JwkStore) *JwkSetEndpoint
func (*JwkSetEndpoint) JwkByKid ¶ added in v0.15.0
func (ep *JwkSetEndpoint) JwkByKid(ctx context.Context, req *JwkSetRequest) (resp jwt.Jwk, err error)
func (*JwkSetEndpoint) JwkSet ¶
func (ep *JwkSetEndpoint) JwkSet(ctx context.Context, _ *JwkSetRequest) (resp *JwkSetResponse, err error)
type JwkSetRequest ¶
type JwkSetRequest struct {
Kid string `uri:"kid"`
}
type JwkSetResponse ¶
type TenantHierarchyEndpoint ¶
type TenantHierarchyEndpoint struct {
}
func NewTenantHierarchyEndpoint ¶
func NewTenantHierarchyEndpoint() *TenantHierarchyEndpoint
func (*TenantHierarchyEndpoint) GetAncestors ¶
func (endpoint *TenantHierarchyEndpoint) GetAncestors(ctx context.Context, req *HierarchyRequest) (interface{}, error)
func (*TenantHierarchyEndpoint) GetChildren ¶
func (endpoint *TenantHierarchyEndpoint) GetChildren(ctx context.Context, req *HierarchyRequest) (interface{}, error)
func (*TenantHierarchyEndpoint) GetDescendants ¶
func (endpoint *TenantHierarchyEndpoint) GetDescendants(ctx context.Context, req *HierarchyRequest) (interface{}, error)
func (*TenantHierarchyEndpoint) GetParent ¶
func (endpoint *TenantHierarchyEndpoint) GetParent(ctx context.Context, req *HierarchyRequest) (string, error)
func (*TenantHierarchyEndpoint) GetRoot ¶
func (endpoint *TenantHierarchyEndpoint) GetRoot(ctx context.Context, _ *web.EmptyRequest) (string, error)
type UserInfoClaims ¶
type UserInfoClaims struct {
oauth2.FieldClaimsMapper
/*******************************
* Standard JWT claims
*******************************/
Issuer string `claim:"iss"`
Audience oauth2.StringSetClaim `claim:"aud"`
Subject string `claim:"sub"`
/*******************************
* Standard OIDC claims
*******************************/
FullName string `claim:"name"`
FirstName string `claim:"given_name"`
LastName string `claim:"family_name"`
MiddleName string `claim:"middle_name"`
Nickname string `claim:"nickname"`
PreferredUsername string `claim:"preferred_username"`
ProfileUrl string `claim:"profile"`
PictureUrl string `claim:"picture"`
Website string `claim:"website"`
Email string `claim:"email"`
EmailVerified *bool `claim:"email_verified"`
Gender string `claim:"gender"`
Birthday string `claim:"birthdate"` // ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format
ZoneInfo string `claim:"zoneinfo"` // Europe/Paris or America/Los_Angeles
Locale string `claim:"locale"` // Typically ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1
PhoneNumber string `claim:"phone_number"` // RFC 3966 [RFC3966] e.g. +1 (604) 555-1234;ext=5678
PhoneNumVerified *bool `claim:"phone_number_verified"`
Address *claims.AddressClaim `claim:"address"`
UpdatedAt time.Time `claim:"updated_at"`
/*******************************
* NFV Additional Claims
*******************************/
AccountType string `claim:"account_type"`
DefaultTenantId string `claim:"default_tenant_id"`
AssignedTenants utils.StringSet `claim:"assigned_tenants"`
Roles utils.StringSet `claim:"roles"`
Permissions utils.StringSet `claim:"permissions"`
}
func (UserInfoClaims) Get ¶
func (c UserInfoClaims) Get(claim string) interface{}
func (UserInfoClaims) Has ¶
func (c UserInfoClaims) Has(claim string) bool
func (UserInfoClaims) MarshalJSON ¶
func (c UserInfoClaims) MarshalJSON() ([]byte, error)
func (*UserInfoClaims) Set ¶
func (c *UserInfoClaims) Set(claim string, value interface{})
func (*UserInfoClaims) UnmarshalJSON ¶
func (c *UserInfoClaims) UnmarshalJSON(bytes []byte) error
func (UserInfoClaims) Values ¶
func (c UserInfoClaims) Values() map[string]interface{}
type UserInfoEndpoint ¶
type UserInfoEndpoint struct {
// contains filtered or unexported fields
}
func NewUserInfoEndpoint ¶
func NewUserInfoEndpoint(issuer security.Issuer, accountStore security.AccountStore, jwtEncoder jwt.JwtEncoder) *UserInfoEndpoint
func (*UserInfoEndpoint) JwtUserInfo ¶
func (ep *UserInfoEndpoint) JwtUserInfo(ctx context.Context, _ UserInfoRequest) (resp UserInfoJwtResponse, err error)
func (*UserInfoEndpoint) PlainUserInfo ¶
func (ep *UserInfoEndpoint) PlainUserInfo(ctx context.Context, _ UserInfoRequest) (resp *UserInfoPlainResponse, err error)
type UserInfoJwtResponse ¶
type UserInfoJwtResponse string
func (UserInfoJwtResponse) MarshalText ¶
func (r UserInfoJwtResponse) MarshalText() (text []byte, err error)
MarshalText implements encoding.TextMarshaler
type UserInfoPlainResponse ¶
type UserInfoPlainResponse struct {
UserInfoClaims
}
type UserInfoRequest ¶
type UserInfoRequest struct{}
type WellKnownEndpoint ¶
type WellKnownEndpoint struct {
// contains filtered or unexported fields
}
WellKnownEndpoint provide "/.well-known/**" HTTP endpoints
func NewWellKnownEndpoint ¶
func NewWellKnownEndpoint(issuer security.Issuer, idpManager idp.IdentityProviderManager, extra map[string]interface{}) *WellKnownEndpoint
func (*WellKnownEndpoint) OpenIDConfig ¶
func (ep *WellKnownEndpoint) OpenIDConfig(ctx context.Context, _ *http.Request) (resp *openid.OPMetadata, err error)
OpenIDConfig should mapped to GET /.well-known/openid-configuration
Source Files
Click to show internal directories.
Click to hide internal directories.