authserver

package
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	OrderAuthorizeSecurityConfigurer  = 0
	OrderLogoutSecurityConfigurer     = 50
	OrderClientAuthSecurityConfigurer = 100
	OrderTokenAuthSecurityConfigurer  = 200
)
View Source 
const (
	PropertiesPrefix = "security.auth"
)

Variables

View Source 
var Module = &bootstrap.Module{
	Name:       "oauth2 authserver",
	Precedence: security.MinSecurityPrecedence + 20,
	Options: []fx.Option{
		appconfig.FxEmbeddedDefaults(defaultConfigFS),
		fx.Provide(BindAuthServerProperties),
		fx.Provide(ProvideAuthServerDI),
		fx.Provide(provide),
		fx.Invoke(ConfigureAuthorizationServer),
	},
}

Functions

func ConfigureAuthorizationServer 

func ConfigureAuthorizationServer(di initDI)

ConfigureAuthorizationServer is the Configuration entry point

func ProvideAuthServerDI 

func ProvideAuthServerDI(di configDI) authServerOut

func Use 

func Use()

Types

type AuthServerProperties 

type AuthServerProperties struct {
	Issuer            IssuerProperties    `json:"issuer"`
	RedirectWhitelist []string            `json:"redirect-whitelist"`
	Endpoints         EndpointsProperties `json:"endpoints"`
}

func BindAuthServerProperties 

func BindAuthServerProperties(ctx *bootstrap.ApplicationContext) AuthServerProperties

BindAuthServerProperties create and bind AuthServerProperties, with a optional prefix

func NewAuthServerProperties 

func NewAuthServerProperties() *AuthServerProperties

NewAuthServerProperties create a SessionProperties with default values

type AuthorizationServerConfigurer 

type AuthorizationServerConfigurer func(*Configuration)

type AuthorizeEndpointConfigurer 

type AuthorizeEndpointConfigurer struct {
	// contains filtered or unexported fields
}

AuthorizeEndpointConfigurer implements security.Configurer and order.Ordered responsible to configure "authorize" endpoint

func (*AuthorizeEndpointConfigurer) Configure 

func (c *AuthorizeEndpointConfigurer) Configure(ws security.WebSecurity)

func (*AuthorizeEndpointConfigurer) Order 

func (c *AuthorizeEndpointConfigurer) Order() int

type ClientAuthEndpointsConfigurer 

type ClientAuthEndpointsConfigurer struct {
	// contains filtered or unexported fields
}

ClientAuthEndpointsConfigurer implements security.Configurer and order.Ordered responsible to configure misc using client auth

func (*ClientAuthEndpointsConfigurer) Configure 

func (c *ClientAuthEndpointsConfigurer) Configure(ws security.WebSecurity)

func (*ClientAuthEndpointsConfigurer) Order 

func (c *ClientAuthEndpointsConfigurer) Order() int

type ConditionalEndpoint 

type ConditionalEndpoint struct {
	Location  *url.URL
	Condition web.RequestMatcher
}

type Configuration 

type Configuration struct {
	// configurable items
	SessionSettingService session.SettingService
	ClientStore           oauth2.OAuth2ClientStore
	ClientSecretEncoder   passwd.PasswordEncoder
	Endpoints             Endpoints
	UserAccountStore      security.AccountStore
	TenantStore           security.TenantStore
	ProviderStore         security.ProviderStore
	UserPasswordEncoder   passwd.PasswordEncoder
	TokenStore            auth.TokenStore
	JwkStore              jwt.JwkStore
	IdpManager            idp.IdentityProviderManager
	Issuer                security.Issuer
	OpenIDSSOEnabled      bool
	SamlIdpSigningMethod  string
	// contains filtered or unexported fields
}

func (*Configuration) AddIdp 

func (c *Configuration) AddIdp(configurer IdpSecurityConfigurer)

type Endpoints 

type Endpoints struct {
	Authorize       ConditionalEndpoint
	Approval        string
	Token           string
	CheckToken      string
	UserInfo        string
	JwkSet          string
	Logout          string
	LoggedOut       string
	Error           string
	SamlSso         ConditionalEndpoint
	SamlMetadata    string
	TenantHierarchy string
}

type EndpointsProperties 

type EndpointsProperties struct {
	// TODO check_session is necessary and should be implemented. Java: SessionInfoEndpoint
	Authorize       string `json:"authorize"`
	Token           string `json:"token"`
	Approval        string `json:"approval"`
	CheckToken      string `json:"check-token"`
	TenantHierarchy string `json:"tenant-hierarchy"`
	Error           string `json:"error"`
	Logout          string `json:"logout"`
	LoggedOut       string `json:"logged-out"`
	UserInfo        string `json:"user-info"`
	JwkSet          string `json:"jwk-set"`
	SamlMetadata    string `json:"saml-metadata"`
}

type IdpLogoutSecurityConfigurer 

type IdpLogoutSecurityConfigurer interface {
	ConfigureLogout(ws security.WebSecurity, config *Configuration)
}

IdpLogoutSecurityConfigurer additional interface that IdpSecurityConfigurer could choose to implement for customizing "logout" process Note: IdpLogoutSecurityConfigurer is only invoked once per instance, the given security.WebSecurity are shared 

between IDPs. Therefore, implementing class should not change Route or Condition on the given "ws"

type IdpSecurityConfigurer 

type IdpSecurityConfigurer interface {
	Configure(ws security.WebSecurity, config *Configuration)
}

IdpSecurityConfigurer interface for IDPs to implement for customizing "authorize" process

type IssuerProperties 

type IssuerProperties struct {
	//  the protocol which is either http or https
	Protocol string `json:"protocol"`
	// This server's host name
	// Used to build the entity base url. The entity url identifies this auth server in a SAML exchange and OIDC exchange.
	Domain string `json:"domain"`
	Port   int    `json:"port"`
	// Context base path for this server
	// Used to build the entity base url. The entity url identifies this auth server in a SAML exchange.
	ContextPath string `json:"context-path"`
	IncludePort bool   `json:"include-port"`
}

type LogoutEndpointConfigurer 

type LogoutEndpointConfigurer struct {
	// contains filtered or unexported fields
}

LogoutEndpointConfigurer implements security.Configurer and order.Ordered responsible to configure "logout" endpoint

func (*LogoutEndpointConfigurer) Configure 

func (c *LogoutEndpointConfigurer) Configure(ws security.WebSecurity)

func (*LogoutEndpointConfigurer) Order 

func (c *LogoutEndpointConfigurer) Order() int

type TokenAuthEndpointsConfigurer 

type TokenAuthEndpointsConfigurer struct {
	// contains filtered or unexported fields
}

TokenAuthEndpointsConfigurer implements security.Configurer and order.Ordered responsible to configure misc using token auth

func (*TokenAuthEndpointsConfigurer) Configure 

func (c *TokenAuthEndpointsConfigurer) Configure(ws security.WebSecurity)

func (*TokenAuthEndpointsConfigurer) Order 

func (c *TokenAuthEndpointsConfigurer) Order() int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.