Documentation ¶
Index ¶
- Variables
- func DecodeScopesMatcherHookFunc() mapstructure.DecodeHookFunc
- type Audience
- type Claims
- type ExactScopeStrategyMatcher
- type Expectation
- func (e *Expectation) AssertAlgorithm(alg string) error
- func (e *Expectation) AssertAudience(audience []string) error
- func (e *Expectation) AssertIssuanceTime(issuedAt time.Time) error
- func (e *Expectation) AssertIssuer(issuer string) error
- func (e *Expectation) AssertScopes(scopes []string) error
- func (e *Expectation) AssertValidity(notBefore, notAfter time.Time) error
- func (e *Expectation) Merge(other *Expectation) Expectation
- type HierarchicScopeStrategyMatcher
- type IntrospectionResponse
- type MetadataEndpoint
- type NoopMatcher
- type NumericDate
- type ResolverAdapterFunc
- type ScopeMatcherFactory
- type Scopes
- type ScopesMatcher
- type ServerMetadata
- type ServerMetadataResolver
- type WildcardScopeStrategyMatcher
Constants ¶
This section is empty.
Variables ¶
var ErrAssertion = errors.New("assertion error")
var ErrScopeMatch = errors.New("scope matching error")
var ErrTokenNotActive = errors.New("token is not active")
Functions ¶
func DecodeScopesMatcherHookFunc ¶
func DecodeScopesMatcherHookFunc() mapstructure.DecodeHookFunc
Types ¶
type Audience ¶
type Audience []string
Audience represents the recipients that the token is intended for.
func (*Audience) UnmarshalJSON ¶
UnmarshalJSON reads an audience from its JSON representation.
type Claims ¶
type Claims struct { Issuer string `json:"iss,omitempty"` Subject string `json:"sub,omitempty"` Audience Audience `json:"aud,omitempty"` Scp Scopes `json:"scp,omitempty"` Scope Scopes `json:"scope,omitempty"` Expiry *NumericDate `json:"exp,omitempty"` NotBefore *NumericDate `json:"nbf,omitempty"` IssuedAt *NumericDate `json:"iat,omitempty"` ID string `json:"jti,omitempty"` }
Claims represents public claim values (as specified in RFC 7519).
func (Claims) Validate ¶
func (c Claims) Validate(exp Expectation) error
type ExactScopeStrategyMatcher ¶
type ExactScopeStrategyMatcher []string
func (ExactScopeStrategyMatcher) Match ¶
func (m ExactScopeStrategyMatcher) Match(scopes []string) error
type Expectation ¶
type Expectation struct { TrustedIssuers []string `mapstructure:"issuers"` ScopesMatcher ScopesMatcher `mapstructure:"scopes"` TargetAudiences []string `mapstructure:"audience"` AllowedAlgorithms []string `mapstructure:"allowed_algorithms"` ValidityLeeway time.Duration `mapstructure:"validity_leeway"` }
func (*Expectation) AssertAlgorithm ¶
func (e *Expectation) AssertAlgorithm(alg string) error
func (*Expectation) AssertAudience ¶
func (e *Expectation) AssertAudience(audience []string) error
func (*Expectation) AssertIssuanceTime ¶
func (e *Expectation) AssertIssuanceTime(issuedAt time.Time) error
func (*Expectation) AssertIssuer ¶
func (e *Expectation) AssertIssuer(issuer string) error
func (*Expectation) AssertScopes ¶
func (e *Expectation) AssertScopes(scopes []string) error
func (*Expectation) AssertValidity ¶
func (e *Expectation) AssertValidity(notBefore, notAfter time.Time) error
func (*Expectation) Merge ¶
func (e *Expectation) Merge(other *Expectation) Expectation
type HierarchicScopeStrategyMatcher ¶
type HierarchicScopeStrategyMatcher []string
func (HierarchicScopeStrategyMatcher) Match ¶
func (m HierarchicScopeStrategyMatcher) Match(scopes []string) error
type IntrospectionResponse ¶
type IntrospectionResponse struct { Claims Active bool `json:"active,omitempty"` ClientID string `json:"client_id,omitempty"` TokenType string `json:"token_type,omitempty"` }
func (IntrospectionResponse) Validate ¶
func (c IntrospectionResponse) Validate(exp Expectation) error
type MetadataEndpoint ¶
type MetadataEndpoint struct { endpoint.Endpoint `mapstructure:",squash"` DisableIssuerIdentifierVerification bool `mapstructure:"disable_issuer_identifier_verification"` }
func (*MetadataEndpoint) Get ¶
func (e *MetadataEndpoint) Get(ctx context.Context, args map[string]any) (ServerMetadata, error)
type NoopMatcher ¶
type NoopMatcher struct{}
func (NoopMatcher) Match ¶
func (NoopMatcher) Match(_ []string) error
type NumericDate ¶
type NumericDate int64
NumericDate represents date and time as the number of seconds since the epoch, ignoring leap seconds. Non-integer values can be represented in the serialized format, but we round to the nearest second. See RFC7519 Section 2: https://tools.ietf.org/html/rfc7519#section-2
func (*NumericDate) Time ¶
func (n *NumericDate) Time() time.Time
Time returns time.Time representation of NumericDate.
func (*NumericDate) UnmarshalJSON ¶
func (n *NumericDate) UnmarshalJSON(b []byte) error
UnmarshalJSON reads a date from its JSON representation.
type ResolverAdapterFunc ¶
func (ResolverAdapterFunc) Get ¶
func (f ResolverAdapterFunc) Get(ctx context.Context, args map[string]any) (ServerMetadata, error)
type ScopeMatcherFactory ¶
type ScopeMatcherFactory func(scopes []string) (ScopesMatcher, error)
type Scopes ¶
type Scopes []string
Scopes represents the scopes that the token is granted.
func (*Scopes) UnmarshalJSON ¶
UnmarshalJSON reads scopes from its JSON representation.
type ScopesMatcher ¶
type ServerMetadata ¶
type ServerMetadataResolver ¶
type WildcardScopeStrategyMatcher ¶
type WildcardScopeStrategyMatcher []string
func (WildcardScopeStrategyMatcher) Match ¶
func (m WildcardScopeStrategyMatcher) Match(scopes []string) error