Documentation
¶
Index ¶
- Constants
- type GithubOp
- func (g *GithubOp) Issuer() string
- func (g *GithubOp) PublicKey(ctx context.Context, headers jws.Headers) (crypto.PublicKey, error)
- func (g *GithubOp) RequestTokens(ctx context.Context, cicHash string) (*memguard.LockedBuffer, error)
- func (g *GithubOp) VerifyCICHash(ctx context.Context, idt []byte, expectedCICHash string) error
- func (*GithubOp) VerifyNonGQSig(context.Context, []byte, string) error
- type GoogleOp
- func (g *GoogleOp) HookHTTPSession(h http.HandlerFunc)
- func (g *GoogleOp) Issuer() string
- func (g *GoogleOp) PublicKey(ctx context.Context, headers jws.Headers) (crypto.PublicKey, error)
- func (g *GoogleOp) RequestTokens(ctx context.Context, cicHash string) (*memguard.LockedBuffer, error)
- func (g *GoogleOp) VerifyCICHash(ctx context.Context, idt []byte, expectedCICHash string) error
- func (g *GoogleOp) VerifyNonGQSig(ctx context.Context, idt []byte, expectedNonce string) error
- type MockOpenIdProvider
- func (m *MockOpenIdProvider) Issuer() string
- func (m *MockOpenIdProvider) PublicKey(ctx context.Context, headers jws.Headers) (crypto.PublicKey, error)
- func (m *MockOpenIdProvider) RequestTokens(ctx context.Context, cicHash string) (*memguard.LockedBuffer, error)
- func (m *MockOpenIdProvider) VerifyCICHash(ctx context.Context, idt []byte, expectedCICHash string) error
- func (m *MockOpenIdProvider) VerifyNonGQSig(ctx context.Context, idt []byte, expectedNonce string) error
Constants ¶
View Source
const ( MockIssuer = "me" MockAudience = "also_me" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type GithubOp ¶
type GithubOp struct {
// contains filtered or unexported fields
}
func NewGithubOp ¶
func (*GithubOp) RequestTokens ¶
func (*GithubOp) VerifyCICHash ¶
type GoogleOp ¶
type GoogleOp struct {
ClientID string
ClientSecret string
Scopes []string
RedirURIPort string
CallbackPath string
RedirectURI string
// contains filtered or unexported fields
}
func (*GoogleOp) HookHTTPSession ¶
func (g *GoogleOp) HookHTTPSession(h http.HandlerFunc)
HookHTTPSession provides a means to hook the HTTP Server session resulting from the OpenID Provider sending an authcode to the OIDC client by redirecting the user's browser with the authcode supplied in the URI. If this hook is set, it will be called after the receiving the authcode but before send an HTTP response to the user. The code which sets this hook can choose what HTTP response to server to the user.
We use this so that we can redirect the user web browser window to the MFA Cosigner URI after the user finishes the OIDC Auth flow. This method is only available to browser based providers.
func (*GoogleOp) RequestTokens ¶
func (*GoogleOp) VerifyCICHash ¶
type MockOpenIdProvider ¶
type MockOpenIdProvider struct {
// contains filtered or unexported fields
}
func NewMockOpenIdProvider ¶
func NewMockOpenIdProvider() (*MockOpenIdProvider, error)
func (*MockOpenIdProvider) Issuer ¶
func (m *MockOpenIdProvider) Issuer() string
func (*MockOpenIdProvider) RequestTokens ¶
func (m *MockOpenIdProvider) RequestTokens(ctx context.Context, cicHash string) (*memguard.LockedBuffer, error)
func (*MockOpenIdProvider) VerifyCICHash ¶
func (*MockOpenIdProvider) VerifyNonGQSig ¶
Source Files
Click to show internal directories.
Click to hide internal directories.