Documentation ¶
Overview ¶
Package oidc implements logging in through OpenID Connect providers.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { Issuer string `json:"issuer"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` RedirectURI string `json:"redirectURI"` // Causes client_secret to be passed as POST parameters instead of basic // auth. This is specifically "NOT RECOMMENDED" by the OAuth2 RFC, but some // providers require it. // // https://tools.ietf.org/html/rfc6749#section-2.3.1 BasicAuthUnsupported *bool `json:"basicAuthUnsupported"` Scopes []string `json:"scopes"` // defaults to "profile" and "email" // Optional list of whitelisted domains when using Google // If this field is nonempty, only users from a listed domain will be allowed to log in HostedDomains []string `json:"hostedDomains"` // Override the value of email_verifed to true in the returned claims InsecureSkipEmailVerified bool `json:"insecureSkipEmailVerified"` // InsecureEnableGroups enables groups claims. This is disabled by default until https://github.com/dexidp/dex/issues/1065 is resolved InsecureEnableGroups bool `json:"insecureEnableGroups"` // GetUserInfo uses the userinfo endpoint to get additional claims for // the token. This is especially useful where upstreams return "thin" // id tokens GetUserInfo bool `json:"getUserInfo"` // Configurable key which contains the user id claim UserIDKey string `json:"userIDKey"` // Configurable key which contains the user name claim UserNameKey string `json:"userNameKey"` // PromptType will be used fot the prompt parameter (when offline_access, by default prompt=consent) PromptType string `json:"promptType"` }
Config holds configuration options for OpenID Connect logins.
Click to show internal directories.
Click to hide internal directories.