provider

package
v0.0.0-...-2d73068 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2020 License: Apache-2.0 Imports: 16 Imported by: 7

Documentation

Index

Constants

View Source 
const (
	GitHubProviderID    = "2f6b7176-8f4b-4204-962d-606033275397" // Do not change! This ID is used as provider ID in the external token table
	GitHubProviderAlias = "github"
)
View Source 
const (
	ImageURLAttributeName = "imageURL"
	BioAttributeName      = "bio"
	URLAttributeName      = "url"
	CompanyAttributeName  = "company"
	ApprovedAttributeName = "approved"
	ClusterAttribute      = "cluster"
	RHDUsernameAttribute  = "rhd_username"

	// UserProfileContextKey is the context value key used to carry a UserProfileContext value
	UserProfileContextKey = "user_profile_context"
)
View Source 
const (
	OpenShiftProviderAlias = "openshift"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type DefaultIdentityProvider 

type DefaultIdentityProvider struct {
	oauth2.Config
	ProviderID uuid.UUID
	ScopeStr   string
	ProfileURL string
}

BaseIdentityProvider is the base implementation of the IdentityProvider interface

func NewIdentityProvider 

func NewIdentityProvider(config IdentityProviderConfiguration) *DefaultIdentityProvider

NewIdentityProvider creates a new default OAuth identity provider

func (*DefaultIdentityProvider) Profile 

func (provider *DefaultIdentityProvider) Profile(ctx context.Context, token oauth2.Token) (*UserProfile, error)

Profile fetches a user profile from the Identity Provider

func (*DefaultIdentityProvider) SetRedirectURL 

func (provider *DefaultIdentityProvider) SetRedirectURL(redirectURL string)

func (*DefaultIdentityProvider) SetScopes 

func (provider *DefaultIdentityProvider) SetScopes(scopes []string)

func (*DefaultIdentityProvider) UserProfilePayload 

func (provider *DefaultIdentityProvider) UserProfilePayload(ctx context.Context, token oauth2.Token) ([]byte, error)

UserProfilePayload fetches user profile payload from Identity Provider. It is used by the Profile function to do the actual work of talking to the identity provider

type GitHubIdentityProvider 

type GitHubIdentityProvider struct {
	DefaultIdentityProvider
}

func NewGitHubIdentityProvider 

func NewGitHubIdentityProvider(clientID string, clientSecret string, scopes string, authURL string) *GitHubIdentityProvider

func (*GitHubIdentityProvider) ID 

func (provider *GitHubIdentityProvider) ID() uuid.UUID

func (*GitHubIdentityProvider) Profile 

func (provider *GitHubIdentityProvider) Profile(ctx context.Context, token oauth2.Token) (*UserProfile, error)

Profile fetches a user profile from the Identity Provider

func (*GitHubIdentityProvider) Scopes 

func (provider *GitHubIdentityProvider) Scopes() string

func (*GitHubIdentityProvider) TypeName 

func (provider *GitHubIdentityProvider) TypeName() string

func (*GitHubIdentityProvider) URL 

func (provider *GitHubIdentityProvider) URL() string

type IdentityProvider 

type IdentityProvider interface {
	AuthCodeURL(state string, opts ...oauth2.AuthCodeOption) string
	Exchange(ctx netcontext.Context, code string) (*oauth2.Token, error)
	Profile(ctx context.Context, token oauth2.Token) (*UserProfile, error)
	SetRedirectURL(redirectURL string)
	SetScopes(scopes []string)
}

IdentityProvider defines OAuth2 functions which can be used to generate an authorization code, and exchange an authorization code for a token. The same function signatures (AuthCodeURL and Exchange) are provided by the oauth2.Config object which means an object that implements IdentityProvider (such as DefaultIdentityProvider) can also serve in place of an oauth2.Config object.

The Profile function is an additional feature, used to obtain a user's profile information from an identity provider.

type IdentityProviderConfiguration 

type IdentityProviderConfiguration interface {
	GetOAuthProviderClientID() string
	GetOAuthProviderClientSecret() string
	GetOAuthProviderEndpointAuth() string
	GetOAuthProviderEndpointToken() string
	GetOAuthProviderEndpointUserInfo() string
	GetValidRedirectURLs() string
	GetNotApprovedRedirect() string
}

IdentityProviderConfiguration

type IdentityProviderResponse 

type IdentityProviderResponse struct {
	Username      string `json:"preferred_username"`
	GivenName     string `json:"given_name"`
	FamilyName    string `json:"family_name"`
	Email         string `json:"email"`
	EmailVerified bool   `json:"email_verified"`
	Company       string `json:"company"`
	Approved      bool   `json:"approved"`
	Subject       string `json:"sub"`
}

IdentityProviderResponse is used to encapsulate the response from an OAuth identity provider

type LinkingProvider 

type LinkingProvider interface {
	IdentityProvider
	ID() uuid.UUID
	Scopes() string
	TypeName() string
	URL() string
}

LinkingProvider extends IdentityProvider and represents OAuth2 providers for which we support account linking

type LinkingProviderConfiguration 

type LinkingProviderConfiguration interface {
	GetValidRedirectURLs() string
	GetGitHubClientID() string
	GetGitHubClientDefaultScopes() string
	GetGitHubClientSecret() string
}

LinkingProviderConfiguration is a shared configuration for all OAuth2 providers that provide account linking

type OAuthUserProfile 

type OAuthUserProfile struct {
	ID            *string                     `json:"id,omitempty"`
	CreatedAt     int64                       `json:"createdTimestamp,omitempty"`
	Username      *string                     `json:"username,omitempty"`
	FirstName     *string                     `json:"firstName,omitempty"`
	LastName      *string                     `json:"lastName,omitempty"`
	Email         *string                     `json:"email,omitempty"`
	EmailVerified *bool                       `json:"emailVerified"`
	Attributes    *OAuthUserProfileAttributes `json:"attributes,omitempty"`
}

OAuthUserProfile represents standard OAuth User profile api request payload

type OAuthUserProfileAttributes 

type OAuthUserProfileAttributes map[string][]string

OAuthUserProfileAttributes represents standard OAuth profile payload Attributes

type OAuthUserProfileResponse 

type OAuthUserProfileResponse struct {
	ID                         *string                     `json:"id"`
	CreatedTimestamp           *int64                      `json:"createdTimestamp"`
	Username                   *string                     `json:"username"`
	Enabled                    *bool                       `json:"enabled"`
	Totp                       *bool                       `json:"totp"`
	EmailVerified              *bool                       `json:"emailVerified"`
	FirstName                  *string                     `json:"firstName"`
	LastName                   *string                     `json:"lastName"`
	Email                      *string                     `json:"email"`
	Attributes                 *OAuthUserProfileAttributes `json:"attributes"`
	DisableableCredentialTypes []*string                   `json:"disableableCredentialTypes"`
	RequiredActions            []interface{}               `json:"requiredActions"`
}

OAuthUserProfileResponse represents the user profile api response from an oauth provider

type OAuthUserRequest 

type OAuthUserRequest struct {
	Username      *string                     `json:"username"`
	Enabled       *bool                       `json:"enabled"`
	EmailVerified *bool                       `json:"emailVerified"`
	FirstName     *string                     `json:"firstName"`
	LastName      *string                     `json:"lastName"`
	Email         *string                     `json:"email"`
	Attributes    *OAuthUserProfileAttributes `json:"attributes"`
}

{"username":"<USERNAME>","enabled":true,"emailVerified":true, 

"firstName":"<FIRST_NAME>","lastName":"<LAST_NAME>",
"email":"<EMAIL>","attributes":{"approved":["true"],
	"rhd_username":["<USERNAME>"],"company":["<company claim from RHD token>"]}}

type OpenShiftIdentityProvider 

type OpenShiftIdentityProvider interface {
	LinkingProvider
	OSOCluster() cluster.Cluster
}

OpenShiftIdentityProvider represents an OpenShift Identity Provider

func NewOpenShiftIdentityProvider 

func NewOpenShiftIdentityProvider(cluster cluster.Cluster, authURL string) (OpenShiftIdentityProvider, error)

type OpenShiftIdentityProviderImpl 

type OpenShiftIdentityProviderImpl struct {
	DefaultIdentityProvider
	Cluster cluster.Cluster
}

func (*OpenShiftIdentityProviderImpl) ID 

func (provider *OpenShiftIdentityProviderImpl) ID() uuid.UUID

func (*OpenShiftIdentityProviderImpl) OSOCluster 

func (provider *OpenShiftIdentityProviderImpl) OSOCluster() cluster.Cluster

func (*OpenShiftIdentityProviderImpl) Profile 

func (provider *OpenShiftIdentityProviderImpl) Profile(ctx context.Context, token oauth2.Token) (*UserProfile, error)

Profile fetches a user profile from the Identity Provider

func (*OpenShiftIdentityProviderImpl) Scopes 

func (provider *OpenShiftIdentityProviderImpl) Scopes() string

func (*OpenShiftIdentityProviderImpl) TypeName 

func (provider *OpenShiftIdentityProviderImpl) TypeName() string

func (*OpenShiftIdentityProviderImpl) URL 

func (provider *OpenShiftIdentityProviderImpl) URL() string

type UserProfile 

type UserProfile struct {
	Name          string
	Username      string
	GivenName     string
	FamilyName    string
	Email         string
	EmailVerified bool
	Company       string
	Approved      bool
	Subject       string
}

UserProfile represents a user profile fetched from Identity Provider

type UserProfileContext 

type UserProfileContext struct {
	Username *string
}

UserProfileUsernameContext is used to pass certain informational state between layers via the context

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.