auth

package

v0.2.0-rc12 Latest Latest Go to latest Published: Dec 8, 2021 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/finleap-connect/monoskope

Documentation ¶

Index ¶

Constants
type Config
- func (conf *Config) String() string
type Handler
- func NewHandler(config *Config, signer jwt.JWTSigner, verifier jwt.JWTVerifier) *Handler
type OpenIdConfiguration
type State
- func DecodeState(encoded string) (*State, error)
- func (state *State) Encode() (string, error)
- func (state *State) IsValid() bool

Constants ¶

View Source

const (
	HeaderAuthId              = "x-auth-id"
	HeaderAuthName            = "x-auth-name"
	HeaderAuthEmail           = "x-auth-email"
	HeaderForwardedClientCert = "x-forwarded-client-cert"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	IdentityProvider     string
	IdentityProviderName string
	URL                  string
	Scopes               []string
	OfflineAsScope       bool
	Nonce                string
	ClientId             string
	ClientSecret         string
	RedirectURIs         []string
	TokenValidity        time.Duration
}

func (*Config) String ¶

func (conf *Config) String() string

type Handler ¶

type Handler struct {
	// contains filtered or unexported fields
}

func NewHandler ¶

func NewHandler(config *Config, signer jwt.JWTSigner, verifier jwt.JWTVerifier) *Handler

func (*Handler) Authorize ¶

func (n *Handler) Authorize(ctx context.Context, token string, claims interface{}) error

Authorize parses the raw JWT, verifies the content against the public key of the verifier and parses the claims

func (*Handler) Exchange ¶

func (n *Handler) Exchange(ctx context.Context, code, state, redirectURL string) (*jwt.StandardClaims, error)

Exchange exchanges the auth code with a token of the upstream IDP and verifies the claims

func (*Handler) GetAuthCodeURL ¶

func (n *Handler) GetAuthCodeURL(state *api.AuthState, scopes []string) (string, string, error)

AuthCodeURL returns a URL to OAuth 2.0 provider's consent page that asks for permissions for the required scopes explicitly.

func (*Handler) IssueToken ¶

func (n *Handler) IssueToken(ctx context.Context, upstreamClaims *jwt.StandardClaims, userId string) (string, *jwt.AuthToken, error)

IssueToken wraps the upstream claims in a JWT signed by Monoskope

func (*Handler) KeyExpiration ¶

func (n *Handler) KeyExpiration() time.Duration

func (*Handler) Keys ¶

func (n *Handler) Keys() *jose.JSONWebKeySet

func (*Handler) SetupOIDC ¶

func (n *Handler) SetupOIDC(ctx context.Context) error

type OpenIdConfiguration ¶

type OpenIdConfiguration struct {
	Issuer  string `json:"issuer"`
	JwksURL string `json:"jwks_uri"`
}

type State ¶

type State struct {
	Callback string `form:"callback" json:"callback,omitempty"`
}

func DecodeState ¶

func DecodeState(encoded string) (*State, error)

func (*State) Encode ¶

func (state *State) Encode() (string, error)

func (*State) IsValid ¶

func (state *State) IsValid() bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL