Versions in this module Expand all Collapse all v0 v0.0.1 Jun 23, 2018 Changes in this version + const DefaultPublicKeySetTTL + const MaximumProviderConfigSyncInterval + const MinimumProviderConfigSyncInterval + const SubjectTypePairwise + const SubjectTypePublic + var DefaultClaimTypesSupported = []string + var DefaultGrantTypesSupported = []string + var DefaultResponseModesSupported = []string + var DefaultScope = []string + var DefaultTokenEndpointAuthMethodsSupported = []string + func ExtractBearerToken(r *http.Request) (string, error) + func GenClientID(hostport string) (string, error) + func NewClaims(iss, sub string, aud interface{}, iat, exp time.Time) jose.Claims + func NewHTTPProviderConfigGetter(hc phttp.Client, issuerURL string) *httpProviderConfigGetter + func NewRemotePublicKeyRepo(hc phttp.Client, ep string) *remotePublicKeyRepo + func VerifyClaims(jwt jose.JWT, issuer, clientID string, skipClientID bool) error + func VerifyClientClaims(jwt jose.JWT, issuer string) (string, error) + func VerifySignature(jwt jose.JWT, keys []key.PublicKey) (bool, error) + type AuthenticatedTransport struct + func (t *AuthenticatedTransport) RoundTrip(r *http.Request) (*http.Response, error) + func (t *AuthenticatedTransport) SetJWT(jwt jose.JWT) + type Client struct + func NewClient(cfg ClientConfig) (*Client, error) + func (c *Client) ClientCredsToken(scope []string) (jose.JWT, error) + func (c *Client) ExchangeAuthCode(code string) (jose.JWT, error) + func (c *Client) Healthy() error + func (c *Client) OAuthClient() (*oauth2.Client, error) + func (c *Client) RefreshToken(refreshToken string) (jose.JWT, error) + func (c *Client) SyncProviderConfig(discoveryURL string) chan struct{} + func (c *Client) VerifyJWT(jwt jose.JWT) error + type ClientConfig struct + Credentials ClientCredentials + HTTPClient phttp.Client + KeySet key.PublicKeySet + ProviderConfig ProviderConfig + RedirectURL string + Scope []string + SkipClientIDCheck bool + type ClientCredentials oauth2.ClientCredentials + type ClientCredsTokenRefresher struct + Issuer string + OIDCClient *Client + func (c *ClientCredsTokenRefresher) Refresh() (jwt jose.JWT, err error) + func (c *ClientCredsTokenRefresher) Verify(jwt jose.JWT) (err error) + type ClientIdentity struct + Credentials ClientCredentials + Metadata ClientMetadata + type ClientMetadata struct + ApplicationType string + ClientName string + ClientURI *url.URL + Contacts []mail.Address + DefaultACRValues []string + DefaultMaxAge int64 + GrantTypes []string + IDTokenResponseOptions JWAOptions + InitiateLoginURI *url.URL + JWKS *jose.JWKSet + JWKSURI *url.URL + LogoURI *url.URL + PolicyURI *url.URL + RedirectURIs []url.URL + RequestObjectOptions JWAOptions + RequestURIs []url.URL + RequireAuthTime bool + ResponseTypes []string + SectorIdentifierURI *url.URL + SubjectType string + TermsOfServiceURI *url.URL + TokenEndpointAuthMethod string + TokenEndpointAuthSigningAlg string + UserInfoResponseOptions JWAOptions + func (m *ClientMetadata) MarshalJSON() ([]byte, error) + func (m *ClientMetadata) UnmarshalJSON(data []byte) error + func (m *ClientMetadata) Valid() error + func (m ClientMetadata) Defaults() ClientMetadata + type ClientRegistrationResponse struct + ClientID string + ClientIDIssuedAt time.Time + ClientSecret string + ClientSecretExpiresAt time.Time + RegistrationAccessToken string + RegistrationClientURI string + func (c *ClientRegistrationResponse) MarshalJSON() ([]byte, error) + func (c *ClientRegistrationResponse) UnmarshalJSON(data []byte) error + type Identity struct + Email string + ExpiresAt time.Time + ID string + Name string + func IdentityFromClaims(claims jose.Claims) (*Identity, error) + type JWAOptions struct + EncryptionAlg string + EncryptionEnc string + SigningAlg string + type JWTVerifier struct + func NewJWTVerifier(issuer, clientID string, syncFunc func() error, ...) JWTVerifier + func (v *JWTVerifier) Verify(jwt jose.JWT) error + type LoginFunc func(ident Identity, sessionKey string) (redirectURL string, err error) + type ProviderConfig struct + ACRValuesSupported []string + AuthEndpoint *url.URL + CheckSessionIFrame *url.URL + ClaimTypesSupported []string + ClaimsLocalsSupported []string + ClaimsParameterSupported bool + ClaimsSupported []string + DisplayValuesSupported []string + EndSessionEndpoint *url.URL + ExpiresAt time.Time + GrantTypesSupported []string + IDTokenEncryptionAlgValues []string + IDTokenEncryptionEncValues []string + IDTokenSigningAlgValues []string + Issuer *url.URL + KeysEndpoint *url.URL + Policy *url.URL + RegistrationEndpoint *url.URL + ReqObjEncryptionAlgValues []string + ReqObjEncryptionEncValues []string + ReqObjSigningAlgValues []string + RequestParameterSupported bool + RequestURIParamaterSupported bool + RequireRequestURIRegistration bool + ResponseModesSupported []string + ResponseTypesSupported []string + ScopesSupported []string + ServiceDocs *url.URL + SubjectTypesSupported []string + TermsOfService *url.URL + TokenEndpoint *url.URL + TokenEndpointAuthMethodsSupported []string + TokenEndpointAuthSigningAlgValuesSupported []string + UILocalsSupported []string + UserInfoEncryptionAlgValues []string + UserInfoEncryptionEncValues []string + UserInfoEndpoint *url.URL + UserInfoSigningAlgValues []string + func FetchProviderConfig(hc phttp.Client, issuerURL string) (ProviderConfig, error) + func WaitForProviderConfig(hc phttp.Client, issuerURL string) (pcfg ProviderConfig) + func (p *ProviderConfig) MarshalJSON() ([]byte, error) + func (p *ProviderConfig) UnmarshalJSON(data []byte) error + func (p ProviderConfig) Defaults() ProviderConfig + func (p ProviderConfig) Empty() bool + func (p ProviderConfig) Supports(c ClientMetadata) error + func (p ProviderConfig) SupportsGrantType(grantType string) bool + func (p ProviderConfig) Valid() error + type ProviderConfigGetter interface + Get func() (ProviderConfig, error) + type ProviderConfigSetter interface + Set func(ProviderConfig) error + type ProviderConfigSyncer struct + func NewProviderConfigSyncer(from ProviderConfigGetter, to ProviderConfigSetter) *ProviderConfigSyncer + func (s *ProviderConfigSyncer) Run() chan struct{} + func (s *ProviderConfigSyncer) WaitUntilInitialSync() + type RequestTokenExtractor func(r *http.Request) (string, error) + func CookieTokenExtractor(cookieName string) RequestTokenExtractor + type TokenRefresher interface + Refresh func() (jose.JWT, error) + Verify func(jose.JWT) error