dynoid

package
v0.2.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 30, 2024 License: BSD-3-Clause Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ErrMustCheckIssuer staticError = "must check issuer"
)

Variables

This section is empty.

Functions

func LocalTokenPath added in v0.2.0 

func LocalTokenPath(audience string) string

LocalTokenPath returns the path on disk to the token for the given audience

func ReadLocal added in v0.2.0 

func ReadLocal(audience string) (string, error)

ReadLocal reads the local machines token for the given audience

Suitable for passing as a bearer token

Types

type IssuerCallback 

type IssuerCallback func(issuer string) error

An IssuerCallback is called whenever a token is verified to ensure it matches some expected criteria.

func AllowHerokuHost 

func AllowHerokuHost(host string) IssuerCallback

AllowHerokuHost verifies that the issuer is from Heroku for the given host domain

func AllowHerokuSpace added in v0.2.0 

func AllowHerokuSpace(host string, spaceIDs ...string) IssuerCallback

AllowHerokuSpace verifies that the issuer is from Heroku for the given host and space id.

type MalformedTokenError added in v0.2.0 

type MalformedTokenError struct {
	// contains filtered or unexported fields
}

Returned when the token doesn't match the expected format

func (*MalformedTokenError) Error added in v0.2.0 

func (e *MalformedTokenError) Error() string

func (*MalformedTokenError) Unwrap added in v0.2.0 

func (e *MalformedTokenError) Unwrap() error

type Subject added in v0.2.0 

type Subject struct {
	AppID   string `json:"app_id"`
	AppName string `json:"app_name"`
	Dyno    string `json:"dyno"`
}

Subject contains information about the app and dyno the token was issued for

func (*Subject) LogValue added in v0.2.0 

func (s *Subject) LogValue() slog.Value

func (*Subject) MarshalText added in v0.2.0 

func (s *Subject) MarshalText() ([]byte, error)

func (*Subject) String added in v0.2.0 

func (s *Subject) String() string

func (*Subject) UnmarshalText added in v0.2.0 

func (s *Subject) UnmarshalText(text []byte) error

type Token added in v0.2.0 

type Token struct {
	IDToken *oidc.IDToken `json:"-"`
	SpaceID string        `json:"space_id"`
	Subject *Subject      `json:"subject"`
}

Token contains all of the token information stored by Heroku when it's issued

func ReadLocalToken added in v0.2.0 

func ReadLocalToken(ctx context.Context, audience string) (*Token, error)

ReadLocalToken reads the local machines token for the given audience and parses it

func (*Token) LogValue added in v0.2.0 

func (t *Token) LogValue() slog.Value

type UntrustedIssuerError added in v0.2.0 

type UntrustedIssuerError struct {
	Issuer string
}

Returned by an IssuerCallback getting an issuer it doesn't trust

func (*UntrustedIssuerError) Error added in v0.2.0 

func (e *UntrustedIssuerError) Error() string

type Verifier 

type Verifier struct {
	IssuerCallback IssuerCallback
	// contains filtered or unexported fields
}

A Verifier verifies a raw token with it's oids issuer and uses the IssuerCallback to ensure it's from a trusted source.

func New 

func New(clientID string) *Verifier

Instantiate a new Verifier without an IssuerCallback set.

The IssuerCallback must be set before calling Verify or an error will be returned.

func NewWithCallback added in v0.2.0 

func NewWithCallback(clientID string, callback IssuerCallback) *Verifier

Instantiate a new Verifier with the IssuerCallback set.

func (*Verifier) Verify 

func (v *Verifier) Verify(ctx context.Context, rawIDToken string) (*Token, error)

Verify validates the given token with the OIDC provider and validates it against the IssuerCallback

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.