Documentation
¶
Index ¶
- Constants
- func IsErrorWithID(err error, id string) bool
- func NewOAuth2Error(id string, description string) utils.ErrorWithDescription
- func WriteWWWAuthenticateError(rw http.ResponseWriter, code int, err error)
- type EmailClaims
- type IDTokenClaims
- type OAuth2Error
- type ProfileClaims
- type SessionClaims
- type UserInfoClaims
Constants ¶
const KonnectIDTokenSubjectSaltV1 = "konnect-IDToken-v1"
KonnectIDTokenSubjectSaltV1 is the salt value used when hasing Subjects in ID tokens created by Konnect.
Variables ¶
This section is empty.
Functions ¶
func IsErrorWithID ¶ added in v0.17.0
IsErrorWithID returns true if the given error is an OAuth2Error error with the given ID.
func NewOAuth2Error ¶
func NewOAuth2Error(id string, description string) utils.ErrorWithDescription
NewOAuth2Error creates a new error with id and description.
func WriteWWWAuthenticateError ¶
func WriteWWWAuthenticateError(rw http.ResponseWriter, code int, err error)
WriteWWWAuthenticateError writes the provided error with the provided http status code to the provided http response writer as a WWW-Authenticate header with comma seperated fields for id and description.
Types ¶
type EmailClaims ¶
type EmailClaims struct {
Email string `json:"email,omitempty"`
EmailVerified bool `json:"email_verified"`
}
EmailClaims define the claims for the OIDC email scope. https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
func NewEmailClaims ¶
func NewEmailClaims(claims jwt.Claims) *EmailClaims
NewEmailClaims return a new EmailClaims set from the provided jwt.Claims or nil.
func (EmailClaims) Valid ¶
func (c EmailClaims) Valid() error
Valid implements the jwt.Claims interface.
type IDTokenClaims ¶
type IDTokenClaims struct {
jwt.StandardClaims
Nonce string `json:"nonce,omitempty"`
AuthTime int64 `json:"auth_time,omitempty"`
AccessTokenHash string `json:"at_hash,omitempty"`
CodeHash string `json:"c_hash,omitempty"`
*ProfileClaims
*EmailClaims
*SessionClaims
}
IDTokenClaims define the claims found in OIDC ID Tokens.
func (IDTokenClaims) Valid ¶
func (c IDTokenClaims) Valid() (err error)
Valid implements the jwt.Claims interface.
type OAuth2Error ¶
type OAuth2Error struct {
ErrorID string `json:"error"`
ErrorDescription string `json:"error_description"`
}
OAuth2Error defines a general OAuth2 error with id and decription.
func (*OAuth2Error) Description ¶
func (err *OAuth2Error) Description() string
Description implements the ErrorWithDescription interface.
func (*OAuth2Error) Error ¶
func (err *OAuth2Error) Error() string
Error implements the error interface.
type ProfileClaims ¶
type ProfileClaims struct {
Name string `json:"name,omitempty"`
FamilyName string `json:"family_name,omitempty"`
GivenName string `json:"given_name,omitempty"`
PreferredUsername string `json:"preferred_username,omitempty"`
}
ProfileClaims define the claims for the OIDC profile scope. https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
func NewProfileClaims ¶
func NewProfileClaims(claims jwt.Claims) *ProfileClaims
NewProfileClaims return a new ProfileClaims set from the provided jwt.Claims or nil.
func (ProfileClaims) Valid ¶
func (c ProfileClaims) Valid() error
Valid implements the jwt.Claims interface.
type SessionClaims ¶ added in v0.11.0
type SessionClaims struct {
SessionID string `json:"sid,omitempty"`
}
SessionClaims define claims related to front end sessions, for example as specified by https://openid.net/specs/openid-connect-frontchannel-1_0.html
type UserInfoClaims ¶
type UserInfoClaims struct {
Subject string `json:"sub,omitempty"`
}
UserInfoClaims define the claims defined by the OIDC UserInfo endpoint.
func (UserInfoClaims) Valid ¶
func (c UserInfoClaims) Valid() error
Valid implements the jwt.Claims interface.
Source Files
Directories