Documentation
¶
Index ¶
- type Config
- type Provider
- func (p *Provider) AuthorizeHandler(rw http.ResponseWriter, req *http.Request)
- func (p *Provider) AuthorizeResponse(rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, ...)
- func (p *Provider) EndSessionHandler(rw http.ResponseWriter, req *http.Request)
- func (p *Provider) ErrorPage(rw http.ResponseWriter, code int, title string, message string)
- func (p *Provider) Found(rw http.ResponseWriter, uri *url.URL, params interface{}, asFragment bool)
- func (p *Provider) GetAccessTokenClaimsFromRequest(req *http.Request) (*konnect.AccessTokenClaims, error)
- func (p *Provider) InitializeMetadata() error
- func (p *Provider) JwksHandler(rw http.ResponseWriter, req *http.Request)
- func (p *Provider) LoginRequiredPage(rw http.ResponseWriter, req *http.Request, uri *url.URL)
- func (p *Provider) PublicSubjectFromAuth(auth identity.AuthRecord) (string, error)
- func (p *Provider) ServeHTTP(rw http.ResponseWriter, req *http.Request)
- func (p *Provider) SetSigningKey(id string, key crypto.Signer, signingMethod jwt.SigningMethod) error
- func (p *Provider) SetValidationKey(id string, key crypto.PublicKey, signingMethod jwt.SigningMethod) error
- func (p *Provider) TokenHandler(rw http.ResponseWriter, req *http.Request)
- func (p *Provider) UserInfoHandler(rw http.ResponseWriter, req *http.Request)
- func (p *Provider) WellKnownHandler(rw http.ResponseWriter, req *http.Request)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Config *config.Config
IssuerIdentifier string
WellKnownPath string
JwksPath string
AuthorizationPath string
TokenPath string
UserInfoPath string
EndSessionPath string
IdentityManager identity.Manager
CodeManager code.Manager
}
Config defines a Provider's configuration settings.
type Provider ¶
type Provider struct {
Config *Config
// contains filtered or unexported fields
}
Provider defines an OIDC provider with the handlers for the OIDC endpoints.
func NewProvider ¶
NewProvider returns a new Provider.
func (*Provider) AuthorizeHandler ¶
func (p *Provider) AuthorizeHandler(rw http.ResponseWriter, req *http.Request)
AuthorizeHandler implements the HTTP authorization endpoint for OpenID Connect 1.0 as specified at http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthorizationEndpoint
Currently AuthorizeHandler implements only the Implicit Flow as specified at http://openid.net/specs/openid-connect-core-1_0.html#ImplicitFlowAuth
func (*Provider) AuthorizeResponse ¶
func (p *Provider) AuthorizeResponse(rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth identity.AuthRecord, err error)
AuthorizeResponse writes the result according to the provided parameters to the provided http.ResponseWriter.
func (*Provider) EndSessionHandler ¶ added in v0.6.0
func (p *Provider) EndSessionHandler(rw http.ResponseWriter, req *http.Request)
EndSessionHandler implements the HTTP endpoint for RP initiated logout with OpenID Connect Session Management 1.0 as specified at https://openid.net/specs/openid-connect-session-1_0.html#RPLogout
func (*Provider) Found ¶
Found writes a HTTP 302 to the provided ResponseWriter with the appropriate Location header creates from the other parameters.
func (*Provider) GetAccessTokenClaimsFromRequest ¶
func (p *Provider) GetAccessTokenClaimsFromRequest(req *http.Request) (*konnect.AccessTokenClaims, error)
GetAccessTokenClaimsFromRequest reads incoming request, validates the access token and returns the validated claims.
func (*Provider) InitializeMetadata ¶ added in v0.6.0
InitializeMetadata creates the accociated providers meta data document. Call this once all other settings at the provider have been done.
func (*Provider) JwksHandler ¶
func (p *Provider) JwksHandler(rw http.ResponseWriter, req *http.Request)
JwksHandler implements the HTTP provider JWKS endpoint for OpenID provider metadata used with OpenID Connect Discovery 1.0 as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
func (*Provider) LoginRequiredPage ¶ added in v0.3.0
LoginRequiredPage writes a HTTP 30 to the provided ResponseWrite with the URL of the provided request (set to the scheme and host of issuer) as continue parameter.
func (*Provider) PublicSubjectFromAuth ¶ added in v0.8.0
func (p *Provider) PublicSubjectFromAuth(auth identity.AuthRecord) (string, error)
PublicSubjectFromAuth creates the provideds auth Subject value with the accociated provider. This subject can be used as URL safe value to uniquely identify the provided auth user with remote systems.
func (*Provider) ServeHTTP ¶
func (p *Provider) ServeHTTP(rw http.ResponseWriter, req *http.Request)
ServerHTTP implements the http.HandlerFunc interface.
func (*Provider) SetSigningKey ¶
func (p *Provider) SetSigningKey(id string, key crypto.Signer, signingMethod jwt.SigningMethod) error
SetSigningKey sets the provided signer as key for token signing and uses the provided id as key id. The public key of the provided signer is also added as validation key with the same id.
func (*Provider) SetValidationKey ¶ added in v0.3.0
func (p *Provider) SetValidationKey(id string, key crypto.PublicKey, signingMethod jwt.SigningMethod) error
SetValidationKey sets the provider public key as validation key for token validation for tokens with the provided key.
func (*Provider) TokenHandler ¶
func (p *Provider) TokenHandler(rw http.ResponseWriter, req *http.Request)
TokenHandler implements the HTTP token endpoint for OpenID Connect 1.0 as specified at http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint
func (*Provider) UserInfoHandler ¶
func (p *Provider) UserInfoHandler(rw http.ResponseWriter, req *http.Request)
UserInfoHandler implements the HTTP userinfo endpoint for OpenID Connect 1.0 as specified at https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
func (*Provider) WellKnownHandler ¶
func (p *Provider) WellKnownHandler(rw http.ResponseWriter, req *http.Request)
WellKnownHandler implements the HTTP provider configuration endpoint for OpenID Connect 1.0 as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
Source Files