Documentation
¶
Overview ¶
Package introspection provide auth strategy to authenticate, incoming HTTP requests using the oauth2 token introspection endpoint, as defined in RFC 7662. This authentication strategy makes it easy to introduce apps, into a oauth2 authorization framework to be used by resource servers or other internal servers.
Index ¶
- func GetAuthenticateFunc(addr string, opts ...auth.Option) token.AuthenticateFunc
- func SetAuthorizationToken(token string) auth.Option
- func SetBasicAuth(clientid, clinetsecret string) auth.Option
- func SetClaimResolver(c oauth2.ClaimsResolver) auth.Option
- func SetClientTransport(rt http.RoundTripper) auth.Option
- func SetErrorResolver(e oauth2.ErrorResolver) auth.Option
- func SetHTTPClient(c *http.Client) auth.Option
- func SetTLSConfig(tls *tls.Config) auth.Option
- func SetVerifyOptions(opts claims.VerifyOptions) auth.Option
- type Claims
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetAuthenticateFunc ¶
func GetAuthenticateFunc(addr string, opts ...auth.Option) token.AuthenticateFunc
GetAuthenticateFunc return function to authenticate request using oauth2 token introspection endpoint. The returned function typically used with the token strategy.
func SetAuthorizationToken ¶
SetAuthorizationToken sets the introspection request's Authorization header to use HTTP Bearer Authentication with the provided token.
func SetBasicAuth ¶
SetBasicAuth sets the introspection request's Authorization header to use HTTP Basic Authentication with the provided clientid and clientsecret.
func SetClaimResolver ¶
func SetClaimResolver(c oauth2.ClaimsResolver) auth.Option
SetClaimResolver sets the introspection strategy ClaimResolver to resolve the authorization claim response. Default: introspection.Claim
func SetClientTransport ¶
func SetClientTransport(rt http.RoundTripper) auth.Option
SetClientTransport sets underlying http client transport.
func SetErrorResolver ¶
func SetErrorResolver(e oauth2.ErrorResolver) auth.Option
SetErrorResolver sets the introspection strategy ErrorResolver to resolve the authorization error response. Default: oauth2.ResponseError
func SetHTTPClient ¶
SetHTTPClient sets underlying http client.
func SetTLSConfig ¶
SetTLSConfig ssets underlying http client tls.
func SetVerifyOptions ¶
func SetVerifyOptions(opts claims.VerifyOptions) auth.Option
SetVerifyOptions sets the introspection strategy to verify authorization response.
Types ¶
type Claims ¶
type Claims struct {
Active bool `json:"active"`
ClientID string `json:"client_id"`
UserName string `json:"username"`
TokenType string `json:"token_type"`
auth.Info
*claims.Standard
}
Claims represents introspection response as defined in RFC 7662. Claims implements auth.Info and oauth2.ClaimsResolver.
func (Claims) GetExpiresAt ¶
GetExpiresAt return's c.ExpiresAt.
func (Claims) GetUserName ¶
GetUserName return's c.Info.GetUserName if exist, Otherwise, it return c.UserName or c.Subject.
func (Claims) New ¶
func (c Claims) New() oauth2.ClaimsResolver
New return's a new Claims as oauth2.ClaimsResolver.
Source Files