auth

package

v0.0.0-...-7f4ff7b Latest Latest Go to latest Published: Oct 12, 2022 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jlewi/flaap

Links

Open Source Insights

Documentation ¶

Index ¶

type IDTokenSource
- func (s *IDTokenSource) Token() (*oauth2.Token, error)
type OIDCWebFlowHelper
- func NewOIDCWebFlowHelper(oAuthClientFile string, issuer string) (*OIDCWebFlowHelper, error)
- func (h *OIDCWebFlowHelper) GetOAuthConfig() *oauth2.Config
- func (h *OIDCWebFlowHelper) GetTokenSource(ctx context.Context) (oauth2.TokenSource, error)
type OIDCWebFlowServer
- func NewOIDCWebFlowServer(config oauth2.Config, verifier *oidc.IDTokenVerifier, log logr.Logger) (*OIDCWebFlowServer, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type IDTokenSource ¶

type IDTokenSource struct {
	Source   oauth2.TokenSource
	Verifier *oidc.IDTokenVerifier
}

IDTokenSource is a wrapper around a TokenSource that returns the OpenID token as the access token.

func (*IDTokenSource) Token ¶

func (s *IDTokenSource) Token() (*oauth2.Token, error)

type OIDCWebFlowHelper ¶

type OIDCWebFlowHelper struct {
	// contains filtered or unexported fields
}

OIDCWebFlowHelper helps get an OIDC token using the web flow. GetTokenSource returns a token source which surfaces the OIDC token as the AccessToken. This tokensource can used for Authorization flows that use OIDC tokens as the bearer token.

This flow is useful when obtaining OIDC tokens for human based accounts as these require the user to go through an OAuth web flow to generate the credentials.

For robot accounts it should be possible to generate the OIDC token without going through the WebFlow; e.g. by using the private key for the robot account. See for example: https://pkg.go.dev/google.golang.org/api/idtoken

func NewOIDCWebFlowHelper ¶

func NewOIDCWebFlowHelper(oAuthClientFile string, issuer string) (*OIDCWebFlowHelper, error)

NewOIDCWebFlowHelper constructs a new web flow helper. oAuthClientFile should be the path to a credentials.json downloaded from the API console.

func (*OIDCWebFlowHelper) GetOAuthConfig ¶

func (h *OIDCWebFlowHelper) GetOAuthConfig() *oauth2.Config

func (*OIDCWebFlowHelper) GetTokenSource ¶

func (h *OIDCWebFlowHelper) GetTokenSource(ctx context.Context) (oauth2.TokenSource, error)

GetTokenSource requests a token from the web, then returns the retrieved token.

type OIDCWebFlowServer ¶

type OIDCWebFlowServer struct {
	// contains filtered or unexported fields
}

OIDCWebFlowServer creates a server to be used as part of client registration in the OIDC protocol.

It is based on the code in https://github.com/coreos/go-oidc/blob/v3/example/idtoken/app.go.

N.B: https://github.com/coreos/go-oidc/issues/354 is discussing creating a reusable server.

func NewOIDCWebFlowServer ¶

func NewOIDCWebFlowServer(config oauth2.Config, verifier *oidc.IDTokenVerifier, log logr.Logger) (*OIDCWebFlowServer, error)

func (*OIDCWebFlowServer) Address ¶

func (s *OIDCWebFlowServer) Address() string

func (*OIDCWebFlowServer) AuthStartURL ¶

func (s *OIDCWebFlowServer) AuthStartURL() string

AuthStartURL returns the URL to kickoff the oauth login flow.

func (*OIDCWebFlowServer) HealthCheck ¶

func (s *OIDCWebFlowServer) HealthCheck(w http.ResponseWriter, r *http.Request)

func (*OIDCWebFlowServer) NotFoundHandler ¶

func (s *OIDCWebFlowServer) NotFoundHandler(w http.ResponseWriter, r *http.Request)

func (*OIDCWebFlowServer) Run ¶

func (s *OIDCWebFlowServer) Run() (oauth2.TokenSource, error)

Run runs the flow to create a tokensource.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL