openid

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 2, 2019 License: LGPL-3.0 Imports: 6 Imported by: 20

Documentation

Overview

Package openid contains functions to help log-in to Ubuntu SSO using OpenID 2.0.

Index

Constants

View Source 
const (
	// These standard simple registration fields are supported by
	// Ubuntu SSO.
	SRegNickname = "nickname"
	SRegEmail    = "email"
	SRegFullName = "fullname"
	SRegPostcode = "postcode"
	SRegCountry  = "country"
	SRegLanguage = "language"
	SRegTimezone = "timezone"

	// These non-standard simple registration fields are supported by
	// Ubuntu SSO.
	SRegAddress1 = "x_address1"
	SRegAddress2 = "x_address2"
	SRegCity     = "x_city"
	SRegProvince = "x_province"
	SRegPhone    = "x_phone"
)

Variables

View Source 
var (
	// ErrCancel is the error cause returned by Client.Verify when a
	// login request has been cancelled.
	ErrCancel = errgo.New("login cancelled")
)

Functions

This section is empty.

Types

type Client 

type Client struct {
	// Server holds the Ubuntu SSO server that OpenID requests will
	// be made against.
	Server usso.UbuntuSSOServer

	// NonceStore contains the NonceStore used to verify the OpenID
	// responses have not been previously processed.
	NonceStore NonceStore

	// DiscoveryCache contains a DiscoveryCache to use when verifying
	// OpenID responses.
	DiscoveryCache DiscoveryCache
}

Client is an OpenID client that provides OpenID login for a specific Ubuntu SSO server.

func NewClient 

func NewClient(s usso.UbuntuSSOServer, ns NonceStore, dc DiscoveryCache) *Client

NewClient creates a new Client for the specified Ubuntu SSO server. If ns is nil then a new in-memory NonceStore will be created. If dc is nil then a DiscoveryCache derived from the server wil be used.

func (*Client) RedirectURL 

func (c *Client) RedirectURL(r *Request) string

RedirectURL creates an OpenID login request addressed to c.Server.

func (*Client) Verify 

func (c *Client) Verify(requestURL string) (*Response, error)

Verify processes a positive assertion from Ubuntu SSO. If the verification is successful any parameters asserted by Ubuntu SSO will be set in the Response. If the OpenID response reports that the login was cancelled then an error will be returned with a cause of ErrCancel. If the OpenID response reports an error occurred then an error of type *OpenIDError will be returned.

type DiscoveryCache 

type DiscoveryCache interface {
	openid.DiscoveryCache
}

DiscoveryCache is the DiscoveryCache type from github.com/yohcop/openid-go. It is replicated here for the convenience of clients.

type NonceStore 

type NonceStore interface {
	openid.NonceStore
}

NonceStore is the NonceStore type from github.com/yohcop/openid-go. It is replicated here for the convenience of clients.

type OpenIDError 

type OpenIDError struct {
	// Message contains the "openid.error" field from the response.
	Message string

	// Contact contains the "openid.contact" field from the response.
	Contact string

	// Reference contains the "openid.reference" field from the
	// response.
	Reference string
}

OpenIDError represents an error response from an OpenID server. See http://openid.net/specs/openid-authentication-2_0.html#rfc.section.5.2.3 for details.

func (*OpenIDError) Error 

func (e *OpenIDError) Error() string

Error implements error.Error.

type Request 

type Request struct {
	// ReturnTo contains the callback address for the service, this is
	// where the login response will come.
	ReturnTo string

	// Realm contains the realm that the user is logging into. See
	// http://openid.net/specs/openid-authentication-2_0.html#realms
	// for details.
	Realm string

	// Teams contains a list of launchpad teams to query membership
	// of for the logged in user.
	Teams []string

	// SRegRequired contains a list of simple registration fields
	// that are required by the service.
	SRegRequired []string

	// SRegOptional contains a list of simple registration fields
	// that are optional, but requested by the service.
	SRegOptional []string

	// CaveatID contains the caveat ID of a third-party macaroon
	// caveat addressed to the identity server.
	CaveatID string
}

Request contains the paramaters for an UbuntuSSO OpenID login request.

type Response 

type Response struct {
	// ID contains the claimed_id of the logged in user. This will
	// always be present in a successful login.
	ID string

	// Teams contains any launchpad teams that were specified in the
	// OpenID response.
	Teams []string

	// SReg contains any simple registration fields are
	// were provided in the OpenID response.
	SReg map[string]string

	// Discharge contains the discharge macaroon returned
	// from the identity provider if a CaveatID was supplied in the
	// request.
	Discharge *macaroon.Macaroon
}

Response contains the values returned from Ubuntu SSO after a successful login.

Source Files

View all Source files

Directories

Path Synopsis
Example web application that performs an OpenID login to Ubuntu SSO.
 Example web application that performs an OpenID login to Ubuntu SSO.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.