Documentation ¶
Index ¶
- Constants
- Variables
- func CreateIDToken(issuer string, client_id string, sub string, userInfo *UserWithGroups, ...) (string, error)
- func HeartbeatToDB(ctx context.Context)
- func IsAuthorizeRequestTypeEqual(t1, t2 osin.AuthorizeRequestType) bool
- func NewAuthenticateMiddleware() server.Middleware
- func ValidateFullName(fullname string) error
- func ValidateSlug(slug string, maxLen int) error
- func ValidateURI(uri string) error
- func ValidateUserEmail(email string, ctx context.Context) error
- type AddHandles
- type ApiError
- type App
- type AppResource
- type AppRole
- type AppRoleResource
- type AppRolesOfUser
- type AppsResource
- type AuthenticateWare
- type BackendGroup
- type Group
- type GroupMemberResource
- type GroupMemberRole
- type GroupResource
- type GroupWithMembers
- type GroupWithRole
- type GroupsResource
- type JWKs
- type JWT
- type MeResource
- type MemberResource
- type MemberRole
- type Mock
- type OIDC_Configuration
- type Resource
- type ResourceResource
- type Resources
- type ResourcesResource
- type Role
- type RoleMember
- type RoleMemberResource
- type RoleMemberType
- type RoleMembers
- type RoleMembersReq
- type RoleModifyReq
- type RoleReq
- type RoleResource
- type RoleResourceReq
- type RoleResourceResource
- type RolesResource
- type Server
- func (s *Server) AuthorizationEndpoint(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) BatchUsers(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) Home(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) Jwks_uriEndpoint(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) ListenAndServe(addr string, addHandlers AddHandles) error
- func (s *Server) NewOidcConfig(ctx context.Context) *OIDC_Configuration
- func (s *Server) OidcConfig(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) PageApplication(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) RoleMembers(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) SetUserBackend(ub iuser.UserBackend)
- func (s *Server) UserInfo(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- func (s *Server) UsersList(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
- type TestHelper
- type TokenConfig
- type TokenEndpoint
- type UserResource
- type UserRole
- type UserRoles
- type UserWithGroups
Constants ¶
View Source
const ( OPENID_SCOPE = "openid" ID_TOKEN = "id_token" )
View Source
const (
TOKEN_IDTOKEN osin.AuthorizeRequestType = "token id_token"
)
Variables ¶
View Source
var (
ErrNotAdmin = errors.New("only user in app's admin role can modify the app's role tree.")
)
Functions ¶
func CreateIDToken ¶
func HeartbeatToDB ¶
在某些网络环境下,如果 ssoserver 和 mysql 之间的长连接在 idle 一段时间后,此连接上发送的数据包会被丢弃,导致查询超时。 为避免这种情况的发生,可以定时查询数据库,以保持连接 live 。
func IsAuthorizeRequestTypeEqual ¶
func IsAuthorizeRequestTypeEqual(t1, t2 osin.AuthorizeRequestType) bool
func NewAuthenticateMiddleware ¶
func NewAuthenticateMiddleware() server.Middleware
func ValidateFullName ¶
func ValidateSlug ¶
func ValidateURI ¶
Types ¶
type ApiError ¶
type ApiError struct { Message string `json:"message"` Data interface{} `json:"data"` }
type AppResource ¶
type AppResource struct {
server.BaseResource
}
type AppRoleResource ¶
type AppRoleResource struct {
server.BaseResource
}
AppRole: can get roles of everyone related to the app, not only the app owner
type AppRolesOfUser ¶
type AuthenticateWare ¶
type AuthenticateWare struct { }
type BackendGroup ¶
type BackendGroup struct { Group Backend iuser.GroupType `json:"backend"` Rules string `json:"rules"` }
func (*BackendGroup) Validate ¶
func (bg *BackendGroup) Validate() error
type GroupMemberResource ¶
type GroupMemberResource struct {
server.BaseResource
}
type GroupMemberRole ¶
type GroupResource ¶
type GroupResource struct {
server.BaseResource
}
type GroupWithMembers ¶
type GroupWithMembers struct { Name string `json:"name"` FullName string `json:"fullname"` Members []MemberRole `json:"members"` GroupMembers []GroupMemberRole `json:"group_members"` }
type GroupWithRole ¶
type GroupsResource ¶
type GroupsResource struct {
server.BaseResource
}
type JWT ¶
type JWT struct { Header map[string]interface{} Claims map[string]interface{} Sig string Token string }
func (*JWT) ClaimsJson ¶
func (*JWT) HeaderJson ¶
type MeResource ¶
type MeResource struct {
server.BaseResource
}
type MemberResource ¶
type MemberResource struct {
server.BaseResource
}
type MemberRole ¶
type OIDC_Configuration ¶
type OIDC_Configuration struct { Issuer string `json:"issuer"` AuthEnd string `json:"authorization_endpoint"` TokenEnd string `json:"token_endpoint"` UserInfoEnd string `json:"userinfo_endpoint"` JwksUri string `json:"jwks_uri"` ResponseTypeSupported []osin.AuthorizeRequestType `json:"response_types_supported"` ScopesSupported []string `json:"scopes_supported"` ClaimsSupported []string `json:"claims_supported"` }
TODO 完整的 openid-configuration
type ResourceResource ¶
type ResourceResource struct {
server.BaseResource
}
type ResourcesResource ¶
type ResourcesResource struct {
server.BaseResource
}
type RoleMember ¶
type RoleMemberResource ¶
type RoleMemberResource struct {
server.BaseResource
}
type RoleMemberType ¶
type RoleMemberType struct {
MemberType string `json:"type"`
}
type RoleMembers ¶
type RoleMembers struct { role.Role Type string `json:"type"` Members []RoleMember `json:"members"` }
type RoleMembersReq ¶
type RoleMembersReq struct { RoleId int Action string MemberList []RoleMember `json:"members"` }
type RoleModifyReq ¶
type RoleResourceReq ¶
type RoleResourceResource ¶
type RoleResourceResource struct {
server.BaseResource
}
type Server ¶
func (*Server) AuthorizationEndpoint ¶
func (*Server) BatchUsers ¶
func (s *Server) BatchUsers(ctx context.Context, w http.ResponseWriter, r *http.Request) context.Context
Batch return users' profiles and groups(optional)
func (*Server) Jwks_uriEndpoint ¶
func (*Server) ListenAndServe ¶
func (s *Server) ListenAndServe(addr string, addHandlers AddHandles) error
func (*Server) NewOidcConfig ¶
func (s *Server) NewOidcConfig(ctx context.Context) *OIDC_Configuration
func (*Server) OidcConfig ¶
func (*Server) PageApplication ¶
func (*Server) RoleMembers ¶
func (*Server) SetUserBackend ¶
func (s *Server) SetUserBackend(ub iuser.UserBackend)
type TestHelper ¶
func NewTestHelper ¶
func NewTestHelper(t *testing.T) *TestHelper
type TokenConfig ¶
type UserResource ¶
type UserResource struct {
server.BaseResource
}
type UserWithGroups ¶
type UserWithGroups struct { User iuser.UserProfile `json:"user,omitempty"` Groups []string `json:"groups"` }
func GetUserWithGroups ¶
func GetUserWithGroups(ctx context.Context, u iuser.User) *UserWithGroups
func (*UserWithGroups) MarshalJSON ¶
func (ug *UserWithGroups) MarshalJSON() ([]byte, error)
该函数必须是 *UserWithGroups, 否则会产生递归调用,即 绝对不可写成 func (ug UserWithGroups) MarshalJSON() ([]byte, error) {} 即想要调用也必须传入 *UserWithGroups
Source Files ¶
Click to show internal directories.
Click to hide internal directories.