Documentation ¶
Index ¶
- type AzureProvider
- type FacebookProvider
- type GitHubProvider
- type GitLabProvider
- type GoogleProvider
- func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
- func (p *GoogleProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
- func (p *GoogleProvider) SetGroupRestriction(groups []string, adminEmail string, credentialsReader io.Reader)
- func (p *GoogleProvider) ValidateGroup(email string) bool
- type LinkedInProvider
- type OIDCProvider
- type Provider
- type ProviderData
- func (p *ProviderData) CookieForSession(s *SessionState, c *cookie.Cipher) (string, error)
- func (p *ProviderData) Data() *ProviderData
- func (p *ProviderData) GetEmailAddress(s *SessionState) (string, error)
- func (p *ProviderData) GetLoginURL(redirectURI, state string) string
- func (p *ProviderData) GetUserName(s *SessionState) (string, error)
- func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error)
- func (p *ProviderData) RefreshSessionIfNeeded(s *SessionState) (bool, error)
- func (p *ProviderData) SessionFromCookie(v string, c *cookie.Cipher) (s *SessionState, err error)
- func (p *ProviderData) ValidateGroup(email string) bool
- func (p *ProviderData) ValidateSessionState(s *SessionState) bool
- type SessionState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AzureProvider ¶
type AzureProvider struct { *ProviderData Tenant string }
func NewAzureProvider ¶
func NewAzureProvider(p *ProviderData) *AzureProvider
func (*AzureProvider) Configure ¶
func (p *AzureProvider) Configure(tenant string)
func (*AzureProvider) GetEmailAddress ¶
func (p *AzureProvider) GetEmailAddress(s *SessionState) (string, error)
type FacebookProvider ¶
type FacebookProvider struct {
*ProviderData
}
func NewFacebookProvider ¶
func NewFacebookProvider(p *ProviderData) *FacebookProvider
func (*FacebookProvider) GetEmailAddress ¶
func (p *FacebookProvider) GetEmailAddress(s *SessionState) (string, error)
func (*FacebookProvider) ValidateSessionState ¶
func (p *FacebookProvider) ValidateSessionState(s *SessionState) bool
type GitHubProvider ¶
type GitHubProvider struct { *ProviderData Org string Team string }
func NewGitHubProvider ¶
func NewGitHubProvider(p *ProviderData) *GitHubProvider
func (*GitHubProvider) GetEmailAddress ¶
func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error)
func (*GitHubProvider) GetUserName ¶
func (p *GitHubProvider) GetUserName(s *SessionState) (string, error)
func (*GitHubProvider) SetOrgTeam ¶
func (p *GitHubProvider) SetOrgTeam(org, team string)
type GitLabProvider ¶
type GitLabProvider struct {
*ProviderData
}
func NewGitLabProvider ¶
func NewGitLabProvider(p *ProviderData) *GitLabProvider
func (*GitLabProvider) GetEmailAddress ¶
func (p *GitLabProvider) GetEmailAddress(s *SessionState) (string, error)
type GoogleProvider ¶
type GoogleProvider struct { *ProviderData RedeemRefreshURL *url.URL // GroupValidator is a function that determines if the passed email is in // the configured Google group. GroupValidator func(string) bool }
func NewGoogleProvider ¶
func NewGoogleProvider(p *ProviderData) *GoogleProvider
func (*GoogleProvider) Redeem ¶
func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*GoogleProvider) RefreshSessionIfNeeded ¶
func (p *GoogleProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
func (*GoogleProvider) SetGroupRestriction ¶
func (p *GoogleProvider) SetGroupRestriction(groups []string, adminEmail string, credentialsReader io.Reader)
SetGroupRestriction configures the GoogleProvider to restrict access to the specified group(s). AdminEmail has to be an administrative email on the domain that is checked. CredentialsFile is the path to a json file containing a Google service account credentials.
func (*GoogleProvider) ValidateGroup ¶
func (p *GoogleProvider) ValidateGroup(email string) bool
ValidateGroup validates that the provided email exists in the configured Google group(s).
type LinkedInProvider ¶
type LinkedInProvider struct {
*ProviderData
}
func NewLinkedInProvider ¶
func NewLinkedInProvider(p *ProviderData) *LinkedInProvider
func (*LinkedInProvider) GetEmailAddress ¶
func (p *LinkedInProvider) GetEmailAddress(s *SessionState) (string, error)
func (*LinkedInProvider) ValidateSessionState ¶
func (p *LinkedInProvider) ValidateSessionState(s *SessionState) bool
type OIDCProvider ¶
type OIDCProvider struct { *ProviderData Verifier *oidc.IDTokenVerifier }
func NewOIDCProvider ¶
func NewOIDCProvider(p *ProviderData) *OIDCProvider
func (*OIDCProvider) Redeem ¶
func (p *OIDCProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*OIDCProvider) RefreshSessionIfNeeded ¶
func (p *OIDCProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
type Provider ¶
type Provider interface { Data() *ProviderData GetEmailAddress(*SessionState) (string, error) GetUserName(*SessionState) (string, error) Redeem(string, string) (*SessionState, error) ValidateGroup(string) bool ValidateSessionState(*SessionState) bool GetLoginURL(redirectURI, finalRedirect string) string RefreshSessionIfNeeded(*SessionState) (bool, error) SessionFromCookie(string, *cookie.Cipher) (*SessionState, error) CookieForSession(*SessionState, *cookie.Cipher) (string, error) }
func New ¶
func New(provider string, p *ProviderData) Provider
type ProviderData ¶
type ProviderData struct { ProviderName string ClientID string ClientSecret string LoginURL *url.URL RedeemURL *url.URL ProfileURL *url.URL ProtectedResource *url.URL ValidateURL *url.URL Scope string ApprovalPrompt string }
func (*ProviderData) CookieForSession ¶
func (p *ProviderData) CookieForSession(s *SessionState, c *cookie.Cipher) (string, error)
CookieForSession serializes a session state for storage in a cookie
func (*ProviderData) Data ¶
func (p *ProviderData) Data() *ProviderData
func (*ProviderData) GetEmailAddress ¶
func (p *ProviderData) GetEmailAddress(s *SessionState) (string, error)
func (*ProviderData) GetLoginURL ¶
func (p *ProviderData) GetLoginURL(redirectURI, state string) string
GetLoginURL with typical oauth parameters
func (*ProviderData) GetUserName ¶
func (p *ProviderData) GetUserName(s *SessionState) (string, error)
GetUserName returns the Account username
func (*ProviderData) Redeem ¶
func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*ProviderData) RefreshSessionIfNeeded ¶
func (p *ProviderData) RefreshSessionIfNeeded(s *SessionState) (bool, error)
RefreshSessionIfNeeded
func (*ProviderData) SessionFromCookie ¶
func (p *ProviderData) SessionFromCookie(v string, c *cookie.Cipher) (s *SessionState, err error)
SessionFromCookie deserializes a session from a cookie value
func (*ProviderData) ValidateGroup ¶
func (p *ProviderData) ValidateGroup(email string) bool
ValidateGroup validates that the provided email exists in the configured provider email group(s).
func (*ProviderData) ValidateSessionState ¶
func (p *ProviderData) ValidateSessionState(s *SessionState) bool
type SessionState ¶
type SessionState struct { AccessToken string ExpiresOn time.Time RefreshToken string Email string User string }
func DecodeSessionState ¶
func DecodeSessionState(v string, c *cookie.Cipher) (s *SessionState, err error)
func (*SessionState) EncodeSessionState ¶
func (s *SessionState) EncodeSessionState(c *cookie.Cipher) (string, error)
func (*SessionState) EncryptedString ¶
func (s *SessionState) EncryptedString(c *cookie.Cipher) (string, error)
func (*SessionState) IsExpired ¶
func (s *SessionState) IsExpired() bool
func (*SessionState) String ¶
func (s *SessionState) String() string