server

package
v0.1.49 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 27, 2021 License: GPL-3.0 Imports: 24 Imported by: 0

Documentation

Overview

Package server provides an http oauth REST API

Index

Constants

View Source 
const (
	// AuthRequestParam is the name of the request token parameter
	AuthRequestParam = "request_token"
)

Variables

View Source 
var (
	// ErrMissingParameter is returned when a parameter is missing
	ErrMissingParameter = func(u *url.URL, param string) api.Responder {
		msg := fmt.Sprintf("parameter %s is a required", param)

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeInvalidRequest, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeInvalidRequest),
			"error_description": msg,
		})
	}

	// ErrInvalidParameter is returned when a parameter is valid
	ErrInvalidParameter = func(u *url.URL, param string) api.Responder {
		msg := fmt.Sprintf("parameter %s is not valid", param)

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeInvalidRequest, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeInvalidRequest),
			"error_description": msg,
		})
	}

	// ErrInvalidContext is returned when the context can not be resolved
	ErrInvalidContext = func(u *url.URL) api.Responder {
		msg := fmt.Sprintf("invalid context")

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeInvalidRequest, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeInvalidRequest),
			"error_description": msg,
		})
	}

	// ErrExpiredRequestToken is returned when the token is expired
	ErrExpiredRequestToken = func(u *url.URL) api.Responder {
		msg := fmt.Sprintf("request token expired")

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeAccessDenied, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeAccessDenied),
			"error_description": msg,
		})
	}

	// ErrUserNotFound is returned when the user is not found
	ErrUserNotFound = func(u *url.URL) api.Responder {
		msg := fmt.Sprintf("user not found")

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeAccessDenied, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeAccessDenied),
			"error_description": msg,
		})
	}

	// ErrUnauthorizedRediretURI is returned when the redirect uri is not authorized
	ErrUnauthorizedRediretURI = func(u *url.URL) api.Responder {
		msg := fmt.Sprintf("unauthorized redirect uri")

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeAccessDenied, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeAccessDenied),
			"error_description": msg,
		})
	}

	// ErrUnauthorized is returned when the request has been denied
	ErrUnauthorized = func(u *url.URL, reason string) api.Responder {
		msg := fmt.Sprintf("unauthorized request: %s", reason)

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeAccessDenied, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeAccessDenied),
			"error_description": msg,
		})
	}

	// ErrBadRequest is used for invalid requests
	ErrBadRequest = func(u *url.URL, reason string) api.Responder {
		msg := fmt.Sprintf("bad request: %s", reason)

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeInvalidRequest, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeInvalidRequest),
			"error_description": msg,
		})
	}

	// ErrServerError is used for internal errors
	ErrServerError = func(u *url.URL, f string, args ...interface{}) api.Responder {
		msg := fmt.Sprintf(f, args...)

		if u == nil {
			return oauth.Errorf(oauth.ErrorCodeServerError, msg)
		}

		return api.Redirect(u, map[string]string{
			"error":             string(oauth.ErrorCodeServerError),
			"error_description": msg,
		})
	}
)
View Source 
var (
	// DefaultCodeChallengeMethod is the only challenge method
	DefaultCodeChallengeMethod = "plain"
)

Functions

func EnsureURI 

func EnsureURI(uri string, search []string, r ...*http.Request) (*url.URL, error)

EnsureURI checks that a uri matches within a list

func VerifySend added in v0.1.10 

func VerifySend(ctx context.Context, params *VerifySendParams) error

VerifySend sends a verification to the user

Types

type AuthorizeParams 

type AuthorizeParams struct {
	AppURI              *string  `json:"app_uri"`
	Audience            *string  `json:"audience,omitempty"`
	ClientID            string   `json:"client_id"`
	CodeChallenge       *string  `json:"code_challenge"`
	CodeChallengeMethod *string  `json:"code_challenge_method,omitempty"`
	RedirectURI         *string  `json:"redirect_uri"`
	ResponseType        string   `json:"response_type"`
	Scope               []string `json:"scope"`
	State               *string  `json:"state,omitempty"`
	Nonce               *string  `json:"nonce,omitempty"`
}

AuthorizeParams contains all the bound params for the authorize operation

func (*AuthorizeParams) Validate 

func (p *AuthorizeParams) Validate() error

Validate validates the params

type ErrorResponder added in v0.1.46 

type ErrorResponder struct {
	api.Responder
	// contains filtered or unexported fields
}

func (ErrorResponder) Error added in v0.1.46 

func (e ErrorResponder) Error() string

type JWKSInput added in v0.1.2 

type JWKSInput struct {
}

JWKSInput is the input for the jwks route

type LoginParams 

type LoginParams struct {
	Login        string `json:"login"`
	Password     string `json:"password"`
	RequestToken string `json:"request_token"`
}

LoginParams contains all the bound params for the login operation

func (LoginParams) Validate 

func (p LoginParams) Validate() error

Validate validates LoginParams

type LogoutParams 

type LogoutParams struct {
	Audience              *string `json:"audience,omitempty"`
	ClientID              *string `json:"client_id"`
	RedirectURI           *string `json:"redirect_uri,omitempty"`
	PostLogoutRedirectURI *string `json:"post_logout_redirect_uri,omitempty"`
	TokenHint             *string `json:"id_token_hint,omitempty"`
	State                 *string `json:"state"`
}

LogoutParams contains all the bound params for the logout operation

func (LogoutParams) Validate 

func (p LogoutParams) Validate() error

Validate validates LogoutParams

type OIDConfigInput added in v0.1.2 

type OIDConfigInput struct {
}

OIDConfigInput is the input for the jwks route

type Option 

type Option func(s *Server)

Option provides the server options, these will override th defaults and instance values.

func WithAllowedGrants 

func WithAllowedGrants(g oauth.Permissions) Option

WithAllowedGrants sets allowed grants

func WithAuthorizer 

func WithAuthorizer(a oauth.Authorizer) Option

WithAuthorizer sets the oauth.Authorizer for the necessary calls

func WithCodeStore 

func WithCodeStore(c oauth.CodeStore) Option

WithCodeStore changes the default code store for the server

func WithOTPLen added in v0.1.38 

func WithOTPLen(l int) Option

func WithRequestTokenLifetime added in v0.1.37 

func WithRequestTokenLifetime(d time.Duration) Option

func WithSessionStore 

func WithSessionStore(c oauth.SessionStore) Option

WithSessionStore changes the default session store for the server

type PasswordCreateParams 

type PasswordCreateParams struct {
	Login        *string                    `json:"login,omitempty"`
	Notify       oauth.NotificationChannels `json:"notify"`
	Type         PasswordType               `json:"type"`
	RequestToken *string                    `json:"request_token,omitempty"`
	AppURI       *oauth.URI                 `json:"app_uri,omitempty"`
	RedirectURI  *oauth.URI                 `json:"redirect_uri,omitempty"`
	CodeVerifier *string                    `json:"code_verifier,omitempty"`
}

PasswordCreateParams is the input to the password get route

func (PasswordCreateParams) Validate 

func (p PasswordCreateParams) Validate() error

Validate validates PasswordGetInput

type PasswordType 

type PasswordType string

PasswordType defines a password type 

const (
	// PasswordTypeLink is a magic password link
	PasswordTypeLink PasswordType = "link"

	// PasswordTypeCode is a one-time use password code
	PasswordTypeCode PasswordType = "code"

	// PasswordTypeReset sends both a link with the password scope and a code
	PasswordTypeReset PasswordType = "reset"
)

func (PasswordType) Validate 

func (p PasswordType) Validate() error

Validate validates the PasswordType

type PasswordUpdateParams 

type PasswordUpdateParams struct {
	Password    string     `json:"password"`
	ResetCode   string     `json:"reset_code"`
	RedirectURI *oauth.URI `json:"redirect_uri"`
}

PasswordUpdateParams are used by the password update route

func (PasswordUpdateParams) Validate 

func (p PasswordUpdateParams) Validate() error

Validate validates PasswordGetInput

type RedirectError added in v0.1.17 

type RedirectError func(u *url.URL) api.Responder

RedirectError defines a redirect error handler

type Server 

type Server struct {
	*api.Server
	// contains filtered or unexported fields
}

Server is an API server it can be used standalone vi Server() or integrared via Handler()

func New 

func New(ctrl oauth.Controller, opts ...interface{}) *Server

New returns a new Server instance

func (*Server) Sessions 

func (s *Server) Sessions() oauth.SessionStore

Sessions returns the sessions

type SessionParams 

type SessionParams struct {
	RequestToken string     `json:"request_token"`
	AuthCode     bool       `json:"auth_code"`
	RedirectURI  *oauth.URI `json:"redirect_uri"`
	State        *string    `json:"state,omitempty"`
}

SessionParams is the session request parameters

type SignupParams 

type SignupParams struct {
	Email        *string `json:"email,omitempty"`
	InviteCode   *string `json:"invite_code"`
	Login        string  `json:"login"`
	Name         *string `json:"name"`
	Password     *string `json:"password"`
	RequestToken string  `json:"request_token"`
}

SignupParams contains all the bound params for the signup operation

func (SignupParams) Validate 

func (p SignupParams) Validate() error

Validate validates SignupParams

type TokenIntrospectParams added in v0.1.34 

type TokenIntrospectParams struct {
	Token string `json:"token"`
}

TokenIntrospectParams is the parameters for token introspect

type TokenParams 

type TokenParams struct {
	Audience        *string  `json:"audience,omitempty"`
	ClientID        *string  `json:"client_id"`
	ClientSecret    *string  `json:"client_secret,omitempty"`
	Code            *string  `json:"code,omitempty"`
	CodeVerifier    *string  `json:"code_verifier"`
	GrantType       string   `json:"grant_type"`
	Password        *string  `json:"password,omitempty"`
	RefreshNonce    *string  `json:"refresh_nonce,omitempty"`
	RefreshToken    *string  `json:"refresh_token,omitempty"`
	RefreshVerifier *string  `json:"refresh_verifier,omitempty"`
	Scope           []string `json:"scope,omitempty"`
	Username        *string  `json:"username,omitempty"`
}

TokenParams contains all the bound params for the token operation

func (TokenParams) Validate 

func (p TokenParams) Validate() error

Validate validate TokenParams

type TokenRevokeParams added in v0.1.34 

type TokenRevokeParams struct {
	Token string `json:"token"`
}

TokenRevokeParams is the parameters for token revoke

type UserInfoUpdateParams 

type UserInfoUpdateParams struct {
	Profile oauth.Profile `json:"profile,omitempty"`
}

UserInfoUpdateParams contains all the bound params for the user info update operation

type VerifyParams 

type VerifyParams struct {
	RedirectURI string `json:"redirect_uri"`
}

VerifyParams contains the email verify params

func (VerifyParams) Validate 

func (p VerifyParams) Validate() error

Validate validates UserEmailVerifyParams

type VerifySendParams 

type VerifySendParams struct {
	Method oauth.NotificationChannel `json:"method"`
	Signup bool                      `json:"-"`
	// contains filtered or unexported fields
}

VerifySendParams are the params for the verification send method

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.