Documentation ¶
Index ¶
- func DecodeSchema(dst interface{}, src map[string][]string) error
- func EncodeSchema(src interface{}, dst map[string][]string) error
- func ToMap(payload interface{}) (map[string]interface{}, error)
- type AuthenticationBadRequest
- type AuthenticationError
- type AuthenticationRequest
- func (ar *AuthenticationRequest) NewBadRequest(id string, description string) *AuthenticationBadRequest
- func (ar *AuthenticationRequest) NewError(id string, description string) *AuthenticationError
- func (ar *AuthenticationRequest) Validate(keyFunc jwt.Keyfunc) error
- func (ar *AuthenticationRequest) Verify(userID string) error
- type AuthenticationSuccess
- type EndSessionRequest
- func (esr *EndSessionRequest) NewBadRequest(id string, description string) *AuthenticationBadRequest
- func (esr *EndSessionRequest) NewError(id string, description string) *AuthenticationError
- func (esr *EndSessionRequest) Validate(keyFunc jwt.Keyfunc) error
- func (esr *EndSessionRequest) Verify(userID string) error
- type Session
- type TokenRequest
- type TokenSuccess
- type UserInfoResponse
- type WellKnown
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DecodeSchema ¶
DecodeSchema decodes request form data into the provided dst schema struct.
func EncodeSchema ¶
EncodeSchema encodes the provided src schema to the provided map.
Types ¶
type AuthenticationBadRequest ¶
type AuthenticationBadRequest struct { ErrorID string `url:"error" json:"error"` ErrorDescription string `url:"error_description,omitempty" json:"error_description,omitempty"` State string `url:"state,omitempty" json:"state,omitempty"` }
AuthenticationBadRequest holds the outgoing data for a failed OpenID Connect 1.0 authorize request with bad request parameters which make it impossible to continue with normal auth.
func (*AuthenticationBadRequest) Description ¶
func (ae *AuthenticationBadRequest) Description() string
Description implements ErrorWithDescription interface.
func (*AuthenticationBadRequest) Error ¶
func (ae *AuthenticationBadRequest) Error() string
Error interface implementation.
type AuthenticationError ¶
type AuthenticationError struct { ErrorID string `url:"error" json:"error"` ErrorDescription string `url:"error_description,omitempty" json:"error_description,omitempty"` State string `url:"state,omitempty" json:"state,omitempty"` }
AuthenticationError holds the outgoind data for a failed OpenID Connect 1.0 authorize request as specified at http://openid.net/specs/openid-connect-core-1_0.html#AuthError and http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthError.
func (*AuthenticationError) Description ¶
func (ae *AuthenticationError) Description() string
Description implements ErrorWithDescription interface.
func (*AuthenticationError) Error ¶
func (ae *AuthenticationError) Error() string
Error interface implementation.
type AuthenticationRequest ¶
type AuthenticationRequest struct { RawScope string `schema:"scope"` RawResponseType string `schema:"response_type"` ResponseMode string `schema:"response_mode"` ClientID string `schema:"client_id"` RawRedirectURI string `schema:"redirect_uri"` State string `schema:"state"` Nonce string `schema:"nonce"` RawPrompt string `schema:"prompt"` RawIDTokenHint string `schema:"id_token_hint"` RawMaxAge string `schema:"max_age"` RawRequest string `schema:"request"` RawRequestURI string `schema:"request_uri"` RawRegistration string `schema:"registration"` Scopes map[string]bool `schema:"-"` ResponseTypes map[string]bool `schema:"-"` Prompts map[string]bool `schema:"-"` RedirectURI *url.URL `schema:"-"` IDTokenHint *jwt.Token `schema:"-"` MaxAge time.Duration `schema:"-"` UseFragment bool `schema:"-"` Flow string `schema:"-"` // contains filtered or unexported fields }
AuthenticationRequest holds the incoming parameters and request data for the OpenID Connect 1.0 authorization endpoint as specified at http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest and http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthRequest
func DecodeAuthenticationRequest ¶
func DecodeAuthenticationRequest(req *http.Request, providerMetadata *WellKnown) (*AuthenticationRequest, error)
DecodeAuthenticationRequest returns a AuthenticationRequest holding the provided requests form data.
func NewAuthenticationRequest ¶
func NewAuthenticationRequest(values url.Values, providerMetadata *WellKnown) (*AuthenticationRequest, error)
NewAuthenticationRequest returns a AuthenticationRequest holding the provided url values.
func (*AuthenticationRequest) NewBadRequest ¶
func (ar *AuthenticationRequest) NewBadRequest(id string, description string) *AuthenticationBadRequest
NewBadRequest creates a new error with id and string and the associated request's state.
func (*AuthenticationRequest) NewError ¶
func (ar *AuthenticationRequest) NewError(id string, description string) *AuthenticationError
NewError creates a new error with id and string and the associated request's state.
func (*AuthenticationRequest) Validate ¶
func (ar *AuthenticationRequest) Validate(keyFunc jwt.Keyfunc) error
Validate validates the request data of the accociated authentication request.
func (*AuthenticationRequest) Verify ¶
func (ar *AuthenticationRequest) Verify(userID string) error
Verify checks that the passed parameters match the accociated requirements.
type AuthenticationSuccess ¶
type AuthenticationSuccess struct { Code string `url:"code,omitempty"` AccessToken string `url:"access_token,omitempty"` TokenType string `url:"token_type,omitempty"` IDToken string `url:"id_token,omitempty"` State string `url:"state"` ExpiresIn int64 `url:"expires_in,omitempty"` Scope string `url:"scope,omitempty"` SessionState string `url:"session_state,omitempty"` }
AuthenticationSuccess holds the outgoind data for a successful OpenID Connect 1.0 authorize request as specified at http://openid.net/specs/openid-connect-core-1_0.html#AuthResponse and http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthResponse. https://openid.net/specs/openid-connect-session-1_0.html#CreatingUpdatingSessions
type EndSessionRequest ¶
type EndSessionRequest struct { RawIDTokenHint string `schema:"id_token_hint"` RawPostLogoutRedirectURI string `schema:"post_logout_redirect_uri"` State string `schema:"state"` IDTokenHint *jwt.Token `schema:"-"` PostLogoutRedirectURI *url.URL `schema:"-"` // contains filtered or unexported fields }
EndSessionRequest holds the incoming parameters and request data for OpenID Connect Session Management 1.0 RP initiaed logout requests as specified at https://openid.net/specs/openid-connect-session-1_0.html#RPLogout
func DecodeEndSessionRequest ¶
func DecodeEndSessionRequest(req *http.Request, providerMetadata *WellKnown) (*EndSessionRequest, error)
DecodeEndSessionRequest returns a EndSessionRequest holding the provided requests form data.
func NewEndSessionRequest ¶
func NewEndSessionRequest(values url.Values, providerMetadata *WellKnown) (*EndSessionRequest, error)
NewEndSessionRequest returns a EndSessionRequest holding the provided url values.
func (*EndSessionRequest) NewBadRequest ¶
func (esr *EndSessionRequest) NewBadRequest(id string, description string) *AuthenticationBadRequest
NewBadRequest creates a new error with id and string and the associated request's state.
func (*EndSessionRequest) NewError ¶
func (esr *EndSessionRequest) NewError(id string, description string) *AuthenticationError
NewError creates a new error with id and string and the associated request's state.
func (*EndSessionRequest) Validate ¶
func (esr *EndSessionRequest) Validate(keyFunc jwt.Keyfunc) error
Validate validates the request data of the accociated endSession request.
func (*EndSessionRequest) Verify ¶
func (esr *EndSessionRequest) Verify(userID string) error
Verify checks that the passed parameters match the accociated requirements.
type Session ¶
Session defines a Provider's session with a String identifier for a Session. This represents a Session of a User Agent or device for a logged-in End-User at an RP. Different ID values are used to identify distinct sessions. This is implemented as defined in the OIDC Front Channel logout extension https://openid.net/specs/openid-connect-frontchannel-1_0.html#OPLogout
type TokenRequest ¶
type TokenRequest struct { GrantType string `schema:"grant_type"` Code string `schema:"code"` RawRedirectURI string `schema:"redirect_uri"` RawRefreshToken string `schema:"refresh_token"` RawScope string `schema:"scope"` ClientID string `schema:"client_id"` ClientSecret string `schema:"client_secret"` RedirectURI *url.URL `schema:"-"` RefreshToken *jwt.Token `schema:"-"` Scopes map[string]bool `schema:"-"` // contains filtered or unexported fields }
TokenRequest holds the incoming parameters and request data for the OpenID Connect 1.0 token endpoint as specified at http://openid.net/specs/openid-connect-core-1_0.html#TokenRequest
func DecodeTokenRequest ¶
func DecodeTokenRequest(req *http.Request, providerMetadata *WellKnown) (*TokenRequest, error)
DecodeTokenRequest return a TokenRequest holding the provided request's form data.
func NewTokenRequest ¶
func NewTokenRequest(values url.Values, providerMetadata *WellKnown) (*TokenRequest, error)
NewTokenRequest returns a TokenRequest holding the provided url values.
func (*TokenRequest) Validate ¶
func (tr *TokenRequest) Validate(keyFunc jwt.Keyfunc, claims jwt.Claims) error
Validate validates the request data of the accociated token request.
type TokenSuccess ¶
type TokenSuccess struct { AccessToken string `json:"access_token,omitempty"` TokenType string `json:"token_type,omitempty"` IDToken string `json:"id_token,omitempty"` RefreshToken string `json:"refresh_token,omitempty"` ExpiresIn int64 `json:"expires_in,omitempty"` }
TokenSuccess holds the outgoing data for a successful OpenID Connect 1.0 token request as specified at http://openid.net/specs/openid-connect-core-1_0.html#TokenResponse.
type UserInfoResponse ¶
type UserInfoResponse struct { oidc.UserInfoClaims *oidc.ProfileClaims *oidc.EmailClaims }
UserInfoResponse defines the data returned from the OIDC UserInfo endpoint.
type WellKnown ¶
type WellKnown struct { Issuer string `json:"issuer"` AuthorizationEndpoint string `json:"authorization_endpoint"` TokenEndpoint string `json:"token_endpoint"` UserInfoEndpoint string `json:"userinfo_endpoint"` EndSessionEndpoint string `json:"end_session_endpoint"` CheckSessionIframe string `json:"check_session_iframe,omitempty"` JwksURI string `json:"jwks_uri"` ScopesSupported []string `json:"scopes_supported"` ResponseTypesSupported []string `json:"response_types_supported"` SubjectTypesSupported []string `json:"subject_types_supported"` IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"` ClaimsSupported []string `json:"claims_supported"` }
WellKnown defines the OpenID Connect 1.0 discovery provider meta data as specified at https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata