oidc

package
v0.65.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 9, 2024 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source
const LibreGraphIDTokenSubjectSaltV1 = "lico-IDToken-v1"

LibreGraphIDTokenSubjectSaltV1 is the salt value used when hashing Subjects in ID tokens created by this application.

Variables

This section is empty.

Functions

func IsErrorWithID

func IsErrorWithID(err error, id string) bool

IsErrorWithID returns true if the given error is an OAuth2Error error with the given ID.

func NewOAuth2Error

func NewOAuth2Error(id string, description string) utils.ErrorWithDescription

NewOAuth2Error creates a new error with id and description.

func WriteWWWAuthenticateError

func WriteWWWAuthenticateError(rw http.ResponseWriter, code int, err error)

WriteWWWAuthenticateError writes the provided error with the provided http status code to the provided http response writer as a WWW-Authenticate header with comma separated fields for id and description.

Types

type EmailClaims

type EmailClaims struct {
	Email         string `json:"email,omitempty"`
	EmailVerified bool   `json:"email_verified"`
}

EmailClaims define the claims for the OIDC email scope. https://openid.net/specs/openid-connect-basic-1_0.html#Scopes

func NewEmailClaims

func NewEmailClaims(claims jwt.Claims) *EmailClaims

NewEmailClaims return a new EmailClaims set from the provided jwt.Claims or nil.

func (EmailClaims) Valid

func (c EmailClaims) Valid() error

Valid implements the jwt.Claims interface.

type IDTokenClaims

type IDTokenClaims struct {
	jwt.StandardClaims

	Nonce           string `json:"nonce,omitempty"`
	AuthTime        int64  `json:"auth_time,omitempty"`
	AccessTokenHash string `json:"at_hash,omitempty"`
	CodeHash        string `json:"c_hash,omitempty"`

	*ProfileClaims
	*EmailClaims

	*SessionClaims
}

IDTokenClaims define the claims found in OIDC ID Tokens.

func (IDTokenClaims) Valid

func (c IDTokenClaims) Valid() (err error)

Valid implements the jwt.Claims interface.

type OAuth2Error

type OAuth2Error struct {
	ErrorID          string `json:"error"`
	ErrorDescription string `json:"error_description"`
}

OAuth2Error defines a general OAuth2 error with id and decription.

func (*OAuth2Error) Description

func (err *OAuth2Error) Description() string

Description implements the ErrorWithDescription interface.

func (*OAuth2Error) Error

func (err *OAuth2Error) Error() string

Error implements the error interface.

type ProfileClaims

type ProfileClaims struct {
	Name              string `json:"name,omitempty"`
	FamilyName        string `json:"family_name,omitempty"`
	GivenName         string `json:"given_name,omitempty"`
	PreferredUsername string `json:"preferred_username,omitempty"`
}

ProfileClaims define the claims for the OIDC profile scope. https://openid.net/specs/openid-connect-basic-1_0.html#Scopes

func NewProfileClaims

func NewProfileClaims(claims jwt.Claims) *ProfileClaims

NewProfileClaims return a new ProfileClaims set from the provided jwt.Claims or nil.

func (ProfileClaims) Valid

func (c ProfileClaims) Valid() error

Valid implements the jwt.Claims interface.

type SessionClaims

type SessionClaims struct {
	SessionID string `json:"sid,omitempty"`
}

SessionClaims define claims related to front end sessions, for example as specified by https://openid.net/specs/openid-connect-frontchannel-1_0.html

type UserInfoClaims

type UserInfoClaims struct {
	Subject string `json:"sub,omitempty"`
}

UserInfoClaims define the claims defined by the OIDC UserInfo endpoint.

func (UserInfoClaims) Valid

func (c UserInfoClaims) Valid() error

Valid implements the jwt.Claims interface.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL