Documentation ¶
Index ¶
- Constants
- Variables
- type Client
- func (c *Client) AuthCodeGrant(ctx context.Context, code string, opts []oauth2.AuthCodeOption) (*oauth2.Token, error)
- func (c *Client) Login(r *http.Request) (*Login, error)
- func (c *Client) LoginCallback(r *http.Request, cookie *openid.LoginCookie) (*LoginCallback, error)
- func (c *Client) Logout(r *http.Request) (*Logout, error)
- func (c *Client) LogoutCallback(r *http.Request, cookie *openid.LogoutCookie, validator urlpkg.Validator) *LogoutCallback
- func (c *Client) LogoutFrontchannel(r *http.Request) *LogoutFrontchannel
- func (c *Client) MakeAssertion(expiration time.Duration) (string, error)
- func (c *Client) RefreshGrant(ctx context.Context, refreshToken string) (*openid.TokenResponse, error)
- type JwksProvider
- type Login
- type LoginCallback
- type Logout
- type LogoutCallback
- type LogoutFrontchannel
Constants ¶
View Source
const ( LocaleURLParameter = "locale" SecurityLevelURLParameter = "level" PromptURLParameter = "prompt" MaxAgeURLParameter = "max_age" )
View Source
const (
DefaultClientAssertionLifetime = 30 * time.Second
)
Variables ¶
View Source
var ( ErrOpenIDClient = errors.New("client error") ErrOpenIDServer = errors.New("server error") )
View Source
var ( ErrInvalidSecurityLevel = errors.New("InvalidSecurityLevel") ErrInvalidLocale = errors.New("InvalidLocale") ErrInvalidPrompt = errors.New("InvalidPrompt") ErrInvalidLoginParameter = errors.New("InvalidLoginParameter") // LoginParameterMapping maps incoming login parameters to OpenID Connect parameters LoginParameterMapping = map[string]string{ LocaleURLParameter: "ui_locales", SecurityLevelURLParameter: "acr_values", } PromptAllowedValues = []string{"login", "select_account"} )
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
func NewClient ¶
func NewClient(cfg openidconfig.Config, jwksProvider JwksProvider) *Client
func (*Client) AuthCodeGrant ¶
func (*Client) LoginCallback ¶
func (c *Client) LoginCallback(r *http.Request, cookie *openid.LoginCookie) (*LoginCallback, error)
func (*Client) LogoutCallback ¶
func (c *Client) LogoutCallback(r *http.Request, cookie *openid.LogoutCookie, validator urlpkg.Validator) *LogoutCallback
func (*Client) LogoutFrontchannel ¶
func (c *Client) LogoutFrontchannel(r *http.Request) *LogoutFrontchannel
func (*Client) MakeAssertion ¶
func (*Client) RefreshGrant ¶
type JwksProvider ¶
type LoginCallback ¶
type LoginCallback struct { *Client // contains filtered or unexported fields }
func NewLoginCallback ¶
func NewLoginCallback(c *Client, r *http.Request, cookie *openid.LoginCookie) (*LoginCallback, error)
func (*LoginCallback) IdentityProviderError ¶
func (in *LoginCallback) IdentityProviderError() error
func (*LoginCallback) RedeemTokens ¶
func (*LoginCallback) StateMismatchError ¶
func (in *LoginCallback) StateMismatchError() error
type Logout ¶
type Logout struct { *Client Cookie *openid.LogoutCookie // contains filtered or unexported fields }
func (*Logout) SingleLogoutURL ¶
type LogoutCallback ¶
type LogoutCallback struct { *Client // contains filtered or unexported fields }
func NewLogoutCallback ¶
func NewLogoutCallback(c *Client, r *http.Request, cookie *openid.LogoutCookie, validator urlpkg.Validator) *LogoutCallback
func (*LogoutCallback) PostLogoutRedirectURI ¶
func (in *LogoutCallback) PostLogoutRedirectURI() string
type LogoutFrontchannel ¶
type LogoutFrontchannel struct {
// contains filtered or unexported fields
}
func NewLogoutFrontchannel ¶
func NewLogoutFrontchannel(r *http.Request) *LogoutFrontchannel
func (*LogoutFrontchannel) MissingSidParameter ¶
func (l *LogoutFrontchannel) MissingSidParameter() bool
func (*LogoutFrontchannel) Sid ¶
func (l *LogoutFrontchannel) Sid() string
Sid is the session identifier which SHOULD be included as a parameter in the front-channel logout request.
Click to show internal directories.
Click to hide internal directories.