credentials

package
v0.33.1-beta.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 18, 2019 License: Apache-2.0 Imports: 25 Imported by: 4

Documentation

Overview

* Copyright © 2017-2018 Aeneas Rekkas <aeneas+oss@aeneas.io> * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * @author Aeneas Rekkas <aeneas+oss@aeneas.io> * @Copyright 2017-2018 Aeneas Rekkas <aeneas+oss@aeneas.io> * @license Apache-2.0 *

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type DefaultSigner

type DefaultSigner struct {
	// contains filtered or unexported fields
}

func NewSignerDefault

func NewSignerDefault(r FetcherRegistry) *DefaultSigner

func (*DefaultSigner) Sign

func (s *DefaultSigner) Sign(ctx context.Context, location *url.URL, claims jwt.Claims) (string, error)

type Fetcher

type Fetcher interface {
	ResolveKey(ctx context.Context, locations []url.URL, kid string, use string) (*jose.JSONWebKey, error)
	ResolveSets(ctx context.Context, locations []url.URL) ([]jose.JSONWebKeySet, error)
}

type FetcherDefault

type FetcherDefault struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

func NewFetcherDefault

func NewFetcherDefault(l logrus.FieldLogger, cancelAfter time.Duration, ttl time.Duration) *FetcherDefault

NewFetcherDefault returns a new JWKS Fetcher with:

  • cancelAfter: If reached, the fetcher will stop waiting for responses and return an error.
  • waitForResponse: While the fetcher might stop waiting for responses, we will give the server more time to respond and add the keys to the registry unless waitForResponse is reached in which case we'll terminate the request.

func (*FetcherDefault) ResolveKey

func (s *FetcherDefault) ResolveKey(ctx context.Context, locations []url.URL, kid string, use string) (*jose.JSONWebKey, error)

func (*FetcherDefault) ResolveSets

func (s *FetcherDefault) ResolveSets(ctx context.Context, locations []url.URL) ([]jose.JSONWebKeySet, error)

type FetcherRegistry

type FetcherRegistry interface {
	CredentialsFetcher() Fetcher
}

type Signer

type Signer interface {
	Sign(ctx context.Context, location *url.URL, claims jwt.Claims) (string, error)
}

type SignerRegistry

type SignerRegistry interface {
	CredentialsSigner() Signer
}

type ValidationContext

type ValidationContext struct {
	Algorithms    []string
	Issuers       []string
	Audiences     []string
	ScopeStrategy fosite.ScopeStrategy
	Scope         []string
	KeyURLs       []url.URL
}

type Verifier

type Verifier interface {
	Verify(
		ctx context.Context,
		token string,
		r *ValidationContext,
	) (*jwt.Token, error)
}

type VerifierDefault

type VerifierDefault struct {
	// contains filtered or unexported fields
}

func NewVerifierDefault

func NewVerifierDefault(f FetcherRegistry) *VerifierDefault

func (*VerifierDefault) Verify

func (v *VerifierDefault) Verify(
	ctx context.Context,
	token string,
	r *ValidationContext,
) (*jwt.Token, error)

type VerifierRegistry

type VerifierRegistry interface {
	CredentialsVerifier() Verifier
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL