model

Documentation

Index

• Constants
• Variables
• func GenerateCodeVerifier() string
• func SetAccessTokenCtx(ctx context.Context, val AccessToken) context.Context
• func ValidateScope(scope []string) error
• type AccessToken
  • func GenerateAccessToken(iss string, sub string, aud string, jti string, scope []string, ...) AccessToken
  • func GetAccessTokenCtx(ctx context.Context) AccessToken
  • func ParseAccessToken(str string, sign string) (AccessToken, error)
  • func (at AccessToken) JWT(sign string) string
• type Account
  • func SingupAccount(name string, email string, password string) (*Account, error)
  • func (ac *Account) ComparePassword(password string) error
• type AuthorizeParam
• type Cert
• type CodeChallenge
  • func GenerateCodeChallenge(verifier string) CodeChallenge
  • func (cc CodeChallenge) Verify(verifier string) error
• type CodeChallengeMethod
• type IDToken
  • func GenerateIDToken(iss string, sub string, aud string, nonce string, profile *string, ...) *IDToken
  • func ParseIDToken(str string, sign string) (*IDToken, error)
  • func (it IDToken) RSA256(signkey JWTSignKey) string
• type JWTSignKey
  • func GenerateJWTSignKey() (*JWTSignKey, error)
  • func (jsk JWTSignKey) Cert() Cert
• type LoggedIn
• type OIDCClient
  • func GenerateTestOIDCClient(id string, name string, secret string, redirectURI string) OIDCClient
  • func (oc *OIDCClient) CompareSecret(secret string) error
• type RefreshToken
  • func GenerateRefreshToken() RefreshToken
  • func ParseRefreshToken(str string) (RefreshToken, error)
  • func (rt RefreshToken) Base64() string

Constants

const LoginVeiw = `` /* 3220-byte string literal not displayed */

Variables

var AllowedScopes = []string{
	"openid",
	"profile",
	"email",
}

Functions

func GenerateCodeVerifier

func GenerateCodeVerifier() string

func SetAccessTokenCtx

func SetAccessTokenCtx(
	ctx context.Context,
	val AccessToken,
) context.Context

func ValidateScope

func ValidateScope(
	scope []string,
) error

Types

type AccessToken

type AccessToken struct {
	Iss      string   `json:"iss"`
	Sub      string   `json:"sub"`
	Exp      int64    `json:"exp"`
	Iat      int64    `json:"iat"`
	Aud      string   `json:"aud"`
	Jti      string   `json:"jti"`
	Scope    []string `json:"scope"`
	ClientID string   `json:"clientId"`
}

func GenerateAccessToken

func GenerateAccessToken(
	iss string,
	sub string,
	aud string,
	jti string,
	scope []string,
	clientID string,
) AccessToken

func GetAccessTokenCtx

func GetAccessTokenCtx(
	ctx context.Context,
) AccessToken

func ParseAccessToken

func ParseAccessToken(
	str string,
	sign string,
) (AccessToken, error)

func (AccessToken) JWT

func (at AccessToken) JWT(
	sign string,
) string

type Account

type Account struct {
	ID       string
	Name     string
	Email    string
	Password string
	HashPass []byte
}

func SingupAccount

func SingupAccount(
	name string,
	email string,
	password string,
) (*Account, error)

func (*Account) ComparePassword

func (ac *Account) ComparePassword(
	password string,
) error

type AuthorizeParam

type AuthorizeParam struct {
	RedirectURI   string
	ClientID      string
	ResponseType  string
	Scope         []string
	State         string
	Nonce         string
	CodeChallenge *CodeChallenge
}

type Cert

type Cert struct {
	Kid string // Kid 鍵識別子
	Kty string // Kty RSAやEC等の暗号アルゴリズファミリー
	Use string // Use 公開鍵の用途
	Alg string // Alg 署名検証アルゴリズム
	N   string // N modulus 公開鍵を復元するための公開鍵の絶対値
	E   string // E exponent 公開鍵を復元するための指数値
}

type CodeChallenge

type CodeChallenge struct {
	Challenge string
	Method    CodeChallengeMethod
}

func GenerateCodeChallenge

func GenerateCodeChallenge(verifier string) CodeChallenge

func (CodeChallenge) Verify

func (cc CodeChallenge) Verify(verifier string) error

type CodeChallengeMethod

type CodeChallengeMethod string

const (
	CodeChallengeMethodS256 CodeChallengeMethod = "S256"
)

type IDToken

type IDToken struct {
	Iss     string  `json:"iss"`
	Sub     string  `json:"sub"`
	Aud     string  `json:"aud"`
	Nonce   string  `json:"nonce"`
	Exp     int64   `json:"exp"`
	Iat     int64   `json:"iat"`
	Profile *string `json:"profile"`
	Email   *string `json:"email"`
}

ref. https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

func GenerateIDToken

func GenerateIDToken(
	iss string,
	sub string,
	aud string,
	nonce string,
	profile *string,
	email *string,
) *IDToken

func ParseIDToken

func ParseIDToken(
	str string,
	sign string,
) (*IDToken, error)

func (IDToken) RSA256

func (it IDToken) RSA256(
	signkey JWTSignKey,
) string

type JWTSignKey

type JWTSignKey struct {
	ID  string
	Key *rsa.PrivateKey
}

func GenerateJWTSignKey

func GenerateJWTSignKey() (*JWTSignKey, error)

func (JWTSignKey) Cert

func (jsk JWTSignKey) Cert() Cert

type LoggedIn

type LoggedIn struct {
	AccountID string
}

type OIDCClient

type OIDCClient struct {
	ID          string
	Name        string
	Secret      string
	HashSec     []byte
	RedirectURI string
}

func GenerateTestOIDCClient

func GenerateTestOIDCClient(
	id string,
	name string,
	secret string,
	redirectURI string,
) OIDCClient

Deprecated: use local test data.

func (*OIDCClient) CompareSecret

func (oc *OIDCClient) CompareSecret(
	secret string,
) error

type RefreshToken

type RefreshToken string

func GenerateRefreshToken

func GenerateRefreshToken() RefreshToken

func ParseRefreshToken

func ParseRefreshToken(str string) (RefreshToken, error)

func (RefreshToken) Base64

func (rt RefreshToken) Base64() string