Documentation ¶
Index ¶
- Constants
- Variables
- func FetchUserInfo(endpoint, token string) (map[string]interface{}, error)
- func New(ctx context.Context, config v1beta1.AuthProviderSpec) (auth.Middleware, error)
- func ValidateIDToken(token string, keySet jwk.Set) (openid.Token, error)
- type DiscoverySpec
- type OpenidConfig
- type OpenidMiddleware
- type TokenType
- type UserInfo
- type UserInfoCache
- type WellKnownConfiguration
Constants ¶
View Source
const (
TokenKey = "token"
)
Variables ¶
View Source
var ErrIssuerMismatch = errors.New("issuer mismatch")
View Source
var ErrMissingRequiredField = errors.New("openid configuration missing required field")
View Source
var ErrNoSigningKeyFound = fmt.Errorf("no signing key found in the JWK set")
Functions ¶
func FetchUserInfo ¶
func New ¶
func New(ctx context.Context, config v1beta1.AuthProviderSpec) (auth.Middleware, error)
Types ¶
type DiscoverySpec ¶
type DiscoverySpec struct { // Relative path at which to find the openid configuration. If not set, // defaults to '/.well-known/openid-configuration'. Path *string `json:"path"` // The OP's Issuer identifier. This must exactly match the issuer URL // obtained from the discovery endpoint, and will match the `iss' claim // in the ID Tokens issued by the OP. Issuer string `json:"issuer"` }
type OpenidConfig ¶
type OpenidConfig struct { // Discovery and WellKnownConfiguration are mutually exclusive. // If the OP (openid provider) has a discovery endpoint, it should be // configured in the Discovery field, otherwise the well-known configuration // fields can be set manually. Discovery *DiscoverySpec `json:"discovery"` WellKnownConfiguration *WellKnownConfiguration `json:"wellKnownConfiguration"` // IdentifyingClaim is the claim that will be used to identify the user // (e.g. "sub", "email", etc). Defaults to "sub". IdentifyingClaim string `json:"identifyingClaim"` }
func (*OpenidConfig) DeepCopy ¶
func (in *OpenidConfig) DeepCopy() *OpenidConfig
func (*OpenidConfig) DeepCopyInto ¶
func (in *OpenidConfig) DeepCopyInto(out *OpenidConfig)
func (*OpenidConfig) GetWellKnownConfiguration ¶
func (oc *OpenidConfig) GetWellKnownConfiguration() (*WellKnownConfiguration, error)
type OpenidMiddleware ¶
type OpenidMiddleware struct {
// contains filtered or unexported fields
}
func (*OpenidMiddleware) Description ¶
func (m *OpenidMiddleware) Description() string
func (*OpenidMiddleware) Handle ¶
func (m *OpenidMiddleware) Handle(c *fiber.Ctx) error
type UserInfoCache ¶
type UserInfoCache struct {
// contains filtered or unexported fields
}
func NewUserInfoCache ¶
func NewUserInfoCache( config *OpenidConfig, wellKnown *WellKnownConfiguration, logger *zap.SugaredLogger, ) *UserInfoCache
type WellKnownConfiguration ¶
type WellKnownConfiguration struct { Issuer string `json:"issuer"` AuthEndpoint string `json:"authorization_endpoint"` TokenEndpoint string `json:"token_endpoint"` UserinfoEndpoint string `json:"userinfo_endpoint"` RevocationEndpoint string `json:"revocation_endpoint"` JwksUri string `json:"jwks_uri"` ScopesSupported []string `json:"scopes_supported"` ResponseTypesSupported []string `json:"response_types_supported"` ResponseModesSupported []string `json:"response_modes_supported"` IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"` TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported"` ClaimsSupported []string `json:"claims_supported"` RequestURIParameterSupported bool `json:"request_uri_parameter_supported"` }
func (WellKnownConfiguration) CheckRequiredFields ¶
func (w WellKnownConfiguration) CheckRequiredFields() error
Click to show internal directories.
Click to hide internal directories.