authserver

package
v0.0.0-...-9b8bc8a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 28, 2024 License: Apache-2.0 Imports: 30 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Endpoint 

func Endpoint(ctx context.Context, cfg EndpointConfig, g *echo.Group)

func LoginHandler 

func LoginHandler(ctx context.Context, cfg LoginHandlerConfig) func(ctx echo.Context) error

func LogoutHandler 

func LogoutHandler() echo.HandlerFunc

func NewLocalClient 

func NewLocalClient(dev bool, id string, domain string) op.Client

func NewStorage 

func NewStorage(ctx context.Context, cfg StorageConfig) (op.Storage, error)

func Server 

func Server(ctx context.Context, cfg ServerConfig) (*mux.Router, error)

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func (*Client) AccessTokenType 

func (c *Client) AccessTokenType() op.AccessTokenType

func (*Client) ApplicationType 

func (c *Client) ApplicationType() op.ApplicationType

func (*Client) AuthMethod 

func (c *Client) AuthMethod() oidc.AuthMethod

func (*Client) ClockSkew 

func (c *Client) ClockSkew() time.Duration

func (*Client) DevMode 

func (c *Client) DevMode() bool

func (*Client) GetID 

func (c *Client) GetID() string

func (*Client) GrantTypes 

func (c *Client) GrantTypes() []oidc.GrantType

func (*Client) IDTokenLifetime 

func (c *Client) IDTokenLifetime() time.Duration

func (*Client) IDTokenUserinfoClaimsAssertion 

func (c *Client) IDTokenUserinfoClaimsAssertion() bool

func (*Client) IsScopeAllowed 

func (c *Client) IsScopeAllowed(scope string) bool

func (*Client) LoginURL 

func (c *Client) LoginURL(id string) string

func (*Client) PostLogoutRedirectURIs 

func (c *Client) PostLogoutRedirectURIs() []string

func (*Client) RedirectURIs 

func (c *Client) RedirectURIs() []string

func (*Client) ResponseTypes 

func (c *Client) ResponseTypes() []oidc.ResponseType

func (*Client) RestrictAdditionalAccessTokenScopes 

func (c *Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string

func (*Client) RestrictAdditionalIdTokenScopes 

func (c *Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string

type Config 

type Config struct {
	Cert string
	Key  string
}

type ConfigRepo 

type ConfigRepo interface {
	Load(context.Context) (*Config, error)
	Save(context.Context, *Config) error
	Unlock(context.Context) error
}

type DNConfig 

type DNConfig struct {
	CommonName         string
	Organization       []string
	OrganizationalUnit []string
	Country            []string
	Province           []string
	Locality           []string
	StreetAddress      []string
	PostalCode         []string
}

type EndpointConfig 

type EndpointConfig struct {
	Issuer          string
	URL             *url.URL
	WebURL          *url.URL
	Key             string
	DefaultClientID string
	Dev             bool
	DN              *DNConfig
	UserRepo        UserRepo
	ConfigRepo      ConfigRepo
	RequestRepo     RequestRepo
	DenyHTTP        bool
}

type LoginHandlerConfig 

type LoginHandlerConfig struct {
	SubLoader SubLoader
	URL       *url.URL
	WebURL    *url.URL
	Storage   op.Storage
}

type Memory 

type Memory struct {
	// contains filtered or unexported fields
}

func NewMemory 

func NewMemory() *Memory

func (*Memory) FindByCode 

func (r *Memory) FindByCode(_ context.Context, s string) (*Request, error)

func (*Memory) FindByID 

func (r *Memory) FindByID(_ context.Context, id RequestID) (*Request, error)

func (*Memory) FindBySubject 

func (r *Memory) FindBySubject(_ context.Context, s string) (*Request, error)

func (*Memory) Remove 

func (r *Memory) Remove(_ context.Context, requestID RequestID) error

func (*Memory) Save 

func (r *Memory) Save(_ context.Context, request *Request) error

type Mongo 

type Mongo struct {
	// contains filtered or unexported fields
}

func NewMongo 

func NewMongo(client *mongox.Collection) *Mongo

func (*Mongo) FindByCode 

func (r *Mongo) FindByCode(ctx context.Context, s string) (*Request, error)

func (*Mongo) FindByID 

func (r *Mongo) FindByID(ctx context.Context, id2 RequestID) (*Request, error)

func (*Mongo) FindBySubject 

func (r *Mongo) FindBySubject(ctx context.Context, s string) (*Request, error)

func (*Mongo) Init 

func (r *Mongo) Init(ctx context.Context) error

func (*Mongo) Remove 

func (r *Mongo) Remove(ctx context.Context, requestID RequestID) error

func (*Mongo) Save 

func (r *Mongo) Save(ctx context.Context, request *Request) error

type Request 

type Request struct {
	// contains filtered or unexported fields
}

func (*Request) AuthorizedAt 

func (a *Request) AuthorizedAt() *time.Time

func (*Request) Complete 

func (a *Request) Complete(sub string)

func (*Request) CreatedAt 

func (a *Request) CreatedAt() time.Time

func (*Request) Done 

func (a *Request) Done() bool

func (*Request) GetACR 

func (a *Request) GetACR() string

func (*Request) GetAMR 

func (a *Request) GetAMR() []string

func (*Request) GetAudience 

func (a *Request) GetAudience() []string

func (*Request) GetAuthTime 

func (a *Request) GetAuthTime() time.Time

func (*Request) GetClientID 

func (a *Request) GetClientID() string

func (*Request) GetCode 

func (a *Request) GetCode() string

func (*Request) GetCodeChallenge 

func (a *Request) GetCodeChallenge() *oidc.CodeChallenge

func (*Request) GetID 

func (a *Request) GetID() string

func (*Request) GetNonce 

func (a *Request) GetNonce() string

func (*Request) GetRedirectURI 

func (a *Request) GetRedirectURI() string

func (*Request) GetResponseMode 

func (a *Request) GetResponseMode() oidc.ResponseMode

func (*Request) GetResponseType 

func (a *Request) GetResponseType() oidc.ResponseType

func (*Request) GetScopes 

func (a *Request) GetScopes() []string

func (*Request) GetState 

func (a *Request) GetState() string

func (*Request) GetSubject 

func (a *Request) GetSubject() string

func (*Request) ID 

func (a *Request) ID() RequestID

func (*Request) SetAuthorizedAt 

func (a *Request) SetAuthorizedAt(authorizedAt *time.Time)

func (*Request) SetCode 

func (a *Request) SetCode(code string)

func (*Request) SetCurrentScopes 

func (a *Request) SetCurrentScopes(scopes []string)

type RequestBuilder 

type RequestBuilder struct {
	// contains filtered or unexported fields
}

func NewRequest 

func NewRequest() *RequestBuilder

func (*RequestBuilder) Audiences 

func (b *RequestBuilder) Audiences(audiences []string) *RequestBuilder

func (*RequestBuilder) AuthorizedAt 

func (b *RequestBuilder) AuthorizedAt(authorizedAt *time.Time) *RequestBuilder

func (*RequestBuilder) Build 

func (b *RequestBuilder) Build() (*Request, error)

func (*RequestBuilder) ClientID 

func (b *RequestBuilder) ClientID(id string) *RequestBuilder

func (*RequestBuilder) Code 

func (b *RequestBuilder) Code(code string) *RequestBuilder

func (*RequestBuilder) CodeChallenge 

func (b *RequestBuilder) CodeChallenge(CodeChallenge *oidc.CodeChallenge) *RequestBuilder

func (*RequestBuilder) ID 

func (b *RequestBuilder) ID(id RequestID) *RequestBuilder

func (*RequestBuilder) MustBuild 

func (b *RequestBuilder) MustBuild() *Request

func (*RequestBuilder) NewID 

func (b *RequestBuilder) NewID() *RequestBuilder

func (*RequestBuilder) Nonce 

func (b *RequestBuilder) Nonce(nonce string) *RequestBuilder

func (*RequestBuilder) RedirectURI 

func (b *RequestBuilder) RedirectURI(redirectURI string) *RequestBuilder

func (*RequestBuilder) ResponseType 

func (b *RequestBuilder) ResponseType(rt oidc.ResponseType) *RequestBuilder

func (*RequestBuilder) Scopes 

func (b *RequestBuilder) Scopes(scopes []string) *RequestBuilder

func (*RequestBuilder) State 

func (b *RequestBuilder) State(state string) *RequestBuilder

func (*RequestBuilder) Subject 

func (b *RequestBuilder) Subject(subject string) *RequestBuilder

type RequestID 

type RequestID = idx.ID[RequestIDType]

func NewRequestID 

func NewRequestID() RequestID

func RequestIDFrom 

func RequestIDFrom(id string) (RequestID, error)

type RequestIDType 

type RequestIDType struct{}

func (RequestIDType) Type 

func (a RequestIDType) Type() string

type RequestRepo 

type RequestRepo interface {
	FindByID(context.Context, RequestID) (*Request, error)
	FindByCode(context.Context, string) (*Request, error)
	FindBySubject(context.Context, string) (*Request, error)
	Save(context.Context, *Request) error
	Remove(context.Context, RequestID) error
}

type ServerConfig 

type ServerConfig struct {
	Issuer  string
	Key     string
	Storage op.Storage
}

type Storage 

type Storage struct {
	// contains filtered or unexported fields
}

func (*Storage) AuthRequestByCode 

func (s *Storage) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)

func (*Storage) AuthRequestByID 

func (s *Storage) AuthRequestByID(ctx context.Context, requestID string) (op.AuthRequest, error)

func (*Storage) AuthRequestBySubject 

func (s *Storage) AuthRequestBySubject(ctx context.Context, subject string) (op.AuthRequest, error)

func (*Storage) AuthorizeClientIDSecret 

func (s *Storage) AuthorizeClientIDSecret(_ context.Context, _ string, _ string) error

func (*Storage) CompleteAuthRequest 

func (s *Storage) CompleteAuthRequest(ctx context.Context, requestId, sub string) error

func (*Storage) CreateAccessAndRefreshTokens 

func (s *Storage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, refreshToken string) (accessTokenID string, newRefreshToken string, expiration time.Time, err error)

func (*Storage) CreateAccessToken 

func (s *Storage) CreateAccessToken(_ context.Context, _ op.TokenRequest) (string, time.Time, error)

func (*Storage) CreateAuthRequest 

func (s *Storage) CreateAuthRequest(ctx context.Context, authReq *oidc.AuthRequest, _ string) (op.AuthRequest, error)

func (*Storage) DeleteAuthRequest 

func (s *Storage) DeleteAuthRequest(ctx context.Context, requestID string) error

func (*Storage) GetClientByClientID 

func (s *Storage) GetClientByClientID(_ context.Context, clientID string) (op.Client, error)

func (*Storage) GetKeyByIDAndUserID 

func (s *Storage) GetKeyByIDAndUserID(_ context.Context, kid, _ string) (*jose.JSONWebKey, error)

func (*Storage) GetKeySet 

func (s *Storage) GetKeySet(_ context.Context) (*jose.JSONWebKeySet, error)

func (*Storage) GetPrivateClaimsFromScopes 

func (s *Storage) GetPrivateClaimsFromScopes(_ context.Context, _, _ string, _ []string) (map[string]interface{}, error)

func (*Storage) GetSigningKey 

func (s *Storage) GetSigningKey(_ context.Context, keyCh chan<- jose.SigningKey)

func (*Storage) Health 

func (s *Storage) Health(_ context.Context) error

func (*Storage) RevokeToken 

func (s *Storage) RevokeToken(_ context.Context, _ string, _ string, _ string) *oidc.Error

func (*Storage) SaveAuthCode 

func (s *Storage) SaveAuthCode(ctx context.Context, requestID, code string) error

func (*Storage) SetIntrospectionFromToken 

func (s *Storage) SetIntrospectionFromToken(ctx context.Context, introspect oidc.IntrospectionResponse, _, subject, clientID string) error

func (*Storage) SetUserinfoFromScopes 

func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo oidc.UserInfoSetter, subject, _clientID string, scope []string) error

func (*Storage) SetUserinfoFromToken 

func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo oidc.UserInfoSetter, _tokenID, subject, _origin string) error

func (*Storage) TerminateSession 

func (s *Storage) TerminateSession(_ context.Context, _, _ string) error

func (*Storage) TokenRequestByRefreshToken 

func (s *Storage) TokenRequestByRefreshToken(ctx context.Context, refreshToken string) (op.RefreshTokenRequest, error)

func (*Storage) ValidateJWTProfileScopes 

func (s *Storage) ValidateJWTProfileScopes(_ context.Context, _ string, scope []string) ([]string, error)

type StorageConfig 

type StorageConfig struct {
	ClientID        string
	ClientDomain    string
	Domain          string
	Dev             bool
	DN              *DNConfig
	ConfigRepo      ConfigRepo
	RequestRepo     RequestRepo
	UserInfoSetter  UserInfoProvider
	AudienceForTest string
	Issuer          string
}

type SubLoader 

type SubLoader func(ctx context.Context, email, password, authRequestID string) (string, error)

type UserInfoProvider 

type UserInfoProvider func(context.Context, string, []string, oidc.UserInfoSetter) error

type UserRepo 

type UserRepo interface {
	Sub(ctx context.Context, email, password, authRequestID string) (string, error)
	Info(context.Context, string, []string, oidc.UserInfoSetter) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.