oidc

package

v0.0.0-...-0eb8f9d Latest Latest Go to latest Published: Nov 8, 2024 License: BSD-3-Clause Imports: 27 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/riyaz-ali/wirefire

Links

Open Source Insights

Documentation ¶

Overview ¶

Package oidc provide functions and endpoint implementation to handle OIDC-based authentication

Index ¶

func AuthCallback(rs *RemoteService, pool *sqlitex.Pool) http.HandlerFunc
func AuthComplete(rs *RemoteService, pool *sqlitex.Pool) http.HandlerFunc
func AuthStart(cfg *Config, rs *RemoteService) http.HandlerFunc
func Handler(ctx context.Context, pool *sqlitex.Pool) http.Handler
func NewAccessLog() func(next http.Handler) http.Handler
type Config
type RemoteService
- func NewRemoteService(ctx context.Context, cfg *Config) *RemoteService

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AuthCallback ¶

func AuthCallback(rs *RemoteService, pool *sqlitex.Pool) http.HandlerFunc

AuthCallback serves the GET /callback endpoint and handles OIDC token-exchange and validation. Upon successful validation, it renders a form with a list of tailnets that the user can join.

func AuthComplete ¶

func AuthComplete(rs *RemoteService, pool *sqlitex.Pool) http.HandlerFunc

AuthComplete serves the POST /callback endpoint and completes the authentication flow, adding the machine to the requested tailnet.

func AuthStart ¶

func AuthStart(cfg *Config, rs *RemoteService) http.HandlerFunc

AuthStart serves the GET /login endpoint and starts the OIDC authentication flow

func Handler ¶

func Handler(ctx context.Context, pool *sqlitex.Pool) http.Handler

func NewAccessLog ¶

func NewAccessLog() func(next http.Handler) http.Handler

NewAccessLog returns a new middleware that sends its log output to the provided zerolog sink at the end of each request

Types ¶

type Config ¶

type Config struct {
	// Key is the coordination server's key.MachinePrivate key.
	// We use the key's hash to secure our csrf tokens.
	Key string `viper:"noise.private_key"`

	// Provider is the address of the authentication server.
	// The server must support /.well-known/openid-configuration endpoint
	Provider string `viper:"oidc.provider"`

	// OIDC client id and secret values
	ClientID     string `viper:"oidc.client_id"`
	ClientSecret string `viper:"oidc.client_secret"`

	// BaseUrl used to construct redirect urls
	BaseUrl *url.URL `viper:"server.url"`
}

Config is the OIDC configuration provided by the user

type RemoteService ¶

type RemoteService struct {
	// contains filtered or unexported fields
}

RemoteService encapsulates oauth2 and oidc exchanger and verifier.

func NewRemoteService ¶

func NewRemoteService(ctx context.Context, cfg *Config) *RemoteService

func (*RemoteService) AuthCodeURL ¶

func (a *RemoteService) AuthCodeURL(state string, options ...oauth2.AuthCodeOption) string

func (*RemoteService) Exchange ¶

func (a *RemoteService) Exchange(ctx context.Context, code string) (_ string, err error)

func (*RemoteService) Verify ¶

func (a *RemoteService) Verify(ctx context.Context, token string) (_ *oidc.IDToken, err error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL