Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var Authorize = actualAuthorize
We do this to bypass needing actual OIDC tokens for unit testing.
Functions ¶
This section is empty.
Types ¶
type Issuer ¶
type Issuer interface {
// Match checks if this issuer can authenticate tokens from a given issuer URL
Match(ctx context.Context, url string) bool
// Authenticate ID token and return Principal on success. The ID token's signature
// is verified in the call -- invalid signature must result in an error.
Authenticate(ctx context.Context, token string, opts ...config.InsecureOIDCConfigOption) (Principal, error)
}
type IssuerPool ¶
type IssuerPool []Issuer
func (IssuerPool) Authenticate ¶
func (p IssuerPool) Authenticate(ctx context.Context, token string, opts ...config.InsecureOIDCConfigOption) (Principal, error)
type Principal ¶
type Principal interface {
// Name is the email or subject of OIDC ID token. This value must match the
// value signed in the proof of private key possession challenge.
Name(ctx context.Context) string
// Embed all SubjectAltName and custom x509 extension information into
// certificate.
Embed(ctx context.Context, cert *x509.Certificate) error
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.