Documentation
¶
Index ¶
- type Config
- type IdentityProvider
- func (b *IdentityProvider) Authenticate(r *requests.Request) error
- func (b *IdentityProvider) Configure() error
- func (b *IdentityProvider) Configured() bool
- func (b *IdentityProvider) GetConfig() map[string]interface{}
- func (b *IdentityProvider) GetDriver() string
- func (b *IdentityProvider) GetIdentityTokenCookieName() string
- func (b *IdentityProvider) GetKind() string
- func (b *IdentityProvider) GetLoginIcon() *icons.LoginIcon
- func (b *IdentityProvider) GetLogoutURL() string
- func (b *IdentityProvider) GetName() string
- func (b *IdentityProvider) GetRealm() string
- func (b *IdentityProvider) Request(op operator.Type, r *requests.Request) error
- func (b *IdentityProvider) ScopeExists(scopes ...string) bool
- type JwksKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Name string `json:"name,omitempty" xml:"name,omitempty" yaml:"name,omitempty"`
Realm string `json:"realm,omitempty" xml:"realm,omitempty" yaml:"realm,omitempty"`
Driver string `json:"driver,omitempty" xml:"driver,omitempty" yaml:"driver,omitempty"`
DomainName string `json:"domain_name,omitempty" xml:"domain_name,omitempty" yaml:"domain_name,omitempty"`
ClientID string `json:"client_id,omitempty" xml:"client_id,omitempty" yaml:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty" xml:"client_secret,omitempty" yaml:"client_secret,omitempty"`
ServerID string `json:"server_id,omitempty" xml:"server_id,omitempty" yaml:"server_id,omitempty"`
ServerName string `json:"server_name,omitempty" xml:"server_name,omitempty" yaml:"server_name,omitempty"`
AppSecret string `json:"app_secret,omitempty" xml:"app_secret,omitempty" yaml:"app_secret,omitempty"`
TenantID string `json:"tenant_id,omitempty" xml:"tenant_id,omitempty" yaml:"tenant_id,omitempty"`
IdentityTokenName string `json:"identity_token_name,omitempty" xml:"identity_token_name,omitempty" yaml:"identity_token_name,omitempty"`
// AWS Cognito User Pool ID
UserPoolID string `json:"user_pool_id,omitempty" xml:"user_pool_id,omitempty" yaml:"user_pool_id,omitempty"`
// AWS Region
Region string `json:"region,omitempty" xml:"region,omitempty" yaml:"region,omitempty"`
Scopes []string `json:"scopes,omitempty" xml:"scopes,omitempty" yaml:"scopes,omitempty"`
// The number if seconds to wait before getting key material
// from an OAuth 2.0 identity provider.
DelayStart int `json:"delay_start,omitempty" xml:"delay_start,omitempty" yaml:"delay_start,omitempty"`
// The number of the retry attempts getting key material
// from an OAuth 2.0 identity provider.
RetryAttempts int `json:"retry_attempts,omitempty" xml:"retry_attempts,omitempty" yaml:"retry_attempts,omitempty"`
// The number of seconds to wait until the retrying.
RetryInterval int `json:"retry_interval,omitempty" xml:"retry_interval,omitempty" yaml:"retry_interval,omitempty"`
UserRoleMapList []map[string]interface{} `json:"user_roles,omitempty" xml:"user_roles,omitempty" yaml:"user_roles,omitempty"`
// The URL to OAuth 2.0 Custom Authorization Server.
BaseAuthURL string `json:"base_auth_url,omitempty" xml:"base_auth_url,omitempty" yaml:"base_auth_url,omitempty"`
// The URL to OAuth 2.0 metadata related to your Custom Authorization Server.
MetadataURL string `json:"metadata_url,omitempty" xml:"metadata_url,omitempty" yaml:"metadata_url,omitempty"`
// The regex filters for user groups extracted via IdP API.
UserGroupFilters []string `json:"user_group_filters,omitempty" xml:"user_group_filters,omitempty" yaml:"user_group_filters,omitempty"`
// The regex filters for user orgs extracted via IdP API.
UserOrgFilters []string `json:"user_org_filters,omitempty" xml:"user_org_filters,omitempty" yaml:"user_org_filters,omitempty"`
// Disables metadata discovery via public metadata URL.
MetadataDiscoveryDisabled bool `` /* 133-byte string literal not displayed */
KeyVerificationDisabled bool `` /* 127-byte string literal not displayed */
PassGrantTypeDisabled bool `json:"pass_grant_type_disabled,omitempty" xml:"pass_grant_type_disabled,omitempty" yaml:"pass_grant_type_disabled,omitempty"`
ResponseTypeDisabled bool `json:"response_type_disabled,omitempty" xml:"response_type_disabled,omitempty" yaml:"response_type_disabled,omitempty"`
NonceDisabled bool `json:"nonce_disabled,omitempty" xml:"nonce_disabled,omitempty" yaml:"nonce_disabled,omitempty"`
ScopeDisabled bool `json:"scope_disabled,omitempty" xml:"scope_disabled,omitempty" yaml:"scope_disabled,omitempty"`
AcceptHeaderEnabled bool `json:"accept_header_enabled,omitempty" xml:"accept_header_enabled,omitempty" yaml:"accept_header_enabled,omitempty"`
JsCallbackEnabled bool `json:"js_callback_enabled,omitempty" xml:"js_callback_enabled,omitempty" yaml:"js_callback_enabled,omitempty"`
// If enabled, portal redirects to identity provider logout URL. This would end the session with the provider.
LogoutEnabled bool `json:"logout_enabled,omitempty" xml:"logout_enabled,omitempty" yaml:"logout_enabled,omitempty"`
ResponseType []string `json:"response_type,omitempty" xml:"response_type,omitempty" yaml:"response_type,omitempty"`
AuthorizationURL string `json:"authorization_url,omitempty" xml:"authorization_url,omitempty" yaml:"authorization_url,omitempty"`
TokenURL string `json:"token_url,omitempty" xml:"token_url,omitempty" yaml:"token_url,omitempty"`
RequiredTokenFields []string `json:"required_token_fields,omitempty" xml:"required_token_fields,omitempty" yaml:"required_token_fields,omitempty"`
TLSInsecureSkipVerify bool `json:"tls_insecure_skip_verify,omitempty" xml:"tls_insecure_skip_verify,omitempty" yaml:"tls_insecure_skip_verify,omitempty"`
// The predefined public RSA based JWKS keys.
JwksKeys map[string]string `json:"jwks_keys,omitempty" xml:"jwks_keys,omitempty" yaml:"jwks_keys,omitempty"`
// Disables the check for the presence of email field in a token.
EmailClaimCheckDisabled bool `` /* 130-byte string literal not displayed */
// LoginIcon is the UI login icon attributes.
LoginIcon *icons.LoginIcon `json:"login_icon,omitempty" xml:"login_icon,omitempty" yaml:"login_icon,omitempty"`
UserInfoFields []string `json:"user_info_fields,omitempty" xml:"user_info_fields,omitempty" yaml:"user_info_fields,omitempty"`
UserInfoRolesFieldName string `` /* 130-byte string literal not displayed */
// The name of the cookie storing id_token from OAuth provider.
IdentityTokenCookieName string `` /* 130-byte string literal not displayed */
// Enables the storing of id_token from OAuth provider in a HTTP cookie.
IdentityTokenCookieEnabled bool `` /* 139-byte string literal not displayed */
}
Config holds the configuration for the IdentityProvider.
type IdentityProvider ¶
type IdentityProvider struct {
// contains filtered or unexported fields
}
IdentityProvider represents OAuth-based identity provider.
func NewIdentityProvider ¶
func NewIdentityProvider(cfg *Config, logger *zap.Logger) (*IdentityProvider, error)
NewIdentityProvider returns an instance of IdentityProvider.
func (*IdentityProvider) Authenticate ¶
func (b *IdentityProvider) Authenticate(r *requests.Request) error
Authenticate performs authentication.
func (*IdentityProvider) Configure ¶
func (b *IdentityProvider) Configure() error
Configure configures IdentityProvider.
func (*IdentityProvider) Configured ¶
func (b *IdentityProvider) Configured() bool
Configured returns true if the identity provider was configured.
func (*IdentityProvider) GetConfig ¶
func (b *IdentityProvider) GetConfig() map[string]interface{}
GetConfig returns IdentityProvider configuration.
func (*IdentityProvider) GetDriver ¶
func (b *IdentityProvider) GetDriver() string
GetDriver returns the name of the driver associated with the provider.
func (*IdentityProvider) GetIdentityTokenCookieName ¶
func (b *IdentityProvider) GetIdentityTokenCookieName() string
GetIdentityTokenCookieName returns the name of the identity token cookie associated with the provider.
func (*IdentityProvider) GetKind ¶
func (b *IdentityProvider) GetKind() string
GetKind returns the authentication method associated with this identity provider.
func (*IdentityProvider) GetLoginIcon ¶
func (b *IdentityProvider) GetLoginIcon() *icons.LoginIcon
GetLoginIcon returns the instance of the icon associated with the provider.
func (*IdentityProvider) GetLogoutURL ¶
func (b *IdentityProvider) GetLogoutURL() string
GetLogoutURL returns the logout URL associated with the provider.
func (*IdentityProvider) GetName ¶
func (b *IdentityProvider) GetName() string
GetName return the name associated with this identity provider.
func (*IdentityProvider) GetRealm ¶
func (b *IdentityProvider) GetRealm() string
GetRealm return authentication realm.
func (*IdentityProvider) ScopeExists ¶
func (b *IdentityProvider) ScopeExists(scopes ...string) bool
ScopeExists returns true if any of the provided scopes exist.
type JwksKey ¶
type JwksKey struct {
Algorithm string `json:"alg,omitempty" xml:"alg,omitempty" yaml:"alg,omitempty"`
Exponent string `json:"e,omitempty" xml:"e,omitempty" yaml:"e,omitempty"`
KeyID string `json:"kid,omitempty" xml:"kid,omitempty" yaml:"kid,omitempty"`
KeyType string `json:"kty,omitempty" xml:"kty,omitempty" yaml:"kty,omitempty"`
Modulus string `json:"n,omitempty" xml:"n,omitempty" yaml:"n,omitempty"`
PublicKeyUse string `json:"use,omitempty" xml:"use,omitempty" yaml:"use,omitempty"`
NotBefore string `json:"nbf,omitempty" xml:"nbf,omitempty" yaml:"nbf,omitempty"`
Curve string `json:"crv,omitempty" xml:"crv,omitempty" yaml:"crv,omitempty"`
CoordX string `json:"x,omitempty" xml:"x,omitempty" yaml:"x,omitempty"`
CoordY string `json:"y,omitempty" xml:"y,omitempty" yaml:"y,omitempty"`
// contains filtered or unexported fields
}
JwksKey is a JSON object that represents a cryptographic key. See https://tools.ietf.org/html/rfc7517#section-4, https://tools.ietf.org/html/rfc7518#section-6.3
func NewJwksKeyFromRSAPrivateKey ¶
func NewJwksKeyFromRSAPrivateKey(privKey *rsa.PrivateKey) (*JwksKey, error)
NewJwksKeyFromRSAPrivateKey returns an instance of Jwks from RSA private key.
func NewJwksKeyFromRSAPublicKeyPEM ¶
NewJwksKeyFromRSAPublicKeyPEM returns an instance of Jwks from RSA public key in PEM format.
Source Files
Click to show internal directories.
Click to hide internal directories.