Documentation
¶
Index ¶
- Variables
- func ValidateConfig(config *OIDCServerConfig) bool
- type OIDCServerConfig
- type VaultCryptoBackendConfig
- type YAMLUser
- func (u *YAMLUser) AccessTokenClaims(claims *jwt.RegisteredClaims) (jwt.Claims, error)
- func (u *YAMLUser) Claims(scope []string, claims *mockoidc.IDTokenClaims) (jwt.Claims, error)
- func (u *YAMLUser) ID() string
- func (u *YAMLUser) RefreshTokenClaims(claims *jwt.RegisteredClaims) (jwt.Claims, error)
- func (u *YAMLUser) Userinfo(scope []string) ([]byte, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( TransitDefaultMount = "transit" VaultDefaultSyncDuration = "5m" )
Functions ¶
func ValidateConfig ¶
func ValidateConfig(config *OIDCServerConfig) bool
ValidateConfig validate config
Types ¶
type OIDCServerConfig ¶
type OIDCServerConfig struct {
ClientID string `yaml:"client_id" validate:"required"`
ClientSecret string `yaml:"client_secret" `
SupportedScopes []string `yaml:"supported_scopes" `
PKCEChallengeMethodsSupported []string `yaml:"pkce_challenge_methods" `
IssuerBaseUrl string `yaml:"issuer_base_url" `
VaultCryptoBackend *VaultCryptoBackendConfig `yaml:"vault_crypto_backend" validate:"omitempty"`
MockUser YAMLUser `yaml:"mock_user" validate:"required"`
// Folder where to find mocked user if not defined the user in mock_user will be returned
MockUserFolder string `yaml:"mock_user_folder"`
IssueNewRefreshTokenOnRefreshToken bool `yaml:"issue_new_refresh_token_on_refresh_token" default:"false" `
AccessTokenTTL time.Duration `yaml:"access_token_ttl_duration" default:"10m" validate:"required"`
RefreshTokenTTL time.Duration `yaml:"refresh_token_ttl_duration" default:"1h" validate:"required"`
IntrospectTemplate map[string]interface{} `yaml:"introspect_response_template,omitempty" `
// Listen Address
ListenAddress string
// Listen Port
ListenPort int
// internal
AccessLog bool
Debug bool
}
func ParseConfig ¶
func ParseConfig(configFile string) (*OIDCServerConfig, error)
ParseConfig Parse config file
func (*OIDCServerConfig) GetListenAddress ¶
func (c *OIDCServerConfig) GetListenAddress() string
ListenAddress returns http listener address
func (*OIDCServerConfig) UnmarshalYAML ¶
func (c *OIDCServerConfig) UnmarshalYAML(unmarshal func(interface{}) error) error
type VaultCryptoBackendConfig ¶
type VaultCryptoBackendConfig struct {
VaultAddress string `yaml:"address" validate:"required"`
VaultToken string `yaml:"token" validate:"required"`
TransitKeyName string `yaml:"transit_key" validate:"required"`
TransitMount string `yaml:"transit_mount" validate:"required"`
JWTSigningAlg string `yaml:"jwt_signing_alg" validate:"required,oneof=RS256 RS384 RS512 ES256 ES384 ES512"`
SyncPeriodDuration string `yaml:"sync_duration" validate:"required"`
}
type YAMLUser ¶
type YAMLUser struct {
Subject string `yaml:"sub,omitempty" validate:"required"`
IDTokenClaims map[interface{}]interface{} `yaml:"id_token_claims,omitempty" validate:"required"`
UserAccessTokenClaims map[interface{}]interface{} `yaml:"access_token_claims,omitempty" `
UserRefreshTokenClaims map[interface{}]interface{} `yaml:"refresh_token_claims,omitempty" `
UserinfoClaims map[interface{}]interface{} `yaml:"userinfo_claims,omitempty" validate:"required"`
}
func NewYAMLUser ¶
func (*YAMLUser) AccessTokenClaims ¶
AccessTokenClaims just return standard claims
func (*YAMLUser) Claims ¶
func (u *YAMLUser) Claims(scope []string, claims *mockoidc.IDTokenClaims) (jwt.Claims, error)
func (*YAMLUser) RefreshTokenClaims ¶
RefreshTokenClaims just return standard claims
Source Files
Click to show internal directories.
Click to hide internal directories.