Documentation ¶
Index ¶
- func NewCSRFMw(config CSRFConfig) func(handler http.Handler) http.Handler
- func NewLoadUserMw(config LoadUserConfig) func(handler http.Handler) http.Handler
- func RedirectAlreadyAuthenticatedUsers(matchString, matchRegex []string) func(handler http.Handler) http.Handler
- func RequiresAuthentication(handler http.Handler) http.Handler
- func ValidateRedirectURIQueryParameter(matchString, matchRegex []string) func(handler http.Handler) http.Handler
- type CSRFConfig
- type CSRFErrorHandler
- type CSRFTokenHandler
- type Claims
- type ClaimsInfo
- type CookieUserHandler
- type GithubConfig
- type GithubCookieHandler
- type GithubUserEmail
- type GithubUserEmails
- type GithubUserInfo
- type Hooks
- type LoadUserConfig
- type MutatingPostAuthenticationResponse
- type OpenIDConnectConfig
- type OpenIDConnectCookieHandler
- type QueryParameter
- type RBACEnforcer
- type RedirectURIValidator
- type TokenUserHandler
- type User
- type UserLoadConfig
- type UserLoader
- type UserLogoutHandler
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewLoadUserMw ¶
func NewLoadUserMw(config LoadUserConfig) func(handler http.Handler) http.Handler
Types ¶
type CSRFConfig ¶
type CSRFErrorHandler ¶
type CSRFErrorHandler struct {
InsecureCookies bool
}
func (*CSRFErrorHandler) ServeHTTP ¶
func (u *CSRFErrorHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type CSRFTokenHandler ¶
type CSRFTokenHandler struct{}
func (*CSRFTokenHandler) ServeHTTP ¶
func (_ *CSRFTokenHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type Claims ¶
type Claims struct { Sub string `json:"sub"` Name string `json:"name"` GivenName string `json:"given_name"` FamilyName string `json:"family_name"` Picture string `json:"picture"` Email string `json:"email"` EmailVerified bool `json:"email_verified"` Locale string `json:"locale"` HostedGSuiteDomain string `json:"hd"` }
type ClaimsInfo ¶
type CookieUserHandler ¶
type CookieUserHandler struct { HasRevalidateHook bool MWClient *hooks.Client Log abstractlogger.Logger Host string InsecureCookies bool Cookie *securecookie.SecureCookie }
func (*CookieUserHandler) ServeHTTP ¶
func (u *CookieUserHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type GithubConfig ¶
type GithubConfig struct { ClientID string ClientSecret string ProviderID string PathPrefix string InsecureCookies bool ForceRedirectHttps bool Cookie *securecookie.SecureCookie }
type GithubCookieHandler ¶
type GithubCookieHandler struct {
// contains filtered or unexported fields
}
func NewGithubCookieHandler ¶
func NewGithubCookieHandler(log abstractlogger.Logger) *GithubCookieHandler
func (*GithubCookieHandler) Register ¶
func (g *GithubCookieHandler) Register(authorizeRouter, callbackRouter *mux.Router, config GithubConfig, hooks Hooks)
type GithubUserEmail ¶
type GithubUserEmails ¶
type GithubUserEmails []GithubUserEmail
type GithubUserInfo ¶
type LoadUserConfig ¶
type LoadUserConfig struct { Log abstractlogger.Logger Cookie *securecookie.SecureCookie JwksProviders []*wgpb.JwksAuthProvider Hooks Hooks }
type OpenIDConnectConfig ¶
type OpenIDConnectConfig struct { Issuer string ClientID string ClientSecret string QueryParameters []QueryParameter ProviderID string PathPrefix string InsecureCookies bool ForceRedirectHttps bool Cookie *securecookie.SecureCookie }
type OpenIDConnectCookieHandler ¶
type OpenIDConnectCookieHandler struct {
// contains filtered or unexported fields
}
func NewOpenIDConnectCookieHandler ¶
func NewOpenIDConnectCookieHandler(log abstractlogger.Logger) *OpenIDConnectCookieHandler
func (*OpenIDConnectCookieHandler) Register ¶
func (h *OpenIDConnectCookieHandler) Register(authorizeRouter, callbackRouter *mux.Router, config OpenIDConnectConfig, hooks Hooks)
type QueryParameter ¶ added in v0.108.0
type RBACEnforcer ¶
type RBACEnforcer struct {
// contains filtered or unexported fields
}
func NewRBACEnforcer ¶
func NewRBACEnforcer(operation *wgpb.Operation) *RBACEnforcer
type RedirectURIValidator ¶
type RedirectURIValidator struct {
// contains filtered or unexported fields
}
func NewRedirectValidator ¶
func NewRedirectValidator(matchString, matchRegex []string) *RedirectURIValidator
func (*RedirectURIValidator) GetValidatedRedirectURI ¶
func (v *RedirectURIValidator) GetValidatedRedirectURI(r *http.Request) (redirectURI string, authorized bool)
type TokenUserHandler ¶
type TokenUserHandler struct{}
func (TokenUserHandler) ServeHTTP ¶
func (_ TokenUserHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type User ¶
type User struct { ProviderName string `json:"provider,omitempty"` ProviderID string `json:"providerId,omitempty"` Email string `json:"email,omitempty"` EmailVerified bool `json:"emailVerified,omitempty"` Name string `json:"name,omitempty"` FirstName string `json:"firstName,omitempty"` LastName string `json:"lastName,omitempty"` NickName string `json:"nickName,omitempty"` Description string `json:"description,omitempty"` UserID string `json:"userId,omitempty"` AvatarURL string `json:"avatarUrl,omitempty"` Location string `json:"location,omitempty"` CustomClaims json.RawMessage `json:"customClaims,omitempty"` CustomAttributes []string `json:"customAttributes,omitempty"` Roles []string `json:"roles"` ExpiresAt time.Time `json:"-"` ETag string `json:"etag,omitempty"` FromCookie bool `json:"fromCookie,omitempty"` AccessToken json.RawMessage `json:"accessToken,omitempty"` RawAccessToken string `json:"rawAccessToken,omitempty"` IdToken json.RawMessage `json:"idToken,omitempty"` RawIDToken string `json:"rawIdToken,omitempty"` }
func UserFromContext ¶
func (*User) RemoveInternalFields ¶
func (u *User) RemoveInternalFields()
RemoveInternalFields should be used before sending the user to the client to not expose internal fields
func (*User) Save ¶
func (u *User) Save(s *securecookie.SecureCookie, w http.ResponseWriter, r *http.Request, domain string, insecureCookies bool) error
type UserLoadConfig ¶
type UserLoadConfig struct {
// contains filtered or unexported fields
}
type UserLoader ¶
type UserLoader struct {
// contains filtered or unexported fields
}
type UserLogoutHandler ¶
type UserLogoutHandler struct { InsecureCookies bool OpenIDConnectIssuersToLogoutURLs map[string]string }
func (*UserLogoutHandler) ServeHTTP ¶
func (u *UserLogoutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
Click to show internal directories.
Click to hide internal directories.