openid

package module
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 26, 2023 License: Apache-2.0 Imports: 12 Imported by: 77

README

openid.go

This is a consumer (Relying party) implementation of OpenId 2.0, written in Go.

go get -u github.com/yohcop/openid-go

Build Status

Github

Be awesome! Feel free to clone and use according to the licence. If you make a useful change that can benefit others, send a pull request! This ensures that one version has all the good stuff and doesn't fall behind.

Code example

See _example/ for a simple webserver using the openID implementation. Also, read the comment about the NonceStore towards the top of that file. The example must be run for the openid-go directory, like so:

go run _example/server.go

App Engine

In order to use this on Google App Engine, you need to create an instance with a custom *http.Client provided by urlfetch.

oid := openid.NewOpenID(urlfetch.Client(appengine.NewContext(r)))
oid.RedirectURL(...)
oid.Verify(...)

License

Distributed under the Apache v2.0 license.

Libraries

Here is a set of libraries I found on GitHub that could make using this library easier depending on your backends. I haven't tested them, this list is for reference only, and in no particular order:

  • Gacnt/myopenid "A Yohcop-Openid Nonce/Discovery storage replacement", using MySQL.
  • Gacnt/sqlxid "An SQLX Adapter for Nonce / Discovery Cache store"
  • Gacnt/gormid "Use GORM (Go Object Relational Mapping) to store OpenID DiscoveryCache / Nonce in a database"
  • hectorj/mysqlOpenID "MySQL OpenID is a package to replace the in memory storage of discoveryCache and nonceStore."

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildRedirectURL

func BuildRedirectURL(opEndpoint, opLocalID, claimedID, returnTo, realm string) (string, error)

func Discover

func Discover(id string) (opEndpoint, opLocalID, claimedID string, err error)

7.3.1. Discovered Information Upon successful completion of discovery, the Relying Party will have one or more sets of the following information (see the Terminology section for definitions). If more than one set of the following information has been discovered, the precedence rules defined in [XRI_Resolution_2.0] are to be applied.

  • OP Endpoint URL
  • Protocol Version

If the end user did not enter an OP Identifier, the following information will also be present:

  • Claimed Identifier
  • OP-Local Identifier

If the end user entered an OP Identifier, there is no Claimed Identifier. For the purposes of making OpenID Authentication requests, the value "http://specs.openid.net/auth/2.0/identifier_select" MUST be used as both the Claimed Identifier and the OP-Local Identifier when an OP Identifier is entered.

func Normalize

func Normalize(id string) (string, error)

func RedirectURL

func RedirectURL(id, callbackURL, realm string) (string, error)

func Verify

func Verify(uri string, cache DiscoveryCache, nonceStore NonceStore) (id string, err error)

Types

type DiscoveredInfo

type DiscoveredInfo interface {
	OpEndpoint() string
	OpLocalID() string
	ClaimedID() string
}

type DiscoveryCache

type DiscoveryCache interface {
	Put(id string, info DiscoveredInfo)
	// Return a discovered info, or nil.
	Get(id string) DiscoveredInfo
}

type Nonce

type Nonce struct {
	T time.Time
	S string
}

type NonceStore

type NonceStore interface {
	// Returns nil if accepted, an error otherwise.
	Accept(endpoint, nonce string) error
}

type OpenID

type OpenID struct {
	// contains filtered or unexported fields
}

func NewOpenID

func NewOpenID(client *http.Client) *OpenID

func (*OpenID) Discover

func (oid *OpenID) Discover(id string) (opEndpoint, opLocalID, claimedID string, err error)

func (*OpenID) RedirectURL

func (oid *OpenID) RedirectURL(id, callbackURL, realm string) (string, error)

func (*OpenID) Verify

func (oid *OpenID) Verify(uri string, cache DiscoveryCache, nonceStore NonceStore) (id string, err error)

type SimpleDiscoveredInfo

type SimpleDiscoveredInfo struct {
	// contains filtered or unexported fields
}

func (*SimpleDiscoveredInfo) ClaimedID

func (s *SimpleDiscoveredInfo) ClaimedID() string

func (*SimpleDiscoveredInfo) OpEndpoint

func (s *SimpleDiscoveredInfo) OpEndpoint() string

func (*SimpleDiscoveredInfo) OpLocalID

func (s *SimpleDiscoveredInfo) OpLocalID() string

type SimpleDiscoveryCache

type SimpleDiscoveryCache struct {
	// contains filtered or unexported fields
}

func NewSimpleDiscoveryCache

func NewSimpleDiscoveryCache() *SimpleDiscoveryCache

func (*SimpleDiscoveryCache) Get

func (*SimpleDiscoveryCache) Put

func (s *SimpleDiscoveryCache) Put(id string, info DiscoveredInfo)

type SimpleNonceStore

type SimpleNonceStore struct {
	// contains filtered or unexported fields
}

func NewSimpleNonceStore

func NewSimpleNonceStore() *SimpleNonceStore

func (*SimpleNonceStore) Accept

func (d *SimpleNonceStore) Accept(endpoint, nonce string) error

type Xrd

type Xrd struct {
	Service []*XrdsIdentifier `xml:"Service"`
}

type XrdsDocument

type XrdsDocument struct {
	XMLName xml.Name `xml:"XRDS"`
	Xrd     *Xrd     `xml:"XRD"`
}

type XrdsIdentifier

type XrdsIdentifier struct {
	Type     []string `xml:"Type"`
	URI      string   `xml:"URI"`
	LocalID  string   `xml:"LocalID"`
	Priority int      `xml:"priority,attr"`
}

TODO: As per 11.2 in openid 2 specs, a service may have multiple

URIs. We don't care for discovery really, but we do care for
verification though.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL