Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrNoAuthHeader = fiber.NewError(fiber.StatusUnauthorized, "Authorization header is missing") ErrInvalidAuthHeader = fiber.NewError(fiber.StatusUnauthorized, "Authorization header is invalid") ErrInvalidToken = fiber.NewError(fiber.StatusUnauthorized, "token is invalid") ErrInvalidIssuer = fiber.NewError(fiber.StatusUnauthorized, "issuer is invalid") ErrClaimsInvalid = fiber.NewError(fiber.StatusUnauthorized, "claims are invalid") ErrInvalidAudiance = fiber.NewError(fiber.StatusUnauthorized, "audience is invalid") ErrInvalidSubject = fiber.NewError(fiber.StatusUnauthorized, "subject is invalid") )
Functions ¶
func Authenticate ¶
func Authenticate(v Validator) openapi3filter.AuthenticationFunc
Authenticate returns a nil error and the AuthClaims info (if available) if the subject is authenticated or a
func GetJWSFromRequest ¶
GetJWSFromRequest extracts a JWS string from an Authorization: Bearer <jws> header
func GetJWTFromContext ¶
func GetJWTFromContext(ctx context.Context) (*oas.AuthClaims, bool)
GetJWTFromContext extracts the JWT token from the context.
Types ¶
type RemoteOidcOpt ¶
type RemoteOidcOpt func(*RemoteOidcOpts)
RemoteOidcOpt is the options for creating a new RemoteOidcValidator.
func WithAudience ¶
func WithAudience(audience string) RemoteOidcOpt
WithAudience sets the audience for the RemoteOidcValidator.
func WithClient ¶
func WithClient(client *http.Client) RemoteOidcOpt
WithClient sets the client for the RemoteOidcValidator.
func WithIssuerAliases ¶
func WithIssuerAliases(issuerAliases []string) RemoteOidcOpt
WithIssuerAliases sets the issuer aliases for the RemoteOidcValidator.
func WithMainIssuer ¶
func WithMainIssuer(mainIssuer string) RemoteOidcOpt
WithMainIssuer sets the main issuer for the RemoteOidcValidator.
type RemoteOidcOpts ¶
type RemoteOidcOpts struct {
MainIssuer string
IssuerAliases []string
Audience string
Client *http.Client
}
RemoteOidcOpts is the options for creating a new RemoteOidcValidator.
func DefaultRemoteOidcOpts ¶
func DefaultRemoteOidcOpts() *RemoteOidcOpts
DefaultRemoteOidcOpts returns the default options for creating a new RemoteOidcValidator.
func (*RemoteOidcOpts) Configure ¶
func (o *RemoteOidcOpts) Configure(opts ...RemoteOidcOpt)
Configure sets the configuration for the RemoteOidcValidator.
type RemoteOidcValidator ¶
type RemoteOidcValidator struct {
Opts *RemoteOidcOpts
JwksURI string
JWKs *keyfunc.JWKS
}
RemoteOidcValidator is an OIDC validator that validates tokens using a remote OIDC provider.
func NewRemoteOidcValidatorWithContext ¶
func NewRemoteOidcValidatorWithContext(ctx context.Context, opts ...RemoteOidcOpt) (*RemoteOidcValidator, error)
NewRemoteOidcValidatorWithContext creates a new RemoteOidcValidator.
func (*RemoteOidcValidator) Close ¶
func (oidc *RemoteOidcValidator) Close()
func (*RemoteOidcValidator) GetConfiguration ¶
func (oidc *RemoteOidcValidator) GetConfiguration(ctx context.Context) (*oas.OidcConfig, error)
GetConfiguration fetches the OIDC configuration from the issuer.
func (*RemoteOidcValidator) GetKeys ¶
func (oidc *RemoteOidcValidator) GetKeys() (*keyfunc.JWKS, error)
func (*RemoteOidcValidator) Validate ¶
func (oidc *RemoteOidcValidator) Validate(req *http.Request) (*oas.AuthClaims, error)
Validate validates the provided token. nolint:gocyclo
Source Files