oidc

package
v1.0.32 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 29, 2024 License: MIT Imports: 16 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrNoAuthHeader      = fiber.NewError(fiber.StatusUnauthorized, "Authorization header is missing")
	ErrInvalidAuthHeader = fiber.NewError(fiber.StatusUnauthorized, "Authorization header is invalid")
	ErrInvalidToken      = fiber.NewError(fiber.StatusUnauthorized, "token is invalid")
	ErrInvalidIssuer     = fiber.NewError(fiber.StatusUnauthorized, "issuer is invalid")
	ErrClaimsInvalid     = fiber.NewError(fiber.StatusUnauthorized, "claims are invalid")
	ErrInvalidAudiance   = fiber.NewError(fiber.StatusUnauthorized, "audience is invalid")
	ErrInvalidSubject    = fiber.NewError(fiber.StatusUnauthorized, "subject is invalid")
)

Functions

func Authenticate

Authenticate returns a nil error and the AuthClaims info (if available) if the subject is authenticated or a

func GetJWSFromRequest

func GetJWSFromRequest(req *http.Request) (string, error)

GetJWSFromRequest extracts a JWS string from an Authorization: Bearer <jws> header

func GetJWTFromContext

func GetJWTFromContext(ctx context.Context) (*oas.AuthClaims, bool)

GetJWTFromContext extracts the JWT token from the context.

Types

type RemoteOidcOpt

type RemoteOidcOpt func(*RemoteOidcOpts)

RemoteOidcOpt is the options for creating a new RemoteOidcValidator.

func WithAudience

func WithAudience(audience string) RemoteOidcOpt

WithAudience sets the audience for the RemoteOidcValidator.

func WithClient

func WithClient(client *http.Client) RemoteOidcOpt

WithClient sets the client for the RemoteOidcValidator.

func WithIssuerAliases

func WithIssuerAliases(issuerAliases []string) RemoteOidcOpt

WithIssuerAliases sets the issuer aliases for the RemoteOidcValidator.

func WithMainIssuer

func WithMainIssuer(mainIssuer string) RemoteOidcOpt

WithMainIssuer sets the main issuer for the RemoteOidcValidator.

type RemoteOidcOpts

type RemoteOidcOpts struct {
	MainIssuer    string
	IssuerAliases []string
	Audience      string
	Client        *http.Client
}

RemoteOidcOpts is the options for creating a new RemoteOidcValidator.

func DefaultRemoteOidcOpts

func DefaultRemoteOidcOpts() *RemoteOidcOpts

DefaultRemoteOidcOpts returns the default options for creating a new RemoteOidcValidator.

func (*RemoteOidcOpts) Configure

func (o *RemoteOidcOpts) Configure(opts ...RemoteOidcOpt)

Configure sets the configuration for the RemoteOidcValidator.

type RemoteOidcValidator

type RemoteOidcValidator struct {
	Opts *RemoteOidcOpts

	JwksURI string
	JWKs    *keyfunc.JWKS
}

RemoteOidcValidator is an OIDC validator that validates tokens using a remote OIDC provider.

func NewRemoteOidcValidatorWithContext

func NewRemoteOidcValidatorWithContext(ctx context.Context, opts ...RemoteOidcOpt) (*RemoteOidcValidator, error)

NewRemoteOidcValidatorWithContext creates a new RemoteOidcValidator.

func (*RemoteOidcValidator) Close

func (oidc *RemoteOidcValidator) Close()

func (*RemoteOidcValidator) GetConfiguration

func (oidc *RemoteOidcValidator) GetConfiguration(ctx context.Context) (*oas.OidcConfig, error)

GetConfiguration fetches the OIDC configuration from the issuer.

func (*RemoteOidcValidator) GetKeys

func (oidc *RemoteOidcValidator) GetKeys() (*keyfunc.JWKS, error)

func (*RemoteOidcValidator) Validate

func (oidc *RemoteOidcValidator) Validate(req *http.Request) (*oas.AuthClaims, error)

Validate validates the provided token. nolint:gocyclo

type Validator

type Validator interface {
	// Validate validates the provided token.
	Validate(req *http.Request) (*oas.AuthClaims, error)
}

Validator is an interface for validating tokens

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL