client

package
v3.34.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 17, 2025 License: Apache-2.0 Imports: 17 Imported by: 13

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	Encoder = httphelper.Encoder(oidc.NewEncoder())
	Tracer  = otel.Tracer("github.com/zitadel/oidc/pkg/client")
)
View Source
var ErrEndpointNotSet = errors.New("endpoint not set")

Functions

func CallEndSessionEndpoint

func CallEndSessionEndpoint(ctx context.Context, request any, authFn any, caller EndSessionCaller) (*url.URL, error)

func CallRevokeEndpoint

func CallRevokeEndpoint(ctx context.Context, request any, authFn any, caller RevokeCaller) error

func CallTokenEndpoint

func CallTokenEndpoint(ctx context.Context, request any, caller TokenEndpointCaller) (newToken *oauth2.Token, err error)

func CallTokenExchangeEndpoint

func CallTokenExchangeEndpoint(ctx context.Context, request any, authFn any, caller TokenEndpointCaller) (resp *oidc.TokenExchangeResponse, err error)

func ClientAssertionCodeOptions

func ClientAssertionCodeOptions(assertion string) []oauth2.AuthCodeOption

func ClientAssertionFormAuthorization

func ClientAssertionFormAuthorization(assertion string) http.FormAuthorization

func Discover

func Discover(ctx context.Context, issuer string, httpClient *http.Client, wellKnownUrl ...string) (*oidc.DiscoveryConfiguration, error)

Discover calls the discovery endpoint of the provided issuer and returns its configuration It accepts an optional argument "wellknownUrl" which can be used to overide the dicovery endpoint url

func JWTProfileExchange

func JWTProfileExchange(ctx context.Context, jwtProfileGrantRequest *oidc.JWTProfileGrantRequest, caller TokenEndpointCaller) (*oauth2.Token, error)

JWTProfileExchange handles the oauth2 jwt profile exchange

func NewSignerFromPrivateKeyByte

func NewSignerFromPrivateKeyByte(key []byte, keyID string) (jose.Signer, error)

func PollDeviceAccessTokenEndpoint

func PollDeviceAccessTokenEndpoint(ctx context.Context, interval time.Duration, request *DeviceAccessTokenRequest, caller TokenEndpointCaller) (*oidc.AccessTokenResponse, error)

func SignedJWTProfileAssertion

func SignedJWTProfileAssertion(clientID string, audience []string, expiration time.Duration, signer jose.Signer) (string, error)

Types

type DeviceAuthorizationCaller

type DeviceAuthorizationCaller interface {
	GetDeviceAuthorizationEndpoint() string
	HttpClient() *http.Client
}

type EndSessionCaller

type EndSessionCaller interface {
	GetEndSessionEndpoint() string
	HttpClient() *http.Client
}

type KeyFile

type KeyFile struct {
	Type   string `json:"type"` // serviceaccount or application
	KeyID  string `json:"keyId"`
	Key    string `json:"key"`
	Issuer string `json:"issuer"` // not yet in file

	// serviceaccount
	UserID string `json:"userId"`

	// application
	ClientID string `json:"clientId"`
}

func ConfigFromKeyFile

func ConfigFromKeyFile(path string) (*KeyFile, error)

func ConfigFromKeyFileData

func ConfigFromKeyFileData(data []byte) (*KeyFile, error)

type RevokeCaller

type RevokeCaller interface {
	GetRevokeEndpoint() string
	HttpClient() *http.Client
}

type RevokeRequest

type RevokeRequest struct {
	Token         string `schema:"token"`
	TokenTypeHint string `schema:"token_type_hint"`
	ClientID      string `schema:"client_id"`
	ClientSecret  string `schema:"client_secret"`
}

type TokenEndpointCaller

type TokenEndpointCaller interface {
	TokenEndpoint() string
	HttpClient() *http.Client
}

Directories

Path Synopsis
rp
cli

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL