oidc

package

v3.2.0 Latest Latest Go to latest Published: Oct 9, 2024 License: Apache-2.0 Imports: 9 Imported by: 6

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/zitadel/zitadel-go

Links

Open Source Insights

Documentation ¶

Index ¶

func DefaultAuthentication(clientID, redirectURI string, key string, scopes ...string) ...
func WithCodeFlow[T Ctx[C, S], C oidc.IDClaims, S rp.SubjectGetter](auth ClientAuthentication) authentication.HandlerInitializer[T]
type ClientAuthentication
- func ClientIDSecretAuthentication(clientID, clientSecret, redirectURI string, scopes []string, ...) ClientAuthentication
- func PKCEAuthentication(clientID, redirectURI string, scopes []string, ...) ClientAuthentication
type Ctx
type UserInfoContext

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DefaultAuthentication ¶

func DefaultAuthentication(clientID, redirectURI string, key string, scopes ...string) authentication.HandlerInitializer[*UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo]]

DefaultAuthentication is a short version of [WithCodeFlow[*UserInfoContext[*oidc.IDTokenClaims, *oidc.UserInfo], *oidc.IDTokenClaims, *oidc.UserInfo]] with the client_id, redirectURI and encryptionKey and optional scopes. If no scopes are provided, `"openid", "profile", "email"` will be used.

func WithCodeFlow ¶

func WithCodeFlow[T Ctx[C, S], C oidc.IDClaims, S rp.SubjectGetter](auth ClientAuthentication) authentication.HandlerInitializer[T]

WithCodeFlow creates the OIDC/OAuth2 Authorization Code Flow implementation of the authentication.Handler interface. The token endpoint itself requires some ClientAuthentication of the client. Possible implementation are PKCEAuthentication and ClientIDSecretAuthentication.

Types ¶

type ClientAuthentication ¶

type ClientAuthentication func(ctx context.Context, domain string) (rp.RelyingParty, error)

func ClientIDSecretAuthentication ¶

func ClientIDSecretAuthentication(clientID, clientSecret, redirectURI string, scopes []string, cookieHandler *httphelper.CookieHandler) ClientAuthentication

ClientIDSecretAuthentication allows to authenticate the code exchange request with client_id and client_secret provide by ZITADEL.

func PKCEAuthentication ¶

func PKCEAuthentication(clientID, redirectURI string, scopes []string, cookieHandler *httphelper.CookieHandler) ClientAuthentication

PKCEAuthentication allows to authenticate the code exchange request with Proof Key of Code Exchange (PKCE).

type Ctx ¶

type Ctx[C oidc.IDClaims, S rp.SubjectGetter] interface {
	authentication.Ctx
	New() Ctx[C, S]
	SetTokens(*oidc.Tokens[C])
	GetTokens() *oidc.Tokens[C]
	SetUserInfo(S)
	GetUserInfo() S
}

type UserInfoContext ¶

type UserInfoContext[C oidc.IDClaims, S rp.SubjectGetter] struct {
	UserInfo S
	Tokens   *oidc.Tokens[C]
}

UserInfoContext implements the authentication.Ctx, resp. Ctx interface with the oidc.UserInfo as underlying data.

func (*UserInfoContext[C, S]) GetTokens ¶

func (c *UserInfoContext[C, S]) GetTokens() *oidc.Tokens[C]

GetTokens implements Ctx

func (*UserInfoContext[C, S]) GetUserInfo ¶

func (c *UserInfoContext[C, S]) GetUserInfo() S

GetUserInfo implements Ctx

func (*UserInfoContext[C, S]) IsAuthenticated ¶

func (c *UserInfoContext[C, S]) IsAuthenticated() bool

IsAuthenticated implements authentication.Ctx by checking the `sub` claim of the oidc.UserInfo.

func (*UserInfoContext[C, S]) New ¶

func (c *UserInfoContext[C, S]) New() Ctx[C, S]

func (*UserInfoContext[C, S]) SetTokens ¶

func (c *UserInfoContext[C, S]) SetTokens(tokens *oidc.Tokens[C])

SetTokens implements Ctx

func (*UserInfoContext[C, S]) SetUserInfo ¶

func (c *UserInfoContext[C, S]) SetUserInfo(info S)

SetUserInfo implements Ctx

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL