auth

package
v0.0.0-...-5c2e7a1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 8, 2022 License: EUPL-1.2 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	CallbackURL string
	Endpoint    string // where our OIDC server resides

)

Functions

func Authenticate 

func Authenticate() gin.HandlerFunc

Authenticate checks if an authorization header or cookie is present and processes it

func CallbackHandler 

func CallbackHandler(c *gin.Context)

CallbackHandler http handler

func Init 

func Init(a *OIDC) (err error)

Init the OIDC provider

func InitOIDCServer 

func InitOIDCServer()

InitOIDCServer initialises a keyset and provides a new authenticator

func Keys 

func Keys(c *gin.Context)

Keys endpoint provides our JSON Web Key Set (should be at /keys)

func LoginFormHandler 

func LoginFormHandler(c *gin.Context)

LoginFormHandler provides a simple local login form for test purposes

func LoginHandler 

func LoginHandler(c *gin.Context)

LoginHandler http handler

func LoginPostHandler 

func LoginPostHandler(c *gin.Context)

LoginPostHandler processes the login request

func LogoutCallbackHandler 

func LogoutCallbackHandler(c *gin.Context)

LogoutCallbackHandler verifies the CSRF token (if set) and removes the session cookie

func LogoutEndpoint 

func LogoutEndpoint(c *gin.Context)

LogoutEndpoint handles logging out the user, e.g. this should invalidate the token auth-side so that if it is presented to us again we know that it has been invalidated

func LogoutHandler 

func LogoutHandler(c *gin.Context)

LogoutHandler http handler

func RequireAuth 

func RequireAuth() gin.HandlerFunc

RequireAuth checks if there is a valid json web token in the request

func Token 

func Token(c *gin.Context)

Token exchanges a "code" against a token which contains the id_token of the requested user specified in "code"

func Userinfo 

func Userinfo(c *gin.Context)

Userinfo endpoint provides the claims for a logged in user given a bearer token returns an id_token

func WellKnown 

func WellKnown(c *gin.Context)

WellKnown provides the URLs of our endpoints, should be accessible at "/.well-known/openid-configuration"

Types

type OIDC 

type OIDC struct {
	ClientID                   string
	ClientSecret               string
	RedirectURL                string
	ProviderURL                string
	LogoutURL                  string // provider logout endpoint
	PostLogoutURL              string
	LogoutIDTokenHint          bool
	LogoutNonce                bool
	LogoutClientID             bool
	PostLoginRedirectURIField  string // defaults to "post_login_redirect_uri"
	PostLogoutRedirectURIField string // defaults to "post_logout_redirect_uri"

	OIDCConfig *oidc.Config
}

OIDC Provider

type Provider 

type Provider interface {
	CallbackHandler(w http.ResponseWriter, r *http.Request)
	LoginHandler(w http.ResponseWriter, r *http.Request)
	LogoutHandler(w http.ResponseWriter, r *http.Request)
	LogoutCallbackHandler(w http.ResponseWriter, r *http.Request)
	Init() error
}

Provider interface to be implemented by Identity Providers

type User 

type User struct {
	Subject       string `json:"sub"`
	Profile       string `json:"profile"`
	Email         string `json:"email"`
	EmailVerified bool   `json:"email_verified"`
	IsAdmin       bool   `json:"is_admin"`
	Password      string `json:"password"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.