method

package

v1.42.0 Latest Latest Go to latest Published: May 15, 2024 License: GPL-3.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/flipt-io/flipt

Links

Open Source Insights

Documentation ¶

Index ¶

func CallbackValidateState(ctx context.Context, state string) error
func ForwardCookies(ctx context.Context, req *http.Request) metadata.MD
type Middleware
- func NewHTTPMiddleware(config config.AuthenticationSession) Middleware
- func (m Middleware) ForwardResponseOption(ctx context.Context, w http.ResponseWriter, resp proto.Message) error
- func (m Middleware) Handler(next http.Handler) http.Handler

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CallbackValidateState ¶

func CallbackValidateState(ctx context.Context, state string) error

CallbackValidateState validates the state for the callback request on both OIDC and GitHub as an OAuth provider.

func ForwardCookies ¶

func ForwardCookies(ctx context.Context, req *http.Request) metadata.MD

ForwardCookies parses particular http cookies (Flipts state and client token) and forwards them as grpc metadata entries. This allows us to abstract away http constructs from the internal gRPC implementation.

Types ¶

type Middleware ¶

type Middleware struct {
	// contains filtered or unexported fields
}

Middleware contains various extensions for appropriate integration of the OIDC services behind gRPC gateway. This includes forwarding cookies as gRPC metadata, adapting callback responses to http cookies, and establishing appropriate state parameters for csrf provention during the oauth/oidc flow.

func NewHTTPMiddleware ¶

func NewHTTPMiddleware(config config.AuthenticationSession) Middleware

NewHTTPMiddleware constructs and configures a new oidc HTTP middleware from the supplied authentication configuration struct.

func (Middleware) ForwardResponseOption ¶

func (m Middleware) ForwardResponseOption(ctx context.Context, w http.ResponseWriter, resp proto.Message) error

ForwardResponseOption is a grpc gateway forward response option function implementation. The purpose of which is to intercept outgoing Callback operation responses. When intercepted the resulting clientToken is stripped from the response payload and instead added to a response header cookie (Set-Cookie). This ensures a secure browser session can be established. The user-agent is then redirected to the root of the domain.

func (Middleware) Handler ¶

func (m Middleware) Handler(next http.Handler) http.Handler

Handler is a http middleware used to decorate the OIDC provider gateway handler. The middleware intercepts authorize attempts and automatically establishes an appropriate state parameter. It does so by wrapping any provided state parameter in a JSON object with an additional cryptographically-random generated security token. The payload is then encoded in base64 and added back to the state query param. The payload is then also encoded as a http cookie which is bound to the callback path.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
github
kubernetes
testing
oidc
testing
token

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL