Documentation ¶
Index ¶
- Constants
- func IsErrorWithID(err error, id string) bool
- func NewOAuth2Error(id string, description string) utils.ErrorWithDescription
- func WriteWWWAuthenticateError(rw http.ResponseWriter, code int, err error)
- type EmailClaims
- type IDTokenClaims
- type OAuth2Error
- type ProfileClaims
- type SessionClaims
- type UserInfoClaims
Constants ¶
const KonnectIDTokenSubjectSaltV1 = "konnect-IDToken-v1"
KonnectIDTokenSubjectSaltV1 is the salt value used when hasing Subjects in ID tokens created by Konnect.
Variables ¶
This section is empty.
Functions ¶
func IsErrorWithID ¶
IsErrorWithID returns true if the given error is an OAuth2Error error with the given ID.
func NewOAuth2Error ¶
func NewOAuth2Error(id string, description string) utils.ErrorWithDescription
NewOAuth2Error creates a new error with id and description.
func WriteWWWAuthenticateError ¶
func WriteWWWAuthenticateError(rw http.ResponseWriter, code int, err error)
WriteWWWAuthenticateError writes the provided error with the provided http status code to the provided http response writer as a WWW-Authenticate header with comma seperated fields for id and description.
Types ¶
type EmailClaims ¶
type EmailClaims struct { Email string `json:"email,omitempty"` EmailVerified bool `json:"email_verified"` }
EmailClaims define the claims for the OIDC email scope. https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
func NewEmailClaims ¶
func NewEmailClaims(claims jwt.Claims) *EmailClaims
NewEmailClaims return a new EmailClaims set from the provided jwt.Claims or nil.
func (EmailClaims) Valid ¶
func (c EmailClaims) Valid() error
Valid implements the jwt.Claims interface.
type IDTokenClaims ¶
type IDTokenClaims struct { jwt.StandardClaims Nonce string `json:"nonce,omitempty"` AuthTime int64 `json:"auth_time,omitempty"` AccessTokenHash string `json:"at_hash,omitempty"` CodeHash string `json:"c_hash,omitempty"` *ProfileClaims *EmailClaims *SessionClaims }
IDTokenClaims define the claims found in OIDC ID Tokens.
func (IDTokenClaims) Valid ¶
func (c IDTokenClaims) Valid() (err error)
Valid implements the jwt.Claims interface.
type OAuth2Error ¶
type OAuth2Error struct { ErrorID string `json:"error"` ErrorDescription string `json:"error_description"` }
OAuth2Error defines a general OAuth2 error with id and decription.
func (*OAuth2Error) Description ¶
func (err *OAuth2Error) Description() string
Description implements the ErrorWithDescription interface.
func (*OAuth2Error) Error ¶
func (err *OAuth2Error) Error() string
Error implements the error interface.
type ProfileClaims ¶
type ProfileClaims struct { Name string `json:"name,omitempty"` FamilyName string `json:"family_name,omitempty"` GivenName string `json:"given_name,omitempty"` PreferredUsername string `json:"preferred_username,omitempty"` }
ProfileClaims define the claims for the OIDC profile scope. https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
func NewProfileClaims ¶
func NewProfileClaims(claims jwt.Claims) *ProfileClaims
NewProfileClaims return a new ProfileClaims set from the provided jwt.Claims or nil.
func (ProfileClaims) Valid ¶
func (c ProfileClaims) Valid() error
Valid implements the jwt.Claims interface.
type SessionClaims ¶
type SessionClaims struct {
SessionID string `json:"sid,omitempty"`
}
SessionClaims define claims related to front end sessions, for example as specified by https://openid.net/specs/openid-connect-frontchannel-1_0.html
type UserInfoClaims ¶
type UserInfoClaims struct {
Subject string `json:"sub,omitempty"`
}
UserInfoClaims define the claims defined by the OIDC UserInfo endpoint.
func (UserInfoClaims) Valid ¶
func (c UserInfoClaims) Valid() error
Valid implements the jwt.Claims interface.