Documentation ¶
Index ¶
- Constants
- Variables
- func AuthenticatedUserIDFromClaims(claims *ExtraClaimsWithType) (string, bool)
- func AuthenticatedUserIsGuest(claims *ExtraClaimsWithType) bool
- func AuthorizedClaimsFromClaims(claims *ExtraClaimsWithType) map[string]interface{}
- func AuthorizedScopesFromClaims(claims *ExtraClaimsWithType) map[string]bool
- func ErrStatusText(code ErrStatus) string
- func RequireScopesInClaims(claims *ExtraClaimsWithType, requiredScopes []string) error
- func SplitStandardClaimsFromMapClaims(claims *ExtraClaimsWithType) (*jwt.StandardClaims, error)
- type ErrStatus
- type ExtraClaimsWithType
- type Logger
- type Provider
- func (p *Provider) BuildDate() string
- func (p *Provider) FetchUserinfoWithAccesstokenString(ctx context.Context, tokenString string) (map[string]interface{}, error)
- func (p *Provider) Initialize(ctx context.Context, issuer *url.URL) error
- func (p *Provider) Uninitialize() error
- func (p *Provider) ValidateTokenString(ctx context.Context, tokenString string) (string, *jwt.StandardClaims, *ExtraClaimsWithType, error)
- func (p *Provider) Version() string
- func (p *Provider) WaitUntilReady(ctx context.Context, timeout time.Duration) error
Constants ¶
const ( IsAccessTokenClaim = "kc.isAccessToken" IsRefreshTokenClaim = "kc.isRefreshToken" IdentityClaim = "kc.identity" IdentifiedUserIDClaim = "kc.i.id" IdentifiedUserIsGuest = "kc.i.guest" AuthorizedScopesClaim = "kc.authorizedScopes" AuthorizedClaimsClaim = "kc.authorizedClaims" )
Token claims used by Kopano Konnect.
const ( TokenTypeStandard int = 0 TokenTypeKCAccess int = 1 TokenTypeKCRefresh int = 2 )
Token types as int.
const StatusSuccess = ErrStatusNone
StatusSuccess is the success response as returned by this library.
Variables ¶
var ErrStatusTextMap = map[ErrStatus]string{ ErrStatusUnknown: "Unknown", ErrStatusInvalidIss: "Invalid Issuer Identifier Value", ErrStatusAlreadyInitialized: "Already Initialized", ErrStatusNotInitialized: "Not Initialized", ErrStatusTimeout: "Timeout", ErrStatusTokenUnexpectedSigningMethod: "Unexpected Token Signing Method", ErrStatusTokenMalformed: "Malformed Token", ErrStatusTokenExpiredOrNotValidYet: "Token Expired Or Not Valid Yet", ErrStatusTokenUnknownKey: "Unknown Token Key", ErrStatusTokenInvalidSignature: "Invalid Token Signature", ErrStatusTokenValidationFailed: "Token Validation Failed", ErrStatusClosed: "Is Closed", ErrStatusWrongInitialization: "Wrong Initialization", ErrStatusMissingRequiredScope: "Missing required scope", }
ErrStatusTextMap maps ErrStatusos to readable names.
Functions ¶
func AuthenticatedUserIDFromClaims ¶
func AuthenticatedUserIDFromClaims(claims *ExtraClaimsWithType) (string, bool)
AuthenticatedUserIDFromClaims extracts extra Kopano Connect identified claims from the provided extra claims, returning the authenticated user id.
func AuthenticatedUserIsGuest ¶
func AuthenticatedUserIsGuest(claims *ExtraClaimsWithType) bool
AuthenticatedUserIsGuest extract extra Kopano Connect identified claims from the provided extra claims, returning if the claims are for a guest or not.
func AuthorizedClaimsFromClaims ¶
func AuthorizedClaimsFromClaims(claims *ExtraClaimsWithType) map[string]interface{}
AuthorizedClaimsFromClaims returns the authorized claims as map from the provided extra claims.
func AuthorizedScopesFromClaims ¶
func AuthorizedScopesFromClaims(claims *ExtraClaimsWithType) map[string]bool
AuthorizedScopesFromClaims returns the authorized scopes as bool map from the provided extra claims.
func ErrStatusText ¶
ErrStatusText returns a text for the ErrStatus. It returns the empty string if the code is unknown.
func RequireScopesInClaims ¶
func RequireScopesInClaims(claims *ExtraClaimsWithType, requiredScopes []string) error
RequireScopesInClaims returns nil if all the provided scopes are found in the provided claims. Otherwise an error is returned.
func SplitStandardClaimsFromMapClaims ¶
func SplitStandardClaimsFromMapClaims(claims *ExtraClaimsWithType) (*jwt.StandardClaims, error)
SplitStandardClaimsFromMapClaims removes all JWT standard claims from the provided map claims and returns them.
Types ¶
type ErrStatus ¶
type ErrStatus uint64
ErrStatus is the Error type as used by kcoidc.
const ( ErrStatusNone = iota ErrStatusUnknown ErrStatus = iota + (1 << 8) ErrStatusInvalidIss ErrStatusAlreadyInitialized ErrStatusNotInitialized ErrStatusTimeout ErrStatusTokenUnexpectedSigningMethod ErrStatusTokenMalformed ErrStatusTokenExpiredOrNotValidYet ErrStatusTokenUnknownKey ErrStatusTokenInvalidSignature ErrStatusTokenValidationFailed ErrStatusClosed ErrStatusWrongInitialization ErrStatusMissingRequiredScope )
ErrStatusors as defined by this library.
type ExtraClaimsWithType ¶
type ExtraClaimsWithType jwt.MapClaims
ExtraClaimsWithType is a MapClaims with a specific type.
func (*ExtraClaimsWithType) KCTokenType ¶
func (claims *ExtraClaimsWithType) KCTokenType() int
KCTokenType returns the numeric type of the accociated claims.
func (*ExtraClaimsWithType) Valid ¶
func (claims *ExtraClaimsWithType) Valid() error
Valid satisfies the jwt.Claims interface.
type Logger ¶ added in v0.9.0
type Logger interface {
Printf(string, ...interface{})
}
A Logger defines a simple logging interface for pluggable loggers used by this module.
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
A Provider is a representation of an OpenID Connect Provider (OP).
func NewProvider ¶
NewProvider creates a new Provider with the provider HTTP client. If no client is provided, http.DefaultClient will be used.
func (*Provider) BuildDate ¶ added in v0.9.0
BuildDate returns the build data string of this module.
func (*Provider) FetchUserinfoWithAccesstokenString ¶
func (p *Provider) FetchUserinfoWithAccesstokenString(ctx context.Context, tokenString string) (map[string]interface{}, error)
FetchUserinfoWithAccesstokenString fetches the the userinfo result of the accociated provider for the provided access token string.
func (*Provider) Initialize ¶
Initialize initializes the associated Provider with the provided issuer.
func (*Provider) Uninitialize ¶
Uninitialize uninitializes the associated Provider.
func (*Provider) ValidateTokenString ¶
func (p *Provider) ValidateTokenString(ctx context.Context, tokenString string) (string, *jwt.StandardClaims, *ExtraClaimsWithType, error)
ValidateTokenString validates the provided token string value with the keys of the accociated Provider and returns the authenticated users ID as found in the claims, the standard claims and all extra claims.
func (*Provider) Version ¶ added in v0.9.0
Version returns the runtime version string of this module.