clients

package
v0.26.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2019 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DynamicStatelessClientIDPrefix     = "dyn."
	DynamicStatelessClientStaticSaltV1 = "konnect-client-v1"
)

Constat data used with dynamic stateless clients.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClientRegistration 

type ClientRegistration struct {
	ID     string `yaml:"id" json:"-"`
	Secret string `yaml:"secret" json:"-"`

	Trusted       bool     `yaml:"trusted" json:"-"`
	TrustedScopes []string `yaml:"trusted_scopes" json:"-"`
	Insecure      bool     `yaml:"insecure" json:"-"`

	Dynamic         bool  `yaml:"-" json:"-"`
	IDIssuedAt      int64 `yaml:"-" json:"-"`
	SecretExpiresAt int64 `yaml:"-" json:"-"`

	Contacts        []string `yaml:"contacts,flow" json:"contacts,omitempty"`
	Name            string   `yaml:"name" json:"name,omitempty"`
	URI             string   `yaml:"uri"  json:"uri,omitempty"`
	GrantTypes      []string `yaml:"grant_types,flow" json:"grant_types,omitempty"`
	ApplicationType string   `yaml:"application_type"  json:"application_type,omitempty"`

	RedirectURIs []string `yaml:"redirect_uris,flow" json:"redirect_uris,omitempty"`
	Origins      []string `yaml:"origins,flow" json:"-"`

	JWKS *gojwk.Key `yaml:"jwks" json:"-"`

	RawIDTokenSignedResponseAlg    string `yaml:"id_token_signed_response_alg" json:"id_token_signed_response_alg,omitempty"`
	RawUserInfoSignedResponseAlg   string `yaml:"userinfo_signed_response_alg" json:"userinfo_signed_response_alg,omitempty"`
	RawRequestObjectSigningAlg     string `yaml:"request_object_signing_alg" json:"request_object_signing_alg,omitempty"`
	RawTokenEndpointAuthMethod     string `yaml:"token_endpoint_auth_method" json:"token_endpoint_auth_method,omitempty"`
	RawTokenEndpointAuthSigningAlg string `yaml:"token_endpoint_auth_signing_alg"  json:"token_endpoint_auth_signing_alg,omitempty"`

	PostLogoutRedirectURIs []string `yaml:"post_logout_redirect_uris,flow" json:"post_logout_redirect_uris,omitempty"`
}

ClientRegistration defines a client with its properties.

func (*ClientRegistration) Secure 

func (cr *ClientRegistration) Secure(rawKid interface{}) (*Secured, error)

Secure looks up the a matching key from the accociated client registration and returns its public key part as a secured client.

func (*ClientRegistration) SetDynamic 

func (cr *ClientRegistration) SetDynamic(ctx context.Context, creator func(ctx context.Context, signingMethod jwt.SigningMethod, claims jwt.Claims) (string, error)) error

SetDynamic modifieds the required data for the associated client registration so it becomes a dynamic client.

func (*ClientRegistration) Validate 

func (cr *ClientRegistration) Validate() error

Validate validates the associated client registration data and returns error if the data is not valid.

type Details 

type Details struct {
	ID          string `json:"id"`
	DisplayName string `json:"display_name"`
	RedirectURI string `json:"redirect_uri"`
	Trusted     bool   `json:"trusted"`

	Registration *ClientRegistration `json:"-"`
}

Details hold detail information about clients identified by ID.

type RegistrationClaims 

type RegistrationClaims struct {
	jwt.StandardClaims

	*ClientRegistration
}

RegistrationClaims are claims used to with dynamic clients.

func (RegistrationClaims) Valid 

func (crc RegistrationClaims) Valid() error

Valid implements the jwt claims interface.

type Registry 

type Registry struct {
	StatelessCreator   func(ctx context.Context, signingMethod jwt.SigningMethod, claims jwt.Claims) (string, error)
	StatelessValidator func(token *jwt.Token) (interface{}, error)
	// contains filtered or unexported fields
}

Registry implements the registry for registered clients.

func NewRegistry 

func NewRegistry(ctx context.Context, trustedURI *url.URL, registrationConfFilepath string, logger logrus.FieldLogger) (*Registry, error)

NewRegistry created a new client Registry with the provided parameters.

func (*Registry) Get 

func (r *Registry) Get(ctx context.Context, clientID string) (*ClientRegistration, bool)

Get returns the registerd clients registraion for the provided client ID.

func (*Registry) Lookup 

func (r *Registry) Lookup(ctx context.Context, clientID string, clientSecret string, redirectURI *url.URL, originURIString string, withoutSecret bool) (*Details, error)

Lookup returns and validates the clients Detail information for the provided parameters from the accociated registry.

func (*Registry) Register 

func (r *Registry) Register(client *ClientRegistration) error

Register validates the provided client registration and adds the client to the accociated registry if valid. Returns error otherwise.

func (*Registry) Validate 

func (r *Registry) Validate(client *ClientRegistration, clientSecret string, redirectURIString string, originURIString string, withoutSecret bool) error

Validate checks if the provided client registration data complies to the provided parameters and returns error when it does not.

type RegistryData 

type RegistryData struct {
	Clients []*ClientRegistration `yaml:"clients,flow"`
}

RegistryData is the base structur of our client registry configuration file.

type Secured 

type Secured struct {
	ID              string
	DisplayName     string
	ApplicationType string

	Kid       string
	PublicKey crypto.PublicKey

	TrustedScopes []string

	Registration *ClientRegistration
}

A Secured is a client records public key identified by ID.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.