Documentation ¶
Index ¶
- Variables
- func Jwks(serverJwks *gojosev2.JSONWebKeySet, logger *zerolog.Logger) http.HandlerFunc
- func MustInteractCredential(ctx context.Context) *grant.AccessToken
- func ProviderMetadata(raw string) http.HandlerFunc
- func WriteErrorToRedirectUri(rw http.ResponseWriter, err error, ar *auth.Request)
- type Authorize
- type InteractCredentialKey
- type Interaction
- func (h *Interaction) HandleConsent(rw http.ResponseWriter, r *http.Request)
- func (h *Interaction) HandleLogin(rw http.ResponseWriter, r *http.Request)
- func (h *Interaction) HandleNext(rw http.ResponseWriter, r *http.Request)
- func (h *Interaction) HandleSelectAccount(rw http.ResponseWriter, r *http.Request)
- func (h *Interaction) JWTAuth(f http.HandlerFunc) http.HandlerFunc
- type Token
Constants ¶
This section is empty.
Variables ¶
var ( ErrMissingAuthorization = fmt.Errorf("%w: no authorization", oidc.ErrUnauthorized) ErrInvalidAuthorization = fmt.Errorf("%w: invalid authorization", oidc.ErrUnauthorized) )
var (
ErrUnhandledResponseType = fmt.Errorf("%w: response type cannot be handled", oidc.ErrInvalidRequest)
)
var (
ErrUnsupportedRequest = fmt.Errorf("%w: request is not supported", oidc.ErrInvalidRequest)
)
Functions ¶
func Jwks ¶
func Jwks(serverJwks *gojosev2.JSONWebKeySet, logger *zerolog.Logger) http.HandlerFunc
func MustInteractCredential ¶
func MustInteractCredential(ctx context.Context) *grant.AccessToken
func ProviderMetadata ¶
func ProviderMetadata(raw string) http.HandlerFunc
func WriteErrorToRedirectUri ¶
func WriteErrorToRedirectUri(rw http.ResponseWriter, err error, ar *auth.Request)
WriteErrorToRedirectUri writes the given error in url query parameters or fragments and then redirect the response to the decided redirect uri.
Types ¶
type Authorize ¶
type Authorize struct { Logger *zerolog.Logger Provider *pkg.Provider RequestParser *auth.Parser UserSessionResolver auth.UserSessionResolver UserConsentResolver auth.UserConsentResolver BrowserStateController *user.BrowserStateController RequestStorage auth.RequestStorage ClaimsResolvers []claims.Resolver SessionStorage grant.SessionStorage Flows []flow.AuthorizeFlow }
Authorize is the HTTP handler for authorization leg of the OpenID Connect flow.
func (*Authorize) HandleFirstEntry ¶
func (h *Authorize) HandleFirstEntry(rw http.ResponseWriter, r *http.Request)
HandleFirstEntry handles new OpenID Connect authentication requests. The handler will try to resolve user subject and consent with consultation to the request parameters. If user interaction is required, the handler will redirect the request to the interaction UI. Otherwise, the authentication request will be processed.
func (*Authorize) HandleReEntry ¶
func (h *Authorize) HandleReEntry(rw http.ResponseWriter, r *http.Request)
HandleReEntry handles the OpenID Connect authentication requests that has just went through the interaction UI. The handler will restore the original authentication request and check if user subject has been established and consent given. If subject was not resolved or none scope was granted, the handler fails the request. Otherwise, the request proceeds to run through the defined OpenID Connect flows.
type InteractCredentialKey ¶
type InteractCredentialKey struct{}
type Interaction ¶
type Interaction struct { Logger *zerolog.Logger Provider *pkg.Provider Process *interact.Process RequestStorage auth.RequestStorage RequestParser *auth.Parser AccessTokenStrategy grant.AccessTokenStrategy BrowserStateController *user.BrowserStateController }
Interaction is the HTTP handler responsible for all interactions with the companion UI.
func (*Interaction) HandleConsent ¶
func (h *Interaction) HandleConsent(rw http.ResponseWriter, r *http.Request)
HandleConsent handles the consent response from the companion UI and provides guidance for the next step.
func (*Interaction) HandleLogin ¶
func (h *Interaction) HandleLogin(rw http.ResponseWriter, r *http.Request)
HandleLogin handles the login response from the companion UI and provides guidance for the next step.
func (*Interaction) HandleNext ¶
func (h *Interaction) HandleNext(rw http.ResponseWriter, r *http.Request)
HandleNext handles the query request from the companion UI as for what steps to perform next.
func (*Interaction) HandleSelectAccount ¶
func (h *Interaction) HandleSelectAccount(rw http.ResponseWriter, r *http.Request)
HandleSelectAccount handles the select account response from the companion UI and provides guidance for the next step.
func (*Interaction) JWTAuth ¶
func (h *Interaction) JWTAuth(f http.HandlerFunc) http.HandlerFunc