handler

package

v0.3.0 Latest Latest Go to latest Published: Apr 5, 2020 License: MIT Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/absurdlab/tiga

Documentation ¶

Index ¶

Variables
func Jwks(serverJwks *gojosev2.JSONWebKeySet, logger *zerolog.Logger) http.HandlerFunc
func MustInteractCredential(ctx context.Context) *grant.AccessToken
func ProviderMetadata(raw string) http.HandlerFunc
func WriteErrorToRedirectUri(rw http.ResponseWriter, err error, ar *auth.Request)
type Authorize
- func (h *Authorize) HandleFirstEntry(rw http.ResponseWriter, r *http.Request)
- func (h *Authorize) HandleReEntry(rw http.ResponseWriter, r *http.Request)
type InteractCredentialKey
type Interaction
type Token
- func (h *Token) Handle(rw http.ResponseWriter, r *http.Request)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrMissingAuthorization = fmt.Errorf("%w: no authorization", oidc.ErrUnauthorized)
	ErrInvalidAuthorization = fmt.Errorf("%w: invalid authorization", oidc.ErrUnauthorized)
)

View Source

var (
	ErrUnhandledResponseType = fmt.Errorf("%w: response type cannot be handled", oidc.ErrInvalidRequest)
)

View Source

var (
	ErrUnsupportedRequest = fmt.Errorf("%w: request is not supported", oidc.ErrInvalidRequest)
)

Functions ¶

func Jwks ¶

func Jwks(serverJwks *gojosev2.JSONWebKeySet, logger *zerolog.Logger) http.HandlerFunc

func MustInteractCredential ¶

func MustInteractCredential(ctx context.Context) *grant.AccessToken

func ProviderMetadata ¶

func ProviderMetadata(raw string) http.HandlerFunc

func WriteErrorToRedirectUri ¶

func WriteErrorToRedirectUri(rw http.ResponseWriter, err error, ar *auth.Request)

WriteErrorToRedirectUri writes the given error in url query parameters or fragments and then redirect the response to the decided redirect uri.

Types ¶

type Authorize ¶

type Authorize struct {
	Logger                 *zerolog.Logger
	Provider               *pkg.Provider
	RequestParser          *auth.Parser
	UserSessionResolver    auth.UserSessionResolver
	UserConsentResolver    auth.UserConsentResolver
	BrowserStateController *user.BrowserStateController
	RequestStorage         auth.RequestStorage
	ClaimsResolvers        []claims.Resolver
	SessionStorage         grant.SessionStorage
	Flows                  []flow.AuthorizeFlow
}

Authorize is the HTTP handler for authorization leg of the OpenID Connect flow.

func (*Authorize) HandleFirstEntry ¶

func (h *Authorize) HandleFirstEntry(rw http.ResponseWriter, r *http.Request)

HandleFirstEntry handles new OpenID Connect authentication requests. The handler will try to resolve user subject and consent with consultation to the request parameters. If user interaction is required, the handler will redirect the request to the interaction UI. Otherwise, the authentication request will be processed.

func (*Authorize) HandleReEntry ¶

func (h *Authorize) HandleReEntry(rw http.ResponseWriter, r *http.Request)

HandleReEntry handles the OpenID Connect authentication requests that has just went through the interaction UI. The handler will restore the original authentication request and check if user subject has been established and consent given. If subject was not resolved or none scope was granted, the handler fails the request. Otherwise, the request proceeds to run through the defined OpenID Connect flows.

type InteractCredentialKey ¶

type InteractCredentialKey struct{}

type Interaction ¶

type Interaction struct {
	Logger                 *zerolog.Logger
	Provider               *pkg.Provider
	Process                *interact.Process
	RequestStorage         auth.RequestStorage
	RequestParser          *auth.Parser
	AccessTokenStrategy    grant.AccessTokenStrategy
	BrowserStateController *user.BrowserStateController
}

Interaction is the HTTP handler responsible for all interactions with the companion UI.

func (*Interaction) HandleConsent ¶

func (h *Interaction) HandleConsent(rw http.ResponseWriter, r *http.Request)

HandleConsent handles the consent response from the companion UI and provides guidance for the next step.

func (*Interaction) HandleLogin ¶

func (h *Interaction) HandleLogin(rw http.ResponseWriter, r *http.Request)

HandleLogin handles the login response from the companion UI and provides guidance for the next step.

func (*Interaction) HandleNext ¶

func (h *Interaction) HandleNext(rw http.ResponseWriter, r *http.Request)

HandleNext handles the query request from the companion UI as for what steps to perform next.

func (*Interaction) HandleSelectAccount ¶

func (h *Interaction) HandleSelectAccount(rw http.ResponseWriter, r *http.Request)

HandleSelectAccount handles the select account response from the companion UI and provides guidance for the next step.

func (*Interaction) JWTAuth ¶

func (h *Interaction) JWTAuth(f http.HandlerFunc) http.HandlerFunc

type Token ¶

type Token struct {
	Provider      *pkg.Provider
	RequestParser *token.Parser
	Flows         []flow.TokenFlow
}

Token is the HTTP handler for token leg of the OpenID Connect flow.

func (*Token) Handle ¶

func (h *Token) Handle(rw http.ResponseWriter, r *http.Request)

Handles authenticates the incoming request and executes the token leg of the flow.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL