oauth2

package
v1.4.41 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 19, 2022 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Backend

type Backend struct {
	Config *Config
	// contains filtered or unexported fields
}

Backend represents authentication provider with OAuth 2.0 backend.

func NewDatabaseBackend

func NewDatabaseBackend(cfg *Config, logger *zap.Logger, c cache.Cache) *Backend

NewDatabaseBackend return an instance of authentication provider with OAuth 2.0 backend.

func (*Backend) Authenticate

func (b *Backend) Authenticate(r *requests.Request) error

Authenticate performs authentication.

func (*Backend) Configure

func (b *Backend) Configure() error

Configure configures Backend.

func (*Backend) GetConfig

func (b *Backend) GetConfig() string

GetConfig returns Backend configuration.

func (*Backend) GetMethod

func (b *Backend) GetMethod() string

GetMethod returns the authentication method associated with this backend.

func (*Backend) GetName

func (b *Backend) GetName() string

GetName return the name associated with this backend.

func (*Backend) GetRealm

func (b *Backend) GetRealm() string

GetRealm return authentication realm.

func (*Backend) Request

func (b *Backend) Request(op operator.Type, r *requests.Request) error

Request performs the requested backend operation.

func (*Backend) Validate

func (b *Backend) Validate() error

Validate checks whether Backend is functional.

type Config

type Config struct {
	Name     string `json:"name,omitempty"`
	Method   string `json:"method,omitempty"`
	Realm    string `json:"realm,omitempty"`
	Provider string `json:"provider,omitempty"`

	DomainName        string `json:"domain_name,omitempty"`
	ClientID          string `json:"client_id,omitempty"`
	ClientSecret      string `json:"client_secret,omitempty"`
	ServerID          string `json:"server_id,omitempty"`
	AppSecret         string `json:"app_secret,omitempty"`
	TenantID          string `json:"tenant_id,omitempty"`
	IdentityTokenName string `json:"identity_token_name,omitempty"`

	Scopes []string `json:"scopes,omitempty"`

	// The number if seconds to wait before getting key material
	// from an OAuth 2.0 backend.
	DelayStart int `json:"delay_start,omitempty"`
	// The number of the retry attempts getting key material
	// from an OAuth 2.0 backend.
	RetryAttempts int `json:"retry_attempts,omitempty"`
	// The number of seconds to wait until the retrying.
	RetryInterval int `json:"retry_interval,omitempty"`

	UserRoleMapList []map[string]interface{} `json:"user_roles,omitempty"`

	// The URL to OAuth 2.0 Custom Authorization Server.
	BaseAuthURL string `json:"base_auth_url,omitempty"`
	// The URL to OAuth 2.0 metadata related to your Custom Authorization Server.
	MetadataURL string `json:"metadata_url,omitempty"`

	// The regex filters for user groups extracted via IdP API.
	UserGroupFilters []string `json:"user_group_filters,omitempty"`
	// The regex filters for user orgs extracted via IdP API.
	UserOrgFilters []string `json:"user_org_filters,omitempty"`

	// Disabled metadata discovery via public metadata URL.
	MetadataDiscoveryDisabled bool `json:"metadata_discovery_disabled,omitempty"`

	KeyVerificationDisabled bool `json:"key_verification_disabled,omitempty"`
	PassGrantTypeDisabled   bool `json:"pass_grant_type_disabled,omitempty"`
	ResponseTypeDisabled    bool `json:"response_type_disabled,omitempty"`
	NonceDisabled           bool `json:"nonce_disabled,omitempty"`
	AcceptHeaderEnabled     bool `json:"accept_header_enabled,omitempty"`

	AuthorizationURL string `json:"authorization_url,omitempty"`

	TokenURL string `json:"token_url,omitempty"`
	// contains filtered or unexported fields
}

Config holds the configuration for the backend.

func (*Config) ScopeExists

func (c *Config) ScopeExists(scopes ...string) bool

ScopeExists returns true if any of the provided scopes exist.

type JwksKey

type JwksKey struct {
	Algorithm    string `json:"alg,omitempty"`
	Exponent     string `json:"e,omitempty"`
	KeyID        string `json:"kid,omitempty"`
	KeyType      string `json:"kty,omitempty"`
	Modulus      string `json:"n,omitempty"`
	PublicKeyUse string `json:"use,omitempty"`
	// contains filtered or unexported fields
}

JwksKey is a JSON object that represents a cryptographic key. See https://tools.ietf.org/html/rfc7517#section-4, https://tools.ietf.org/html/rfc7518#section-6.3

func (*JwksKey) GetPublicKey

func (k *JwksKey) GetPublicKey() *rsa.PublicKey

GetPublicKey returns pointer to rsa.PublicKey.

func (*JwksKey) Validate

func (k *JwksKey) Validate() error

Validate returns error if JwksKey does not contain relevant information.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL