Documentation ¶
Index ¶
- func CreateUserFromIdentityToken(sub, userName, email string, clientID uuid.UUID) (user *models.User, err error)
- func FetchAuthenticatedUser(header string) (user models.User, err error)
- func FindOrCreateUserFromIdentityToken(claims map[string]interface{}, userName string, clientID uuid.UUID) (user *models.User, err error)
- func FindUserBySubOrEmail(sub, email string) (user *models.User)
- func RetrieveAccessToken(authHeader string) (string, error)
- func RetrieveClientCredentials(authHeader string) ([]string, error)
- func SignInWithApple(identityToken, nonce, email, name, appScheme string, clientID uuid.UUID) (user *models.User, err error)
- func VerifyAud(aud, appScheme string) (err error)
- func VerifyExp(exp float64) (err error)
- func VerifyIdentityToken(claims map[string]interface{}, nonce string, appScheme string) (err error)
- func VerifyIss(iss string) (err error)
- func VerifyNonce(nonceClaim, nonceValue string) (err error)
- func VerifyTokenSignature(token *jwt.Token) (interface{}, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateUserFromIdentityToken ¶
func CreateUserFromIdentityToken(sub, userName, email string, clientID uuid.UUID) (user *models.User, err error)
CreateUserFromIdentityToken creates a user from identity token claims
func FetchAuthenticatedUser ¶
FetchAuthenticatedUser retrieves the user to satisfy AuthenticatedUserResolver
func FindOrCreateUserFromIdentityToken ¶
func FindOrCreateUserFromIdentityToken(claims map[string]interface{}, userName string, clientID uuid.UUID) (user *models.User, err error)
FindOrCreateUserFromIdentityToken finds or creates a user from the identity token
func FindUserBySubOrEmail ¶
FindUserBySubOrEmail tries to find a user with the sub (ID from Apple's side) or email
func RetrieveAccessToken ¶
RetrieveAccessToken finds the access token within the Authorization header string
func RetrieveClientCredentials ¶
RetrieveClientCredentials finds and returns an ApiClient record with the key/secret provided
func SignInWithApple ¶
func SignInWithApple(identityToken, nonce, email, name, appScheme string, clientID uuid.UUID) (user *models.User, err error)
SignInWithApple will verify an identityToken
func VerifyAud ¶
VerifyAud verifies that the aud field in the claims matches the app's bundle identifier
func VerifyIdentityToken ¶
VerifyIdentityToken verifies the identity token following the creteria specified by Apple see: https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/verifying_a_user
func VerifyIss ¶
VerifyIss verifies that the iss field in the claims contains https://appleid.apple.com
func VerifyNonce ¶
VerifyNonce verifies that there is a match between the nonce in the JWT claims and the nonce value passed down to the server from the SIWA request
func VerifyTokenSignature ¶
func VerifyTokenSignature(token *jwt.Token) (interface{}, error)
VerifyTokenSignature fetches Apple's public key for verifying the ID token signature see: https://stackoverflow.com/questions/41077953/go-language-and-verify-jwt
Types ¶
This section is empty.