oidc

package

v1.9.0 Latest Latest Go to latest Published: Mar 7, 2023 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bserdar/took

Links

Open Source Insights

Documentation ¶

Index ¶

func FillForm(config HTMLFormConfig, page *html.Node, userName, password string) (action string, values url.Values, err error)
func FormAuth(cfg HTMLFormConfig, authURL string, userName, password string) *url.URL
func ReadPage(url string) (*html.Node, []*http.Cookie, error)
func RefreshToken(clientID, clientSecret, refreshToken, tokenURL string) (oauth2.Token, error)
type Config
- func (c Config) Merge(defaults Config) Config
type Data
type FieldConfig
type HTMLFormConfig
type Protocol
type ServerData
- func GetServerData(url string) (ServerData, error)
type ServerProfile
- func (s ServerProfile) Merge(in ServerProfile) ServerProfile
type TokenData
- func (t TokenData) FormatToken(out proto.OutputOption) string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FillForm ¶

func FillForm(config HTMLFormConfig, page *html.Node, userName, password string) (action string, values url.Values, err error)

FillForm processes the form, prompts the user for field values, and returns the form to be submitted

func FormAuth ¶

func FormAuth(cfg HTMLFormConfig, authURL string, userName, password string) *url.URL

FormAuth retrieves a login form from the authURL, parses it, asks credentials, submits the form, and if everything goes fine, returns the redirect URL

func ReadPage ¶

func ReadPage(url string) (*html.Node, []*http.Cookie, error)

ReadPage reads the contents of the page

func RefreshToken ¶

func RefreshToken(clientID, clientSecret, refreshToken, tokenURL string) (oauth2.Token, error)

RefreshToken gets a new token using the refresh token

Types ¶

type Config ¶

type Config struct {
	ServerProfile `yaml:",inline" mapstructure:",squash"`
	Profile       string `yaml:"profile,omitempty" mapstructure:"profile,omitempty"`
	ClientID      string `yaml:"clientid" mapstructure:"clientid"`
	ClientSecret  string
	CallbackURL   string `yaml:"callbackurl,omitempty" mapstructure:"callbackurl,omitempty"`
}

Config includes the server profile and contains user creds

func (Config) Merge ¶

func (c Config) Merge(defaults Config) Config

Merge sets the unset fields of c from defaults

type Data ¶

type Data struct {
	Last   string
	Tokens []TokenData
}

Data contains the tokens

type FieldConfig ¶

type FieldConfig struct {
	Input string `json:"input" yaml:"input"`
	// If non-empty, will ask for value
	Prompt   string `json:"prompt,omitempty" yaml:"prompt,omitempty"`
	Password bool   `json:"password" yaml:"password"`
	// If non-empty, the default value
	Value string `json:"value,omitempty" yaml:"value,omitempty"`
}

FieldConfig describes an HTML field in the HTML form

type HTMLFormConfig ¶

type HTMLFormConfig struct {
	// Form ID
	ID string `json:"id,omitempty" yaml:"id,omitempty"`
	// Which field in Fields is the password field
	PasswordField string `json:"passwordField,omitempty" yaml:"passwordField,omitempty"`
	// Which field in Fields is the username field
	UsernameField string        `json:"usernameField,omitempty" yaml:"usernameField,omitempty"`
	Fields        []FieldConfig `json:"fields,omitempty" yaml:"fields,omitempty"`
}

HTMLFormConfig defines an HTP login form structure

type Protocol ¶

type Protocol struct {
	Cfg      Config
	Defaults Config
	Tokens   Data
}

Protocol contains the oidc config, default congfig, and tokens

func (*Protocol) DecodeCfg ¶

func (p *Protocol) DecodeCfg(in interface{}) (interface{}, error)

DecodeCfg converts map[string]interface{} into Config{}

func (*Protocol) GetAuthURL ¶

func (p *Protocol) GetAuthURL(s ServerData) string

GetAuthURL returns the auth URL on the auth server

func (*Protocol) GetConfig ¶

func (p *Protocol) GetConfig() Config

GetConfig merges default cfg with user cfg and returns a merged copy

func (*Protocol) GetToken ¶

func (p *Protocol) GetToken(request proto.TokenRequest) (string, interface{}, error)

GetToken gets a token

func (*Protocol) GetTokenURL ¶

func (p *Protocol) GetTokenURL(s ServerData) string

GetTokenURL retutrns the token URL on the auth server

func (*Protocol) InitSetupWizard ¶

func (p *Protocol) InitSetupWizard(name string, profileName string, profile cfg.Profile) ([]proto.SetupStep, *cobra.Command)

InitSetupWizard initializes the setup wizard for oidc

func (*Protocol) Refresh ¶

func (p *Protocol) Refresh(tok *TokenData, s ServerData) error

Refresh refreshes the token

func (*Protocol) SetCfg ¶

func (p *Protocol) SetCfg(user, common cfg.Remote)

SetCfg sets the p.Cfg and p.Defaults from user and common configs

func (*Protocol) TooClose ¶ added in v1.8.0

func (p *Protocol) TooClose(accessToken string, serverData ServerData) bool

TooClose returns true if the token expiration is too close: 1m if token lifetime is more than 1m, or token lifetime if not

func (*Protocol) Validate ¶ added in v1.5.0

func (p *Protocol) Validate(accessToken string, serverData ServerData) bool

Validate checks if a token is valid

type ServerData ¶

type ServerData struct {
	AuthorizationEndpoint string `json:"authorization_endpoint"`
	TokenEndpoint         string `json:"token_endpoint"`
	IntrospectionEndpoint string `json:"token_introspection_endpoint"`
	UserInfoEndpoint      string `json:"userinfo_endpoint"`
	EndSessionEndpoint    string `json:"end_session_endpoint"`
	JWKSUri               string `json:"jwks_uri"`
}

ServerData contains the OIDC server information

func GetServerData ¶

func GetServerData(url string) (ServerData, error)

GetServerData retrieves server data from the auth server

type ServerProfile ¶

type ServerProfile struct {
	URL              string          `yaml:"url,omitempty" mapstructure:"url,omitempty"`
	TokenAPI         string          `yaml:"tokenapi,omitempty" mapstructure:"tokenapi,omitempty"`
	AuthAPI          string          `yaml:"authapi,omitempty" mapstructure:"authapi,omitempty"`
	Form             *HTMLFormConfig `yaml:"form,omitempty" mapstructure:"form,omitempty"`
	Insecure         bool
	PasswordGrant    *bool    `yaml:"passwordgrant,omitempty"`
	RefreshOnly      *bool    `yaml:"refreshonly,omitempty"`
	AdditionalScopes []string `yaml:"additionalscopes,omitempty"`
}

ServerProfile defines an OIDC auth server

func (ServerProfile) Merge ¶

func (s ServerProfile) Merge(in ServerProfile) ServerProfile

Merge sets any unset field in s from in, and returns the merged copy

type TokenData ¶

type TokenData struct {
	Username     string
	AccessToken  string
	RefreshToken string
	Type         string
}

TokenData contains the access and refresh token with username

func (TokenData) FormatToken ¶

func (t TokenData) FormatToken(out proto.OutputOption) string

FormatToken converts token to string based on the output options

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL