oidc

package
v0.0.0-...-860e413 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 21, 2022 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ScopeProjectRolePrefix = "urn:zitadel:iam:org:project:role:"
	ClaimProjectRoles      = "urn:zitadel:iam:org:project:roles"
	ScopeUserMetaData      = "urn:zitadel:iam:user:metadata"
	ClaimUserMetaData      = ScopeUserMetaData
	ScopeResourceOwner     = "urn:zitadel:iam:user:resourceowner"
	ClaimResourceOwner     = ScopeResourceOwner + ":"
	ClaimActionLogFormat   = "urn:zitadel:iam:action:%s:log"
)

Variables

This section is empty.

Functions

func ACRValuesToBusiness 

func ACRValuesToBusiness(values []string) []domain.LevelOfAssurance

func AMRFromMFAType 

func AMRFromMFAType(mfaType domain.MFAType) string

func AuthRequestFromBusiness 

func AuthRequestFromBusiness(authReq *domain.AuthRequest) (_ op.AuthRequest, err error)

func ClientFromBusiness 

func ClientFromBusiness(app *query.App, defaultLoginURL string, defaultAccessTokenLifetime, defaultIdTokenLifetime time.Duration, allowedScopes []string) (op.Client, error)

func CodeChallengeToBusiness 

func CodeChallengeToBusiness(challenge string, method oidc.CodeChallengeMethod) *domain.OIDCCodeChallenge

func CodeChallengeToOIDC 

func CodeChallengeToOIDC(challenge *domain.OIDCCodeChallenge) *oidc.CodeChallenge

func CreateAuthRequestToBusiness 

func CreateAuthRequestToBusiness(ctx context.Context, authReq *oidc.AuthRequest, userAgentID, userID string) *domain.AuthRequest

func GetSelectedIDPIDFromScopes 

func GetSelectedIDPIDFromScopes(scopes oidc.SpaceDelimitedArray) string

func HttpHeadersFromContext 

func HttpHeadersFromContext(ctx context.Context) (userAgent, acceptLang string)

func IpFromContext 

func IpFromContext(ctx context.Context) net.IP

func MaxAgeToBusiness 

func MaxAgeToBusiness(maxAge *uint) *time.Duration

func NewProvider 

func NewProvider(ctx context.Context, config Config, defaultLogoutRedirectURI string, externalSecure bool, command *command.Commands, query *query.Queries, repo repository.Repository, encryptionAlg crypto.EncryptionAlgorithm, cryptoKey []byte, es *eventstore.Eventstore, projections *sql.DB, userAgentCookie, instanceHandler func(http.Handler) http.Handler) (op.OpenIDProvider, error)

func ParseBrowserInfoFromContext 

func ParseBrowserInfoFromContext(ctx context.Context) *domain.BrowserInfo

func PromptToBusiness 

func PromptToBusiness(oidcPrompt []string) []domain.Prompt

func RefreshTokenRequestFromBusiness 

func RefreshTokenRequestFromBusiness(tokenView *model.RefreshTokenView) op.RefreshTokenRequest

func ResponseTypeToBusiness 

func ResponseTypeToBusiness(responseType oidc.ResponseType) domain.OIDCResponseType

func ResponseTypeToOIDC 

func ResponseTypeToOIDC(responseType domain.OIDCResponseType) oidc.ResponseType

func UILocalesToBusiness 

func UILocalesToBusiness(tags []language.Tag) []string

Types

type AuthRequest 

type AuthRequest struct {
	*domain.AuthRequest
}

func (*AuthRequest) Done 

func (a *AuthRequest) Done() bool

func (*AuthRequest) GetACR 

func (a *AuthRequest) GetACR() string

func (*AuthRequest) GetAMR 

func (a *AuthRequest) GetAMR() []string

func (*AuthRequest) GetAudience 

func (a *AuthRequest) GetAudience() []string

func (*AuthRequest) GetAuthTime 

func (a *AuthRequest) GetAuthTime() time.Time

func (*AuthRequest) GetClientID 

func (a *AuthRequest) GetClientID() string

func (*AuthRequest) GetCodeChallenge 

func (a *AuthRequest) GetCodeChallenge() *oidc.CodeChallenge

func (*AuthRequest) GetID 

func (a *AuthRequest) GetID() string

func (*AuthRequest) GetNonce 

func (a *AuthRequest) GetNonce() string

func (*AuthRequest) GetRedirectURI 

func (a *AuthRequest) GetRedirectURI() string

func (*AuthRequest) GetResponseMode 

func (a *AuthRequest) GetResponseMode() oidc.ResponseMode

func (*AuthRequest) GetResponseType 

func (a *AuthRequest) GetResponseType() oidc.ResponseType

func (*AuthRequest) GetScopes 

func (a *AuthRequest) GetScopes() []string

func (*AuthRequest) GetState 

func (a *AuthRequest) GetState() string

func (*AuthRequest) GetSubject 

func (a *AuthRequest) GetSubject() string

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func (*Client) AccessTokenLifetime 

func (c *Client) AccessTokenLifetime() time.Duration

func (*Client) AccessTokenType 

func (c *Client) AccessTokenType() op.AccessTokenType

func (*Client) ApplicationType 

func (c *Client) ApplicationType() op.ApplicationType

func (*Client) AuthMethod 

func (c *Client) AuthMethod() oidc.AuthMethod

func (*Client) ClockSkew 

func (c *Client) ClockSkew() time.Duration

func (*Client) DevMode 

func (c *Client) DevMode() bool

func (*Client) GetID 

func (c *Client) GetID() string

func (*Client) GrantTypes 

func (c *Client) GrantTypes() []oidc.GrantType

func (*Client) IDTokenLifetime 

func (c *Client) IDTokenLifetime() time.Duration

func (*Client) IDTokenUserinfoClaimsAssertion 

func (c *Client) IDTokenUserinfoClaimsAssertion() bool

func (*Client) IsScopeAllowed 

func (c *Client) IsScopeAllowed(scope string) bool

func (*Client) LoginURL 

func (c *Client) LoginURL(id string) string

func (*Client) PostLogoutRedirectURIs 

func (c *Client) PostLogoutRedirectURIs() []string

func (*Client) RedirectURIs 

func (c *Client) RedirectURIs() []string

func (*Client) ResponseTypes 

func (c *Client) ResponseTypes() []oidc.ResponseType

func (*Client) RestrictAdditionalAccessTokenScopes 

func (c *Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string

func (*Client) RestrictAdditionalIdTokenScopes 

func (c *Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string

type Config 

type Config struct {
	CodeMethodS256                    bool
	AuthMethodPost                    bool
	AuthMethodPrivateKeyJWT           bool
	GrantTypeRefreshToken             bool
	RequestObjectSupported            bool
	SigningKeyAlgorithm               string
	DefaultAccessTokenLifetime        time.Duration
	DefaultIdTokenLifetime            time.Duration
	DefaultRefreshTokenIdleExpiration time.Duration
	DefaultRefreshTokenExpiration     time.Duration
	UserAgentCookieConfig             *middleware.UserAgentCookieConfig
	Cache                             *middleware.CacheConfig
	CustomEndpoints                   *EndpointConfig
}

type Endpoint 

type Endpoint struct {
	Path string
	URL  string
}

type EndpointConfig 

type EndpointConfig struct {
	Auth          *Endpoint
	Token         *Endpoint
	Introspection *Endpoint
	Userinfo      *Endpoint
	Revocation    *Endpoint
	EndSession    *Endpoint
	Keys          *Endpoint
}

type OPStorage 

type OPStorage struct {
	// contains filtered or unexported fields
}

func (*OPStorage) AuthRequestByCode 

func (o *OPStorage) AuthRequestByCode(ctx context.Context, code string) (_ op.AuthRequest, err error)

func (*OPStorage) AuthRequestByID 

func (o *OPStorage) AuthRequestByID(ctx context.Context, id string) (_ op.AuthRequest, err error)

func (*OPStorage) AuthorizeClientIDSecret 

func (o *OPStorage) AuthorizeClientIDSecret(ctx context.Context, id string, secret string) (err error)

func (*OPStorage) CreateAccessAndRefreshTokens 

func (o *OPStorage) CreateAccessAndRefreshTokens(ctx context.Context, req op.TokenRequest, refreshToken string) (_, _ string, _ time.Time, err error)

func (*OPStorage) CreateAccessToken 

func (o *OPStorage) CreateAccessToken(ctx context.Context, req op.TokenRequest) (_ string, _ time.Time, err error)

func (*OPStorage) CreateAuthRequest 

func (o *OPStorage) CreateAuthRequest(ctx context.Context, req *oidc.AuthRequest, userID string) (_ op.AuthRequest, err error)

func (*OPStorage) DeleteAuthRequest 

func (o *OPStorage) DeleteAuthRequest(ctx context.Context, id string) (err error)

func (*OPStorage) GetClientByClientID 

func (o *OPStorage) GetClientByClientID(ctx context.Context, id string) (_ op.Client, err error)

func (*OPStorage) GetKeyByIDAndIssuer 

func (o *OPStorage) GetKeyByIDAndIssuer(ctx context.Context, keyID, issuer string) (_ *jose.JSONWebKey, err error)

func (*OPStorage) GetKeyByIDAndUserID 

func (o *OPStorage) GetKeyByIDAndUserID(ctx context.Context, keyID, userID string) (_ *jose.JSONWebKey, err error)

func (*OPStorage) GetPrivateClaimsFromScopes 

func (o *OPStorage) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (claims map[string]interface{}, err error)

func (*OPStorage) Health 

func (o *OPStorage) Health(ctx context.Context) error

func (*OPStorage) KeySet 

func (o *OPStorage) KeySet(ctx context.Context) (keys []op.Key, err error)

KeySet implements the op.Storage interface

func (*OPStorage) RevokeToken 

func (o *OPStorage) RevokeToken(ctx context.Context, token, userID, clientID string) *oidc.Error

func (*OPStorage) SaveAuthCode 

func (o *OPStorage) SaveAuthCode(ctx context.Context, id, code string) (err error)

func (*OPStorage) SetIntrospectionFromToken 

func (o *OPStorage) SetIntrospectionFromToken(ctx context.Context, introspection oidc.IntrospectionResponse, tokenID, subject, clientID string) error

func (*OPStorage) SetUserinfoFromScopes 

func (o *OPStorage) SetUserinfoFromScopes(ctx context.Context, userInfo oidc.UserInfoSetter, userID, applicationID string, scopes []string) (err error)

func (*OPStorage) SetUserinfoFromToken 

func (o *OPStorage) SetUserinfoFromToken(ctx context.Context, userInfo oidc.UserInfoSetter, tokenID, subject, origin string) (err error)

func (*OPStorage) SignatureAlgorithms 

func (o *OPStorage) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)

SignatureAlgorithms implements the op.Storage interface

func (*OPStorage) SigningKey 

func (o *OPStorage) SigningKey(ctx context.Context) (key op.SigningKey, err error)

SigningKey implements the op.Storage interface

func (*OPStorage) TerminateSession 

func (o *OPStorage) TerminateSession(ctx context.Context, userID, clientID string) (err error)

func (*OPStorage) TokenRequestByRefreshToken 

func (o *OPStorage) TokenRequestByRefreshToken(ctx context.Context, refreshToken string) (op.RefreshTokenRequest, error)

func (*OPStorage) ValidateJWTProfileScopes 

func (o *OPStorage) ValidateJWTProfileScopes(ctx context.Context, subject string, scopes []string) ([]string, error)

type PublicKey 

type PublicKey struct {
	// contains filtered or unexported fields
}

PublicKey wraps the query.PublicKey to implement the op.Key interface

func (*PublicKey) Algorithm 

func (s *PublicKey) Algorithm() jose.SignatureAlgorithm

func (*PublicKey) ID 

func (s *PublicKey) ID() string

func (*PublicKey) Key 

func (s *PublicKey) Key() interface{}

func (*PublicKey) Use 

func (s *PublicKey) Use() string

type RefreshTokenRequest 

type RefreshTokenRequest struct {
	*model.RefreshTokenView
}

func (*RefreshTokenRequest) GetAMR 

func (r *RefreshTokenRequest) GetAMR() []string

func (*RefreshTokenRequest) GetAudience 

func (r *RefreshTokenRequest) GetAudience() []string

func (*RefreshTokenRequest) GetAuthTime 

func (r *RefreshTokenRequest) GetAuthTime() time.Time

func (*RefreshTokenRequest) GetClientID 

func (r *RefreshTokenRequest) GetClientID() string

func (*RefreshTokenRequest) GetScopes 

func (r *RefreshTokenRequest) GetScopes() []string

func (*RefreshTokenRequest) GetSubject 

func (r *RefreshTokenRequest) GetSubject() string

func (*RefreshTokenRequest) SetCurrentScopes 

func (r *RefreshTokenRequest) SetCurrentScopes(scopes []string)

type SigningKey 

type SigningKey struct {
	// contains filtered or unexported fields
}

SigningKey wraps the query.PrivateKey to implement the op.SigningKey interface

func (*SigningKey) ID 

func (s *SigningKey) ID() string

func (*SigningKey) Key 

func (s *SigningKey) Key() interface{}

func (*SigningKey) SignatureAlgorithm 

func (s *SigningKey) SignatureAlgorithm() jose.SignatureAlgorithm

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.