Documentation ¶
Index ¶
- func ExtractClaims(t *oidc.IDToken) (map[string]interface{}, error)
- func GenerateState(r *http.Request, secret string) string
- func VerifyState(r *http.Request, s string, secret string) bool
- type Client
- func (c *Client) AuthCodeToIDToken(ctx context.Context, authCode string) (*oauth2.Token, string, *oidc.IDToken, error)
- func (c *Client) AuthCodeURL(r *http.Request, secret string) string
- func (c *Client) Context() context.Context
- func (c *Client) Healthz() bool
- func (c *Client) OAuth2Config() *oauth2.Config
- func (c *Client) PrepareScopes()
- func (c *Client) ProviderSetup() error
- func (c *Client) Setup() error
- func (c *Client) TLSSetup() error
- func (c *Client) VerifierSetup()
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractClaims ¶
ExtractClaims returns claims for a given IDToken
func GenerateState ¶
GenerateState performs a base64 encoded hash of the client user agent This is a poor way to permform CSRF protection, but better than a hardcoded value.
Types ¶
type Client ¶
type Client struct { Config *config.OIDC Provider *oidc.Provider Verifier *oidc.IDTokenVerifier Scopes []string HTTPClient *http.Client }
Client is an OpenID client, it handles all OIDC/OAuth2 interactions between the provider and the creator of this Client
func (*Client) AuthCodeToIDToken ¶
func (c *Client) AuthCodeToIDToken(ctx context.Context, authCode string) (*oauth2.Token, string, *oidc.IDToken, error)
AuthCodeToToken converts an authorization code into a IDToken
func (*Client) AuthCodeURL ¶
AuthCodeURL generate an authorisation code URL based on the application name. The function uses also extra auth code options configured for this client
func (*Client) OAuth2Config ¶
OAuth2Config return the OAuth2Config for the client
func (*Client) PrepareScopes ¶
func (c *Client) PrepareScopes()
PrepareScopes setup scopes slice based on the client configuration
func (*Client) ProviderSetup ¶
ProviderSetup setup Client's provider
func (*Client) VerifierSetup ¶
func (c *Client) VerifierSetup()
VerifierSetup setup Client's verifier