import "github.com/hashicorp/vault/vendor/github.com/hashicorp/vault-plugin-auth-jwt"
A minimal UI for simple testing via a UI without Vault
backend.go claims.go cli.go cli_responses.go path_config.go path_login.go path_oidc.go path_role.go path_ui.go provider_azure.go provider_config.go provider_gsuite.go
Factory is used by framework
func ProviderMap() map[string]CustomProvider
ProviderMap returns a map of provider names to custom types
type AzureProvider struct {
// contains filtered or unexported fields
}
AzureProvider is used for Azure-specific configuration
func (a *AzureProvider) FetchGroups(_ context.Context, b *jwtAuthBackend, allClaims map[string]interface{}, role *jwtRole) (interface{}, error)
FetchGroups - custom groups fetching for azure - satisfying GroupsFetcher interface
func (a *AzureProvider) Initialize(_ context.Context, _ *jwtConfig) error
Initialize anything in the AzureProvider struct - satisfying the CustomProvider interface
func (a *AzureProvider) SensitiveKeys() []string
SensitiveKeys - satisfying the CustomProvider interface
type CLIHandler struct{}
func (h *CLIHandler) Help() string
Help method for OIDC cli
type CustomProvider interface { // Initialize should validate jwtConfig.ProviderConfig, set internal values // and run any initialization necessary for subsequent calls to interface // functions the provider implements Initialize(context.Context, *jwtConfig) error // SensitiveKeys returns any fields in a provider's jwtConfig.ProviderConfig // that should be masked or omitted when output SensitiveKeys() []string }
CustomProvider - Any custom provider must implement this interface
func NewProviderConfig(ctx context.Context, jc *jwtConfig, providerMap map[string]CustomProvider) (CustomProvider, error)
NewProviderConfig - returns appropriate provider struct if provider_config is specified in jwtConfig. The provider map is provider name -to- instance of a CustomProvider.
type GSuiteProvider struct {
// contains filtered or unexported fields
}
GSuiteProvider provides G Suite-specific configuration and behavior.
func (g *GSuiteProvider) FetchGroups(ctx context.Context, b *jwtAuthBackend, allClaims map[string]interface{}, role *jwtRole) (interface{}, error)
FetchGroups fetches and returns groups from G Suite.
func (g *GSuiteProvider) FetchUserInfo(ctx context.Context, b *jwtAuthBackend, allClaims map[string]interface{}, role *jwtRole) error
FetchUserInfo fetches additional user information from G Suite using custom schemas.
func (g *GSuiteProvider) Initialize(ctx context.Context, jc *jwtConfig) error
Initialize initializes the GSuiteProvider by validating and creating configuration.
func (g *GSuiteProvider) SensitiveKeys() []string
SensitiveKeys returns keys that should be redacted when reading the config of this provider
type GSuiteProviderConfig struct { // Path to a Google service account key file. Required. ServiceAccountFilePath string `mapstructure:"gsuite_service_account"` // Email address of a G Suite admin to impersonate. Required. AdminImpersonateEmail string `mapstructure:"gsuite_admin_impersonate"` // If set to true, groups will be fetched from G Suite. FetchGroups bool `mapstructure:"fetch_groups"` // If set to true, user info will be fetched from G Suite using UserCustomSchemas. FetchUserInfo bool `mapstructure:"fetch_user_info"` // Group membership recursion max depth (0 = do not recurse). GroupsRecurseMaxDepth int `mapstructure:"groups_recurse_max_depth"` // Comma-separated list of G Suite custom schemas to fetch as claims. UserCustomSchemas string `mapstructure:"user_custom_schemas"` // contains filtered or unexported fields }
GSuiteProviderConfig represents the configuration for a GSuiteProvider.
type GroupsFetcher interface { // FetchGroups queries for groups claims during login FetchGroups(context.Context, *jwtAuthBackend, map[string]interface{}, *jwtRole) (interface{}, error) }
GroupsFetcher - Optional support for custom groups handling
type UserInfoFetcher interface { FetchUserInfo(context.Context, *jwtAuthBackend, map[string]interface{}, *jwtRole) error }
UserInfoFetcher - Optional support for custom user info handling
Package jwtauth imports 45 packages (graph). Updated 2021-01-13. Refresh now. Tools for package owners.