Documentation ¶
Index ¶
- Constants
- type Arguments
- func (r Arguments) Exact(name string) booldeprecated
- func (r Arguments) ExactOne(name string) bool
- func (r Arguments) Has(items ...string) bool
- func (r Arguments) HasOneOf(items ...string) bool
- func (r Arguments) Matches(items ...string) bool
- func (r Arguments) MatchesExact(items ...string) bool
- func (r Arguments) String() string
- type Config
- type ErrorFactory
- type ErrorStrategy
- type IAccessTokenStrategy
- type IAuthEPHandler
- type IAuthenticationRequestContext
- type IAuthorizationCodeStrategy
- type IClient
- type IClientCredentialContext
- type IClientStore
- type IError
- type IErrorWriter
- type IIDTokenStrategy
- type IIntrospectionEPHandler
- type IIntrospectionRequestContext
- type IJWTValidator
- type IManager
- type IPageResponseHandler
- type IRPILogoutEPHandler
- type IRPILogoutRequestContext
- type IRefreshTokenStrategy
- type IRequestContext
- type IRequestContextFactory
- type IResponseWriter
- type IRevocationEPHandler
- type IRevocationRequestContext
- type ISecretStore
- type ISession
- type ISessionManager
- type ITokenEPHandler
- type ITokenRequestContext
- type ITokenSignatures
- type ITokenStore
- type ITransactionManager
- type IUserInfoEPHandler
- type IUserInfoRequestContext
- type IUserStore
- type RequestProfile
- func (r RequestProfile) GetAudience() Arguments
- func (r RequestProfile) GetClientID() string
- func (r RequestProfile) GetCodeChallenge() string
- func (r RequestProfile) GetCodeChallengeMethod() string
- func (r RequestProfile) GetDomain() string
- func (r RequestProfile) GetGrantType() string
- func (r RequestProfile) GetNonce() string
- func (r RequestProfile) GetRedirectURI() string
- func (r RequestProfile) GetScope() Arguments
- func (r RequestProfile) GetState() string
- func (r RequestProfile) GetUsername() string
- func (r RequestProfile) IsClient() bool
- func (r RequestProfile) SetAudience(aud Arguments)
- func (r RequestProfile) SetClientID(username string)
- func (r RequestProfile) SetCodeChallenge(challenge string)
- func (r RequestProfile) SetCodeChallengeMethod(challengeMethod string)
- func (r RequestProfile) SetDomain(domain string)
- func (r RequestProfile) SetGrantType(challengeMethod string)
- func (r RequestProfile) SetNonce(nonce string)
- func (r RequestProfile) SetRedirectURI(redirectUri string)
- func (r RequestProfile) SetScope(scopes Arguments)
- func (r RequestProfile) SetState(state string)
- func (r RequestProfile) SetUsername(username string)
- type TokenSignatures
- type Tokens
Constants ¶
View Source
const ( GrantAuthorizationCode = "authorization_code" GrantImplicit = "implicit" GrantResourceOwnerPassword = "password" GrantClientCredentials = "client_credentials" GrantRefreshToken = "refresh_token" )
View Source
const ( ScopeOpenid = "openid" ScopeProfile = "profile" ScopeEmail = "email" ScopeAddress = "address" ScopeOfflineAccess = "offline_access" )
View Source
const ( ResponseTypeCode = "code" ResponseTypeToken = "token" ResponseTypeIdToken = "id_token" )
View Source
const ( ResponseModeQuery = "query" ResponseModeFragment = "fragment" ResponseModeFormPost = "form" )
View Source
const ( ContentTypeUrlEncodedForm = "application/x-www-form-urlencoded" ContentTypeJson = "application/json" ContentTypeHtml = "text/html" )
View Source
const ( HeaderContentType = "Content-Type" HeaderAuthorization = "Authorization" )
View Source
const ( ExpireAuthorizationCode = 1 ExpireAccessToken = 2 ExpireRefreshToken = 4 )
View Source
const (
UrlOidcDiscovery = "/.well-known/openid-configuration"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Arguments ¶
type Arguments []string
func (Arguments) ExactOne ¶
ExactOne checks, by string case, that a single argument equals the provided string.
func (Arguments) Has ¶
Has checks, in a case-insensitive manner, that all of the items provided exists in arguments.
func (Arguments) HasOneOf ¶
HasOneOf checks, in a case-insensitive manner, that one of the items provided exists in arguments.
func (Arguments) Matches ¶
Matches performs an case-insensitive, out-of-order check that the items provided exist and equal all of the args in arguments. Note:
- Providing a list that includes duplicate string-case items will return not matched.
func (Arguments) MatchesExact ¶
MatchesExact checks, by order and string case, that the items provided equal those in arguments.
type Config ¶
type ErrorStrategy ¶
type ErrorStrategy func(err error, w http.ResponseWriter)
type IAccessTokenStrategy ¶
type IAuthEPHandler ¶
type IAuthEPHandler interface {
HandleAuthEP(ctx context.Context, requestContext IAuthenticationRequestContext) IError
}
type IClientCredentialContext ¶ added in v0.3.0
type IClientStore ¶
type IErrorWriter ¶ added in v0.4.0
type IErrorWriter interface { WriteJsonError(pError IError, additionalValues url.Values, w http.ResponseWriter, r *http.Request) error WriteRedirectError(requestContext IAuthenticationRequestContext, w http.ResponseWriter, r *http.Request) error WriteBearerError(pError IError, additionalValues url.Values, w http.ResponseWriter, r *http.Request) error }
type IIDTokenStrategy ¶
type IIntrospectionEPHandler ¶ added in v0.3.0
type IIntrospectionEPHandler interface {
HandleIntrospectionEP(ctx context.Context, requestContext IIntrospectionRequestContext) IError
}
type IIntrospectionRequestContext ¶
type IIntrospectionRequestContext interface { IRevocationRequestContext GetProfile() RequestProfile SetProfile(profile RequestProfile) IsActive() bool SetActive(active bool) GetTokenType() string SetTokenType(tokenType string) }
type IJWTValidator ¶ added in v0.8.0
type IManager ¶
type IManager interface { ProcessAuthorizationEP(writer http.ResponseWriter, request *http.Request) ProcessTokenEP(writer http.ResponseWriter, request *http.Request) ProcessIntrospectionEP(writer http.ResponseWriter, request *http.Request) ProcessRevocationEP(writer http.ResponseWriter, request *http.Request) ProcessDiscoveryEP(writer http.ResponseWriter, request *http.Request) ProcessKeysEP(writer http.ResponseWriter, request *http.Request) ProcessUserInfoEP(writer http.ResponseWriter, request *http.Request) ProcessRPILogoutEP(writer http.ResponseWriter, request *http.Request) SetErrorStrategy(strategy ErrorStrategy) }
type IPageResponseHandler ¶ added in v0.8.0
type IPageResponseHandler interface { DisplayLogoutConsentPage(w http.ResponseWriter, r *http.Request) DisplayLogoutStatusPage(w http.ResponseWriter, r *http.Request) DisplayErrorPage(err error, w http.ResponseWriter, r *http.Request) DisplayLoginPage(w http.ResponseWriter, r *http.Request) DisplayConsentPage(w http.ResponseWriter, r *http.Request) }
type IRPILogoutEPHandler ¶ added in v0.8.0
type IRPILogoutEPHandler interface {
HandleRPILogoutEP(ctx context.Context, requestContext IRPILogoutRequestContext) IError
}
type IRPILogoutRequestContext ¶ added in v0.8.0
type IRPILogoutRequestContext interface { GetPostLogoutRedirectUri() string SetPostLogoutRedirectUri(uri string) GetIdTokenHint() string GetClient() IClient SetClient(id IClient) SetUsername(username string) GetUserName() string GetState() string GetCSRFToken() string GetUserSession() ISession SetUserSession(session ISession) }
type IRefreshTokenStrategy ¶
type IRequestContext ¶
type IRequestContext interface { GetRequestID() string GetRequestedAt() time.Time GetState() string GetRedirectURI() string GetClientID() string GetRequestedScopes() Arguments GetRequestedAudience() Arguments GetClaims() map[string]interface{} GetClient() IClient SetClient(client IClient) GetProfile() RequestProfile SetProfile(profile RequestProfile) GetIssuedTokens() Tokens IssueAccessToken(token string, signature string, expiry time.Time) IssueRefreshToken(token string, signature string, expiry time.Time) IssueIDToken(token string) GetError() IError SetError(err IError) GetForm() *url.Values }
type IRequestContextFactory ¶ added in v0.4.0
type IRequestContextFactory interface { BuildTokenRequestContext(request *http.Request) (ITokenRequestContext, IError) BuildAuthorizationRequestContext(request *http.Request) (IAuthenticationRequestContext, IError) BuildRevocationRequestContext(request *http.Request) (IRevocationRequestContext, IError) BuildIntrospectionRequestContext(request *http.Request) (IIntrospectionRequestContext, IError) BuildUserInfoRequestContext(request *http.Request) (IUserInfoRequestContext, IError) BuildRPILogoutRequestContext(request *http.Request) (IRPILogoutRequestContext, IError) }
type IResponseWriter ¶ added in v0.4.0
type IResponseWriter interface { WriteTokenResponse(requestContext ITokenRequestContext, w http.ResponseWriter, r *http.Request) error WriteAuthorizationResponse(requestContext IAuthenticationRequestContext, w http.ResponseWriter, r *http.Request) error WriteIntrospectionResponse(requestContext IIntrospectionRequestContext, w http.ResponseWriter, r *http.Request) error WriteRevocationResponse(w http.ResponseWriter, r *http.Request) error WriteUserInfoResponse(requestContext IUserInfoRequestContext, w http.ResponseWriter, r *http.Request) error WriteRPILogoutResponse(requestContext IRPILogoutRequestContext, w http.ResponseWriter, r *http.Request) }
type IRevocationEPHandler ¶ added in v0.3.0
type IRevocationEPHandler interface {
HandleRevocationEP(ctx context.Context, requestContext IRevocationRequestContext) IError
}
type ISecretStore ¶ added in v0.3.0
type ISessionManager ¶
type ITokenEPHandler ¶
type ITokenEPHandler interface {
HandleTokenEP(ctx context.Context, requestContext ITokenRequestContext) IError
}
type ITokenRequestContext ¶
type ITokenSignatures ¶ added in v0.6.1
type ITokenStore ¶
type ITokenStore interface { StoreTokenProfile(ctx context.Context, reqId string, signatures ITokenSignatures, profile RequestProfile) (err error) GetProfileWithAuthCodeSign(ctx context.Context, signature string) (profile RequestProfile, reqId string, err error) GetProfileWithAccessTokenSign(ctx context.Context, signature string) (profile RequestProfile, reqId string, err error) GetProfileWithRefreshTokenSign(ctx context.Context, signature string) (profile RequestProfile, reqId string, err error) InvalidateWithRequestID(ctx context.Context, reqID string, what uint8) (err error) }
type ITransactionManager ¶ added in v0.7.2
type IUserInfoEPHandler ¶ added in v0.6.0
type IUserInfoEPHandler interface {
HandleUserInfoEP(ctx context.Context, requestContext IUserInfoRequestContext) IError
}
type IUserInfoRequestContext ¶ added in v0.6.0
type IUserInfoRequestContext interface { GetBearerToken() string GetUsername() string SetUsername(username string) GetClaims() map[string]interface{} AddClaim(claimId string, value interface{}) GetApprovedScopes() Arguments SetApprovedScopes(scopes Arguments) GetRequestedClaims() []string SetRequestedClaims(claimIds []string) }
type IUserStore ¶
type IUserStore interface { Authenticate(ctx context.Context, username string, credential []byte) (err error) GetClaims(ctx context.Context, username string, scopes Arguments, claimsIDs []string) (map[string]interface{}, error) IsConsentRequired(ctx context.Context, username string, clientId string, scopes Arguments) bool StoreConsent(ctx context.Context, username string, clientId string, scopes Arguments) error FetchUserProfile(ctx context.Context, username string) RequestProfile }
type RequestProfile ¶
func NewRequestProfile ¶
func NewRequestProfile() RequestProfile
func (RequestProfile) GetAudience ¶
func (r RequestProfile) GetAudience() Arguments
func (RequestProfile) GetClientID ¶
func (r RequestProfile) GetClientID() string
func (RequestProfile) GetCodeChallenge ¶ added in v0.3.0
func (r RequestProfile) GetCodeChallenge() string
func (RequestProfile) GetCodeChallengeMethod ¶ added in v0.3.0
func (r RequestProfile) GetCodeChallengeMethod() string
func (RequestProfile) GetDomain ¶
func (r RequestProfile) GetDomain() string
func (RequestProfile) GetGrantType ¶ added in v0.9.0
func (r RequestProfile) GetGrantType() string
func (RequestProfile) GetNonce ¶
func (r RequestProfile) GetNonce() string
func (RequestProfile) GetRedirectURI ¶
func (r RequestProfile) GetRedirectURI() string
func (RequestProfile) GetScope ¶
func (r RequestProfile) GetScope() Arguments
func (RequestProfile) GetState ¶
func (r RequestProfile) GetState() string
func (RequestProfile) GetUsername ¶
func (r RequestProfile) GetUsername() string
func (RequestProfile) IsClient ¶
func (r RequestProfile) IsClient() bool
func (RequestProfile) SetAudience ¶
func (r RequestProfile) SetAudience(aud Arguments)
func (RequestProfile) SetClientID ¶
func (r RequestProfile) SetClientID(username string)
func (RequestProfile) SetCodeChallenge ¶ added in v0.3.0
func (r RequestProfile) SetCodeChallenge(challenge string)
func (RequestProfile) SetCodeChallengeMethod ¶ added in v0.3.0
func (r RequestProfile) SetCodeChallengeMethod(challengeMethod string)
func (RequestProfile) SetDomain ¶
func (r RequestProfile) SetDomain(domain string)
func (RequestProfile) SetGrantType ¶ added in v0.9.0
func (r RequestProfile) SetGrantType(challengeMethod string)
func (RequestProfile) SetNonce ¶
func (r RequestProfile) SetNonce(nonce string)
func (RequestProfile) SetRedirectURI ¶
func (r RequestProfile) SetRedirectURI(redirectUri string)
func (RequestProfile) SetScope ¶
func (r RequestProfile) SetScope(scopes Arguments)
func (RequestProfile) SetState ¶
func (r RequestProfile) SetState(state string)
func (RequestProfile) SetUsername ¶
func (r RequestProfile) SetUsername(username string)
type TokenSignatures ¶
type TokenSignatures struct { AuthorizationCodeSignature string AccessTokenSignature string RefreshTokenSignature string RefreshTokenExpiry time.Time AccessTokenExpiry time.Time AuthorizationCodeExpiry time.Time }
func (*TokenSignatures) GetACExpiry ¶ added in v0.6.1
func (t *TokenSignatures) GetACExpiry() time.Time
func (*TokenSignatures) GetACSignature ¶ added in v0.6.1
func (t *TokenSignatures) GetACSignature() string
func (*TokenSignatures) GetATExpiry ¶ added in v0.6.1
func (t *TokenSignatures) GetATExpiry() time.Time
func (*TokenSignatures) GetATSignature ¶ added in v0.6.1
func (t *TokenSignatures) GetATSignature() string
func (*TokenSignatures) GetRTExpiry ¶ added in v0.6.1
func (t *TokenSignatures) GetRTExpiry() time.Time
func (*TokenSignatures) GetRTSignature ¶ added in v0.6.1
func (t *TokenSignatures) GetRTSignature() string
Source Files ¶
Click to show internal directories.
Click to hide internal directories.