oauth

package

v0.0.0-...-3e6933e Latest Latest Go to latest Published: Feb 3, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/keydap/sparrow

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ToJwt(claims jwt.MapClaims, key crypto.PrivateKey) string
type AccessTokenReq
- func ParseAccessTokenReq(r *http.Request) (atr *AccessTokenReq, err error)
type AccessTokenResp
- func (atr *AccessTokenResp) Serialize() []byte
type AttrProfile
type AuthorizationReq
- func ParseAuthzReq(r *http.Request) (areq *AuthorizationReq)
type AuthorizationResp
type Client
type ClientOauthConf
type ClientSamlConf
type ErrorResp
- func ValidateAuthReq(areq *AuthorizationReq) *ErrorResp
- func (ep *ErrorResp) BuildErrorUri(redUri string) string
- func (ep *ErrorResp) Error() string
- func (ep *ErrorResp) Serialize() []byte
type OauthScope
type OauthSilo
- func Open(path string, tokenPurgeInterval int, grantCodePurgeInterval int, ...) (osl *OauthSilo, err error)
- func (osl *OauthSilo) AddAppToSsoSession(jti string, spIssuer string, sas base.SamlAppSession)
- func (osl *OauthSilo) Close()
- func (osl *OauthSilo) DeleteOauthSession(jti string) bool
- func (osl *OauthSilo) DeleteSsoSession(jti string) bool
- func (osl *OauthSilo) GetOauthSession(jti string) *base.RbacSession
- func (osl *OauthSilo) GetSsoSession(jti string) *base.RbacSession
- func (osl *OauthSilo) HasGrantCodeId(creationTime int64, gcIvAsId []byte) bool
- func (osl *OauthSilo) IsRevokedSession(jti string) bool
- func (osl *OauthSilo) RevokeOauthSession(jti string)
- func (osl *OauthSilo) StoreGrantCodeId(creationTime int64, gcIvAsId []byte) (err error)
- func (osl *OauthSilo) StoreOauthSession(session *base.RbacSession)
- func (osl *OauthSilo) StoreSsoSession(session *base.RbacSession)

Constants ¶

View Source

const (
	AUTHORIZATION_CODE = "authorization_code"
	IMPLICIT           = "implicit"
	RES_OWN_PASS_CRED  = "resource_owner_password_credentials"
	CLIENT_CRED        = "client_credentials"
)

View Source

const (
	ERR_INVALID_REQUEST           = "invalid_request"
	ERR_UNAUTHORIZED_CLIENT       = "unauthorized_client"
	ERR_ACCESS_DENIED             = "access_denied"
	ERR_UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type"
	ERR_INVALID_SCOPE             = "invalid_scope"
	ERR_SERVER_ERROR              = "server_error"
	ERR_TEMPORARILY_UNAVAILABLE   = "temporarily_unavailable"
)

Variables ¶

View Source

var (
	BUC_SSO_SESSIONS = []byte("sso_sessions")

	BUC_OAUTH_SESSIONS = []byte("oauth_sessions")

	BUC_REVOKED_OAUTH_SESSIONS = []byte("revoked_oauth_sessions")

	BUC_IDX_OAUTH_SESSION_BY_JTI = []byte("idx_token_by_jti")

	BUC_IDX_SSO_SESSION_BY_JTI = []byte("idx_session_by_jti")
)

Functions ¶

func ToJwt ¶

func ToJwt(claims jwt.MapClaims, key crypto.PrivateKey) string

Types ¶

type AccessTokenReq ¶

type AccessTokenReq struct {
	GrantType string `json:"grant_type"`
	Code      string `json:"code"`
	RedUri    string `json:"redirect_uri"`
	ClientId  string `json:"client_id"`
	Secret    string `json:"client_secret"`
}

func ParseAccessTokenReq ¶

func ParseAccessTokenReq(r *http.Request) (atr *AccessTokenReq, err error)

type AccessTokenResp ¶

type AccessTokenResp struct {
	AcToken   string `json:"access_token"`
	IdToken   string `json:"id_token,omitempty"`
	TokenType string `json:"token_type"`
	ExpiresIn int    `json:"expires_in,omitempty"`
}

func (*AccessTokenResp) Serialize ¶

func (atr *AccessTokenResp) Serialize() []byte

type AttrProfile ¶

type AttrProfile struct {
	Id         string
	Name       string
	Attributes []*base.SsoAttr
}

type AuthorizationReq ¶

type AuthorizationReq struct {
	RespType string         `json:"response_type"`
	ClientId string         `json:"client_id"`
	RedUri   string         `json:"redirect_uri"`
	Scopes   map[string]int `json:"scope"`
	State    string         `json:"state"`

	// OIDC specific parameters
	Nonce        string
	Display      string
	Prompt       string
	ResponseMode string `json:"response_mode"`
}

func ParseAuthzReq ¶

func ParseAuthzReq(r *http.Request) (areq *AuthorizationReq)

type AuthorizationResp ¶

type AuthorizationResp struct {
	Code  string `json:"code"`
	State string `json:"state"`
}

type Client ¶

type Client struct {
	Id       string `json:"id"`
	Name     string `json:"name"`
	Time     int64  `json:"time"`
	Desc     string `json:"desc"`
	HomeUrl  string `json:"homeurl"`
	Icon     string `json:"icon"`
	GroupIds map[string]int
	Oauth    *ClientOauthConf
	Saml     *ClientSamlConf
}

type ClientOauthConf ¶

type ClientOauthConf struct {
	Secret          string                   `json:"secret"`
	RedUri          string                   `json:"redUri"`
	TokenValidity   int64                    `json:"tokenValidity"` // the life time of an OAuth token in seconds
	ServerSecret    []byte                   `json:"-"`             // this secret is used as a key
	HasQueryInUri   bool                     `json:"-"`             // flag to indicate if there is query part in the path
	ConsentRequired bool                     `json:"consentRequired"`
	Attributes      map[string]*base.SsoAttr `json:"attrs"`
}

type ClientSamlConf ¶

type ClientSamlConf struct {
	SLOUrl            string // Single LOgout URL
	MetaUrl           string // URL serving SP's metadata
	HomeUrl           string // URL of the home page
	MetaData          *samlTypes.SPSSODescriptor
	Attributes        map[string]*base.SsoAttr `json:"attrs"`
	AssertionValidity int64
	IdpIssuer         string
	SpIssuer          string
}

type ErrorResp ¶

type ErrorResp struct {
	Err   string `json:"error"`
	Desc  string `json:"error_description"`
	Uri   string `json:"error_uri"`
	State string `json:"state"`
}

func ValidateAuthReq ¶

func ValidateAuthReq(areq *AuthorizationReq) *ErrorResp

func (*ErrorResp) BuildErrorUri ¶

func (ep *ErrorResp) BuildErrorUri(redUri string) string

func (*ErrorResp) Error ¶

func (ep *ErrorResp) Error() string

func (*ErrorResp) Serialize ¶

func (ep *ErrorResp) Serialize() []byte

type OauthScope ¶

type OauthScope struct {
	Name       string
	UserGroups []string
}

type OauthSilo ¶

type OauthSilo struct {
	// contains filtered or unexported fields
}

func Open ¶

func Open(path string, tokenPurgeInterval int, grantCodePurgeInterval int, grantCodeTTL int) (osl *OauthSilo, err error)

func (*OauthSilo) AddAppToSsoSession ¶

func (osl *OauthSilo) AddAppToSsoSession(jti string, spIssuer string, sas base.SamlAppSession)

func (*OauthSilo) Close ¶

func (osl *OauthSilo) Close()

func (*OauthSilo) DeleteOauthSession ¶

func (osl *OauthSilo) DeleteOauthSession(jti string) bool

func (*OauthSilo) DeleteSsoSession ¶

func (osl *OauthSilo) DeleteSsoSession(jti string) bool

func (*OauthSilo) GetOauthSession ¶

func (osl *OauthSilo) GetOauthSession(jti string) *base.RbacSession

func (*OauthSilo) GetSsoSession ¶

func (osl *OauthSilo) GetSsoSession(jti string) *base.RbacSession

func (*OauthSilo) HasGrantCodeId ¶

func (osl *OauthSilo) HasGrantCodeId(creationTime int64, gcIvAsId []byte) bool

func (*OauthSilo) IsRevokedSession ¶

func (osl *OauthSilo) IsRevokedSession(jti string) bool

func (*OauthSilo) RevokeOauthSession ¶

func (osl *OauthSilo) RevokeOauthSession(jti string)

func (*OauthSilo) StoreGrantCodeId ¶

func (osl *OauthSilo) StoreGrantCodeId(creationTime int64, gcIvAsId []byte) (err error)

func (*OauthSilo) StoreOauthSession ¶

func (osl *OauthSilo) StoreOauthSession(session *base.RbacSession)

func (*OauthSilo) StoreSsoSession ¶

func (osl *OauthSilo) StoreSsoSession(session *base.RbacSession)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL