Documentation ¶
Index ¶
- Constants
- func AuthUri(serverUri string, authReq *OAuth2AuthRequest) string
- func GenerateJWK() (jwk.Key, error)
- func GeneratePKCECodeChallenge(verifier string) string
- func GeneratePKCECodeVerifier() (string, error)
- func GeneratePKCEData() (string, string, error)
- func GetProfile(provider *OAuth2Provider, accessToken string) (string, string, error)
- func Hash(input string) string
- type AddIdentityEmailHandler
- type AddIdentityGamlHandler
- type AddIdentityOauth2Handler
- type Api
- type Cluster
- type Database
- type EmailValidationCount
- type GitHubEmail
- type GitHubEmailResponse
- type Identity
- type JsonStorage
- func (s *JsonStorage) AddJWKKey(key jwk.Key)
- func (s *JsonStorage) CreateUser(user User) error
- func (s *JsonStorage) GetDisplayName() string
- func (s *JsonStorage) GetJWKSet() jwk.Set
- func (s *JsonStorage) GetOAuth2ProviderByID(id string) (OAuth2Provider, error)
- func (s *JsonStorage) GetOAuth2Providers() ([]OAuth2Provider, error)
- func (s *JsonStorage) GetPrefix() string
- func (s *JsonStorage) GetPublic() bool
- func (s *JsonStorage) GetRootUri() string
- func (s *JsonStorage) GetSmtpConfig() (SmtpConfig, error)
- func (s *JsonStorage) GetUsers() ([]User, error)
- func (s *JsonStorage) Persist()
- func (s *JsonStorage) SetDisplayName(value string)
- func (s *JsonStorage) SetOauth2Provider(provider OAuth2Provider) error
- func (s *JsonStorage) SetPrefix(prefix string)
- func (s *JsonStorage) SetRootUri(rootUri string) error
- type Login
- type OAuth2AuthRequest
- type OAuth2MetadataManager
- type OAuth2Provider
- type OAuth2ServerMetadata
- type OAuth2TokenResponse
- type OIDCHandler
- type OIDCRegistrationRequest
- type OIDCRegistrationResponse
- type ObligatorMux
- type PendingLogin
- type PendingShare
- type QrHandler
- type QrTemplateData
- type Server
- func (s *Server) AddUser(user User) error
- func (s *Server) AuthDomains() []string
- func (s *Server) AuthUri(authReq *OAuth2AuthRequest) string
- func (s *Server) GetUsers() ([]User, error)
- func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)
- func (s *Server) SetOAuth2Provider(prov OAuth2Provider) error
- func (s *Server) Start() error
- func (s *Server) Validate(r *http.Request) (*Validation, error)
- type ServerConfig
- type SmtpConfig
- type Storage
- type User
- type UserinfoResponse
- type Validation
Constants ¶
View Source
const EmailValidationsPerTimeLimit = 12
const RateLimitTime = 10 * time.Minute
View Source
const RateLimitTime = 24 * time.Hour
Variables ¶
This section is empty.
Functions ¶
func AuthUri ¶
func AuthUri(serverUri string, authReq *OAuth2AuthRequest) string
func GenerateJWK ¶
func GeneratePKCECodeVerifier ¶
Modified from https://chrisguitarguy.com/2022/12/07/oauth-pkce-with-go/
func GeneratePKCEData ¶
func GetProfile ¶
func GetProfile(provider *OAuth2Provider, accessToken string) (string, string, error)
Types ¶
type AddIdentityEmailHandler ¶
type AddIdentityEmailHandler struct {
// contains filtered or unexported fields
}
func (*AddIdentityEmailHandler) ServeHTTP ¶
func (h *AddIdentityEmailHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
func (*AddIdentityEmailHandler) StartEmailValidation ¶
func (h *AddIdentityEmailHandler) StartEmailValidation(email, rootUri, magicLink string, identities []*Identity) error
type AddIdentityGamlHandler ¶
type AddIdentityGamlHandler struct {
// contains filtered or unexported fields
}
func NewAddIdentityGamlHandler ¶
func NewAddIdentityGamlHandler(storage Storage, cluster *Cluster, tmpl *template.Template) *AddIdentityGamlHandler
func (*AddIdentityGamlHandler) ServeHTTP ¶
func (h *AddIdentityGamlHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type AddIdentityOauth2Handler ¶
type AddIdentityOauth2Handler struct {
// contains filtered or unexported fields
}
func NewAddIdentityOauth2Handler ¶
func NewAddIdentityOauth2Handler(storage Storage, oauth2MetaMan *OAuth2MetadataManager) *AddIdentityOauth2Handler
func (*AddIdentityOauth2Handler) ServeHTTP ¶
func (h *AddIdentityOauth2Handler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type Api ¶
type Api struct {
// contains filtered or unexported fields
}
func NewApi ¶
func NewApi(storage Storage, dir string, oauth2MetaMan *OAuth2MetadataManager) (*Api, error)
func (*Api) SetOAuth2Provider ¶
func (a *Api) SetOAuth2Provider(prov OAuth2Provider) error
type Cluster ¶
type Cluster struct {
// contains filtered or unexported fields
}
func NewCluster ¶
func NewCluster() *Cluster
func (*Cluster) GetLocalId ¶
func (*Cluster) PrimaryHost ¶
TODO: currently hits filesystem for every request. Might be able to listen for primary change events and only update periodically
func (*Cluster) RedirectOrForward ¶
type Database ¶
type Database struct {
// contains filtered or unexported fields
}
func NewDatabase ¶
func (*Database) AddEmailValidationRequest ¶
func (*Database) GetEmailValidationCounts ¶
func (s *Database) GetEmailValidationCounts(since time.Time) ([]*EmailValidationCount, error)
type EmailValidationCount ¶
type GitHubEmail ¶
type GitHubEmailResponse ¶
type GitHubEmailResponse []*GitHubEmail
type JsonStorage ¶
type JsonStorage struct { DisplayName string `json:"display_name"` RootUri string `json:"root_uri"` Prefix string `json:"prefix"` OAuth2Providers []OAuth2Provider `json:"oauth2_providers"` Smtp *SmtpConfig `json:"smtp"` Jwks jwk.Set `json:"jwks"` Users []User `json:"users"` Public bool `json:"public"` // contains filtered or unexported fields }
func NewJsonStorage ¶
func NewJsonStorage(path string) (*JsonStorage, error)
func (*JsonStorage) AddJWKKey ¶
func (s *JsonStorage) AddJWKKey(key jwk.Key)
func (*JsonStorage) CreateUser ¶
func (s *JsonStorage) CreateUser(user User) error
func (*JsonStorage) GetDisplayName ¶
func (s *JsonStorage) GetDisplayName() string
func (*JsonStorage) GetJWKSet ¶
func (s *JsonStorage) GetJWKSet() jwk.Set
func (*JsonStorage) GetOAuth2ProviderByID ¶
func (s *JsonStorage) GetOAuth2ProviderByID(id string) (OAuth2Provider, error)
func (*JsonStorage) GetOAuth2Providers ¶
func (s *JsonStorage) GetOAuth2Providers() ([]OAuth2Provider, error)
func (*JsonStorage) GetPrefix ¶
func (s *JsonStorage) GetPrefix() string
func (*JsonStorage) GetPublic ¶
func (s *JsonStorage) GetPublic() bool
func (*JsonStorage) GetRootUri ¶
func (s *JsonStorage) GetRootUri() string
func (*JsonStorage) GetSmtpConfig ¶
func (s *JsonStorage) GetSmtpConfig() (SmtpConfig, error)
func (*JsonStorage) GetUsers ¶
func (s *JsonStorage) GetUsers() ([]User, error)
func (*JsonStorage) Persist ¶
func (s *JsonStorage) Persist()
func (*JsonStorage) SetDisplayName ¶
func (s *JsonStorage) SetDisplayName(value string)
func (*JsonStorage) SetOauth2Provider ¶
func (s *JsonStorage) SetOauth2Provider(provider OAuth2Provider) error
func (*JsonStorage) SetPrefix ¶
func (s *JsonStorage) SetPrefix(prefix string)
func (*JsonStorage) SetRootUri ¶
func (s *JsonStorage) SetRootUri(rootUri string) error
type OAuth2AuthRequest ¶
type OAuth2AuthRequest struct { ClientId string `json:"client_id"` RedirectUri string `json:"redirect_uri"` Scope string `json:"scope"` State string `json:"state"` ResponseType string `json:"response_type"` CodeChallenge string `json:"code_challenge"` }
func ParseAuthRequest ¶
func ParseAuthRequest(w http.ResponseWriter, r *http.Request) (*OAuth2AuthRequest, error)
type OAuth2MetadataManager ¶
type OAuth2MetadataManager struct {
// contains filtered or unexported fields
}
func NewOAuth2MetadataManager ¶
func NewOAuth2MetadataManager(storage Storage) *OAuth2MetadataManager
func (*OAuth2MetadataManager) GetKeyset ¶
func (m *OAuth2MetadataManager) GetKeyset(providerId string) (jwk.Set, error)
func (*OAuth2MetadataManager) GetMeta ¶
func (m *OAuth2MetadataManager) GetMeta(providerId string) (*OAuth2ServerMetadata, error)
func (*OAuth2MetadataManager) Update ¶
func (m *OAuth2MetadataManager) Update() error
type OAuth2Provider ¶
type OAuth2Provider struct { ID string `json:"id"` Name string `json:"name"` URI string `json:"uri"` ClientID string `json:"client_id" db:"client_id"` ClientSecret string `json:"client_secret" db:"client_secret"` AuthorizationURI string `json:"authorization_uri,omitempty" db:"authorization_uri"` TokenURI string `json:"token_uri,omitempty" db:"token_uri"` Scope string `json:"scope,omitempty"` OpenIDConnect bool `json:"openid_connect" db:"supports_openid_connect"` }
type OAuth2ServerMetadata ¶
type OAuth2ServerMetadata struct { Issuer string `json:"issuer,omitempty"` AuthorizationEndpoint string `json:"authorization_endpoint,omitempty"` TokenEndpoint string `json:"token_endpoint,omitempty"` UserinfoEndpoint string `json:"userinfo_endpoint,omitempty"` JwksUri string `json:"jwks_uri,omitempty"` ScopesSupported []string `json:"scopes_supported,omitempty"` ResponseTypesSupported []string `json:"response_types_supported,omitempty"` IdTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported,omitempty"` CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"` SubjectTypesSupported []string `json:"subject_types_supported"` RegistrationEndpoint string `json:"registration_endpoint"` TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported"` }
func GetOidcConfiguration ¶
func GetOidcConfiguration(baseUrl string) (*OAuth2ServerMetadata, error)
type OAuth2TokenResponse ¶
type OIDCHandler ¶
type OIDCHandler struct {
// contains filtered or unexported fields
}
func NewOIDCHandler ¶
func NewOIDCHandler(storage Storage, tmpl *template.Template) *OIDCHandler
func (*OIDCHandler) ServeHTTP ¶
func (h *OIDCHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OIDCRegistrationRequest ¶
type OIDCRegistrationRequest struct {
RedirectUris []string `json:"redirect_uris"`
}
type OIDCRegistrationResponse ¶
type OIDCRegistrationResponse struct {
ClientId string `json:"client_id"`
}
type ObligatorMux ¶
type ObligatorMux struct {
// contains filtered or unexported fields
}
func NewObligatorMux ¶
func NewObligatorMux(behindProxy bool) *ObligatorMux
func (*ObligatorMux) HandleFunc ¶
func (s *ObligatorMux) HandleFunc(p string, f func(w http.ResponseWriter, r *http.Request))
func (*ObligatorMux) ServeHTTP ¶
func (s *ObligatorMux) ServeHTTP(w http.ResponseWriter, r *http.Request)
type PendingShare ¶
type PendingShare struct {}
type QrHandler ¶
type QrHandler struct {
// contains filtered or unexported fields
}
func NewQrHandler ¶
type QrTemplateData ¶
type Server ¶
type Server struct { Config ServerConfig Mux *ObligatorMux // contains filtered or unexported fields }
func NewServer ¶
func NewServer(conf ServerConfig) *Server
func (*Server) AuthDomains ¶
func (*Server) AuthUri ¶
func (s *Server) AuthUri(authReq *OAuth2AuthRequest) string
func (*Server) SetOAuth2Provider ¶
func (s *Server) SetOAuth2Provider(prov OAuth2Provider) error
type ServerConfig ¶
type SmtpConfig ¶
type Storage ¶
type Storage interface { GetRootUri() string GetPrefix() string SetRootUri(string) error GetUsers() ([]User, error) CreateUser(User) error GetOAuth2Providers() ([]OAuth2Provider, error) GetOAuth2ProviderByID(string) (OAuth2Provider, error) SetOauth2Provider(OAuth2Provider) error GetPublic() bool GetSmtpConfig() (SmtpConfig, error) GetJWKSet() jwk.Set GetDisplayName() string SetDisplayName(string) }
type UserinfoResponse ¶
type Validation ¶
Source Files ¶
Click to show internal directories.
Click to hide internal directories.