auth

package
v0.0.0-...-1333f46 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 19, 2024 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AzureUsersEndpoint  = "https://graph.microsoft.com/v1.0/users"
	AzureGroupsEndpoint = "https://graph.microsoft.com/v1.0/groups"
)

Variables

View Source 
var ErrAzureTokenExpired = fmt.Errorf("token expired")

Functions

func JWTValidator 

func JWTValidator(certificates map[string]CertificateList, audience string) jwt.Keyfunc

Types

type Azure 

type Azure struct {
	oauth2.Config
	// contains filtered or unexported fields
}

func NewAzureClient 

func NewAzureClient(dryRun bool, clientID, clientSecret, tenantID string, log *logrus.Entry) (*Azure, error)

func (*Azure) ConvertEmailsToIdents 

func (a *Azure) ConvertEmailsToIdents(emails []string) ([]string, error)

func (*Azure) FetchCertificates 

func (a *Azure) FetchCertificates() (map[string]CertificateList, error)

func (*Azure) GetGroupID 

func (a *Azure) GetGroupID(groupMail string) (string, error)

func (*Azure) KeyDiscoveryURL 

func (a *Azure) KeyDiscoveryURL() string

func (*Azure) UserExistsInAzureAD 

func (a *Azure) UserExistsInAzureAD(user string) error

func (*Azure) ValidateUser 

func (a *Azure) ValidateUser(certificates map[string]CertificateList, token string) (*User, error)

func (*Azure) Verify 

func (a *Azure) Verify(ctx context.Context, rawIDToken string) (*oidc.IDToken, error)

type AzureGroupWithID 

type AzureGroupWithID struct {
	DisplayName string `json:"displayName"`
	ID          string `json:"id"`
	Mail        string `json:"mail"`
}

type AzureGroupsWithIDResponse 

type AzureGroupsWithIDResponse struct {
	Groups []AzureGroupWithID `json:"value"`
}

type CertificateList 

type CertificateList []*x509.Certificate

type EncodedCertificate 

type EncodedCertificate string

func (EncodedCertificate) Decode 

func (c EncodedCertificate) Decode() (*x509.Certificate, error)

Decode a base64 encoded certificate into a X509 structure.

type Key 

type Key struct {
	Kid string               `json:"kid"`
	X5c []EncodedCertificate `json:"x5c"`
}

type KeyDiscovery 

type KeyDiscovery struct {
	Keys []Key `json:"keys"`
}

func Discover 

func Discover(reader io.Reader) (*KeyDiscovery, error)

func DiscoverURL 

func DiscoverURL(url string) (*KeyDiscovery, error)

func (*KeyDiscovery) Map 

func (k *KeyDiscovery) Map() (result map[string]CertificateList, err error)

Map transform a KeyDiscovery object into a dictionary with "kid" as key and lists of decoded X509 certificates as values.

Returns an error if any certificate does not decode.

type OauthConfig 

type OauthConfig struct {
	ClientID     string
	ClientSecret string
	TenantID     string
}

type Session 

type Session struct {
	Email       string `json:"preferred_username"`
	Name        string `json:"name"`
	AccessToken string
	Token       string
	Expires     time.Time
	IsAdmin     bool
}

type TokenResponse 

type TokenResponse struct {
	AccessToken string `json:"access_token"`
}

type User 

type User struct {
	Name    string
	Email   string
	Expires time.Time
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.