Documentation
¶
Index ¶
- Variables
- func SignatureHash(signature string) string
- type Dependencies
- type OAuth2RequestSQL
- type OldMigrationRecord
- type Persister
- func (p *Persister) AcceptLogoutRequest(ctx context.Context, challenge string) (*flow.LogoutRequest, error)
- func (p *Persister) AddKey(ctx context.Context, set string, key *jose.JSONWebKey) error
- func (p *Persister) AddKeySet(ctx context.Context, set string, keys *jose.JSONWebKeySet) error
- func (p *Persister) Authenticate(ctx context.Context, name, secret string) error
- func (p *Persister) AuthenticateClient(ctx context.Context, id string, secret []byte) (_ *client.Client, err error)
- func (p *Persister) BeginTX(ctx context.Context) (_ context.Context, err error)
- func (p *Persister) ClientAssertionJWTValid(ctx context.Context, jti string) (err error)
- func (p *Persister) Commit(ctx context.Context) (err error)
- func (p *Persister) ConfirmLoginSession(ctx context.Context, loginSession *flow.LoginSession) error
- func (p *Persister) Connection(ctx context.Context) *pop.Connection
- func (p *Persister) CountClients(ctx context.Context) (n int, err error)
- func (p *Persister) CountGrants(ctx context.Context) (n int, err error)
- func (p *Persister) CountSubjectsGrantedConsentRequests(ctx context.Context, subject string) (int, error)
- func (p *Persister) CreateAccessTokenSession(ctx context.Context, signature string, requester fosite.Requester) (err error)
- func (p *Persister) CreateAuthorizeCodeSession(ctx context.Context, signature string, requester fosite.Requester) error
- func (p *Persister) CreateClient(ctx context.Context, c *client.Client) (err error)
- func (p *Persister) CreateConsentRequest(ctx context.Context, f *flow.Flow, req *flow.OAuth2ConsentRequest) error
- func (p *Persister) CreateForcedObfuscatedLoginSession(ctx context.Context, session *consent.ForcedObfuscatedLoginSession) error
- func (p *Persister) CreateGrant(ctx context.Context, g trust.Grant, publicKey jose.JSONWebKey) (err error)
- func (p *Persister) CreateLoginRequest(ctx context.Context, req *flow.LoginRequest) (*flow.Flow, error)
- func (p *Persister) CreateLoginSession(ctx context.Context, session *flow.LoginSession) error
- func (p *Persister) CreateLogoutRequest(ctx context.Context, request *flow.LogoutRequest) error
- func (p *Persister) CreateOpenIDConnectSession(ctx context.Context, signature string, requester fosite.Requester) (err error)
- func (p *Persister) CreatePKCERequestSession(ctx context.Context, signature string, requester fosite.Requester) (err error)
- func (p *Persister) CreateRefreshTokenSession(ctx context.Context, signature string, requester fosite.Requester) (err error)
- func (p *Persister) CreateWithNetwork(ctx context.Context, v interface{}) error
- func (p *Persister) DeleteAccessTokenSession(ctx context.Context, signature string) (err error)
- func (p *Persister) DeleteAccessTokens(ctx context.Context, clientID string) (err error)
- func (p *Persister) DeleteClient(ctx context.Context, id string) (err error)
- func (p *Persister) DeleteGrant(ctx context.Context, id string) (err error)
- func (p *Persister) DeleteKey(ctx context.Context, set, kid string) error
- func (p *Persister) DeleteKeySet(ctx context.Context, set string) error
- func (p *Persister) DeleteLoginSession(ctx context.Context, id string) (deletedSession *flow.LoginSession, err error)
- func (p *Persister) DeleteOpenIDConnectSession(ctx context.Context, signature string) (err error)
- func (p *Persister) DeletePKCERequestSession(ctx context.Context, signature string) (err error)
- func (p *Persister) DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)
- func (p *Persister) DetermineNetwork(ctx context.Context) (*networkx.Network, error)
- func (p *Persister) FindGrantedAndRememberedConsentRequests(ctx context.Context, client, subject string) (rs []flow.AcceptOAuth2ConsentRequest, err error)
- func (p *Persister) FindSubjectsGrantedConsentRequests(ctx context.Context, subject string, limit, offset int) ([]flow.AcceptOAuth2ConsentRequest, error)
- func (p *Persister) FindSubjectsSessionGrantedConsentRequests(ctx context.Context, subject, sid string, limit, offset int) ([]flow.AcceptOAuth2ConsentRequest, error)
- func (p *Persister) FlushInactiveAccessTokens(ctx context.Context, notAfter time.Time, limit int, batchSize int) (err error)
- func (p *Persister) FlushInactiveGrants(ctx context.Context, notAfter time.Time, _ int, _ int) (err error)
- func (p *Persister) FlushInactiveLoginConsentRequests(ctx context.Context, notAfter time.Time, limit int, batchSize int) error
- func (p *Persister) FlushInactiveRefreshTokens(ctx context.Context, notAfter time.Time, limit int, batchSize int) (err error)
- func (p *Persister) GenerateAndPersistKeySet(ctx context.Context, set, kid, alg, use string) (*jose.JSONWebKeySet, error)
- func (p *Persister) GetAccessTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (p *Persister) GetAuthorizeCodeSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (p *Persister) GetClient(ctx context.Context, id string) (fosite.Client, error)
- func (p *Persister) GetClientAssertionJWT(ctx context.Context, j string) (_ *oauth2.BlacklistedJTI, err error)
- func (p *Persister) GetClients(ctx context.Context, filters client.Filter) (_ []client.Client, err error)
- func (p *Persister) GetConcreteClient(ctx context.Context, id string) (c *client.Client, err error)
- func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (_ trust.Grant, err error)
- func (p *Persister) GetConsentRequest(ctx context.Context, challenge string) (*flow.OAuth2ConsentRequest, error)
- func (p *Persister) GetFlow(ctx context.Context, loginChallenge string) (*flow.Flow, error)
- func (p *Persister) GetFlowByConsentChallenge(ctx context.Context, challenge string) (*flow.Flow, error)
- func (p *Persister) GetForcedObfuscatedLoginSession(ctx context.Context, client, obfuscated string) (*consent.ForcedObfuscatedLoginSession, error)
- func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) (_ []trust.Grant, err error)
- func (p *Persister) GetKey(ctx context.Context, set, kid string) (*jose.JSONWebKeySet, error)
- func (p *Persister) GetKeySet(ctx context.Context, set string) (keys *jose.JSONWebKeySet, err error)
- func (p *Persister) GetLoginRequest(ctx context.Context, loginChallenge string) (*flow.LoginRequest, error)
- func (p *Persister) GetLogoutRequest(ctx context.Context, challenge string) (*flow.LogoutRequest, error)
- func (p *Persister) GetOpenIDConnectSession(ctx context.Context, signature string, requester fosite.Requester) (_ fosite.Requester, err error)
- func (p *Persister) GetPKCERequestSession(ctx context.Context, signature string, session fosite.Session) (_ fosite.Requester, err error)
- func (p *Persister) GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (_ *jose.JSONWebKey, err error)
- func (p *Persister) GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) (_ []string, err error)
- func (p *Persister) GetPublicKeys(ctx context.Context, issuer string, subject string) (_ *jose.JSONWebKeySet, err error)
- func (p *Persister) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (p *Persister) GetRememberedLoginSession(ctx context.Context, loginSessionFromCookie *flow.LoginSession, id string) (*flow.LoginSession, error)
- func (p *Persister) HandleConsentRequest(ctx context.Context, f *flow.Flow, r *flow.AcceptOAuth2ConsentRequest) (*flow.OAuth2ConsentRequest, error)
- func (p *Persister) HandleLoginRequest(ctx context.Context, f *flow.Flow, challenge string, ...) (lr *flow.LoginRequest, err error)
- func (p *Persister) InvalidateAuthorizeCodeSession(ctx context.Context, signature string) (err error)
- func (p *Persister) IsJWTUsed(ctx context.Context, jti string) (ok bool, err error)
- func (p *Persister) IsNonceValid(ctx context.Context, accessToken, nonce string) (err error)
- func (p *Persister) ListUserAuthenticatedClientsWithBackChannelLogout(ctx context.Context, subject, sid string) ([]client.Client, error)
- func (p *Persister) ListUserAuthenticatedClientsWithFrontChannelLogout(ctx context.Context, subject, sid string) ([]client.Client, error)
- func (p *Persister) MarkJWTUsedForTime(ctx context.Context, jti string, exp time.Time) (err error)
- func (p *Persister) MigrateDown(ctx context.Context, steps int) error
- func (p *Persister) MigrateUp(ctx context.Context) error
- func (p *Persister) MigrateUpTo(ctx context.Context, steps int) (int, error)
- func (p *Persister) MigrationStatus(ctx context.Context) (popx.MigrationStatuses, error)
- func (p *Persister) NetworkID(ctx context.Context) uuid.UUID
- func (p *Persister) NewNonce(ctx context.Context, accessToken string, expiresIn time.Time) (res string, err error)
- func (p *Persister) Ping() error
- func (p *Persister) PrepareMigration(_ context.Context) error
- func (p *Persister) QueryWithNetwork(ctx context.Context) *pop.Query
- func (p *Persister) RejectLogoutRequest(ctx context.Context, challenge string) error
- func (p *Persister) RevokeAccessToken(ctx context.Context, id string) (err error)
- func (p *Persister) RevokeRefreshToken(ctx context.Context, id string) (err error)
- func (p *Persister) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, id string, _ string) (err error)
- func (p *Persister) RevokeSubjectClientConsentSession(ctx context.Context, user, client string) error
- func (p *Persister) RevokeSubjectConsentSession(ctx context.Context, user string) error
- func (p *Persister) RevokeSubjectLoginSession(ctx context.Context, subject string) error
- func (p *Persister) Rollback(ctx context.Context) (err error)
- func (p *Persister) SetClientAssertionJWT(ctx context.Context, jti string, exp time.Time) (err error)
- func (p *Persister) SetClientAssertionJWTRaw(ctx context.Context, jti *oauth2.BlacklistedJTI) (err error)
- func (p *Persister) UpdateClient(ctx context.Context, cl *client.Client) (err error)
- func (p *Persister) UpdateKey(ctx context.Context, set string, key *jose.JSONWebKey) error
- func (p *Persister) UpdateKeySet(ctx context.Context, set string, keySet *jose.JSONWebKeySet) error
- func (p *Persister) UpdateWithNetwork(ctx context.Context, v interface{}) (int64, error)
- func (p *Persister) VerifyAndInvalidateConsentRequest(ctx context.Context, verifier string) (*flow.AcceptOAuth2ConsentRequest, error)
- func (p *Persister) VerifyAndInvalidateLoginRequest(ctx context.Context, verifier string) (*flow.HandledLoginRequest, error)
- func (p *Persister) VerifyAndInvalidateLogoutRequest(ctx context.Context, verifier string) (*flow.LogoutRequest, error)
- func (p Persister) WithFallbackNetworkID(nid uuid.UUID) persistence.Persister
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrTransactionOpen = errors.New("There is already a transaction in this context.") ErrNoTransactionOpen = errors.New("There is no transaction in this context.") )
View Source
var Migrations embed.FS
Functions ¶
func SignatureHash ¶
SignatureHash hashes the signature to prevent errors where the signature is longer than 128 characters (and thus doesn't fit into the pk).
Types ¶
type Dependencies ¶
type Dependencies interface {
ClientHasher() fosite.Hasher
KeyCipher() *aead.AESGCM
FlowCipher() *aead.XChaCha20Poly1305
Kratos() kratos.Client
contextx.Provider
x.RegistryLogger
x.TracingProvider
}
type OAuth2RequestSQL ¶
type OAuth2RequestSQL struct {
ID string `db:"signature"`
NID uuid.UUID `db:"nid"`
Request string `db:"request_id"`
ConsentChallenge sql.NullString `db:"challenge_id"`
RequestedAt time.Time `db:"requested_at"`
Client string `db:"client_id"`
Scopes string `db:"scope"`
GrantedScope string `db:"granted_scope"`
RequestedAudience string `db:"requested_audience"`
GrantedAudience string `db:"granted_audience"`
Form string `db:"form_data"`
Subject string `db:"subject"`
Active bool `db:"active"`
Session []byte `db:"session_data"`
Table tableName `db:"-"`
}
func (OAuth2RequestSQL) TableName ¶
func (r OAuth2RequestSQL) TableName() string
type OldMigrationRecord ¶
this type is copied from sql-migrate to remove the dependency
type Persister ¶
type Persister struct {
// contains filtered or unexported fields
}
func NewPersister ¶
func (*Persister) AcceptLogoutRequest ¶
func (*Persister) Authenticate ¶
func (*Persister) AuthenticateClient ¶ added in v2.2.0
func (*Persister) ClientAssertionJWTValid ¶
func (*Persister) ConfirmLoginSession ¶
ConfirmLoginSession creates or updates the login session. The NID will be set to the network ID of the context.
func (*Persister) Connection ¶
func (*Persister) CountClients ¶
func (*Persister) CountGrants ¶
func (*Persister) CountSubjectsGrantedConsentRequests ¶
func (*Persister) CreateAccessTokenSession ¶
func (*Persister) CreateAuthorizeCodeSession ¶
func (*Persister) CreateClient ¶
func (*Persister) CreateConsentRequest ¶
func (p *Persister) CreateConsentRequest(ctx context.Context, f *flow.Flow, req *flow.OAuth2ConsentRequest) error
CreateConsentRequest configures fields that are introduced or changed in the consent request. It doesn't touch fields that would be copied from the login request.
func (*Persister) CreateForcedObfuscatedLoginSession ¶
func (*Persister) CreateGrant ¶
func (*Persister) CreateLoginRequest ¶
func (*Persister) CreateLoginSession ¶
func (*Persister) CreateLogoutRequest ¶
func (*Persister) CreateOpenIDConnectSession ¶
func (*Persister) CreatePKCERequestSession ¶
func (*Persister) CreateRefreshTokenSession ¶
func (*Persister) CreateWithNetwork ¶
func (*Persister) DeleteAccessTokenSession ¶
func (*Persister) DeleteAccessTokens ¶
func (*Persister) DeleteClient ¶
func (*Persister) DeleteGrant ¶
func (*Persister) DeleteKeySet ¶
func (*Persister) DeleteLoginSession ¶
func (*Persister) DeleteOpenIDConnectSession ¶
func (*Persister) DeletePKCERequestSession ¶
func (*Persister) DeleteRefreshTokenSession ¶
func (*Persister) DetermineNetwork ¶
func (*Persister) FindGrantedAndRememberedConsentRequests ¶
func (*Persister) FindSubjectsGrantedConsentRequests ¶
func (*Persister) FindSubjectsSessionGrantedConsentRequests ¶
func (*Persister) FlushInactiveAccessTokens ¶
func (*Persister) FlushInactiveGrants ¶
func (*Persister) FlushInactiveLoginConsentRequests ¶
func (*Persister) FlushInactiveRefreshTokens ¶
func (*Persister) GenerateAndPersistKeySet ¶
func (*Persister) GetAccessTokenSession ¶
func (*Persister) GetAuthorizeCodeSession ¶
func (*Persister) GetClientAssertionJWT ¶
func (*Persister) GetClients ¶
func (*Persister) GetConcreteClient ¶
func (*Persister) GetConcreteGrant ¶
func (*Persister) GetConsentRequest ¶
func (*Persister) GetFlowByConsentChallenge ¶
func (*Persister) GetForcedObfuscatedLoginSession ¶
func (*Persister) GetLoginRequest ¶
func (*Persister) GetLogoutRequest ¶
func (*Persister) GetOpenIDConnectSession ¶
func (*Persister) GetPKCERequestSession ¶
func (*Persister) GetPublicKey ¶
func (*Persister) GetPublicKeyScopes ¶
func (*Persister) GetPublicKeys ¶
func (*Persister) GetRefreshTokenSession ¶
func (*Persister) GetRememberedLoginSession ¶
func (p *Persister) GetRememberedLoginSession(ctx context.Context, loginSessionFromCookie *flow.LoginSession, id string) (*flow.LoginSession, error)
func (*Persister) HandleConsentRequest ¶
func (p *Persister) HandleConsentRequest(ctx context.Context, f *flow.Flow, r *flow.AcceptOAuth2ConsentRequest) (*flow.OAuth2ConsentRequest, error)
func (*Persister) HandleLoginRequest ¶
func (*Persister) InvalidateAuthorizeCodeSession ¶
func (*Persister) IsNonceValid ¶ added in v2.2.0
func (*Persister) ListUserAuthenticatedClientsWithBackChannelLogout ¶
func (*Persister) ListUserAuthenticatedClientsWithFrontChannelLogout ¶
func (*Persister) MarkJWTUsedForTime ¶
func (*Persister) MigrateDown ¶
func (*Persister) MigrateUpTo ¶
func (*Persister) MigrationStatus ¶
func (*Persister) QueryWithNetwork ¶
func (*Persister) RejectLogoutRequest ¶
func (*Persister) RevokeAccessToken ¶
func (*Persister) RevokeRefreshToken ¶
func (*Persister) RevokeRefreshTokenMaybeGracePeriod ¶
func (*Persister) RevokeSubjectClientConsentSession ¶
func (*Persister) RevokeSubjectConsentSession ¶
func (*Persister) RevokeSubjectLoginSession ¶
func (*Persister) SetClientAssertionJWT ¶
func (*Persister) SetClientAssertionJWTRaw ¶
func (*Persister) UpdateClient ¶
func (*Persister) UpdateKeySet ¶
UpdateKeySet updates or creates the key set.
func (*Persister) UpdateWithNetwork ¶
func (*Persister) VerifyAndInvalidateConsentRequest ¶
func (*Persister) VerifyAndInvalidateLoginRequest ¶
func (*Persister) VerifyAndInvalidateLogoutRequest ¶
func (Persister) WithFallbackNetworkID ¶
func (p Persister) WithFallbackNetworkID(nid uuid.UUID) persistence.Persister
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.