oathkeeper: github.com/ory/oathkeeper/credentials Index | Files

package credentials

import "github.com/ory/oathkeeper/credentials"

* Copyright © 2017-2018 Aeneas Rekkas <aeneas+oss@aeneas.io> * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * @author Aeneas Rekkas <aeneas+oss@aeneas.io> * @Copyright 2017-2018 Aeneas Rekkas <aeneas+oss@aeneas.io> * @license Apache-2.0 *

Index

Package Files

fetcher.go fetcher_default.go signer.go signer_default.go verifier.go verifier_default.go

type DefaultSigner Uses

type DefaultSigner struct {
    // contains filtered or unexported fields
}

func NewSignerDefault Uses

func NewSignerDefault(r FetcherRegistry) *DefaultSigner

func (*DefaultSigner) Sign Uses

func (s *DefaultSigner) Sign(ctx context.Context, location *url.URL, claims jwt.Claims) (string, error)

type Fetcher Uses

type Fetcher interface {
    ResolveKey(ctx context.Context, locations []url.URL, kid string, use string) (*jose.JSONWebKey, error)
    ResolveSets(ctx context.Context, locations []url.URL) ([]jose.JSONWebKeySet, error)
}

type FetcherDefault Uses

type FetcherDefault struct {
    sync.RWMutex
    // contains filtered or unexported fields
}

func NewFetcherDefault Uses

func NewFetcherDefault(l logrus.FieldLogger, cancelAfter time.Duration, ttl time.Duration) *FetcherDefault

NewFetcherDefault returns a new JWKS Fetcher with:

- cancelAfter: If reached, the fetcher will stop waiting for responses and return an error. - waitForResponse: While the fetcher might stop waiting for responses, we will give the server more time to respond

and add the keys to the registry unless waitForResponse is reached in which case we'll terminate the request.

func (*FetcherDefault) ResolveKey Uses

func (s *FetcherDefault) ResolveKey(ctx context.Context, locations []url.URL, kid string, use string) (*jose.JSONWebKey, error)

func (*FetcherDefault) ResolveSets Uses

func (s *FetcherDefault) ResolveSets(ctx context.Context, locations []url.URL) ([]jose.JSONWebKeySet, error)

type FetcherRegistry Uses

type FetcherRegistry interface {
    CredentialsFetcher() Fetcher
}

type Signer Uses

type Signer interface {
    Sign(ctx context.Context, location *url.URL, claims jwt.Claims) (string, error)
}

type SignerRegistry Uses

type SignerRegistry interface {
    CredentialsSigner() Signer
}

type ValidationContext Uses

type ValidationContext struct {
    Algorithms    []string
    Issuers       []string
    Audiences     []string
    ScopeStrategy fosite.ScopeStrategy
    Scope         []string
    KeyURLs       []url.URL
}

type Verifier Uses

type Verifier interface {
    Verify(
        ctx context.Context,
        token string,
        r *ValidationContext,
    ) (*jwt.Token, error)
}

type VerifierDefault Uses

type VerifierDefault struct {
    // contains filtered or unexported fields
}

func NewVerifierDefault Uses

func NewVerifierDefault(f FetcherRegistry) *VerifierDefault

func (*VerifierDefault) Verify Uses

func (v *VerifierDefault) Verify(
    ctx context.Context,
    token string,
    r *ValidationContext,
) (*jwt.Token, error)

type VerifierRegistry Uses

type VerifierRegistry interface {
    CredentialsVerifier() Verifier
}

Package credentials imports 25 packages (graph) and is imported by 4 packages. Updated 2019-05-18. Refresh now. Tools for package owners.