keycloak

type AddressClaim struct {
	// Formatted Full mailing address, formatted for display or use on a mailing label. This field MAY contain multiple lines, separated by newlines. Newlines can be represented either as a carriage return/line feed pair ("\r\n") or as a single line feed character ("\n").
	Formatted string `json:"formatted"`
	// StreetAddress Full street address component, which MAY include house number, street name, Post Office Box, and multi-line extended street address information. This field MAY contain multiple lines, separated by newlines. Newlines can be represented either as a carriage return/line feed pair ("\r\n") or as a single line feed character ("\n").
	StreetAddress string `json:"street_address"`
	// Locality City or locality component.
	Locality string `json:"locality"`
	// Region State, province, prefecture, or region component.
	Region string `json:"region"`
	// PostalCode Zip code or postal code component.
	PostalCode string `json:"postal_code"`
	// Country Country name component.
	Country string `json:"country"`
}

type Config struct {
	Realm            string       `json:"realm"`           // "dms"
	AuthServerURL    string       `json:"auth-server-url"` // "https://id.landgrafx.de/auth"
	SSLRequired      string       `json:"ssl-required"`    // "all"
	Resource         string       `json:"resource"`        // "dms-frontend"
	Credentials      *Credentials `json:"credentials"`
	ConfidentialPort int          `json:"confidential-port"` // 0
}

type Credentials struct {
	Secret string `json:"secret"` // "bc199826-e290-44e9-a6bd-8af4808e10b7"
}

type EmailClaim struct {
	// Email Preferred e-mail address
	Email string `json:"email"`
	// EmailVerified True if the e-mail address has been verified; otherwise false
	EmailVerified bool `json:"email_verified"`
}

type ErrorLogger func(v ...interface{})

type InsecureStore struct {
	// contains filtered or unexported fields
}

type Middleware struct {
	BaseURL      string
	PathPrefix   string
	Scopes       []string
	Logger       ErrorLogger
	SessionStore SessionStore
	// contains filtered or unexported fields
}

type PhoneNumberClaim struct {
	// PhoneNumber End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678.
	PhoneNumber string `json:"phone_number"`
	// PhoneNumberVerified True if the End-User's phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context-specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format.
	PhoneNumberVerified bool `json:"phone_number_verified"`
}

type ProfileClaim struct {
	// Name End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences.
	Name string `json:"name"`
	// FamilyName Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters.
	FamilyName string `json:"family_name"`
	// GivenName(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters.
	GivenName string `json:"given_name"`
	// MiddleName(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used.
	MiddleName string `json:"middle_name"`
	// Nickname Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael.
	Nickname string `json:"nickname"`
	// PreferredUsername Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace. The RP MUST NOT rely upon this value being unique, as discussed in Section 5.7.
	PreferredUsername string `json:"preferred_username"`
	// ProfileURL URL of the End-User's profile page. The contents of this Web page SHOULD be about the End-User.
	ProfileURL string `json:"profile"`
	// PictureURL URL of the End-User's profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User.
	PictureURL string `json:"picture"`
	// WebsiteURL URL of the End-User's Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with.
	WebsiteURL string `json:"website"`
	// Gender End-User's gender. Values defined by this specification are female and male. Other values MAY be used when neither of the defined values are applicable.
	Gender string `json:"gender"`
	// Birthdate String from zoneinfo [zoneinfo] time zone database representing the End-User's time zone. For example, Europe/Paris or America/Los_Angeles.
	Birthdate string `json:"birthdate"`
	// Zoneinfo String from zoneinfo [zoneinfo] time zone database representing the End-User's time zone. For example, Europe/Paris or America/Los_Angeles.
	Zoneinfo string `json:"zoneinfo"`
	// Locale End-User's locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well.
	Locale string `json:"locale"`
	// Address End-User's preferred postal address. The value of the address member is a JSON [RFC4627] structure containing some or all of the members defined in Section 5.1.1.
	Address *AddressClaim `json:"address"`
	// UpdatedAt Time the End-User's information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC until the date/time.
	UpdatedAt uint64 `json:"updated_at"`
}

type Session struct {
	ID      string // session_state
	Token   *oauth2.Token
	IDToken *oidc.IDToken
}

type SessionStore interface {
	// NewSession function gets called after successful session creation
	// the passed response write and request object can be used to handle the
	// connection directly
	NewSession(http.ResponseWriter, *http.Request, http.Handler, *Session)

	// GetSession must return the session for the given request, if no session
	// is provided the user will be redirected to keycloak to authenticate
	GetSession(*http.Request) (*Session, error)

	// DeleteSession function gets called on logout
	DeleteSession(*Session)
}

type StandardClaims struct {
	ProfileClaim
	PhoneNumberClaim
	EmailClaim
}