Documentation ¶
Overview ¶
Package `sso` provides a client wrapping the WorkOS SSO API.
Index ¶
- Constants
- Variables
- func Configure(apiKey, clientID string)
- func DeleteConnection(ctx context.Context, opts DeleteConnectionOpts) error
- func GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, error)
- func Login(opts GetAuthorizationURLOpts) http.Handler
- type Client
- func (c *Client) DeleteConnection(ctx context.Context, opts DeleteConnectionOpts) error
- func (c *Client) GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, error)
- func (c *Client) GetConnection(ctx context.Context, opts GetConnectionOpts) (Connection, error)
- func (c *Client) GetLoginHandler(opts GetAuthorizationURLOpts) http.Handler
- func (c *Client) GetProfile(ctx context.Context, opts GetProfileOpts) (Profile, error)
- func (c *Client) GetProfileAndToken(ctx context.Context, opts GetProfileAndTokenOpts) (ProfileAndToken, error)
- func (c *Client) ListConnections(ctx context.Context, opts ListConnectionsOpts) (ListConnectionsResponse, error)
- type Connection
- type ConnectionDomain
- type ConnectionState
- type ConnectionStatusdeprecated
- type ConnectionType
- type DeleteConnectionOpts
- type GetAuthorizationURLOpts
- type GetConnectionOpts
- type GetProfileAndTokenOpts
- type GetProfileOpts
- type ListConnectionsOpts
- type ListConnectionsResponse
- type Order
- type Profile
- type ProfileAndToken
Constants ¶
const ResponseLimit = 10
ResponseLimit is the default number of records to limit a response to.
Variables ¶
var ( // DefaultClient is the client used by GetAuthorizationURL, GetProfileAndToken and // Login functions. DefaultClient = &Client{} )
Functions ¶
func Configure ¶
func Configure(apiKey, clientID string)
Configure configures the default client that is used by GetAuthorizationURL, GetProfileAndToken and Login. It must be called before using those functions.
func DeleteConnection ¶
func DeleteConnection( ctx context.Context, opts DeleteConnectionOpts, ) error
DeleteConnection deletes a Connection.
func GetAuthorizationURL ¶
func GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, error)
GetAuthorizationURL returns an authorization url generated with the given options.
func Login ¶
func Login(opts GetAuthorizationURLOpts) http.Handler
Login returns a http.Handler that redirects client to the appropriate login provider.
Types ¶
type Client ¶
type Client struct { // The WorkOS api key. It can be found in // https://dashboard.workos.com/api-keys. // // REQUIRED. APIKey string // The WorkOS Client ID (eg. client_01JG3BCPTRTSTTWQR4VSHXGWCQ). // // REQUIRED. ClientID string // The endpoint to WorkOS API. // // Defaults to https://api.workos.com. Endpoint string // The http.Client that is used to send request to WorkOS. // // Defaults to http.Client. HTTPClient *http.Client // The function used to encode in JSON. Defaults to json.Marshal. JSONEncode func(v interface{}) ([]byte, error) // contains filtered or unexported fields }
Client represents a client that fetch SSO data from WorkOS API.
func (*Client) DeleteConnection ¶
func (c *Client) DeleteConnection( ctx context.Context, opts DeleteConnectionOpts, ) error
DeleteConnection deletes a Connection.
func (*Client) GetAuthorizationURL ¶
func (c *Client) GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, error)
GetAuthorizationURL returns an authorization url generated with the given options.
func (*Client) GetConnection ¶
func (c *Client) GetConnection( ctx context.Context, opts GetConnectionOpts, ) (Connection, error)
GetConnection gets a Connection.
func (*Client) GetLoginHandler ¶
func (c *Client) GetLoginHandler(opts GetAuthorizationURLOpts) http.Handler
GetLoginHandler returns an http.Handler that redirects client to the appropriate login provider.
func (*Client) GetProfile ¶
GetProfile returns a profile describing the user that authenticated with WorkOS SSO.
func (*Client) GetProfileAndToken ¶
func (c *Client) GetProfileAndToken(ctx context.Context, opts GetProfileAndTokenOpts) (ProfileAndToken, error)
GetProfileAndToken returns a profile describing the user that authenticated with WorkOS SSO.
func (*Client) ListConnections ¶
func (c *Client) ListConnections( ctx context.Context, opts ListConnectionsOpts, ) (ListConnectionsResponse, error)
ListConnections gets details of existing Connections.
type Connection ¶
type Connection struct { // Connection unique identifier. ID string `json:"id"` // Connection linked status. Deprecated; use State instead. Status ConnectionStatus `json:"status"` // Connection linked state. State ConnectionState `json:"state"` // Connection name. Name string `json:"name"` // Connection provider type. ConnectionType ConnectionType `json:"connection_type"` // Organization ID. OrganizationID string `json:"organization_id"` // Domain records for the Connection. Domains []ConnectionDomain `json:"domains"` // The timestamp of when the Connection was created. CreatedAt string `json:"created_at"` // The timestamp of when the Connection was updated. UpdatedAt string `json:"updated_at"` }
Connection represents a Connection record.
func GetConnection ¶
func GetConnection( ctx context.Context, opts GetConnectionOpts, ) (Connection, error)
GetConnection gets a Connection.
type ConnectionDomain ¶
type ConnectionDomain struct { // Connection Domain unique identifier. ID string `json:"id"` // Domain for a Connection record. Domain string `json:"domain"` }
ConnectionDomain represents the domain records associated with a Connection.
type ConnectionState ¶
type ConnectionState string
ConnectionState indicates whether a Connection is able to authenticate users.
const ( Draft ConnectionState = "draft" Active ConnectionState = "active" Inactive ConnectionState = "inactive" Validating ConnectionState = "validating" )
Constants that enumerate a Connection's possible states.
type ConnectionStatus
deprecated
type ConnectionStatus string
ConnectionStatus represents a Connection's linked status.
Deprecated: Please use ConnectionState instead.
const ( Linked ConnectionStatus = "linked" Unlinked ConnectionStatus = "unlinked" )
Constants that enumerate the available Connection's linked statuses.
type ConnectionType ¶
type ConnectionType string
ConnectionType represents a connection type.
const ( ADFSSAML ConnectionType = "ADFSSAML" AdpOidc ConnectionType = "AdpOidc" Auth0SAML ConnectionType = "Auth0SAML" AzureSAML ConnectionType = "AzureSAML" CasSAML ConnectionType = "CasSAML" CloudflareSAML ConnectionType = "CloudflareSAML" ClassLinkSAML ConnectionType = "ClassLinkSAML" CyberArkSAML ConnectionType = "CyberArkSAML" DuoSAML ConnectionType = "DuoSAML" GenericOIDC ConnectionType = "GenericOIDC" GenericSAML ConnectionType = "GenericSAML" GoogleOAuth ConnectionType = "GoogleOAuth" GoogleSAML ConnectionType = "GoogleSAML" JumpCloudSAML ConnectionType = "JumpCloudSAML" KeycloakSAML ConnectionType = "KeycloakSAML" LastPassSAML ConnectionType = "LastPassSAML" LoginGovOidc ConnectionType = "LoginGovOidc" MagicLink ConnectionType = "MagicLink" MicrosoftOAuth ConnectionType = "MicrosoftOAuth" MiniOrangeSAML ConnectionType = "MiniOrangeSAML" NetIqSAML ConnectionType = "NetIqSAML" OktaSAML ConnectionType = "OktaSAML" OneLoginSAML ConnectionType = "OneLoginSAML" OracleSAML ConnectionType = "OracleSAML" PingFederateSAML ConnectionType = "PingFederateSAML" PingOneSAML ConnectionType = "PingOneSAML" RipplingSAML ConnectionType = "RipplingSAML" SalesforceSAML ConnectionType = "SalesforceSAML" ShibbolethSAML ConnectionType = "ShibbolethSAML" ShibbolethGenericSAML ConnectionType = "ShibbolethGenericSAML" SimpleSamlPhpSAML ConnectionType = "SimpleSamlPhpSAML" VMwareSAML ConnectionType = "VMwareSAML" )
Constants that enumerate the available connection types.
type DeleteConnectionOpts ¶
type DeleteConnectionOpts struct { // Connection unique identifier. Connection string }
DeleteConnectionOpts contains the options to delete a Connection.
type GetAuthorizationURLOpts ¶
type GetAuthorizationURLOpts struct { // Deprecated: Please use `Organization` parameter instead. // The app/company domain without without protocol (eg. example.com). Domain string // Domain hint that will be passed as a parameter to the IdP login page. // OPTIONAL. DomainHint string // Username/email hint that will be passed as a parameter to the to IdP login page. // OPTIONAL. LoginHint string // Authentication service provider descriptor. // Provider is currently only used when the connection type is GoogleOAuth. Provider ConnectionType // The unique identifier for a WorkOS Connection. Connection string // The unique identifier for a WorkOS Organization. Organization string // The callback URL where your app redirects the user-agent after an // authorization code is granted (eg. https://foo.com/callback). // // REQUIRED. RedirectURI string // A unique identifier used to manage state across authorization // transactions (eg. 1234zyx). // // OPTIONAL. State string }
GetAuthorizationURLOpts contains the options to pass in order to generate an authorization url.
type GetConnectionOpts ¶
type GetConnectionOpts struct { // Connection unique identifier. Connection string }
GetConnectionOpts contains the options to request details for a Connection.
type GetProfileAndTokenOpts ¶
type GetProfileAndTokenOpts struct { // An opaque string provided by the authorization server. It will be // exchanged for an Access Token when the user’s profile is sent. Code string }
GetProfileAndTokenOpts contains the options to pass in order to get a user profile and access token.
type GetProfileOpts ¶
type GetProfileOpts struct { // An opaque string provided by the authorization server. It will be // exchanged for an Access Token when the user’s profile is sent. AccessToken string }
GetProfile contains the options to pass in order to get a user profile.
type ListConnectionsOpts ¶
type ListConnectionsOpts struct { // Authentication service provider descriptor. Can be empty. ConnectionType ConnectionType `url:"connection_type,omitempty"` // Organization ID of the Connection(s). Can be empty. OrganizationID string `url:"organization_id,omitempty"` // Domain of a Connection. Can be empty. Domain string `url:"domain,omitempty"` // Maximum number of records to return. Limit int `url:"limit"` // The order in which to paginate records. Order Order `url:"order,omitempty"` // Pagination cursor to receive records before a provided Connection ID. Before string `url:"before,omitempty"` // Pagination cursor to receive records after a provided Connection ID. After string `url:"after,omitempty"` }
ListConnectionsOpts contains the options to request a list of Connections.
type ListConnectionsResponse ¶
type ListConnectionsResponse struct { // List of Connections Data []Connection `json:"data"` // Cursor pagination options. ListMetadata common.ListMetadata `json:"listMetadata"` }
ListConnectionsResponse describes the response structure when requesting existing Connections.
func ListConnections ¶
func ListConnections( ctx context.Context, opts ListConnectionsOpts, ) (ListConnectionsResponse, error)
ListConnections gets a list of existing Connections.
type Profile ¶
type Profile struct { // The user ID. ID string `json:"id"` // An unique alphanumeric identifier for a Profile’s identity provider. IdpID string `json:"idp_id"` // The organization ID. OrganizationID string `json:"organization_id"` // The connection ID. ConnectionID string `json:"connection_id"` // The connection type. ConnectionType ConnectionType `json:"connection_type"` // The user email. Email string `json:"email"` // The user first name. Can be empty. FirstName string `json:"first_name"` // The user last name. Can be empty. LastName string `json:"last_name"` // The user's group memberships. Can be empty. Groups []string `json:"groups"` // The raw response of Profile attributes from the identity provider RawAttributes map[string]interface{} `json:"raw_attributes"` }
Profile contains information about an authenticated user.
func GetProfile ¶
func GetProfile(ctx context.Context, opts GetProfileOpts) (Profile, error)
GetProfile returns a profile describing the user that authenticated with WorkOS SSO.
type ProfileAndToken ¶
type ProfileAndToken struct { // An access token corresponding to the Profile. AccessToken string `json:"access_token"` // The user Profile. Profile Profile `json:"profile"` }
func GetProfileAndToken ¶
func GetProfileAndToken(ctx context.Context, opts GetProfileAndTokenOpts) (ProfileAndToken, error)
GetProfileAndToken returns a profile describing the user that authenticated with WorkOS SSO.