Documentation ¶
Index ¶
- type AuthRequestReq
- type AuthorizeCallbackReq
- type Config
- type DiscoveryConfigReq
- type EndSessionReq
- type Endpoint
- type IntrospectionReq
- type OAuthClientReq
- type OpenIDOption
- type OpenIDProvider
- func (o *OpenIDProvider) CreateAccessToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, ...) (accessToken, refreshToken string, validity time.Duration, err error)
- func (o *OpenIDProvider) CreateAccessTokenAndIDToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, ...) (*model.AccessTokenRes, error)
- func (o *OpenIDProvider) CreateIDToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, ...) (string, error)
- func (o *OpenIDProvider) CreateJWTAccessToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, ...) (string, error)
- func (o *OpenIDProvider) VerifyAccessToken(ctx context.Context, tokenStr string) (*model.AccessTokenClaims, error)
- func (o *OpenIDProvider) VerifyIDToken(ctx context.Context, tokenStr string) (*model.IDTokenClaims, error)
- type OpenIDWrapper
- type Option
- type RevokeTokenReq
- type TokenExchangeReq
- type TokenResponse
- type UserinfoReq
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthRequestReq ¶
type AuthRequestReq struct { Scopes string `json:"scope" form:"scope"` ResponseType string `json:"response_type" form:"response_type"` ClientID string `json:"client_id" form:"client_id"` RedirectURI string `json:"redirect_uri" form:"redirect_uri"` State string `json:"state" form:"state"` Nonce string `json:"nonce" form:"nonce"` ResponseMode string `json:"response_mode" form:"response_mode"` Display string `json:"display" form:"display"` Prompt string `json:"prompt" form:"prompt"` MaxAge int64 `json:"max_age" form:"max_age"` UILocales string `json:"ui_locales" form:"ui_locales"` //SpaceDelimitedArray LoginHint string `json:"login_hint" form:"login_hint"` ACRValues string `json:"acr_values" form:"acr_values"` //SpaceDelimitedArray CodeChallenge string `json:"code_challenge" form:"code_challenge"` CodeChallengeMethod string `json:"code_challenge_method" form:"code_challenge_method"` // RequestParam enables OIDC requests to be passed in a single, self-contained parameter (as JWT, called Request Object) RequestParam string `json:"request" form:"request"` IDTokenHint string `json:"id_token_hint" form:"id_token_hint"` }
AuthRequestReq according to: https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
type AuthorizeCallbackReq ¶
type Config ¶
type Config struct { Issuer string Crypto util.JWTCertifier OpenIDWrapper OpenIDWrapper Storage storage.IStorage }
type DiscoveryConfigReq ¶
type DiscoveryConfigReq struct { // RegistrationEndpoint is an API endpoint that handles the registration of new users or accounts in a web application or service. RegistrationEndpoint string // OPPolicyEndpoint is an API endpoint that provides access to the OpenID Connect Provider (OP) policy documents. OPPolicyEndpoint string // OPTermsOfServiceEndpoint is an API endpoint that provides access to the terms of service (TOS) of the OpenID Connect Provider (OP). OPTermsOfServiceEndpoint string // ServiceDocumentationEndpoint is a URL where developers can get information about the OP and its usage. ServiceDocumentationEndpoint string }
type EndSessionReq ¶
type EndSessionReq struct { IdTokenHint string `schema:"id_token_hint"` ClientID string `schema:"client_id"` PostLogoutRedirectURI string `schema:"post_logout_redirect_uri"` State string `schema:"state"` UILocales string `json:"ui_locales" form:"ui_locales"` //SpaceDelimitedArray }
EndSessionRequest for the RP-Initiated Logout according to: https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout
type IntrospectionReq ¶
type IntrospectionReq struct { *OAuthClientReq Token string `json:"token"` TokenTypeHint string `json:"token_type_hint" form:"token_type_hint"` }
type OAuthClientReq ¶
type OAuthClientReq struct { ClientID string `json:"client_id" form:"client_id"` ClientSecret string `json:"client_secret" form:"client_secret"` ClientAssertion string `json:"client_assertion" form:"client_assertion"` ClientAssertionType string `json:"client_assertion_type" form:"client_assertion_type"` }
type OpenIDOption ¶
type OpenIDOption struct { Endpoint // contains filtered or unexported fields }
type OpenIDProvider ¶
type OpenIDProvider struct {
// contains filtered or unexported fields
}
func NewOpenIDProvider ¶
func NewOpenIDProvider(cfg *Config, opts ...Option) (*OpenIDProvider, error)
func (*OpenIDProvider) CreateAccessToken ¶
func (o *OpenIDProvider) CreateAccessToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, fn func() (*storage.TokenModel, error)) (accessToken, refreshToken string, validity time.Duration, err error)
func (*OpenIDProvider) CreateAccessTokenAndIDToken ¶
func (o *OpenIDProvider) CreateAccessTokenAndIDToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, fn func() (*storage.TokenModel, error)) (*model.AccessTokenRes, error)
func (*OpenIDProvider) CreateIDToken ¶
func (o *OpenIDProvider) CreateIDToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, authTime time.Time, fn func(claims *model.IDTokenClaims) error) (string, error)
func (*OpenIDProvider) CreateJWTAccessToken ¶
func (o *OpenIDProvider) CreateJWTAccessToken(ctx context.Context, req *storage.AuthRequest, client storage.IClient, fn func(claims *model.AccessTokenClaims) error) (string, error)
func (*OpenIDProvider) VerifyAccessToken ¶
func (o *OpenIDProvider) VerifyAccessToken(ctx context.Context, tokenStr string) (*model.AccessTokenClaims, error)
func (*OpenIDProvider) VerifyIDToken ¶
func (o *OpenIDProvider) VerifyIDToken(ctx context.Context, tokenStr string) (*model.IDTokenClaims, error)
type OpenIDWrapper ¶ added in v0.1.1
type OpenIDWrapper interface { SetLogger(logger log.Logger) DiscoveryJWKs(jwksEndpoint string, handler func() (*jose.JSONWebKeySet, error)) DiscoveryConfig(discoveryEndpoint string, handler func(req *DiscoveryConfigReq) *model.DiscoveryConfiguration) Authorize(authorizationEndpoint string, handler func(ctx context.Context, req *AuthRequestReq) (string, error)) EndSession(endSessionEndpoint string, handler func(ctx context.Context, req *EndSessionReq) (string, error)) Introspect(introspectionEndpoint string, handler func(ctx context.Context, req *IntrospectionReq, r *http.Request) (*model.IntrospectionModel, error)) RevokeToken(revocationEndpoint string, handler func(ctx context.Context, req *RevokeTokenReq, r *http.Request) error) TokenExchange(tokenExchangeEndpoint string, handler func(ctx context.Context, req *TokenExchangeReq, r *http.Request) (interface{}, error)) Userinfo(userinfoEndpoint string, handler func(ctx context.Context, req *UserinfoReq, r *http.Request) (*model.UserInfo, error)) AuthorizeCallback(authorizeCallbackEndpoint string, handler func(ctx context.Context, req *AuthorizeCallbackReq) (callbackUrl string, err error)) }
type RevokeTokenReq ¶
type RevokeTokenReq struct { *OAuthClientReq Token string `schema:"token"` TokenTypeHint string `schema:"token_type_hint"` }
type TokenExchangeReq ¶
type TokenExchangeReq struct { *OAuthClientReq GrantType string `json:"grant_type" form:"grant_type"` //GrantTypeCode Code string `json:"code" form:"code"` RedirectURI string `json:"redirect_uri" form:"redirect_uri"` CodeVerifier string `json:"code_verifier" form:"code_verifier"` //GrantTypeRefreshToken RefreshToken string `json:"refresh_token" form:"refresh_token"` Scopes string `json:"scope" form:"scope"` //SpaceDelimitedArray //GrantTypeJwtBearer Assertion string `json:"assertion" form:"assertion"` //GrantTypeTokenExchange SubjectToken string `json:"subject_token" form:"subject_token"` SubjectTokenType string `json:"subject_token_type" form:"subject_token_type"` ActorToken string `json:"actor_token" form:"actor_token"` ActorTokenType string `json:"actor_token_type" form:"actor_token_type"` Resource string `json:"resource" form:"resource"` //SpaceDelimitedArray Audience string `json:"audience" form:"audience"` //SpaceDelimitedArray RequestedTokenType string `json:"requested_token_type" form:"requested_token_type"` }
type TokenResponse ¶
type TokenResponse struct { AccessToken string `json:"access_token,omitempty" schema:"access_token,omitempty"` TokenType string `json:"token_type,omitempty" schema:"token_type,omitempty"` RefreshToken string `json:"refresh_token,omitempty" schema:"refresh_token,omitempty"` ExpiresIn uint64 `json:"expires_in,omitempty" schema:"expires_in,omitempty"` IDToken string `json:"id_token,omitempty" schema:"id_token,omitempty"` State string `json:"state,omitempty" schema:"state,omitempty"` }
type UserinfoReq ¶
type UserinfoReq struct {
AccessToken string `schema:"access_token"`
}
Source Files ¶
- authorize.go
- authorizecallback.go
- config.go
- discovery.go
- discoveryjwks.go
- endsession.go
- granttype_client_credentials_exchange.go
- granttype_code_exchange.go
- granttype_device_code_exchange.go
- granttype_implicit_exchange.go
- granttype_jwtbearer_exchange.go
- granttype_refreshToken_exchange.go
- granttype_token_exchange.go
- introspection.go
- op.go
- option.go
- revoketoken.go
- token.go
- token_exchange.go
- userinfo.go
Click to show internal directories.
Click to hide internal directories.