trireme-lib: Index | Files

package oidc

import ""


Package Files


type TokenVerifier Uses

type TokenVerifier struct {
    ProviderURL    string
    ClientID       string
    ClientSecret   string
    Scopes         []string
    RedirectURL    string
    NonceSize      int
    CookieDuration time.Duration
    // contains filtered or unexported fields

TokenVerifier is an OIDC validator.

func NewClient Uses

func NewClient(ctx context.Context, v *TokenVerifier) (*TokenVerifier, error)

NewClient creates a new validator client

func (*TokenVerifier) Callback Uses

func (v *TokenVerifier) Callback(ctx context.Context, u *url.URL) (string, string, int, error)

Callback is the function that is called back by the IDP to catch the token and perform all other validations. It will return the resulting token, the original URL that was called to initiate the protocol, and the http status response.

func (*TokenVerifier) IssueRedirect Uses

func (v *TokenVerifier) IssueRedirect(originURL string) string

IssueRedirect creates the redirect URL. The URI is created by the provider and it includes a state that is random. The state will be remembered for the return. There is an assumption here that the LBs in front of applications are sticky or the TCP session is re-used. Otherwise, we will need a global state that could introduce additional calls to a central system. TODO: add support for a global state.

func (*TokenVerifier) Validate Uses

func (v *TokenVerifier) Validate(ctx context.Context, token string) ([]string, bool, string, error)

Validate checks if the token is valid and returns the claims. The validator maintains an internal cache with tokens to accelerate performance. If the token is not in the cache, it will validate it with the central authorizer.

func (*TokenVerifier) VerifierType Uses

func (v *TokenVerifier) VerifierType() common.JWTType

VerifierType returns the type of the TokenVerifier.

Package oidc imports 15 packages (graph) and is imported by 4 packages. Updated 2019-09-19. Refresh now. Tools for package owners.