login

package
v0.30.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 9, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewHandler

func NewHandler(
	stateDecoder oidc.Decoder,
	cookieDecoder oidc.Decoder,
	getHandler HandlerFunc,
	postHandler HandlerFunc,
) http.Handler

NewHandler returns a http.Handler that serves the login endpoint for IDPs that don't have their own web UI for login.

This handler takes care of the shared concerns between the GET and POST methods of the login endpoint: checking the method, checking the CSRF cookie, decoding the state param, and adding security headers. Then it defers the rest of the handling to the passed in handler functions for GET and POST requests. Note that CSRF protection isn't needed on GET requests, but it doesn't hurt. Putting it here keeps the implementations and tests of HandlerFunc simpler since they won't need to deal with any decoders. Users should always initially get redirected to this page from the authorization endpoint, and never need to navigate directly to this page in their browser without going through the authorization endpoint first. Once their browser has landed on this page, it should be okay for the user to refresh the browser.

Types

type HandlerFunc

type HandlerFunc func(
	w http.ResponseWriter,
	r *http.Request,
	encodedState string,
	decodedState *oidc.UpstreamStateParamData,
) error

HandlerFunc is a function that can handle either a GET or POST request for the login endpoint.

func NewGetHandler

func NewGetHandler(loginPath string) HandlerFunc

Directories

Path Synopsis
Package loginhtml defines HTML templates used by the Supervisor.
Package loginhtml defines HTML templates used by the Supervisor.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL