Documentation
¶
Index ¶
Constants ¶
View Source
const ( TypeGeneric = "generic" TypeOkta = "okta" TypeKeycloak = "keycloak" )
Provider type string const
View Source
const ( IDPAuthTypeAccessToken = "accessToken" IDPAuthTypeClient = "client" )
IDP Auth type string const
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthClient ¶
AuthClient - Interface representing the auth Client
func NewAuthClient ¶
func NewAuthClient(tokenURL string, apiClient api.Client, opts ...AuthClientOption) (AuthClient, error)
NewAuthClient - create a new auth client with client options
type AuthClientOption ¶
type AuthClientOption func(*authClientOptions)
AuthClientOption - configures auth client.
func WithClientSecretAuth ¶
func WithClientSecretAuth(clientID, clientSecret, scope string) AuthClientOption
WithClientSecretAuth - sets up to use client secret authenticator
func WithKeyPairAuth ¶
func WithKeyPairAuth(clientID, audience string, privKey *rsa.PrivateKey, publicKey []byte) AuthClientOption
WithKeyPairAuth - sets up to use public/private key pair authenticator
func WithServerName ¶
func WithServerName(serverName string) AuthClientOption
WithServerName - sets up the server name in auth client
type AuthorizationServerMetadata ¶
type AuthorizationServerMetadata struct {
Issuer string `json:"issuer,omitempty"`
AuthorizationEndpoint string `json:"authorization_endpoint,omitempty"`
TokenEndpoint string `json:"token_endpoint,omitempty"`
RegistrationEndpoint string `json:"registration_endpoint,omitempty"`
JwksURI string `json:"jwks_uri,omitempty"`
IntrospectionEndpoint string `json:"introspection_endpoint,omitempty"`
RevocationEndpoint string `json:"revocation_endpoint,omitempty"`
EndSessionEndpoint string `json:"end_session_endpoint,omitempty"`
DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint,omitempty"`
PushedAuthorizationRequestEndpoint string `json:"pushed_authorization_request_endpoint,omitempty"`
ResponseTypesSupported []string `json:"response_types_supported,omitempty"`
ResponseModesSupported []string `json:"response_modes_supported,omitempty"`
GrantTypesSupported []string `json:"grant_types_supported,omitempty"`
SubjectTypeSupported []string `json:"subject_types_supported,omitempty"`
ScopesSupported []string `json:"scopes_supported,omitempty"`
TokenEndpointAuthMethodSupported []string `json:"token_endpoint_auth_methods_supported,omitempty"`
ClaimsSupported []string `json:"claims_supported,omitempty"`
CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported,omitempty"`
IntrospectionEndpointAuthMethodsSupported []string `json:"introspection_endpoint_auth_methods_supported,omitempty"`
RevocationEndpointAuthMethodsSupported []string `json:"revocation_endpoint_auth_methods_supported,omitempty"`
RequestParameterSupported bool `json:"request_parameter_supported,omitempty"`
RequestObjectSigningAlgValuesSupported []string `json:"request_object_signing_alg_values_supported,omitempty"`
}
AuthorizationServerMetadata - OAuth metadata from IdP
type ClientBuilder ¶
type ClientBuilder interface {
SetClientName(string) ClientBuilder
SetScopes([]string) ClientBuilder
SetGrantTypes([]string) ClientBuilder
SetResponseType([]string) ClientBuilder
SetTokenEndpointAuthMethod(tokenAuthMethod string) ClientBuilder
SetRedirectURIs([]string) ClientBuilder
SetLogoURI(string) ClientBuilder
SetJWKSURI(string) ClientBuilder
SetJWKS([]byte) ClientBuilder
SetExtraProperties(map[string]string) ClientBuilder
Build() (ClientMetadata, error)
}
ClientBuilder - Builder for IdP client representation
func NewClientMetadataBuilder ¶
func NewClientMetadataBuilder() ClientBuilder
NewClientMetadataBuilder - create a new instance of builder to construct client metadata
type ClientMetadata ¶
type ClientMetadata interface {
GetClientName() string
GetClientID() string
GetClientSecret() string
GetClientIDIssuedAt() *time.Time
GetClientSecretExpiresAt() *time.Time
GetScopes() []string
GetGrantTypes() []string
GetTokenEndpointAuthMethod() string
GetResponseTypes() []string
GetClientURI() string
GetRedirectURIs() []string
GetLogoURI() string
GetJwksURI() string
GetJwks() map[string]interface{}
GetExtraProperties() map[string]string
}
ClientMetadata - Interface for IdP client metadata representation
type MockIDPServer ¶
type MockIDPServer interface {
GetMetadataURL() string
GetIssuer() string
GetTokenURL() string
GetAuthEndpoint() string
SetMetadataResponseCode(statusCode int)
SetTokenResponse(accessToken string, expiry time.Duration, statusCode int)
SetRegistrationResponseCode(statusCode int)
Close()
}
MockIDPServer - interface for mock IDP server
func NewMockIDPServer ¶
func NewMockIDPServer() MockIDPServer
NewMockIDPServer - creates a new mock IDP server for tests
type Provider ¶
type Provider interface {
GetName() string
GetTitle() string
GetIssuer() string
GetTokenEndpoint() string
GetAuthorizationEndpoint() string
GetSupportedScopes() []string
GetSupportedGrantTypes() []string
GetSupportedTokenAuthMethods() []string
GetSupportedResponseMethod() []string
RegisterClient(clientMetadata ClientMetadata) (ClientMetadata, error)
UnregisterClient(clientID string) error
}
Provider - interface for external IdP provider
type ProviderRegistry ¶
type ProviderRegistry interface {
// RegisterProvider - registers the provider using the config
RegisterProvider(idp corecfg.IDPConfig, tlsCfg corecfg.TLSConfig, proxyURL string, clientTimeout time.Duration) error
// GetProviderByName - returns the provider from registry based on the name
GetProviderByName(name string) (Provider, error)
// GetProviderByIssuer - returns the provider from registry based on the IDP issuer
GetProviderByIssuer(issuer string) (Provider, error)
// GetProviderByTokenEndpoint - returns the provider from registry based on the IDP token endpoint
GetProviderByTokenEndpoint(tokenEndpoint string) (Provider, error)
// GetProviderByAuthorizationEndpoint - returns the provider from registry based on the IDP authorization endpoint
GetProviderByAuthorizationEndpoint(authEndpoint string) (Provider, error)
}
ProviderRegistry - interface for provider registry
func NewProviderRegistry ¶
func NewProviderRegistry() ProviderRegistry
NewProviderRegistry - create a new provider registry
type ProviderType ¶
type ProviderType int
ProviderType - type of provider
const ( Generic ProviderType = iota + 1 Okta KeyCloak )
Provider types
type Scopes ¶
type Scopes []string
Scopes - type for serializing scopes in client representation
func (*Scopes) MarshalJSON ¶
MarshalJSON - serializes the scopes in array as space separated string
func (*Scopes) UnmarshalJSON ¶
UnmarshalJSON - deserializes the scopes from space separated string to array
Source Files
Click to show internal directories.
Click to hide internal directories.