Documentation
¶
Index ¶
- Constants
- Variables
- func FetchOpenIDConfiguration(ctx context.Context, issuerURL string, hc *http.Client) (request Request, c ServerConfig, err error)
- func ParseError(resp *http.Response) error
- func RandomString(n int) string
- func ReadKey(location string, hc *http.Client) (jose.JSONWebKey, error)
- func ReadKeyPair(cert string, key string, hc *http.Client) (keyPair tls.Certificate, err error)
- func ReadRootCA(location string, hc *http.Client) (pool *x509.CertPool, err error)
- func ReadURL(location string, hc *http.Client) (data []byte, err error)
- func RequestToken(ctx context.Context, cconfig ClientConfig, sconfig ServerConfig, ...) (request Request, response TokenResponse, err error)
- func SignJWT(claimsProvider ClaimsProvider, signerProvider SignerProvider) (jwt string, key interface{}, err error)
- func WithAuthorizationCode(code string) func(*RequestTokenParams)
- func WithCodeVerifier(codeVerifier string) func(*RequestTokenParams)
- func WithRedirectURL(url string) func(*RequestTokenParams)
- type ClaimsProvider
- type ClientConfig
- type Error
- type Request
- type RequestTokenOption
- type RequestTokenParams
- type ServerConfig
- type SignerProvider
- type TokenResponse
Constants ¶
View Source
const ( AuthorizationCodeGrantType string = "authorization_code" ClientCredentialsGrantType string = "client_credentials" ImplicitGrantType string = "implicit" PasswordGrantType string = "password" RefreshTokenGrantType string = "refresh_token" JWTBearerGrantType string = "urn:ietf:params:oauth:grant-type:jwt-bearer" )
grant types
View Source
const ( ClientSecretBasicAuthMethod string = "client_secret_basic" ClientSecretPostAuthMethod string = "client_secret_post" ClientSecretJwtAuthMethod string = "client_secret_jwt" PrivateKeyJwtAuthMethod string = "private_key_jwt" SelfSignedTLSAuthMethod string = "self_signed_tls_client_auth" TLSClientAuthMethod string = "tls_client_auth" )
auth methods
View Source
const CodeVerifierLength = 43
View Source
const (
JwtBearerClientAssertion string = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
)
client assertion types
View Source
const OpenIDConfigurationPath = "/.well-known/openid-configuration"
Variables ¶
View Source
var CodeChallengeEncoder = base64.RawURLEncoding
Functions ¶
func ParseError ¶
func RandomString ¶
func ReadKeyPair ¶ added in v1.1.0
func ReadRootCA ¶ added in v1.1.0
func RequestToken ¶
func RequestToken( ctx context.Context, cconfig ClientConfig, sconfig ServerConfig, hc *http.Client, opts ...RequestTokenOption, ) (request Request, response TokenResponse, err error)
func SignJWT ¶
func SignJWT(claimsProvider ClaimsProvider, signerProvider SignerProvider) (jwt string, key interface{}, err error)
func WithAuthorizationCode ¶
func WithAuthorizationCode(code string) func(*RequestTokenParams)
func WithCodeVerifier ¶
func WithCodeVerifier(codeVerifier string) func(*RequestTokenParams)
func WithRedirectURL ¶
func WithRedirectURL(url string) func(*RequestTokenParams)
Types ¶
type ClaimsProvider ¶ added in v1.1.0
func AssertionClaims ¶ added in v1.1.0
func AssertionClaims(serverConfig ServerConfig, clientConfig ClientConfig) ClaimsProvider
func ClientAssertionClaims ¶ added in v1.1.0
func ClientAssertionClaims(serverConfig ServerConfig, clientConfig ClientConfig) ClaimsProvider
type ClientConfig ¶
type ClientConfig struct {
IssuerURL string
GrantType string
ClientID string
ClientSecret string
Scopes []string
AuthMethod string
PKCE bool
NoPKCE bool
Insecure bool
ResponseType []string
ResponseMode string
Username string
Password string
RefreshToken string
Assertion string
SigningKey string
TLSCert string
TLSKey string
TLSRootCA string
}
type Error ¶
type Request ¶
type Request struct {
Method string
URL *url.URL
Headers map[string][]string
Form url.Values
Key interface{}
Cert *x509.Certificate
}
func RequestAuthorization ¶
func RequestAuthorization(addr string, cconfig ClientConfig, sconfig ServerConfig) (r Request, codeVerifier string, err error)
func WaitForCallback ¶
type RequestTokenOption ¶
type RequestTokenOption func(*RequestTokenParams)
type RequestTokenParams ¶
type ServerConfig ¶
type ServerConfig struct {
Issuer string `json:"issuer"`
SupportedGrantTypes []string `json:"grant_types_supported"`
SupportedResponseTypes []string `json:"response_types_supported"`
SupportedTokenEndpointAuthMethods []string `json:"token_endpoint_auth_methods_supported"`
SupportedScopes []string `json:"scopes_supported"`
SupportedResponseModes []string `json:"response_modes_supported"`
AuthorizationEndpoint string `json:"authorization_endpoint"`
TokenEndpoint string `json:"token_endpoint"`
MTLsEndpointAliases struct {
TokenEndpoint string `json:"token_endpoint"`
} `json:"mtls_endpoint_aliases"`
}
type SignerProvider ¶ added in v1.1.0
func JWKSigner ¶ added in v1.1.0
func JWKSigner(clientConfig ClientConfig, hc *http.Client) SignerProvider
func SecretSigner ¶ added in v1.1.0
func SecretSigner(secret []byte) SignerProvider
type TokenResponse ¶
type TokenResponse struct {
AccessToken string `json:"access_token,omitempty"`
ExpiresIn int64 `json:"expires_in,omitempty"`
IDToken string `json:"id_token,omitempty"`
IssuedTokenType string `json:"issued_token_type,omitempty"`
RefreshToken string `json:"refresh_token,omitempty"`
Scope string `json:"scope,omitempty"`
TokenType string `json:"token_type,omitempty"`
}
func NewTokenResponseFromForm ¶
func NewTokenResponseFromForm(f url.Values) TokenResponse
Source Files
Click to show internal directories.
Click to hide internal directories.