README
¶
github.com/identityOrg/oidcsdk
An attempt to create a SDK for OAuth2 and OpenID Connect protocol
Documentation
¶
Index ¶
- Constants
- type Arguments
- func (r Arguments) Exact(name string) booldeprecated
- func (r Arguments) ExactOne(name string) bool
- func (r Arguments) Has(items ...string) bool
- func (r Arguments) HasOneOf(items ...string) bool
- func (r Arguments) Matches(items ...string) bool
- func (r Arguments) MatchesExact(items ...string) bool
- func (r Arguments) String() string
- type Config
- type ErrorFactory
- type ErrorStrategy
- type IAccessTokenStrategy
- type IAuthEPHandler
- type IAuthenticationRequestContext
- type IAuthorizationCodeStrategy
- type IClient
- type IClientCredentialContext
- type IClientStore
- type IError
- type IErrorWriter
- type IIDTokenStrategy
- type IIntrospectionEPHandler
- type IIntrospectionRequestContext
- type IJWTValidator
- type IManager
- type IPageResponseHandler
- type IRPILogoutEPHandler
- type IRPILogoutRequestContext
- type IRefreshTokenStrategy
- type IRequestContext
- type IRequestContextFactory
- type IResponseWriter
- type IRevocationEPHandler
- type IRevocationRequestContext
- type ISecretStore
- type ISession
- type ISessionManager
- type ITokenEPHandler
- type ITokenRequestContext
- type ITokenSignatures
- type ITokenStore
- type ITransactionManager
- type IUserInfoEPHandler
- type IUserInfoRequestContext
- type IUserStore
- type RequestProfile
- func (r RequestProfile) GetAudience() Arguments
- func (r RequestProfile) GetClientID() string
- func (r RequestProfile) GetCodeChallenge() string
- func (r RequestProfile) GetCodeChallengeMethod() string
- func (r RequestProfile) GetDomain() string
- func (r RequestProfile) GetGrantType() string
- func (r RequestProfile) GetNonce() string
- func (r RequestProfile) GetRedirectURI() string
- func (r RequestProfile) GetScope() Arguments
- func (r RequestProfile) GetState() string
- func (r RequestProfile) GetUsername() string
- func (r RequestProfile) IsClient() bool
- func (r RequestProfile) SetAudience(aud Arguments)
- func (r RequestProfile) SetClientID(username string)
- func (r RequestProfile) SetCodeChallenge(challenge string)
- func (r RequestProfile) SetCodeChallengeMethod(challengeMethod string)
- func (r RequestProfile) SetDomain(domain string)
- func (r RequestProfile) SetGrantType(challengeMethod string)
- func (r RequestProfile) SetNonce(nonce string)
- func (r RequestProfile) SetRedirectURI(redirectUri string)
- func (r RequestProfile) SetScope(scopes Arguments)
- func (r RequestProfile) SetState(state string)
- func (r RequestProfile) SetUsername(username string)
- type TokenSignatures
- type Tokens
Constants ¶
View Source
const ( GrantAuthorizationCode = "authorization_code" GrantImplicit = "implicit" GrantResourceOwnerPassword = "password" GrantClientCredentials = "client_credentials" GrantRefreshToken = "refresh_token" )
View Source
const ( ScopeOpenid = "openid" ScopeProfile = "profile" ScopeEmail = "email" ScopeAddress = "address" ScopeOfflineAccess = "offline_access" )
View Source
const ( ResponseTypeCode = "code" ResponseTypeToken = "token" ResponseTypeIdToken = "id_token" )
View Source
const ( ResponseModeQuery = "query" ResponseModeFragment = "fragment" ResponseModeFormPost = "form" )
View Source
const ( ContentTypeUrlEncodedForm = "application/x-www-form-urlencoded" ContentTypeJson = "application/json" ContentTypeHtml = "text/html" )
View Source
const ( HeaderContentType = "Content-Type" HeaderAuthorization = "Authorization" )
View Source
const ( ExpireAuthorizationCode = 1 ExpireAccessToken = 2 ExpireRefreshToken = 4 )
View Source
const (
UrlOidcDiscovery = "/.well-known/openid-configuration"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Arguments ¶
type Arguments []string
func (Arguments) ExactOne ¶
ExactOne checks, by string case, that a single argument equals the provided string.
func (Arguments) Has ¶
Has checks, in a case-insensitive manner, that all of the items provided exists in arguments.
func (Arguments) HasOneOf ¶
HasOneOf checks, in a case-insensitive manner, that one of the items provided exists in arguments.
func (Arguments) Matches ¶
Matches performs an case-insensitive, out-of-order check that the items provided exist and equal all of the args in arguments. Note:
- Providing a list that includes duplicate string-case items will return not matched.
func (Arguments) MatchesExact ¶
MatchesExact checks, by order and string case, that the items provided equal those in arguments.
type Config ¶
type Config struct {
Issuer string
AuthCodeLifespan time.Duration
AccessTokenLifespan time.Duration
RefreshTokenLifespan time.Duration
AccessTokenEntropy int
AuthorizationCodeEntropy int
RefreshTokenEntropy int
StateParamMinimumEntropy int
GlobalConsentRequired bool
PKCEPlainEnabled bool
SupportedIDTokenAlgorithms []jose.SignatureAlgorithm
}
type ErrorStrategy ¶
type ErrorStrategy func(err error, w http.ResponseWriter)
type IAccessTokenStrategy ¶
type IAuthEPHandler ¶
type IAuthEPHandler interface {
HandleAuthEP(ctx context.Context, requestContext IAuthenticationRequestContext) IError
}
type IClientCredentialContext ¶ added in v0.3.0
type IClientStore ¶
type IErrorWriter ¶ added in v0.4.0
type IErrorWriter interface {
WriteJsonError(pError IError, additionalValues url.Values, w http.ResponseWriter, r *http.Request) error
WriteRedirectError(requestContext IAuthenticationRequestContext, w http.ResponseWriter, r *http.Request) error
WriteBearerError(pError IError, additionalValues url.Values, w http.ResponseWriter, r *http.Request) error
}
type IIDTokenStrategy ¶
type IIntrospectionEPHandler ¶ added in v0.3.0
type IIntrospectionEPHandler interface {
HandleIntrospectionEP(ctx context.Context, requestContext IIntrospectionRequestContext) IError
}
type IIntrospectionRequestContext ¶
type IIntrospectionRequestContext interface {
IRevocationRequestContext
GetProfile() RequestProfile
SetProfile(profile RequestProfile)
IsActive() bool
SetActive(active bool)
GetTokenType() string
SetTokenType(tokenType string)
}
type IJWTValidator ¶ added in v0.8.0
type IManager ¶
type IManager interface {
ProcessAuthorizationEP(writer http.ResponseWriter, request *http.Request)
ProcessTokenEP(writer http.ResponseWriter, request *http.Request)
ProcessIntrospectionEP(writer http.ResponseWriter, request *http.Request)
ProcessRevocationEP(writer http.ResponseWriter, request *http.Request)
ProcessDiscoveryEP(writer http.ResponseWriter, request *http.Request)
ProcessKeysEP(writer http.ResponseWriter, request *http.Request)
ProcessUserInfoEP(writer http.ResponseWriter, request *http.Request)
ProcessRPILogoutEP(writer http.ResponseWriter, request *http.Request)
SetErrorStrategy(strategy ErrorStrategy)
}
type IPageResponseHandler ¶ added in v0.8.0
type IPageResponseHandler interface {
DisplayLogoutConsentPage(w http.ResponseWriter, r *http.Request)
DisplayLogoutStatusPage(w http.ResponseWriter, r *http.Request)
DisplayErrorPage(err error, w http.ResponseWriter, r *http.Request)
DisplayLoginPage(w http.ResponseWriter, r *http.Request)
DisplayConsentPage(w http.ResponseWriter, r *http.Request)
}
type IRPILogoutEPHandler ¶ added in v0.8.0
type IRPILogoutEPHandler interface {
HandleRPILogoutEP(ctx context.Context, requestContext IRPILogoutRequestContext) IError
}
type IRPILogoutRequestContext ¶ added in v0.8.0
type IRPILogoutRequestContext interface {
GetPostLogoutRedirectUri() string
SetPostLogoutRedirectUri(uri string)
GetIdTokenHint() string
GetClient() IClient
SetClient(id IClient)
SetUsername(username string)
GetUserName() string
GetState() string
GetCSRFToken() string
GetUserSession() ISession
SetUserSession(session ISession)
}
type IRefreshTokenStrategy ¶
type IRequestContext ¶
type IRequestContext interface {
GetRequestID() string
GetRequestedAt() time.Time
GetState() string
GetRedirectURI() string
GetClientID() string
GetRequestedScopes() Arguments
GetRequestedAudience() Arguments
GetClaims() map[string]interface{}
GetClient() IClient
SetClient(client IClient)
GetProfile() RequestProfile
SetProfile(profile RequestProfile)
GetIssuedTokens() Tokens
IssueAccessToken(token string, signature string, expiry time.Time)
IssueRefreshToken(token string, signature string, expiry time.Time)
IssueIDToken(token string)
GetError() IError
SetError(err IError)
GetForm() *url.Values
}
type IRequestContextFactory ¶ added in v0.4.0
type IRequestContextFactory interface {
BuildTokenRequestContext(request *http.Request) (ITokenRequestContext, IError)
BuildAuthorizationRequestContext(request *http.Request) (IAuthenticationRequestContext, IError)
BuildRevocationRequestContext(request *http.Request) (IRevocationRequestContext, IError)
BuildIntrospectionRequestContext(request *http.Request) (IIntrospectionRequestContext, IError)
BuildUserInfoRequestContext(request *http.Request) (IUserInfoRequestContext, IError)
BuildRPILogoutRequestContext(request *http.Request) (IRPILogoutRequestContext, IError)
}
type IResponseWriter ¶ added in v0.4.0
type IResponseWriter interface {
WriteTokenResponse(requestContext ITokenRequestContext, w http.ResponseWriter, r *http.Request) error
WriteAuthorizationResponse(requestContext IAuthenticationRequestContext, w http.ResponseWriter, r *http.Request) error
WriteIntrospectionResponse(requestContext IIntrospectionRequestContext, w http.ResponseWriter, r *http.Request) error
WriteRevocationResponse(w http.ResponseWriter, r *http.Request) error
WriteUserInfoResponse(requestContext IUserInfoRequestContext, w http.ResponseWriter, r *http.Request) error
WriteRPILogoutResponse(requestContext IRPILogoutRequestContext, w http.ResponseWriter, r *http.Request)
}
type IRevocationEPHandler ¶ added in v0.3.0
type IRevocationEPHandler interface {
HandleRevocationEP(ctx context.Context, requestContext IRevocationRequestContext) IError
}
type ISecretStore ¶ added in v0.3.0
type ISecretStore interface {
GetAllSecrets(ctx context.Context) (*jose.JSONWebKeySet, error)
}
type ISessionManager ¶
type ITokenEPHandler ¶
type ITokenEPHandler interface {
HandleTokenEP(ctx context.Context, requestContext ITokenRequestContext) IError
}
type ITokenRequestContext ¶
type ITokenSignatures ¶ added in v0.6.1
type ITokenStore ¶
type ITokenStore interface {
StoreTokenProfile(ctx context.Context, reqId string, signatures ITokenSignatures, profile RequestProfile) (err error)
GetProfileWithAuthCodeSign(ctx context.Context, signature string) (profile RequestProfile, reqId string, err error)
GetProfileWithAccessTokenSign(ctx context.Context, signature string) (profile RequestProfile, reqId string, err error)
GetProfileWithRefreshTokenSign(ctx context.Context, signature string) (profile RequestProfile, reqId string, err error)
InvalidateWithRequestID(ctx context.Context, reqID string, what uint8) (err error)
}
type ITransactionManager ¶ added in v0.7.2
type IUserInfoEPHandler ¶ added in v0.6.0
type IUserInfoEPHandler interface {
HandleUserInfoEP(ctx context.Context, requestContext IUserInfoRequestContext) IError
}
type IUserInfoRequestContext ¶ added in v0.6.0
type IUserInfoRequestContext interface {
GetBearerToken() string
GetUsername() string
SetUsername(username string)
GetClaims() map[string]interface{}
AddClaim(claimId string, value interface{})
GetApprovedScopes() Arguments
SetApprovedScopes(scopes Arguments)
GetRequestedClaims() []string
SetRequestedClaims(claimIds []string)
}
type IUserStore ¶
type IUserStore interface {
Authenticate(ctx context.Context, username string, credential []byte) (err error)
GetClaims(ctx context.Context, username string, scopes Arguments, claimsIDs []string) (map[string]interface{}, error)
IsConsentRequired(ctx context.Context, username string, clientId string, scopes Arguments) bool
StoreConsent(ctx context.Context, username string, clientId string, scopes Arguments) error
FetchUserProfile(ctx context.Context, username string) RequestProfile
}
type RequestProfile ¶
func NewRequestProfile ¶
func NewRequestProfile() RequestProfile
func (RequestProfile) GetAudience ¶
func (r RequestProfile) GetAudience() Arguments
func (RequestProfile) GetClientID ¶
func (r RequestProfile) GetClientID() string
func (RequestProfile) GetCodeChallenge ¶ added in v0.3.0
func (r RequestProfile) GetCodeChallenge() string
func (RequestProfile) GetCodeChallengeMethod ¶ added in v0.3.0
func (r RequestProfile) GetCodeChallengeMethod() string
func (RequestProfile) GetDomain ¶
func (r RequestProfile) GetDomain() string
func (RequestProfile) GetGrantType ¶ added in v0.9.0
func (r RequestProfile) GetGrantType() string
func (RequestProfile) GetNonce ¶
func (r RequestProfile) GetNonce() string
func (RequestProfile) GetRedirectURI ¶
func (r RequestProfile) GetRedirectURI() string
func (RequestProfile) GetScope ¶
func (r RequestProfile) GetScope() Arguments
func (RequestProfile) GetState ¶
func (r RequestProfile) GetState() string
func (RequestProfile) GetUsername ¶
func (r RequestProfile) GetUsername() string
func (RequestProfile) IsClient ¶
func (r RequestProfile) IsClient() bool
func (RequestProfile) SetAudience ¶
func (r RequestProfile) SetAudience(aud Arguments)
func (RequestProfile) SetClientID ¶
func (r RequestProfile) SetClientID(username string)
func (RequestProfile) SetCodeChallenge ¶ added in v0.3.0
func (r RequestProfile) SetCodeChallenge(challenge string)
func (RequestProfile) SetCodeChallengeMethod ¶ added in v0.3.0
func (r RequestProfile) SetCodeChallengeMethod(challengeMethod string)
func (RequestProfile) SetDomain ¶
func (r RequestProfile) SetDomain(domain string)
func (RequestProfile) SetGrantType ¶ added in v0.9.0
func (r RequestProfile) SetGrantType(challengeMethod string)
func (RequestProfile) SetNonce ¶
func (r RequestProfile) SetNonce(nonce string)
func (RequestProfile) SetRedirectURI ¶
func (r RequestProfile) SetRedirectURI(redirectUri string)
func (RequestProfile) SetScope ¶
func (r RequestProfile) SetScope(scopes Arguments)
func (RequestProfile) SetState ¶
func (r RequestProfile) SetState(state string)
func (RequestProfile) SetUsername ¶
func (r RequestProfile) SetUsername(username string)
type TokenSignatures ¶
type TokenSignatures struct {
AuthorizationCodeSignature string
AccessTokenSignature string
RefreshTokenSignature string
RefreshTokenExpiry time.Time
AccessTokenExpiry time.Time
AuthorizationCodeExpiry time.Time
}
func (*TokenSignatures) GetACExpiry ¶ added in v0.6.1
func (t *TokenSignatures) GetACExpiry() time.Time
func (*TokenSignatures) GetACSignature ¶ added in v0.6.1
func (t *TokenSignatures) GetACSignature() string
func (*TokenSignatures) GetATExpiry ¶ added in v0.6.1
func (t *TokenSignatures) GetATExpiry() time.Time
func (*TokenSignatures) GetATSignature ¶ added in v0.6.1
func (t *TokenSignatures) GetATSignature() string
func (*TokenSignatures) GetRTExpiry ¶ added in v0.6.1
func (t *TokenSignatures) GetRTExpiry() time.Time
func (*TokenSignatures) GetRTSignature ¶ added in v0.6.1
func (t *TokenSignatures) GetRTSignature() string
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.