Documentation
¶
Index ¶
- Constants
- type AuthorityMetadata
- type AuthorityRegistration
- type Details
- func (d *Details) IdentityClaimValue(claims interface{}) (string, map[string]interface{}, error)
- func (d *Details) IsReady() bool
- func (d *Details) JWTKeyfunc() jwt.Keyfunc
- func (d *Details) MakeRedirectAuthenticationRequestURL(state string) (*url.URL, map[string]interface{}, error)
- func (d *Details) MakeRedirectEndSessionRequestURL(ref interface{}, state string) (*url.URL, map[string]interface{}, error)
- func (d *Details) MakeRedirectEndSessionResponseURL(req interface{}, state string) (*url.URL, map[string]interface{}, error)
- func (d *Details) Metadata() interface{}
- func (d *Details) ParseStateResponse(req *http.Request, state string, extra map[string]interface{}) (interface{}, error)
- type Registry
- func (r *Registry) Default(ctx context.Context) *Details
- func (r *Registry) Find(ctx context.Context, selector func(authority AuthorityRegistration) bool) (AuthorityRegistration, bool)
- func (r *Registry) Get(ctx context.Context, authorityID string) (AuthorityRegistration, bool)
- func (r *Registry) Lookup(ctx context.Context, authorityID string) (*Details, error)
- func (r *Registry) Register(authority AuthorityRegistration) error
Constants ¶
const ( AuthorityTypeOIDC = "oidc" AuthorityTypeSAML2 = "saml2" )
Supported Authority kind string values.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorityMetadata ¶
type AuthorityMetadata interface {
}
type AuthorityRegistration ¶
type AuthorityRegistration interface {
ID() string
Name() string
AuthorityType() string
Authority() *Details
Issuer() string
Validate() error
Initialize(ctx context.Context, registry *Registry) error
MakeRedirectAuthenticationRequestURL(state string) (*url.URL, map[string]interface{}, error)
MakeRedirectEndSessionRequestURL(ref interface{}, state string) (*url.URL, map[string]interface{}, error)
MakeRedirectEndSessionResponseURL(req interface{}, state string) (*url.URL, map[string]interface{}, error)
ParseStateResponse(req *http.Request, state string, extra map[string]interface{}) (interface{}, error)
ValidateIdpEndSessionRequest(req interface{}, state string) (bool, error)
ValidateIdpEndSessionResponse(res interface{}, state string) (bool, error)
IdentityClaimValue(data interface{}) (string, map[string]interface{}, error)
Metadata() AuthorityMetadata
}
AuthorityRegistration defines an authority with its properties.
type Details ¶
type Details struct {
ID string
Name string
AuthorityType string
ClientID string
ClientSecret string
Trusted bool
Insecure bool
Scopes []string
ResponseType string
ResponseMode string
CodeChallengeMethod string
EndSessionEnabled bool
// contains filtered or unexported fields
}
Details hold immutable information about external authorities identified by ID.
func (*Details) IdentityClaimValue ¶
IdentityClaimValue returns the identity claim value from the provided data.
func (*Details) IsReady ¶
IsReady returns wether or not the associated registration entry was ready at time of creation of the associated details.
func (*Details) JWTKeyfunc ¶
JWTKeyfunc returns a key func to validate JWTs with the keys of the associated authority registration.
func (*Details) MakeRedirectAuthenticationRequestURL ¶
func (d *Details) MakeRedirectAuthenticationRequestURL(state string) (*url.URL, map[string]interface{}, error)
MakeRedirectAuthenticationRequestURL returns the authentication request URL which can be used to initiate authentication with the associated authority. It takes a state as parameter and in addition to the URL it also returns a mapping of extra state data and potentially an error.
func (*Details) MakeRedirectEndSessionRequestURL ¶
func (d *Details) MakeRedirectEndSessionRequestURL(ref interface{}, state string) (*url.URL, map[string]interface{}, error)
MakeRedirectEndSessionRequestURL returns the end session request URL which can be used to initiate end session with the associated authority. It takes a state as paraeter and in addition to the URL it also returns a mappting of extra state data and potentially an error.
func (*Details) MakeRedirectEndSessionResponseURL ¶
func (d *Details) MakeRedirectEndSessionResponseURL(req interface{}, state string) (*url.URL, map[string]interface{}, error)
MakeRedirectEndSessionResponseURL returns the end session response URL which can be used to redirect back the response for an incoming end session request. It takes the authority specific request and a state, returning the destination url, additional state mapping and potential error.
func (*Details) ParseStateResponse ¶
func (d *Details) ParseStateResponse(req *http.Request, state string, extra map[string]interface{}) (interface{}, error)
ParseStateResponse takes an incoming request, a state and optional extra data and returns the parsed authority specific response data for that request or error.
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
Registry implements the registry for registered authorities.
func NewRegistry ¶
func NewRegistry(ctx context.Context, baseURI *url.URL, registrationConfFilepath string, logger logrus.FieldLogger) (*Registry, error)
NewRegistry creates a new authorizations Registry with the provided parameters.
func (*Registry) Default ¶
Default returns the default authority from the associated registry if any.
func (*Registry) Find ¶
func (r *Registry) Find(ctx context.Context, selector func(authority AuthorityRegistration) bool) (AuthorityRegistration, bool)
Find returns the first registered authority that satisfies the provided selector function.
func (*Registry) Get ¶
Get returns the registered authorities registration for the provided client ID.
func (*Registry) Lookup ¶
Lookup returns and validates the authority Detail information for the provided parameters from the accociated authority registry.
func (*Registry) Register ¶
func (r *Registry) Register(authority AuthorityRegistration) error
Register validates the provided authority registration and adds the authority to the accociated registry if valid. Returns error otherwise.
Source Files
Directories