oauth2

package
v0.3.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 6, 2020 License: AGPL-3.0 Imports: 14 Imported by: 16

Documentation

Overview

Package oauth2 contains all the necessary configurations to initialize the idp communication using oauth2 protocol

Index

Constants

View Source 
const (
	// const for idp configuration
	ConsoleIdpURL            = "CONSOLE_IDP_URL"
	ConsoleIdpClientID       = "CONSOLE_IDP_CLIENT_ID"
	ConsoleIdpSecret         = "CONSOLE_IDP_SECRET"
	ConsoleIdpCallbackURL    = "CONSOLE_IDP_CALLBACK"
	ConsoleIdpAdminRoles     = "CONSOLE_IDP_ADMIN_ROLES"
	ConsoleIdpHmacPassphrase = "CONSOLE_IDP_HMAC_PASSPHRASE"
	ConsoleIdpHmacSalt       = "CONSOLE_IDP_HMAC_SALT"
	ConsoleIdpPolicyUser     = "CONSOLE_IDP_POLICY_USER"
)

Variables

This section is empty.

Functions

func GetIDPPolicyForUser 

func GetIDPPolicyForUser() string

GetSaltForIdpHmac returns the policy to be assigned to the users authenticating via an IDP

func GetIdpAdminRoles 

func GetIdpAdminRoles() string

func GetIdpCallbackURL 

func GetIdpCallbackURL() string

Public endpoint used by the identity oidcProvider when redirecting the user after identity verification

func GetIdpClientID 

func GetIdpClientID() string

func GetIdpSecret 

func GetIdpSecret() string

func GetIdpURL 

func GetIdpURL() string

func GetRandomStateWithHMAC 

func GetRandomStateWithHMAC(length int) string

GetRandomStateWithHMAC computes message + hmac(message, pbkdf2(key, salt)) to be used as state during the oauth authorization

func IsIdpEnabled 

func IsIdpEnabled() bool

Types

type Config 

type Config struct {
	xoauth2.Config
}

func (Config) AuthCodeURL 

func (ac Config) AuthCodeURL(state string, opts ...xoauth2.AuthCodeOption) string

func (Config) Client 

func (ac Config) Client(ctx context.Context, t *xoauth2.Token) *http.Client

func (Config) Exchange 

func (ac Config) Exchange(ctx context.Context, code string, opts ...xoauth2.AuthCodeOption) (*xoauth2.Token, error)

func (Config) PasswordCredentialsToken 

func (ac Config) PasswordCredentialsToken(ctx context.Context, username string, password string) (*xoauth2.Token, error)

func (Config) TokenSource 

func (ac Config) TokenSource(ctx context.Context, t *xoauth2.Token) xoauth2.TokenSource

type Configuration 

type Configuration interface {
	Exchange(ctx context.Context, code string, opts ...xoauth2.AuthCodeOption) (*xoauth2.Token, error)
	AuthCodeURL(state string, opts ...xoauth2.AuthCodeOption) string
	PasswordCredentialsToken(ctx context.Context, username string, password string) (*xoauth2.Token, error)
	Client(ctx context.Context, t *xoauth2.Token) *http.Client
	TokenSource(ctx context.Context, t *xoauth2.Token) xoauth2.TokenSource
}

type Provider 

type Provider struct {
	// oauth2Config is an interface configuration that contains the following fields
	// Config{
	// 	 ClientID string
	//	 ClientSecret string
	//	 RedirectURL string
	//	 Endpoint oauth2.Endpoint
	//	 Scopes []string
	// }
	// - ClientID is the public identifier for this application
	// - ClientSecret is a shared secret between this application and the authorization server
	// - RedirectURL is the URL to redirect users going through
	//   the OAuth flow, after the resource owner's URLs.
	// - Endpoint contains the resource server's token endpoint
	//   URLs. These are constants specific to each server and are
	//   often available via site-specific packages, such as
	//   google.Endpoint or github.Endpoint.
	// - Scopes specifies optional requested permissions.
	ClientID string
	// contains filtered or unexported fields
}

Provider is a wrapper of the oauth2 configuration and the oidc provider

func NewOauth2ProviderClient 

func NewOauth2ProviderClient(ctx context.Context, scopes []string) (*Provider, error)

NewOauth2ProviderClient instantiates a new oauth2 client using the configured credentials it returns a *Provider object that contains the necessary configuration to initiate an oauth2 authentication flow

func (*Provider) GenerateLoginURL 

func (client *Provider) GenerateLoginURL() string

GenerateLoginURL returns a new login URL based on the configured IDP

func (*Provider) VerifyIdentity 

func (client *Provider) VerifyIdentity(ctx context.Context, code, state string) (*User, error)

VerifyIdentity will contact the configured IDP and validate the user identity based on the authorization code

type User 

type User struct {
	AppMetadata       map[string]interface{} `json:"app_metadata"`
	Blocked           bool                   `json:"blocked"`
	CreatedAt         string                 `json:"created_at"`
	Email             string                 `json:"email"`
	EmailVerified     bool                   `json:"email_verified"`
	FamilyName        string                 `json:"family_name"`
	GivenName         string                 `json:"given_name"`
	Identities        []interface{}          `json:"identities"`
	LastIP            string                 `json:"last_ip"`
	LastLogin         string                 `json:"last_login"`
	LastPasswordReset string                 `json:"last_password_reset"`
	LoginsCount       int                    `json:"logins_count"`
	Mltifactor        string                 `json:"multifactor"`
	Name              string                 `json:"name"`
	Nickname          string                 `json:"nickname"`
	PhoneNumber       string                 `json:"phone_number"`
	PhoneVerified     bool                   `json:"phone_verified"`
	Picture           string                 `json:"picture"`
	UpdatedAt         string                 `json:"updated_at"`
	UserID            string                 `json:"user_id"`
	UserMetadata      map[string]interface{} `json:"user_metadata"`
	Username          string                 `json:"username"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.