oidc

package
v1.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2016 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

oidc implements the authenticator.Token interface using the OpenID Connect protocol.

Index

Constants

View Source
const (
	DefaultRetries = 5
	DefaultBackoff = time.Second * 3
)

Variables

This section is empty.

Functions

This section is empty.

Types

type OIDCAuthenticator

type OIDCAuthenticator struct {
	// contains filtered or unexported fields
}

func New

func New(opts OIDCOptions) (*OIDCAuthenticator, error)

New creates a new OpenID Connect client with the given issuerURL and clientID. NOTE(yifan): For now we assume the server provides the "jwks_uri" so we don't need to manager the key sets by ourselves.

func (*OIDCAuthenticator) AuthenticateToken

func (a *OIDCAuthenticator) AuthenticateToken(value string) (user.Info, bool, error)

AuthenticateToken decodes and verifies a JWT using the OIDC client, if the verification succeeds, then it will extract the user info from the JWT claims.

func (*OIDCAuthenticator) Close

func (a *OIDCAuthenticator) Close()

Close closes the OIDC authenticator, this will close the provider sync goroutine.

type OIDCOptions

type OIDCOptions struct {
	IssuerURL     string
	ClientID      string
	CAFile        string
	UsernameClaim string
	GroupsClaim   string

	// 0 disables retry
	MaxRetries   int
	RetryBackoff time.Duration
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL