Documentation
¶
Index ¶
- Variables
- type OIDCProvider
- func (p *OIDCProvider) GetAuthURL(state string) string
- func (p *OIDCProvider) GetIssuer() string
- func (p *OIDCProvider) HandleCallback(ctx context.Context, db *sqlite.DB, log *slog.Logger, ...) (*models.User, *models.Session, error)
- func (p *OIDCProvider) VerifyIDToken(ctx context.Context, rawIDToken string) (*oidc.IDToken, error)
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrSessionNotFound = errors.New("session not found") // Referenced in HandleCallback error mapping logic? (Keep for now, though defined in core/session) ErrSessionExpired = errors.New("session expired") // Referenced in HandleCallback error mapping logic? (Keep for now, though defined in core/session) ErrUserNotFound = errors.New("user not found") // Referenced in HandleCallback error mapping logic? (Keep for now, though defined in core/users) ErrTeamNotFound = errors.New("team not found") // Referenced in HandleCallback error mapping logic? (Keep for now, though defined in core/users) ErrUserInactive = errors.New("user inactive") ErrOIDCProviderNotConfigured = errors.New("OIDC provider not configured") ErrOIDCInvalidToken = errors.New("invalid OIDC token") ErrOIDCEmailNotVerified = errors.New("email not verified") ErrAdminNotFound = errors.New("admin not found") // May not be needed if admin check moves to core )
Define OIDC/Auth specific errors.
Functions ¶
This section is empty.
Types ¶
type OIDCProvider ¶
type OIDCProvider struct {
// contains filtered or unexported fields
}
OIDCProvider handles OIDC authentication interactions.
func NewOIDCProvider ¶
func NewOIDCProvider(ctx context.Context, oidcCfg *config.OIDCConfig, log *slog.Logger) (*OIDCProvider, error)
NewOIDCProvider initializes an OIDCProvider based on the provided configuration. It requires explicit AuthURL and TokenURL, but uses ProviderURL for discovery to set up the ID token verifier.
func (*OIDCProvider) GetAuthURL ¶
func (p *OIDCProvider) GetAuthURL(state string) string
GetAuthURL returns the URL for the OIDC authorization endpoint with the given state.
func (*OIDCProvider) GetIssuer ¶ added in v1.2.0
func (p *OIDCProvider) GetIssuer() string
GetIssuer returns the OIDC issuer URL.
func (*OIDCProvider) HandleCallback ¶
func (p *OIDCProvider) HandleCallback(ctx context.Context, db *sqlite.DB, log *slog.Logger, authCfg *config.AuthConfig, code, state string) (*models.User, *models.Session, error)
HandleCallback processes the OIDC callback, exchanges the code for tokens, verifies the ID token, looks up or potentially creates the user in the local database, and creates a local application session.
func (*OIDCProvider) VerifyIDToken ¶ added in v1.2.0
VerifyIDToken verifies an ID token string and returns the parsed token.
Source Files
Click to show internal directories.
Click to hide internal directories.