oidc

package

v0.9.2 Latest Latest Go to latest Published: Nov 17, 2025 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openkcm/session-manager

Links

Documentation ¶

Index ¶

type Configuration
type Provider
type ProviderRepository
type Service
- func NewService(repo ProviderRepository) *Service

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Configuration ¶ added in v0.5.0

type Configuration struct {
	Issuer                            string   `json:"issuer,omitempty"`
	AuthorizationEndpoint             string   `json:"authorization_endpoint,omitempty"`
	TokenEndpoint                     string   `json:"token_endpoint,omitempty"`
	UserinfoEndpoint                  string   `json:"userinfo_endpoint,omitempty"`
	JwksURI                           string   `json:"jwks_uri,omitempty"`
	IntrospectionEndpoint             string   `json:"introspection_endpoint,omitempty"`
	ResponseTypesSupported            []string `json:"response_types_supported,omitempty"`
	GrantTypesSupported               []string `json:"grant_types_supported,omitempty"`
	SubjectTypesSupported             []string `json:"subject_types_supported,omitempty"`
	IDTokenSigningAlgValuesSupported  []string `json:"id_token_signing_alg_values_supported,omitempty"`
	ScopesSupported                   []string `json:"scopes_supported,omitempty"`
	TokenEndpointAuthMethodsSupported []string `json:"token_endpoint_auth_methods_supported,omitempty"`
	ClaimsSupported                   []string `json:"claims_supported,omitempty"`
}

Configuration. Usually accessible from the well-known openid-configuration URL. It's a subset of https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

type Provider ¶

type Provider struct {
	IssuerURL  string
	Blocked    bool
	JWKSURIs   []string
	Audiences  []string
	Properties map[string]string
}

type ProviderRepository ¶

type ProviderRepository interface {
	GetForTenant(ctx context.Context, tenantID string) (Provider, error)
	Get(ctx context.Context, issuerURL string) (Provider, error)
	Create(ctx context.Context, tenantID string, provider Provider) error
	Delete(ctx context.Context, tenantID string, provider Provider) error
	Update(ctx context.Context, tenantID string, provider Provider) error
}

ProviderRepository allows to read OIDC provider data for a tenant stored in the context.

type Service ¶ added in v0.1.0

type Service struct {
	// contains filtered or unexported fields
}

func NewService ¶ added in v0.1.0

func NewService(repo ProviderRepository) *Service

func (*Service) ApplyMapping ¶ added in v0.1.0

func (s *Service) ApplyMapping(ctx context.Context, tenantID string, provider Provider) error

func (*Service) BlockMapping ¶ added in v0.6.0

func (s *Service) BlockMapping(ctx context.Context, tenantID string) error

BlockMapping sets the Blocked flag to true for the OIDC provider associated with the given tenantID. If the provider is already blocked, it does nothing. Returns an error if the provider cannot be retrieved or updated.

func (*Service) GetProvider ¶ added in v0.1.0

func (s *Service) GetProvider(ctx context.Context, issuer string) (Provider, error)

func (*Service) RemoveMapping ¶ added in v0.1.0

func (s *Service) RemoveMapping(ctx context.Context, tenantID string) error

func (*Service) UnBlockMapping ¶ added in v0.6.0

func (s *Service) UnBlockMapping(ctx context.Context, tenantID string) error

UnBlockMapping sets the Blocked flag to false for the OIDC provider associated with the given tenantID. If the provider is not blocked, it does nothing. Returns an error if the provider cannot be retrieved or updated.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mock
sql

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL