server

package
v0.0.0-...-535d45a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2025 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrInvalidOAuth2ClientSecret = errors.New("invalid oauth2 client secret")
View Source 
var ErrNoOAuth2SigningKey = errors.New("no oauth2 signing key")
View Source 
var ErrOAuth2ClientIDAlreadyRegistered = errors.New("oauth2 client ID already registered")
View Source 
var ErrOAuth2UserNotVerified = errors.New("oauth2 user not verified")
View Source 
var ErrUnknownOAuth2Client = errors.New("unknown oauth2 client")

Functions

func VerifyHandlerContext 

func VerifyHandlerContext(ctx context.Context, handler VerifyHandler, location *geoip.Location) context.Context

func VerifyHandlerContextValue 

func VerifyHandlerContextValue(ctx context.Context, handler VerifyHandler) *geoip.Location

Types

type EmailVerifyHandler 

type EmailVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewEmailVerifyHandler 

func NewEmailVerifyHandler(mailer *mail.Mailer, database database.Driver, userStore userstore.Backend) *EmailVerifyHandler

func (*EmailVerifyHandler) GenerateChallenge 

func (h *EmailVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*EmailVerifyHandler) Method 

func (*EmailVerifyHandler) Method() VerifyMethod

func (*EmailVerifyHandler) Taint 

func (h *EmailVerifyHandler) Taint()

func (*EmailVerifyHandler) Tainted 

func (h *EmailVerifyHandler) Tainted() bool

func (*EmailVerifyHandler) VerifyResponse 

func (h *EmailVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type ForwardHandler 

type ForwardHandler struct {
}

func (*ForwardHandler) Mount 

func (h *ForwardHandler) Mount(handler httpserver.Handler)

func (*ForwardHandler) Scheme 

func (h *ForwardHandler) Scheme() Scheme

type OAuth2Client 

type OAuth2Client struct {
	ID                     string
	Secret                 string
	RedirectURLs           []*url.URL
	PostLogoutRedirectURLs []*url.URL
}

type OAuth2Provider 

type OAuth2Provider struct {
	// contains filtered or unexported fields
}

func (*OAuth2Provider) AddClient 

func (p *OAuth2Provider) AddClient(client *OAuth2Client) error

func (*OAuth2Provider) AuthRequestByCode 

func (p *OAuth2Provider) AuthRequestByCode(ctx context.Context, code string) (op.AuthRequest, error)

func (*OAuth2Provider) AuthRequestByID 

func (p *OAuth2Provider) AuthRequestByID(ctx context.Context, id string) (op.AuthRequest, error)

func (*OAuth2Provider) Authenticate 

func (p *OAuth2Provider) Authenticate(ctx context.Context, id string, subject string, password string, verifyHandler VerifyHandler, remember bool) (string, error)

func (*OAuth2Provider) AuthorizeClientIDSecret 

func (p *OAuth2Provider) AuthorizeClientIDSecret(ctx context.Context, clientID string, clientSecret string) error

func (*OAuth2Provider) ClientCredentials 

func (p *OAuth2Provider) ClientCredentials(ctx context.Context, clientID string, clientSecret string) (op.Client, error)

func (*OAuth2Provider) ClientCredentialsTokenRequest 

func (p *OAuth2Provider) ClientCredentialsTokenRequest(ctx context.Context, clientID string, scopes []string) (op.TokenRequest, error)

func (*OAuth2Provider) Close 

func (p *OAuth2Provider) Close() error

func (*OAuth2Provider) Confirm 

func (p *OAuth2Provider) Confirm(ctx context.Context, id string, subject string, remember bool) (string, error)

func (*OAuth2Provider) CreateAccessAndRefreshTokens 

func (p *OAuth2Provider) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (string, string, time.Time, error)

func (*OAuth2Provider) CreateAccessToken 

func (p *OAuth2Provider) CreateAccessToken(ctx context.Context, request op.TokenRequest) (string, time.Time, error)

func (*OAuth2Provider) CreateAuthRequest 

func (p *OAuth2Provider) CreateAuthRequest(ctx context.Context, oidcAuthRequest *oidc.AuthRequest, userID string) (op.AuthRequest, error)

func (*OAuth2Provider) CreateTokenExchangeRequest 

func (p *OAuth2Provider) CreateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error

func (*OAuth2Provider) DeleteAuthRequest 

func (p *OAuth2Provider) DeleteAuthRequest(ctx context.Context, id string) error

func (*OAuth2Provider) GetClientByClientID 

func (p *OAuth2Provider) GetClientByClientID(ctx context.Context, clientID string) (op.Client, error)

func (*OAuth2Provider) GetDeviceAuthorizatonState 

func (p *OAuth2Provider) GetDeviceAuthorizatonState(ctx context.Context, clientID, deviceCode string) (*op.DeviceAuthorizationState, error)

func (*OAuth2Provider) GetKeyByIDAndClientID 

func (p *OAuth2Provider) GetKeyByIDAndClientID(ctx context.Context, keyID, clientID string) (*jose.JSONWebKey, error)

func (*OAuth2Provider) GetPrivateClaimsFromScopes 

func (p *OAuth2Provider) GetPrivateClaimsFromScopes(ctx context.Context, userID, clientID string, scopes []string) (map[string]any, error)

func (*OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest 

func (p *OAuth2Provider) GetPrivateClaimsFromTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) (claims map[string]any, err error)

func (*OAuth2Provider) GetRefreshTokenInfo 

func (p *OAuth2Provider) GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (string, string, error)

func (*OAuth2Provider) Health 

func (p *OAuth2Provider) Health(ctx context.Context) error

func (*OAuth2Provider) KeySet 

func (p *OAuth2Provider) KeySet(ctx context.Context) ([]op.Key, error)

func (*OAuth2Provider) Mount 

func (p *OAuth2Provider) Mount(handler httpserver.Handler) *OAuth2Provider

func (*OAuth2Provider) RevokeToken 

func (p *OAuth2Provider) RevokeToken(ctx context.Context, tokenOrTokenID string, userID string, clientID string) *oidc.Error

func (*OAuth2Provider) SaveAuthCode 

func (p *OAuth2Provider) SaveAuthCode(ctx context.Context, id string, code string) error

func (*OAuth2Provider) SetIntrospectionFromToken 

func (p *OAuth2Provider) SetIntrospectionFromToken(ctx context.Context, userinfo *oidc.IntrospectionResponse, tokenID string, subject string, clientID string) error

func (*OAuth2Provider) SetUserinfoFromRequest 

func (p *OAuth2Provider) SetUserinfoFromRequest(ctx context.Context, userInfo *oidc.UserInfo, token op.IDTokenRequest, scopes []string) error

func (*OAuth2Provider) SetUserinfoFromScopes 

func (p *OAuth2Provider) SetUserinfoFromScopes(ctx context.Context, userInfo *oidc.UserInfo, userID string, clientID string, scopes []string) error

func (*OAuth2Provider) SetUserinfoFromToken 

func (p *OAuth2Provider) SetUserinfoFromToken(ctx context.Context, userInfo *oidc.UserInfo, tokenID string, subject string, origin string) error

func (*OAuth2Provider) SetUserinfoFromTokenExchangeRequest 

func (p *OAuth2Provider) SetUserinfoFromTokenExchangeRequest(ctx context.Context, userinfo *oidc.UserInfo, request op.TokenExchangeRequest) error

func (*OAuth2Provider) SignatureAlgorithms 

func (p *OAuth2Provider) SignatureAlgorithms(ctx context.Context) ([]jose.SignatureAlgorithm, error)

func (*OAuth2Provider) SigningKey 

func (p *OAuth2Provider) SigningKey(ctx context.Context) (op.SigningKey, error)

func (*OAuth2Provider) StoreDeviceAuthorization 

func (p *OAuth2Provider) StoreDeviceAuthorization(ctx context.Context, clientID, deviceCode, userCode string, expires time.Time, scopes []string) error

func (*OAuth2Provider) TerminateSession 

func (p *OAuth2Provider) TerminateSession(ctx context.Context, userID string, clientID string) error

func (*OAuth2Provider) TokenRequestByRefreshToken 

func (p *OAuth2Provider) TokenRequestByRefreshToken(ctx context.Context, refreshTokenID string) (op.RefreshTokenRequest, error)

func (*OAuth2Provider) ValidateJWTProfileScopes 

func (p *OAuth2Provider) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)

func (*OAuth2Provider) ValidateTokenExchangeRequest 

func (p *OAuth2Provider) ValidateTokenExchangeRequest(ctx context.Context, request op.TokenExchangeRequest) error

func (*OAuth2Provider) Verify 

func (p *OAuth2Provider) Verify(ctx context.Context, id string, subject string, verifyHandler VerifyHandler, response string) (string, error)

type OAuth2ProviderConfig 

type OAuth2ProviderConfig struct {
	IssuerURL                *url.URL
	DefaultLogoutRedirectURL *url.URL
	SigningKeyAlgorithm      jose.SignatureAlgorithm
	CryptoKey                [32]byte
}

func (*OAuth2ProviderConfig) NewProvider 

func (config *OAuth2ProviderConfig) NewProvider(databaseDriver database.Driver, userStore userstore.Backend, opOpts ...op.Option) (*OAuth2Provider, error)

type PasskeyVerifyHandler 

type PasskeyVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewPasskeyVerifyHandler 

func NewPasskeyVerifyHandler(database database.Driver, requestVerification bool) *PasskeyVerifyHandler

func (*PasskeyVerifyHandler) GenerateChallenge 

func (h *PasskeyVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*PasskeyVerifyHandler) Method 

func (*PasskeyVerifyHandler) Method() VerifyMethod

func (*PasskeyVerifyHandler) Taint 

func (h *PasskeyVerifyHandler) Taint()

func (*PasskeyVerifyHandler) Tainted 

func (h *PasskeyVerifyHandler) Tainted() bool

func (*PasskeyVerifyHandler) VerifyResponse 

func (h *PasskeyVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type SAML2Provider 

type SAML2Provider struct {
	// contains filtered or unexported fields
}

func (*SAML2Provider) Mount 

func (p *SAML2Provider) Mount(handler httpserver.Handler)

func (*SAML2Provider) Scheme 

func (p *SAML2Provider) Scheme() Scheme

type SAML2ProviderConfig 

type SAML2ProviderConfig struct {
}

func (*SAML2ProviderConfig) NewProvider 

func (c *SAML2ProviderConfig) NewProvider() (*SAML2Provider, error)

type Scheme 

type Scheme string
const (
	SchemeNone    Scheme = ""
	SchemeForward Scheme = "forward"
	SchemeOAuth2  Scheme = "oauth2"
	SchemeSAML2   Scheme = "saml2"
)

type SchemeHandler 

type SchemeHandler interface {
	Scheme() Scheme
	Mount(handler httpserver.Handler)
}

type TOTPVerifyHandler 

type TOTPVerifyHandler struct {
	// contains filtered or unexported fields
}

func NewTOTPVerifyHandler 

func NewTOTPVerifyHandler(totpProvider *totp.Provider, database database.Driver, requestVerification bool) *TOTPVerifyHandler

func (*TOTPVerifyHandler) GenerateChallenge 

func (h *TOTPVerifyHandler) GenerateChallenge(ctx context.Context, subject string) (string, error)

func (*TOTPVerifyHandler) Method 

func (*TOTPVerifyHandler) Method() VerifyMethod

func (*TOTPVerifyHandler) Taint 

func (h *TOTPVerifyHandler) Taint()

func (*TOTPVerifyHandler) Tainted 

func (h *TOTPVerifyHandler) Tainted() bool

func (*TOTPVerifyHandler) VerifyResponse 

func (h *TOTPVerifyHandler) VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)

type VerifyHandler 

type VerifyHandler interface {
	Method() VerifyMethod
	Taint()
	Tainted() bool
	GenerateChallenge(ctx context.Context, subject string) (string, error)
	VerifyResponse(ctx context.Context, subject string, challenge string, response string) (bool, error)
}

func MockVerifyHandler 

func MockVerifyHandler() VerifyHandler

func NoneVerifyHandler 

func NoneVerifyHandler() VerifyHandler

type VerifyMethod 

type VerifyMethod string
const (
	VerifyMethodNone     VerifyMethod = ""
	VerifyMethodEmail    VerifyMethod = VerifyMethod(database.EmailKey)
	VerifyMethodTOTP     VerifyMethod = VerifyMethod(database.TOTPKey)
	VerifyMethodPasskey  VerifyMethod = VerifyMethod(database.PasskeyKey)
	VerifyMethodWebAuthn VerifyMethod = VerifyMethod(database.WebAuthnKey)
)

type WebAuthnConfig 

type WebAuthnConfig struct {
	RPID          string
	RPDisplayName string
	RPOrigins     []string
}

func (*WebAuthnConfig) NewWebAuthnProvider 

func (c *WebAuthnConfig) NewWebAuthnProvider() (*WebAuthnProvider, error)

type WebAuthnProvider 

type WebAuthnProvider struct {
	// contains filtered or unexported fields
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.