oauthgooidc

package

v0.1.2 Latest Latest Go to latest Published: Nov 3, 2025 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/zekith/oauthgo

Links

Open Source Insights

Documentation ¶

Index ¶

type OIDCConfig
type OIDCDecorator
- func NewOIDCDecorator(oAuth2Provider oauthgoauth2.OAuth2Provider, cfg OIDCConfig) (*OIDCDecorator, error)
- func (d *OIDCDecorator) UserInfo(ctx context.Context, accessToken, idToken string) (*User, error)
- func (d *OIDCDecorator) VerifyIDToken(ctx context.Context, raw string) error
type OIDCProvider
type OIDCUserClaims
type User

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type OIDCConfig ¶

type OIDCConfig struct {
	Issuer                     string
	DisableDiscovery           bool
	DisableIdTokenVerification bool
	JWKSURL                    string
	UserInfoURL                string // for discovery-less
	ClientID                   string // pass explicitly, so we never need to "extract" it
}

OIDCConfig represents the configuration for the OIDC provider.

type OIDCDecorator ¶

type OIDCDecorator struct {
	// contains filtered or unexported fields
}

OIDCDecorator wraps an OAuth2 provider and adds OIDC-specific functionality.

func NewOIDCDecorator ¶

func NewOIDCDecorator(oAuth2Provider oauthgoauth2.OAuth2Provider, cfg OIDCConfig) (*OIDCDecorator, error)

NewOIDCDecorator creates a new OIDCDecorator.

func (*OIDCDecorator) UserInfo ¶

func (d *OIDCDecorator) UserInfo(ctx context.Context, accessToken, idToken string) (*User, error)

UserInfo implements the OIDCDecorator interface and retrieves user information.

func (*OIDCDecorator) VerifyIDToken ¶

func (d *OIDCDecorator) VerifyIDToken(ctx context.Context, raw string) error

VerifyIDToken implements the OIDCDecorator interface and verifies the ID token.

type OIDCProvider ¶

type OIDCProvider interface {
	// UserInfo returns the user details.
	UserInfo(ctx context.Context, accessToken, idToken string) (*User, error)
	// VerifyIDToken verifies the JWT ID token.
	VerifyIDToken(ctx context.Context, rawIDToken string) error
}

OIDCProvider Identity-only surface (OIDC or custom profile).

type OIDCUserClaims ¶

type OIDCUserClaims struct {
	jwt.RegisteredClaims
	//Email is the user's email address.
	Email string `json:"email"`
	//EmailVerified indicates whether the user's email address has been verified.
	EmailVerified oauthgotypes.BoolString `json:"email_verified"`
	//Name is the user's full name.
	Name string `json:"name"`
	// GivenName is the user's first name.
	GivenName string `json:"given_name"`
	// FamilyName is the user's last name.
	FamilyName string `json:"family_name"`
	// Picture is the URL of the user's profile picture.
	Picture string `json:"picture"`
	// Locale is the user's locale, which can be a string or an object.
	Locale *oauthgotypes.Locale `json:"locale"` // supports string or object via custom unmarshal
}

OIDCUserClaims represents typical OIDC user claims including registered claims.

func (*OIDCUserClaims) GetAudience ¶

func (c *OIDCUserClaims) GetAudience() (jwt.ClaimStrings, error)

GetAudience returns the audience of the token. The audience is typically the client ID of the application that the token is intended for.

func (*OIDCUserClaims) GetExpirationTime ¶

func (c *OIDCUserClaims) GetExpirationTime() (*jwt.NumericDate, error)

GetExpirationTime returns the expiration time of the token.

func (*OIDCUserClaims) GetIssuedAt ¶

func (c *OIDCUserClaims) GetIssuedAt() (*jwt.NumericDate, error)

GetIssuedAt returns the issued at time of the token.

func (*OIDCUserClaims) GetIssuer ¶

func (c *OIDCUserClaims) GetIssuer() (string, error)

GetIssuer returns the issuer of the token.

func (*OIDCUserClaims) GetNotBefore ¶

func (c *OIDCUserClaims) GetNotBefore() (*jwt.NumericDate, error)

GetNotBefore returns the not before time of the token.

func (*OIDCUserClaims) GetSubject ¶

func (c *OIDCUserClaims) GetSubject() (string, error)

GetSubject returns the subject of the token. The subject is typically the unique identifier for the user in the OIDC context.

func (*OIDCUserClaims) ToUser ¶

func (c *OIDCUserClaims) ToUser() *User

ToUser converts OIDCUserClaims to a User.

type User ¶

type User struct {
	Subject       string               `json:"sub"`
	Email         string               `json:"email"`
	EmailVerified bool                 `json:"email_verified"`
	Name          string               `json:"name"`
	GivenName     string               `json:"given_name"`
	FamilyName    string               `json:"family_name"`
	Picture       string               `json:"picture"`
	Locale        *oauthgotypes.Locale `json:"locale"`
	Attributes    map[string]string    `json:"attributes"`
	RawProfile    map[string]any       `json:"raw_profile"`
}

User represents details that can be extracted from an ID token.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL