external

package

v1.5.0 Latest Latest Go to latest Published: Apr 21, 2017 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

gitproxy.zycloud.tk/openshift/origin

Links

Open Source Insights

Documentation ¶

Overview ¶

Package external implements an OAuth flow with an external identity provider

Index ¶

func NewExternalOAuthRedirector(provider Provider, state State, redirectURL string, ...) (handlers.AuthenticationRedirector, http.Handler, error)
func NewOAuthPasswordAuthenticator(provider Provider, mapper authapi.UserIdentityMapper) (authenticator.Password, error)
type Handler
type Provider
type RedirectorState
- func CSRFRedirectingState(csrf csrf.CSRF) RedirectorState
type State

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewExternalOAuthRedirector ¶

func NewExternalOAuthRedirector(provider Provider, state State, redirectURL string, success handlers.AuthenticationSuccessHandler, errorHandler handlers.AuthenticationErrorHandler, mapper authapi.UserIdentityMapper) (handlers.AuthenticationRedirector, http.Handler, error)

func NewOAuthPasswordAuthenticator ¶ added in v1.3.0

func NewOAuthPasswordAuthenticator(provider Provider, mapper authapi.UserIdentityMapper) (authenticator.Password, error)

Types ¶

type Handler ¶

type Handler struct {
	// contains filtered or unexported fields
}

Handler exposes an external oauth provider flow (including the call back) as an oauth.handlers.AuthenticationHandler to allow our internal oauth server to use an external oauth provider for authentication

func (*Handler) AuthenticatePassword ¶ added in v1.3.0

func (h *Handler) AuthenticatePassword(username, password string) (user.Info, bool, error)

func (*Handler) AuthenticationRedirect ¶

func (h *Handler) AuthenticationRedirect(w http.ResponseWriter, req *http.Request) error

AuthenticationRedirect implements oauth.handlers.RedirectAuthHandler

func (*Handler) ServeHTTP ¶

func (h *Handler) ServeHTTP(w http.ResponseWriter, req *http.Request)

ServeHTTP handles the callback request in response to an external oauth flow

type Provider ¶

type Provider interface {
	// NewConfig returns a client information that allows a standard oauth client to communicate with external oauth
	NewConfig() (*osincli.ClientConfig, error)
	// GetTransport returns the transport to use for server-to-server calls. If nil is returned, http.DefaultTransport is used.
	GetTransport() (http.RoundTripper, error)
	// AddCustomParameters allows an external oauth provider to provide parameters that are extension to the spec.  Some providers require this.
	AddCustomParameters(*osincli.AuthorizeRequest)
	// GetUserIdentity takes the external oauth token information this and returns the user identity, isAuthenticated, and error
	GetUserIdentity(*osincli.AccessData) (authapi.UserIdentityInfo, bool, error)
}

Provider encapsulates the URLs, configuration, any custom authorize request parameters, and the method for transforming an access token into an identity, for an external OAuth provider.

type RedirectorState ¶

type RedirectorState interface {
	State
	handlers.AuthenticationSuccessHandler
	handlers.AuthenticationErrorHandler
}

RedirectorState combines state generation/verification with redirections on authentication success and error

func CSRFRedirectingState ¶

func CSRFRedirectingState(csrf csrf.CSRF) RedirectorState

type State ¶

type State interface {
	Generate(w http.ResponseWriter, req *http.Request) (string, error)
	Check(state string, req *http.Request) (bool, error)
}

State handles generating and verifying the state parameter round-tripped to an external OAuth flow. Examples: CSRF protection, post authentication redirection

Source Files ¶

handler.go
interfaces.go

Directories ¶

Path	Synopsis
github
gitlab
google
openid

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL