oidc

package

v0.10.3 Latest Latest Go to latest Published: Feb 28, 2020 License: GPL-3.0 Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/CSCfi/qvain-api

Links

Open Source Insights

Documentation ¶

Overview ¶

Package oidcclient implements a basic oidc client to authenticate users at an OpenID Connect IdP using the Code flow.

Index ¶

Constants
Variables
func WithAllowDevLogin(val bool) func(*OidcClient)
func WithSkipExpiryCheck(val bool) func(*OidcClient)
type OidcClient
- func NewOidcClient(name string, id string, secret string, redirectUrl string, providerUrl string, ...) (*OidcClient, error)
type OidcClientOption

Constants ¶

View Source

const (
	// DefaultLoginTimeout is the age, in seconds, of the state cookie during OIDC login.
	DefaultLoginTimeout = 600 // 10m

	// DefaultCookiePath sets the URL path cookies from this package are valid for.
	DefaultCookiePath = "/api/auth"
)

Variables ¶

View Source

var ErrMissingCSCUserName = errors.New("Missing CSCUserName field")

View Source

var ErrMissingOrganization = errors.New("Missing Organization field")

User should have home organization

Functions ¶

func WithAllowDevLogin ¶

func WithAllowDevLogin(val bool) func(*OidcClient)

WithAllowDevLogin enables logging in at [login_url]?token=[jwt_id_token] with a custom token. The token is still validated as usual.

func WithSkipExpiryCheck ¶

func WithSkipExpiryCheck(val bool) func(*OidcClient)

WithSkipExpiryCheck disables checking token expiration time, so expired tokens can be used.

Types ¶

type OidcClient ¶

type OidcClient struct {
	Name string

	//OnLogin func(w http.ResponseWriter, r *http.Request, sub string, exp time.Time) error
	//OnLogin func(http.ResponseWriter, *http.Request, *oauth2.Token, *gooidc.IDToken) error
	OnLogin func(http.ResponseWriter, *http.Request, *oauth2.Token, *gooidc.IDToken) error
	// contains filtered or unexported fields
}

OidcClient holds the OpenID Connect and OAuth2 configuration for an authentication provider.

func NewOidcClient ¶

func NewOidcClient(name string, id string, secret string, redirectUrl string,
	providerUrl string, frontendUrl string, options ...OidcClientOption) (*OidcClient, error)

NewOidcClient creates a new OpenID Connect client for the given provider and credentials.

func (*OidcClient) Auth ¶

func (client *OidcClient) Auth() http.HandlerFunc

Auth is a HTTP handler that forwards the OIDC client to the Authorization endpoint.

func (*OidcClient) Callback ¶

func (client *OidcClient) Callback() http.HandlerFunc

Callback is a HTTP handler that takes the callback from the OIDC token endpoint.

func (*OidcClient) DumpToken ¶

func (client *OidcClient) DumpToken(w http.ResponseWriter, token *oauth2.Token, idToken *gooidc.IDToken)

func (*OidcClient) SetLogger ¶

func (client *OidcClient) SetLogger(logger zerolog.Logger)

SetLogger sets the logger for the OIDC client. It is probably not safe to call this after the handlers are instantiated.

type OidcClientOption ¶

type OidcClientOption func(*OidcClient)

OidcClientOption is used for passing optional configuration to a OidcClient.

Source Files ¶

View all Source files

client.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL