oidc

package

v1.6.112 Latest Latest Go to latest Published: Aug 13, 2023 License: MPL-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hernad/nomad

Links

Open Source Insights

Documentation ¶

Index ¶

type CallbackServer
- func NewCallbackServer(addr string) (*CallbackServer, error)
type ProviderCache
- func NewProviderCache() *ProviderCache

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CallbackServer ¶

type CallbackServer struct {
	// contains filtered or unexported fields
}

CallbackServer is started with NewCallbackServer and creates an HTTP server for handling loopback OIDC auth redirects.

func NewCallbackServer ¶

func NewCallbackServer(addr string) (*CallbackServer, error)

NewCallbackServer creates and starts a new local HTTP server for OIDC authentication to redirect to. This is used to capture the necessary information to complete the authentication.

func (*CallbackServer) Close ¶

func (s *CallbackServer) Close() error

Close cleans up and shuts down the server. On close, errors may be sent to ErrorCh and should be ignored.

func (*CallbackServer) ErrorCh ¶

func (s *CallbackServer) ErrorCh() <-chan error

ErrorCh returns a channel where any errors are sent. Errors may be sent after Close and should be disregarded.

func (*CallbackServer) Nonce ¶

func (s *CallbackServer) Nonce() string

Nonce returns a generated nonce that can be used for the request.

func (*CallbackServer) RedirectURI ¶

func (s *CallbackServer) RedirectURI() string

RedirectURI is the redirect URI that should be provided for the auth.

func (*CallbackServer) ServeHTTP ¶

func (s *CallbackServer) ServeHTTP(w http.ResponseWriter, req *http.Request)

ServeHTTP implements http.Handler and handles the callback request. This isn't usually used directly; use the server address instead.

func (*CallbackServer) SuccessCh ¶

func (s *CallbackServer) SuccessCh() <-chan *api.ACLOIDCCompleteAuthRequest

SuccessCh returns a channel that gets sent a partially completed request to complete the OIDC auth with the Nomad server.

type ProviderCache ¶

type ProviderCache struct {
	// contains filtered or unexported fields
}

ProviderCache is a cache for OIDC providers. OIDC providers are something you don't want to recreate per-request since they make HTTP requests when they're constructed.

The ProviderCache purges a provider under two scenarios: (1) the provider config is updated, and it is different and (2) after a set amount of time (see cacheExpiry for value) in case the remote provider configuration changed.

func NewProviderCache ¶

func NewProviderCache() *ProviderCache

NewProviderCache should be used to initialize a provider cache. This will start up background resources to manage the cache.

func (*ProviderCache) Delete ¶

func (c *ProviderCache) Delete(name string)

Delete force deletes a single auth method from the cache by name.

func (*ProviderCache) Get ¶

func (c *ProviderCache) Get(authMethod *structs.ACLAuthMethod) (*oidc.Provider, error)

Get returns the OIDC provider for the given auth method configuration. This will initialize the provider if it isn't already in the cache or if the configuration changed.

func (*ProviderCache) Shutdown ¶

func (c *ProviderCache) Shutdown()

Shutdown stops any long-lived cache process and informs each OIDC provider that they are done. This should be called whenever the Nomad server is shutting down.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL