auth

package
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 12, 2023 License: Apache-2.0 Imports: 17 Imported by: 3

Documentation

Overview

Package auth facilitates an OAuth login/logout flow.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAccessTokenizer

func NewAccessTokenizer(claimRules *claimrule.ClaimRules) *accessTokenizer

NewAccessTokenizer creates a new tokenizer that can verify OIDC provider generated Access Token.

func NewOidcTokenizer

func NewOidcTokenizer(verifier *oidc.IDTokenVerifier) *oidcTokenizer

NewOidcTokenizer creates a new tokenizer that can verify OIDC provider generated ID Token.

func NewStateTokenizer

func NewStateTokenizer(lifetime time.Duration, secret string) *stateTokenizer

NewStateTokenizer creates a new stateTokenizer that can generate and verify tokens using the given lifetime and signed with the given secret.

func NewUserTokenizer

func NewUserTokenizer(lifetime time.Duration, secret string) *userTokenizer

NewUserTokenizer creates a new userTokenizer that can generate and verify tokens using the given lifetime and signed with the given secret.

Types

type OidcAuth

type OidcAuth struct {
	// contains filtered or unexported fields
}

OidcAuth facilitates an Oauth2 login flow via http handlers.

func NewFromConfig

func NewFromConfig(oidcConfigFile string) (*OidcAuth, error)

NewFromConfig reads and parses the given OIDC configuration file.

func (OidcAuth) Authorized

func (a OidcAuth) Authorized(handler http.Handler) http.Handler

Authorized wraps the given http.Handler in an authorization check. The given handler is only called if the user is authorized, otherwise a 404 status code is returned.

func (OidcAuth) AuthorizedFunc

func (a OidcAuth) AuthorizedFunc(handler http.HandlerFunc) http.Handler

AuthorizedFunc wraps the given http.HandlerFunc in an authorization check. The given handler is only called if the user is authorized, otherwise a 404 status code is returned.

func (OidcAuth) Endpoint

func (a OidcAuth) Endpoint() string

Endpoint returns the OAuth service endpoint (host with optional port) string. Used for generating redirects.

func (OidcAuth) GenerateServiceAccountToken

func (a OidcAuth) GenerateServiceAccountToken(svcacct *v1.ServiceAccount) (string, error)

GenerateServiceAccountToken generates a service account JWT containing a v1.User struct.

func (OidcAuth) Handle

func (a OidcAuth) Handle(mux *http.ServeMux)

Handle adds several standard OAuth routes handlers to the given http mux.

func (OidcAuth) ValidateServiceAccountToken

func (a OidcAuth) ValidateServiceAccountToken(token string) (*v1.ServiceAccount, error)

ValidateServiceAccountToken validates a service account JWT and returns the contained v1.ServiceAccount struct.

func (OidcAuth) ValidateUser

func (a OidcAuth) ValidateUser(token string) (*v1.User, error)

ValidateUser validates a user JWT and returns the contained v1.User struct.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL