oidc

package
v0.78.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 9, 2026 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateState 

func GenerateState() (string, error)

GenerateState produces a cryptographically random state parameter.

Types

type Claims 

type Claims struct {
	Subject       string   `json:"sub"`
	Email         string   `json:"email"`
	EmailVerified bool     `json:"email_verified"`
	Name          string   `json:"name"`
	Groups        []string `json:"groups,omitempty"`
	Issuer        string   `json:"iss"`
	Audience      string   `json:"aud"`
	ExpiresAt     int64    `json:"exp"`
	IssuedAt      int64    `json:"iat"`
}

Claims represents the standard claims extracted from an ID token.

func ParseIDTokenUnverified 

func ParseIDTokenUnverified(idToken string) (*Claims, error)

ParseIDTokenUnverified extracts claims from an ID token without cryptographic verification. Use this only when you have already validated the token via the token endpoint response.

type Config 

type Config struct {
	Issuer       string   `json:"issuer" yaml:"issuer"`
	ClientID     string   `json:"client_id" yaml:"client_id"`
	ClientSecret string   `json:"client_secret" yaml:"client_secret"` //nolint:gosec // G117: OIDC config field
	RedirectURI  string   `json:"redirect_uri" yaml:"redirect_uri"`
	Scopes       []string `json:"scopes" yaml:"scopes"`
}

Config holds OIDC provider configuration.

func (Config) Validate 

func (c Config) Validate() error

Validate checks that required configuration fields are set.

type DiscoveryDocument 

type DiscoveryDocument struct {
	Issuer                string   `json:"issuer"`
	AuthorizationEndpoint string   `json:"authorization_endpoint"`
	TokenEndpoint         string   `json:"token_endpoint"`
	UserInfoEndpoint      string   `json:"userinfo_endpoint"`
	JWKSURI