2020-07-04 19:19:36 +01:00
|
|
|
package middleware
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
|
|
|
|
|
"github.com/coreos/go-oidc"
|
2020-09-30 01:44:42 +09:00
|
|
|
sessionsapi "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions"
|
2020-07-04 19:19:36 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// TokenToSessionFunc takes a rawIDToken and an idToken and converts it into a
|
|
|
|
|
// SessionState.
|
|
|
|
|
type TokenToSessionFunc func(ctx context.Context, rawIDToken string, idToken *oidc.IDToken) (*sessionsapi.SessionState, error)
|
|
|
|
|
|
|
|
|
|
// TokenToSessionLoader pairs a token verifier with the correct converter function
|
|
|
|
|
// to convert the ID Token to a SessionState.
|
|
|
|
|
type TokenToSessionLoader struct {
|
|
|
|
|
// Verfier is used to verify that the ID Token was signed by the claimed issuer
|
|
|
|
|
// and that the token has not been tampered with.
|
|
|
|
|
Verifier *oidc.IDTokenVerifier
|
|
|
|
|
|
|
|
|
|
// TokenToSession converts a rawIDToken and an idToken to a SessionState.
|
|
|
|
|
// (Optional) If not set a default basic implementation is used.
|
|
|
|
|
TokenToSession TokenToSessionFunc
|
|
|
|
|
}
|
