go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-06-15 00:15:00 +02:00
Code Issues Releases Activity

Decouple TokenToSession from OIDC & add a generic VerifyFunc

Browse Source
This commit is contained in:
Nick Meves
2020-10-23 23:34:06 -07:00
parent e9f787957e
commit 3e9717d489
8 changed files with 102 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
pkg/apis/middleware/session.go
View File

@ -3,22 +3,24 @@ package middleware
import (
"context"
"github.com/coreos/go-oidc"
sessionsapi "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions"
)
// TokenToSessionFunc takes a rawIDToken and an idToken and converts it into a
// SessionState.
type TokenToSessionFunc func(ctx context.Context, rawIDToken string, idToken *oidc.IDToken) (*sessionsapi.SessionState, error)
type TokenToSessionFunc func(ctx context.Context, token string, verify VerifyFunc) (*sessionsapi.SessionState, error)
// VerifyFunc takes a raw bearer token and verifies it
type VerifyFunc func(ctx context.Context, token string) (interface{}, error)
// TokenToSessionLoader pairs a token verifier with the correct converter function
// to convert the ID Token to a SessionState.
type TokenToSessionLoader struct {
// Verfier is used to verify that the ID Token was signed by the claimed issuer
// Verifier is used to verify that the ID Token was signed by the claimed issuer
// and that the token has not been tampered with.
Verifier *oidc.IDTokenVerifier
Verifier VerifyFunc
// TokenToSession converts a rawIDToken and an idToken to a SessionState.
// TokenToSession converts a raw bearer token to a SessionState.
// (Optional) If not set a default basic implementation is used.
TokenToSession TokenToSessionFunc
}