diff options
author | Mike Crute <mike@crute.us> | 2023-09-07 11:27:41 -0700 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2023-09-07 11:27:46 -0700 |
commit | 691d7abfdf5e8aa057483a1eb4340c71e45253de (patch) | |
tree | b816fa567344aaf9529cfaa24031502bb0fcad6f /app/models/oauth2.go | |
parent | cc8afd651957d7409868fc1d7bde599af188d8cd (diff) | |
download | websocket_proxy-master.tar.bz2 websocket_proxy-master.tar.xz websocket_proxy-master.zip |
Diffstat (limited to 'app/models/oauth2.go')
-rw-r--r-- | app/models/oauth2.go | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/app/models/oauth2.go b/app/models/oauth2.go index 9bfde0a..65d37d4 100644 --- a/app/models/oauth2.go +++ b/app/models/oauth2.go | |||
@@ -101,3 +101,50 @@ func (c *PKCEChallenge) Challenge() string { | |||
101 | func (c *PKCEChallenge) EqualString(o string) bool { | 101 | func (c *PKCEChallenge) EqualString(o string) bool { |
102 | return subtle.ConstantTimeCompare([]byte(o), []byte(c.Challenge())) != 1 | 102 | return subtle.ConstantTimeCompare([]byte(o), []byte(c.Challenge())) != 1 |
103 | } | 103 | } |
104 | |||
105 | const ( | ||
106 | GrantTypeAuthCode = "authorization_code" // RFC7591 | ||
107 | GrantTypeImplicit = "implicit" // RFC7591 | ||
108 | GrantTypePassword = "password" // RFC7591 | ||
109 | GrantTypeClientCreds = "client_credentials" // RFC7591 | ||
110 | GrantTypeRefreshToken = "refresh_token" // RFC7591 | ||
111 | GrantTypeBearerJwt = "urn:ietf:params:oauth:grant-type:jwt-bearer" // RFC7591 | ||
112 | GrantTypeBearerSaml = "urn:ietf:params:oauth:grant-type:saml2-bearer" // RFC7591 | ||
113 | GrantTypeDevice = "urn:ietf:params:oauth:grant-type:device_code" // RFC8628 | ||
114 | ResponseTypeCode = "code" // RFC7591 | ||
115 | ResponseTypeToken = "token" // RFC7591 | ||
116 | ResponseModeQuery = "query" // RFC7591 | ||
117 | ResponseModeFragment = "fragment" // RFC7591 | ||
118 | ResponseModeFormPost = "form_post" // RFC7591 | ||
119 | ChallengeTypePlain = "plain" // RFC7636 | ||
120 | ChallengeTypeSHA256 = "S256" // RFC7636 | ||
121 | Oauth2MetadataPath = "/.well-known/oauth-authorization-server" | ||
122 | Oauth2MetadataCompatPath = "/.well-known/openid-configuration" | ||
123 | ) | ||
124 | |||
125 | // All options are required unless omitempty | ||
126 | type OauthDiscoveryMetadata struct { | ||
127 | Issuer string `json:"issuer"` // RFC88414, https url w/no query/fragment | ||
128 | AuthorizationEndpoint string `json:"authorization_endpoint"` // RFC88414 | ||
129 | TokenEndpoint string `json:"token_endpoint"` // RFC88414 | ||
130 | SupportedResponseTypes []string `json:"response_types_supported"` // RFC88414 | ||
131 | JWKSUri string `json:"jwks_uri,omitempty"` // RFC88414 | ||
132 | RegistrationEndpoint string `json:"registration_endpoint,omitempty"` // RFC88414 | ||
133 | SupportedScopes []string `json:"scopes_supported,omitempty"` // RFC88414 | ||
134 | SupportedResponseModes []string `json:"response_modes_supported,omitempty"` // RFC88414 | ||
135 | SupportedGrantTypes []string `json:"grant_types_supported,omitempty"` // RFC88414, default: authorization_code, implicit | ||
136 | SupportedAuthMethods []string `json:"token_endpoint_auth_methods_supported,omitempty"` // RFC88414 | ||
137 | SupportedSigningAlgs []string `json:"token_endpoint_auth_signing_alg_values_supported,omitempty"` // RFC88414 | ||
138 | SupportedUILocales []string `json:"ui_locales_supported,omitempty"` // RFC88414, RFC5646 codes | ||
139 | PolicyUri string `json:"op_policy_uri,omitempty"` // RFC88414 | ||
140 | TosUri string `json:"op_tos_uri,omitempty"` // RFC88414 | ||
141 | RevocationEndpoint string `json:"revocation_endpoint,omitempty"` // RFC88414 | ||
142 | SupportedRevocationAuthMethods []string `json:"revocation_endpoint_auth_methods_supported,omitempty"` // RFC88414 | ||
143 | SupportedRevocationSigningAlgs []string `json:"revocation_endpoint_auth_signing_alg_values_supported,omitempty"` // RFC88414 | ||
144 | IntrospectionEndpoint string `json:"introspection_endpoint,omitempty"` // RFC88414 | ||
145 | SupportedIntrospectionAuthMethods []string `json:"introspection_endpoint_auth_methods_supported,omitempty"` // RFC88414 | ||
146 | SupportedIntrospectionSigningAlgs []string `json:"introspection_endpoint_auth_signing_alg_values_supported,omitempty"` // RFC88414 | ||
147 | SupportedChallengeCodeMethods []string `json:"code_challenge_methods_supported,omitempty"` // RFC88414 | ||
148 | ServiceDocumentation string `json:"service_documentation,omitempty"` // RFC88414 | ||
149 | DeviceAuthorizationEndpoint string `json:"device_authorization_endpoint,omitempty"` // RFC8628 | ||
150 | } | ||