package lightwave

import "github.com/vmware/photon-controller-go-sdk/photon/lightwave"

Index

Functions

func ParseRawTokenDetails 

func ParseRawTokenDetails(token string) (jwtToken []string, err error)

A JSON web token is a set of Base64 encoded strings separated by a period (.) When decoded, it will either be JSON text or a signature Here we parse the full JSON text. We do not parse the signature.

Types

type JWTToken 

type JWTToken struct {
	TokenId    string   `json:"jti"`
	Algorithm  string   `json:"alg"`
	Subject    string   `json:"sub"`
	Audience   []string `json:"aud"`
	Groups     []string `json:"groups"`
	Issuer     string   `json:"iss"`
	IssuedAt   int64    `json:"iat"`
	Expires    int64    `json:"exp"`
	Scope      string   `json:"scope"`
	TokenType  string   `json:"token_type"`
	TokenClass string   `json:"token_class"`
	Tenant     string   `json:"tenant"`
}

func ParseTokenDetails 

func ParseTokenDetails(token string) (jwtToken *JWTToken)

A JSON web token is a set of Base64 encoded strings separated by a period (.) When decoded, it will either be JSON text or a signature Here we decode the strings into a single token structure. We do not parse the signature.

type OIDCClient 

type OIDCClient struct {
	Endpoint string
	Options  *OIDCClientOptions
	// contains filtered or unexported fields
}

func NewOIDCClient 

func NewOIDCClient(endpoint string, options *OIDCClientOptions, logger *log.Logger) (c *OIDCClient)

func (*OIDCClient) GetClientTokenByPasswordGrant 

func (client *OIDCClient) GetClientTokenByPasswordGrant(username string, password string, clientID string) (tokens *OIDCTokenResponse, err error)

func (*OIDCClient) GetRootCerts 

func (client *OIDCClient) GetRootCerts() (certList []*x509.Certificate, err error)

func (*OIDCClient) GetTokenByPasswordGrant 

func (client *OIDCClient) GetTokenByPasswordGrant(username string, password string) (tokens *OIDCTokenResponse, err error)

func (*OIDCClient) GetTokenByRefreshTokenGrant 

func (client *OIDCClient) GetTokenByRefreshTokenGrant(refreshToken string) (tokens *OIDCTokenResponse, err error)

func (*OIDCClient) GetTokensFromWindowsLogInContext 

func (client *OIDCClient) GetTokensFromWindowsLogInContext() (tokens *OIDCTokenResponse, err error)

GetTokensFromWindowsLogInContext gets tokens based on Windows logged in context Here is how it works: 1. Get the SPN (Service Principal Name) in the format host/FQDN of lightwave. This is needed for SSPI/Kerberos protocol 2. Call Windows API AcquireCredentialsHandle() using SSPI library. This will give the current users credential handle 3. Using this handle call Windows API AcquireCredentialsHandle(). This will give you byte[] 4. Encode this byte[] and send it to OIDC server over HTTP (using POST) 5. OIDC server can send either of the following

6. In case you get error, parse it and get the token from server 7. Feed this token to step 3 and repeat steps till you get the access tokens from server

type OIDCClientOptions 

type OIDCClientOptions struct {
	// Whether or not to ignore any TLS errors when talking to photon,
	// false by default.
	IgnoreCertificate bool

	// List of root CA's to use for server validation
	// nil by default.
	RootCAs *x509.CertPool

	// The scope values to use when requesting tokens
	TokenScope string
}

type OIDCError 

type OIDCError struct {
	Code    string `json:"error"`
	Message string `json:"error_description"`
}

func (OIDCError) Error 

func (e OIDCError) Error() string

type OIDCTokenResponse 

type OIDCTokenResponse struct {
	AccessToken  string `json:"access_token"`
	ExpiresIn    int    `json:"expires_in"`
	RefreshToken string `json:"refresh_token,omitempty"`
	IdToken      string `json:"id_token"`
	TokenType    string `json:"token_type"`
}

Source Files

jwttoken.go oidcclient.go oidcclient_sspi.go

Version
v0.0.0-20171012155938-e3620ad3ad39 (latest)
Published
Oct 12, 2017
Platform
windows/amd64
Imports
15 packages
Last checked
10 hours ago

Tools for package owners.