3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-01 11:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/pkg/identity/oidc/auth0/auth0.go

82 lines
2.1 KiB
Go
Raw Permalink Blame History

// Package auth0 implements OpenID Connect for auth0
//
// https://www.pomerium.com/docs/identity-providers/auth0
package auth0
import (
"context"
"fmt"
"net/http"
"net/url"
"strings"
"github.com/pomerium/pomerium/internal/httputil"
"github.com/pomerium/pomerium/internal/urlutil"
"github.com/pomerium/pomerium/pkg/identity/oauth"
pom_oidc "github.com/pomerium/pomerium/pkg/identity/oidc"
)
const (
// Name identifies the Auth0 identity provider
Name = "auth0"
)
// Provider is an Auth0 implementation of the Authenticator interface.
type Provider struct {
*pom_oidc.Provider
}
// New instantiates an OpenID Connect (OIDC) provider for Auth0.
func New(ctx context.Context, o *oauth.Options) (*Provider, error) {
// allow URLs that don't have a trailing slash
if !strings.HasSuffix(o.ProviderURL, "/") {
tmp := new(oauth.Options)
*tmp = *o
tmp.ProviderURL += "/"
o = tmp
}
var p Provider
var err error
genericOidc, err := pom_oidc.New(ctx, o)
if err != nil {
return nil, fmt.Errorf("%s: failed creating oidc provider: %w", Name, err)
}
p.Provider = genericOidc
return &p, nil
}
// Name returns the provider name.
func (p *Provider) Name() string {
return Name
}
// SignOut implements logout as described in https://auth0.com/docs/api/authentication#logout.
func (p *Provider) SignOut(w http.ResponseWriter, r *http.Request, _, authenticateSignedOutURL, redirectToURL string) error {
oa, err := p.GetOauthConfig()
if err != nil {
return fmt.Errorf("error getting auth0 oauth config: %w", err)
}
authURL, err := urlutil.ParseAndValidateURL(oa.Endpoint.AuthURL)
if err != nil {
return fmt.Errorf("error parsing auth0 endpoint auth url: %w", err)
}
logoutQuery := url.Values{
"client_id": {oa.ClientID},
}
if redirectToURL != "" {
logoutQuery.Set("returnTo", redirectToURL)
} else if authenticateSignedOutURL != "" {
logoutQuery.Set("returnTo", authenticateSignedOutURL)
}
logoutURL := authURL.ResolveReference(&url.URL{
Path: "/v2/logout",
RawQuery: logoutQuery.Encode(),
})
httputil.Redirect(w, r, logoutURL.String(), http.StatusFound)
return nil
}
Reference in a new issue View git blame Copy permalink