3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-02 03:46:29 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal/identity/oidc.go
Bobby DeSimone 1187be2bf3
authenticator: support groups (#57) 
- authenticate/providers: add group support to azure
- authenticate/providers: add group support to google
- authenticate/providers: add group support to okta
- authenticate/providers: add group support to onelogin
- {authenticate/proxy}: change default cookie lifetime timeout to 14 hours
- proxy: sign group membership
- proxy: add group header
- deployment: add CHANGELOG
- deployment: fix where make release wasn’t including version
2019-02-28 19:34:22 -08:00

40 lines
1.1 KiB
Go
Raw Blame History

package identity // import "github.com/pomerium/pomerium/internal/identity"
import (
"context"
oidc "github.com/pomerium/go-oidc"
"golang.org/x/oauth2"
)
// OIDCProvider provides a standard, OpenID Connect implementation
// of an authorization identity provider.
// https://openid.net/specs/openid-connect-core-1_0.html
type OIDCProvider struct {
*Provider
}
// NewOIDCProvider creates a new instance of an OpenID Connect provider.
func NewOIDCProvider(p *Provider) (*OIDCProvider, error) {
ctx := context.Background()
if p.ProviderURL == "" {
return nil, ErrMissingProviderURL
}
var err error
p.provider, err = oidc.NewProvider(ctx, p.ProviderURL)
if err != nil {
return nil, err
}
if len(p.Scopes) == 0 {
p.Scopes = []string{oidc.ScopeOpenID, "profile", "email", "offline_access"}
}
p.verifier = p.provider.Verifier(&oidc.Config{ClientID: p.ClientID})
p.oauth = &oauth2.Config{
ClientID: p.ClientID,
ClientSecret: p.ClientSecret,
Endpoint: p.provider.Endpoint(),
RedirectURL: p.RedirectURL.String(),
Scopes: p.Scopes,
}
return &OIDCProvider{Provider: p}, nil
}
Reference in a new issue View git blame Copy permalink