mirror of
https://github.com/lukaszraczylo/traefikoidc.git
synced 2026-06-05 22:44:17 +00:00
lukaszraczylo
e64fc7f730
* Add redis support for distributed caching * Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * ... and another all nighter. * fixup! ... and another all nighter. * fixup! fixup! ... and another all nighter. * fixup! fixup! fixup! ... and another all nighter. * Resolve issue #85 by adding ability to set custom claims in JWT tokens * Remove redundant validation in auth middleware ( issue #89 ) * Add ability to set cookie prefix for session cookies ( #87 ) * fixup! Add ability to set cookie prefix for session cookies ( #87 ) * Add ability to set cookie max age - issue #91 * Potential fix for code scanning alert no. 10: Size computation for allocation may overflow Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fixup! Merge main into 0.8.0-redis: resolve conflicts --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
73 lines
1.8 KiB
Go
73 lines
1.8 KiB
Go
package providers
|
|
|
|
import (
|
|
"net/url"
|
|
)
|
|
|
|
// Auth0Provider encapsulates Auth0-specific OIDC logic.
|
|
type Auth0Provider struct {
|
|
*BaseProvider
|
|
}
|
|
|
|
// NewAuth0Provider creates a new instance of the Auth0Provider.
|
|
func NewAuth0Provider() *Auth0Provider {
|
|
return &Auth0Provider{
|
|
BaseProvider: NewBaseProvider(),
|
|
}
|
|
}
|
|
|
|
// GetType returns the provider's type.
|
|
func (p *Auth0Provider) GetType() ProviderType {
|
|
return ProviderTypeAuth0
|
|
}
|
|
|
|
// GetCapabilities returns the specific capabilities of the Auth0 provider.
|
|
func (p *Auth0Provider) GetCapabilities() ProviderCapabilities {
|
|
return ProviderCapabilities{
|
|
SupportsRefreshTokens: true,
|
|
RequiresOfflineAccessScope: true,
|
|
RequiresPromptConsent: false,
|
|
PreferredTokenValidation: "id", // Auth0 typically uses ID tokens
|
|
}
|
|
}
|
|
|
|
// BuildAuthParams configures Auth0-specific authentication parameters.
|
|
func (p *Auth0Provider) BuildAuthParams(baseParams url.Values, scopes []string) (*AuthParams, error) {
|
|
// Auth0 supports various response types and connection parameters
|
|
baseParams.Set("response_type", "code")
|
|
|
|
// Ensure offline_access scope is present for refresh tokens
|
|
hasOfflineAccess := false
|
|
for _, scope := range scopes {
|
|
if scope == ScopeOfflineAccess {
|
|
hasOfflineAccess = true
|
|
break
|
|
}
|
|
}
|
|
if !hasOfflineAccess {
|
|
scopes = append(scopes, ScopeOfflineAccess)
|
|
}
|
|
|
|
// Ensure openid scope is present
|
|
hasOpenID := false
|
|
for _, scope := range scopes {
|
|
if scope == ScopeOpenID {
|
|
hasOpenID = true
|
|
break
|
|
}
|
|
}
|
|
if !hasOpenID {
|
|
scopes = append(scopes, ScopeOpenID)
|
|
}
|
|
|
|
return &AuthParams{
|
|
URLValues: baseParams,
|
|
Scopes: deduplicateScopes(scopes),
|
|
}, nil
|
|
}
|
|
|
|
// Auth0 requires specific tenant configuration and connection handling.
|
|
func (p *Auth0Provider) ValidateConfig() error {
|
|
return p.BaseProvider.ValidateConfig()
|
|
}
|