mirror of
https://github.com/lukaszraczylo/traefikoidc.git
synced 2026-06-05 22:44:17 +00:00
lukaszraczylo
e64fc7f730
* Add redis support for distributed caching * Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * ... and another all nighter. * fixup! ... and another all nighter. * fixup! fixup! ... and another all nighter. * fixup! fixup! fixup! ... and another all nighter. * Resolve issue #85 by adding ability to set custom claims in JWT tokens * Remove redundant validation in auth middleware ( issue #89 ) * Add ability to set cookie prefix for session cookies ( #87 ) * fixup! Add ability to set cookie prefix for session cookies ( #87 ) * Add ability to set cookie max age - issue #91 * Potential fix for code scanning alert no. 10: Size computation for allocation may overflow Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fixup! Merge main into 0.8.0-redis: resolve conflicts --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
57 lines
1.6 KiB
Go
57 lines
1.6 KiB
Go
package providers
|
|
|
|
import (
|
|
"net/url"
|
|
)
|
|
|
|
// GoogleProvider encapsulates Google-specific OIDC logic.
|
|
type GoogleProvider struct {
|
|
*BaseProvider
|
|
}
|
|
|
|
// NewGoogleProvider creates a new instance of the GoogleProvider.
|
|
func NewGoogleProvider() *GoogleProvider {
|
|
return &GoogleProvider{
|
|
BaseProvider: NewBaseProvider(),
|
|
}
|
|
}
|
|
|
|
// GetType returns the provider's type.
|
|
func (p *GoogleProvider) GetType() ProviderType {
|
|
return ProviderTypeGoogle
|
|
}
|
|
|
|
// GetCapabilities returns the specific capabilities of the Google provider.
|
|
func (p *GoogleProvider) GetCapabilities() ProviderCapabilities {
|
|
return ProviderCapabilities{
|
|
SupportsRefreshTokens: true, // Google DOES support refresh tokens
|
|
RequiresOfflineAccessScope: false, // Google uses access_type=offline instead
|
|
RequiresPromptConsent: true,
|
|
PreferredTokenValidation: "id",
|
|
}
|
|
}
|
|
|
|
// BuildAuthParams configures Google-specific authentication parameters.
|
|
func (p *GoogleProvider) BuildAuthParams(baseParams url.Values, scopes []string) (*AuthParams, error) {
|
|
baseParams.Set("access_type", "offline")
|
|
baseParams.Set("prompt", "consent")
|
|
|
|
// Google does not use the ScopeOfflineAccess scope, so we remove it if present.
|
|
var filteredScopes []string
|
|
for _, scope := range scopes {
|
|
if scope != ScopeOfflineAccess {
|
|
filteredScopes = append(filteredScopes, scope)
|
|
}
|
|
}
|
|
|
|
return &AuthParams{
|
|
URLValues: baseParams,
|
|
Scopes: deduplicateScopes(filteredScopes),
|
|
}, nil
|
|
}
|
|
|
|
// Google requires specific scopes and client configuration for proper operation.
|
|
func (p *GoogleProvider) ValidateConfig() error {
|
|
return p.BaseProvider.ValidateConfig()
|
|
}
|