mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
0a970aef8a
This moves the OpenID Connect storage from memory into the SQL storage, making it persistent and allowing it to be used with clustered deployments like the rest of Authelia.
118 lines
3.1 KiB
Go
118 lines
3.1 KiB
Go
package oidc
|
|
|
|
import (
|
|
"github.com/ory/fosite"
|
|
|
|
"github.com/authelia/authelia/v4/internal/authentication"
|
|
"github.com/authelia/authelia/v4/internal/authorization"
|
|
"github.com/authelia/authelia/v4/internal/configuration/schema"
|
|
"github.com/authelia/authelia/v4/internal/model"
|
|
)
|
|
|
|
// NewClient creates a new Client.
|
|
func NewClient(config schema.OpenIDConnectClientConfiguration) (client *Client) {
|
|
client = &Client{
|
|
ID: config.ID,
|
|
Description: config.Description,
|
|
Secret: []byte(config.Secret),
|
|
Public: config.Public,
|
|
|
|
Policy: authorization.PolicyToLevel(config.Policy),
|
|
|
|
Audience: config.Audience,
|
|
Scopes: config.Scopes,
|
|
RedirectURIs: config.RedirectURIs,
|
|
GrantTypes: config.GrantTypes,
|
|
ResponseTypes: config.ResponseTypes,
|
|
ResponseModes: []fosite.ResponseModeType{fosite.ResponseModeDefault},
|
|
|
|
UserinfoSigningAlgorithm: config.UserinfoSigningAlgorithm,
|
|
}
|
|
|
|
for _, mode := range config.ResponseModes {
|
|
client.ResponseModes = append(client.ResponseModes, fosite.ResponseModeType(mode))
|
|
}
|
|
|
|
return client
|
|
}
|
|
|
|
// IsAuthenticationLevelSufficient returns if the provided authentication.Level is sufficient for the client of the AutheliaClient.
|
|
func (c Client) IsAuthenticationLevelSufficient(level authentication.Level) bool {
|
|
return authorization.IsAuthLevelSufficient(level, c.Policy)
|
|
}
|
|
|
|
// GetID returns the ID.
|
|
func (c Client) GetID() string {
|
|
return c.ID
|
|
}
|
|
|
|
// GetSectorIdentifier returns the SectorIdentifier for this client.
|
|
func (c Client) GetSectorIdentifier() string {
|
|
return c.SectorIdentifier
|
|
}
|
|
|
|
// GetConsentResponseBody returns the proper consent response body for this session.OIDCWorkflowSession.
|
|
func (c Client) GetConsentResponseBody(consent *model.OAuth2ConsentSession) ConsentGetResponseBody {
|
|
body := ConsentGetResponseBody{
|
|
ClientID: c.ID,
|
|
ClientDescription: c.Description,
|
|
}
|
|
|
|
if consent != nil {
|
|
body.Scopes = consent.RequestedScopes
|
|
body.Audience = consent.RequestedAudience
|
|
}
|
|
|
|
return body
|
|
}
|
|
|
|
// GetHashedSecret returns the Secret.
|
|
func (c Client) GetHashedSecret() []byte {
|
|
return c.Secret
|
|
}
|
|
|
|
// GetRedirectURIs returns the RedirectURIs.
|
|
func (c Client) GetRedirectURIs() []string {
|
|
return c.RedirectURIs
|
|
}
|
|
|
|
// GetGrantTypes returns the GrantTypes.
|
|
func (c Client) GetGrantTypes() fosite.Arguments {
|
|
if len(c.GrantTypes) == 0 {
|
|
return fosite.Arguments{"authorization_code"}
|
|
}
|
|
|
|
return c.GrantTypes
|
|
}
|
|
|
|
// GetResponseTypes returns the ResponseTypes.
|
|
func (c Client) GetResponseTypes() fosite.Arguments {
|
|
if len(c.ResponseTypes) == 0 {
|
|
return fosite.Arguments{"code"}
|
|
}
|
|
|
|
return c.ResponseTypes
|
|
}
|
|
|
|
// GetScopes returns the Scopes.
|
|
func (c Client) GetScopes() fosite.Arguments {
|
|
return c.Scopes
|
|
}
|
|
|
|
// IsPublic returns the value of the Public property.
|
|
func (c Client) IsPublic() bool {
|
|
return c.Public
|
|
}
|
|
|
|
// GetAudience returns the Audience.
|
|
func (c Client) GetAudience() fosite.Arguments {
|
|
return c.Audience
|
|
}
|
|
|
|
// GetResponseModes returns the valid response modes for this client.
|
|
//
|
|
// Implements the fosite.ResponseModeClient.
|
|
func (c Client) GetResponseModes() []fosite.ResponseModeType {
|
|
return c.ResponseModes
|
|
}
|