github.com/minio/console@v1.4.1/pkg/auth/idp.go (about) 1 // This file is part of MinIO Console Server 2 // Copyright (c) 2021 MinIO, Inc. 3 // 4 // This program is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Affero General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // This program is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Affero General Public License for more details. 13 // 14 // You should have received a copy of the GNU Affero General Public License 15 // along with this program. If not, see <http://www.gnu.org/licenses/>. 16 17 package auth 18 19 import ( 20 "context" 21 22 "github.com/minio/console/pkg/auth/idp/oauth2" 23 "github.com/minio/minio-go/v7/pkg/credentials" 24 xoauth2 "golang.org/x/oauth2" 25 ) 26 27 // IdentityProviderI interface with all functions to be implemented 28 // by mock when testing, it should include all IdentityProvider respective api calls 29 // that are used within this project. 30 type IdentityProviderI interface { 31 VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error) 32 VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error) 33 GenerateLoginURL() string 34 } 35 36 // Interface implementation 37 // 38 // Define the structure of a IdentityProvider with Client inside and define the functions that are used 39 // during the authentication flow. 40 type IdentityProvider struct { 41 KeyFunc oauth2.StateKeyFunc 42 Client *oauth2.Provider 43 RoleARN string 44 } 45 46 // VerifyIdentity will verify the user identity against the idp using the authorization code flow 47 func (c IdentityProvider) VerifyIdentity(ctx context.Context, code, state string) (*credentials.Credentials, error) { 48 return c.Client.VerifyIdentity(ctx, code, state, c.RoleARN, c.KeyFunc) 49 } 50 51 // VerifyIdentityForOperator will verify the user identity against the idp using the authorization code flow 52 func (c IdentityProvider) VerifyIdentityForOperator(ctx context.Context, code, state string) (*xoauth2.Token, error) { 53 return c.Client.VerifyIdentityForOperator(ctx, code, state, c.KeyFunc) 54 } 55 56 // GenerateLoginURL returns a new URL used by the user to login against the idp 57 func (c IdentityProvider) GenerateLoginURL() string { 58 return c.Client.GenerateLoginURL(c.KeyFunc, c.Client.IDPName) 59 }