github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/config/identity/openid/provider/provider.go

github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/config/identity/openid/provider/provider.go (about)

     1  // Copyright (c) 2015-2021 MinIO, Inc.
     2  //
     3  // This file is part of MinIO Object Storage stack
     4  //
     5  // This program is free software: you can redistribute it and/or modify
     6  // it under the terms of the GNU Affero General Public License as published by
     7  // the Free Software Foundation, either version 3 of the License, or
     8  // (at your option) any later version.
     9  //
    10  // This program is distributed in the hope that it will be useful
    11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13  // GNU Affero General Public License for more details.
    14  //
    15  // You should have received a copy of the GNU Affero General Public License
    16  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17  
    18  package provider
    19  
    20  import "errors"
    21  
    22  // DiscoveryDoc - parses the output from openid-configuration
    23  // for example https://accounts.google.com/.well-known/openid-configuration
    24  //
    25  //nolint:unused
    26  type DiscoveryDoc struct {
    27  	Issuer                           string   `json:"issuer,omitempty"`
    28  	AuthEndpoint                     string   `json:"authorization_endpoint,omitempty"`
    29  	TokenEndpoint                    string   `json:"token_endpoint,omitempty"`
    30  	EndSessionEndpoint               string   `json:"end_session_endpoint,omitempty"`
    31  	UserInfoEndpoint                 string   `json:"userinfo_endpoint,omitempty"`
    32  	RevocationEndpoint               string   `json:"revocation_endpoint,omitempty"`
    33  	JwksURI                          string   `json:"jwks_uri,omitempty"`
    34  	ResponseTypesSupported           []string `json:"response_types_supported,omitempty"`
    35  	SubjectTypesSupported            []string `json:"subject_types_supported,omitempty"`
    36  	IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported,omitempty"`
    37  	ScopesSupported                  []string `json:"scopes_supported,omitempty"`
    38  	TokenEndpointAuthMethods         []string `json:"token_endpoint_auth_methods_supported,omitempty"`
    39  	ClaimsSupported                  []string `json:"claims_supported,omitempty"`
    40  	CodeChallengeMethodsSupported    []string `json:"code_challenge_methods_supported,omitempty"`
    41  }
    42  
    43  // User represents information about user.
    44  type User struct {
    45  	Name    string `json:"username"`
    46  	ID      string `json:"id"`
    47  	Enabled bool   `json:"enabled"`
    48  }
    49  
    50  // Standard errors.
    51  var (
    52  	ErrNotImplemented     = errors.New("function not implemented")
    53  	ErrAccessTokenExpired = errors.New("access_token expired or unauthorized")
    54  )
    55  
    56  // Provider implements identity provider specific admin operations, such as
    57  // looking up users, fetching additional attributes etc.
    58  type Provider interface {
    59  	LoginWithUser(username, password string) error
    60  	LoginWithClientID(clientID, clientSecret string) error
    61  	LookupUser(userid string) (User, error)
    62  }