112 lines
3.0 KiB
Go
112 lines
3.0 KiB
Go
package oidc
|
|
|
|
import (
|
|
"github.com/ory/fosite"
|
|
|
|
"github.com/authelia/authelia/internal/authentication"
|
|
"github.com/authelia/authelia/internal/authorization"
|
|
"github.com/authelia/authelia/internal/configuration/schema"
|
|
"github.com/authelia/authelia/internal/session"
|
|
)
|
|
|
|
// NewClient creates a new InternalClient.
|
|
func NewClient(config schema.OpenIDConnectClientConfiguration) (client *InternalClient) {
|
|
client = &InternalClient{
|
|
ID: config.ID,
|
|
Description: config.Description,
|
|
Policy: authorization.PolicyToLevel(config.Policy),
|
|
Secret: []byte(config.Secret),
|
|
RedirectURIs: config.RedirectURIs,
|
|
GrantTypes: config.GrantTypes,
|
|
ResponseTypes: config.ResponseTypes,
|
|
Scopes: config.Scopes,
|
|
|
|
UserinfoSigningAlgorithm: config.UserinfoSigningAlgorithm,
|
|
|
|
ResponseModes: []fosite.ResponseModeType{
|
|
fosite.ResponseModeDefault,
|
|
},
|
|
}
|
|
|
|
for _, mode := range config.ResponseModes {
|
|
client.ResponseModes = append(client.ResponseModes, fosite.ResponseModeType(mode))
|
|
}
|
|
|
|
return client
|
|
}
|
|
|
|
// IsAuthenticationLevelSufficient returns if the provided authentication.Level is sufficient for the client of the AutheliaClient.
|
|
func (c InternalClient) IsAuthenticationLevelSufficient(level authentication.Level) bool {
|
|
return authorization.IsAuthLevelSufficient(level, c.Policy)
|
|
}
|
|
|
|
// GetID returns the ID.
|
|
func (c InternalClient) GetID() string {
|
|
return c.ID
|
|
}
|
|
|
|
// GetConsentResponseBody returns the proper consent response body for this session.OIDCWorkflowSession.
|
|
func (c InternalClient) GetConsentResponseBody(session *session.OIDCWorkflowSession) ConsentGetResponseBody {
|
|
body := ConsentGetResponseBody{
|
|
ClientID: c.ID,
|
|
ClientDescription: c.Description,
|
|
}
|
|
|
|
if session != nil {
|
|
body.Scopes = scopeNamesToScopes(session.RequestedScopes)
|
|
body.Audience = audienceNamesToAudience(session.RequestedAudience)
|
|
}
|
|
|
|
return body
|
|
}
|
|
|
|
// GetHashedSecret returns the Secret.
|
|
func (c InternalClient) GetHashedSecret() []byte {
|
|
return c.Secret
|
|
}
|
|
|
|
// GetRedirectURIs returns the RedirectURIs.
|
|
func (c InternalClient) GetRedirectURIs() []string {
|
|
return c.RedirectURIs
|
|
}
|
|
|
|
// GetGrantTypes returns the GrantTypes.
|
|
func (c InternalClient) GetGrantTypes() fosite.Arguments {
|
|
if len(c.GrantTypes) == 0 {
|
|
return fosite.Arguments{"authorization_code"}
|
|
}
|
|
|
|
return c.GrantTypes
|
|
}
|
|
|
|
// GetResponseTypes returns the ResponseTypes.
|
|
func (c InternalClient) GetResponseTypes() fosite.Arguments {
|
|
if len(c.ResponseTypes) == 0 {
|
|
return fosite.Arguments{"code"}
|
|
}
|
|
|
|
return c.ResponseTypes
|
|
}
|
|
|
|
// GetScopes returns the Scopes.
|
|
func (c InternalClient) GetScopes() fosite.Arguments {
|
|
return c.Scopes
|
|
}
|
|
|
|
// IsPublic returns the value of the Public property.
|
|
func (c InternalClient) IsPublic() bool {
|
|
return c.Public
|
|
}
|
|
|
|
// GetAudience returns the Audience.
|
|
func (c InternalClient) GetAudience() fosite.Arguments {
|
|
return c.Audience
|
|
}
|
|
|
|
// GetResponseModes returns the valid response modes for this client.
|
|
//
|
|
// Implements the fosite.ResponseModeClient.
|
|
func (c InternalClient) GetResponseModes() []fosite.ResponseModeType {
|
|
return c.ResponseModes
|
|
}
|