This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/connector/interface.go
Eric Chiang 8216a3d992 connector: fix path that connectors listen on
When Dex uses a non-root issuer URL, it current assumes that all
path prefixes will be trimmed by an upstream proxy (e.g. nginx).
This means that all paths rendered in HTML will be absolute to the
prefix, but the handlers still listen at the root.

Connectors are currently the only component that registers at a
non-root URL. Make this conform with the rest of Dex by having the
server determine the path the connector listens as rather than the
connector itself.
2016-07-25 14:32:24 -07:00

73 lines
2.3 KiB
Go

package connector
import (
"errors"
"html/template"
"net/http"
"net/url"
"github.com/coreos/dex/repo"
"github.com/coreos/go-oidc/oidc"
"github.com/coreos/pkg/health"
)
var ErrorNotFound = errors.New("connector not found in repository")
type Connector interface {
// ID returns the ID of the ConnectorConfig used to create the Connector.
ID() string
// LoginURL returns the backend's authorization URL for a sessionKey
// and OAuth2 prompt type.
LoginURL(sessionKey, prompt string) (string, error)
// Handler allows connectors to register a callback handler with the
// dex server.
//
// Connectors will handle any path that extends the namespace URL provided
// when the Connector is instantiated.
Handler(errorURL url.URL) http.Handler
// Sync triggers any long-running tasks needed to maintain the
// Connector's operation. For example, this would encompass
// repeatedly caching any remote resources for local use.
Sync() chan struct{}
// TrustedEmailProvider indicates whether or not we can trust that email
// claims coming from this provider.
TrustedEmailProvider() bool
health.Checkable
}
//go:generate genconfig -o config.go connector Connector
type ConnectorConfig interface {
// ConnectorID returns a unique end user facing identifier. For example "google".
ConnectorID() string
// ConnectorType returns an implementation specific identifier. For example "oidc".
ConnectorType() string
// Connector is invoked by the dex server and returns a Connector configured
// to use the provided arguments. URL namespace is used to register callbacks.
// loginFunc is used to associate remote identies with dex session keys.
//
// The returned Connector must call loginFunc once upon successful
// identification of a user.
//
// Additional templates are passed for connectors that require rendering HTML
// pages, such as the "local" connector.
Connector(ns url.URL, loginFunc oidc.LoginFunc, tpls *template.Template) (Connector, error)
}
// GroupsConnector is a strategy for mapping a user to a set of groups. This is optionally
// implemented by some connectors.
type GroupsConnector interface {
Groups(fullUserID string) ([]string, error)
}
type ConnectorConfigRepo interface {
All() ([]ConnectorConfig, error)
GetConnectorByID(repo.Transaction, string) (ConnectorConfig, error)
Set(cfgs []ConnectorConfig) error
}