1package jwtauth 2 3import ( 4 "context" 5 "fmt" 6 7 "golang.org/x/oauth2" 8) 9 10// Provider-specific configuration interfaces 11// All providers must implement the CustomProvider interface, and may implement 12// others as needed. 13 14// ProviderMap returns a map of provider names to custom types 15func ProviderMap() map[string]CustomProvider { 16 return map[string]CustomProvider{ 17 "azure": &AzureProvider{}, 18 "gsuite": &GSuiteProvider{}, 19 } 20} 21 22// CustomProvider - Any custom provider must implement this interface 23type CustomProvider interface { 24 // Initialize should validate jwtConfig.ProviderConfig, set internal values 25 // and run any initialization necessary for subsequent calls to interface 26 // functions the provider implements 27 Initialize(context.Context, *jwtConfig) error 28 29 // SensitiveKeys returns any fields in a provider's jwtConfig.ProviderConfig 30 // that should be masked or omitted when output 31 SensitiveKeys() []string 32} 33 34// NewProviderConfig - returns appropriate provider struct if provider_config is 35// specified in jwtConfig. The provider map is provider name -to- instance of a 36// CustomProvider. 37func NewProviderConfig(ctx context.Context, jc *jwtConfig, providerMap map[string]CustomProvider) (CustomProvider, error) { 38 if len(jc.ProviderConfig) == 0 { 39 return nil, nil 40 } 41 provider, ok := jc.ProviderConfig["provider"].(string) 42 if !ok { 43 return nil, fmt.Errorf("'provider' field not found in provider_config") 44 } 45 newCustomProvider, ok := providerMap[provider] 46 if !ok { 47 return nil, fmt.Errorf("provider %q not found in custom providers", provider) 48 } 49 if err := newCustomProvider.Initialize(ctx, jc); err != nil { 50 return nil, fmt.Errorf("error initializing %q provider_config: %s", provider, err) 51 } 52 return newCustomProvider, nil 53} 54 55// UserInfoFetcher - Optional support for custom user info handling 56type UserInfoFetcher interface { 57 FetchUserInfo(context.Context, *jwtAuthBackend, map[string]interface{}, *jwtRole) error 58} 59 60// GroupsFetcher - Optional support for custom groups handling 61type GroupsFetcher interface { 62 // FetchGroups queries for groups claims during login 63 FetchGroups(context.Context, *jwtAuthBackend, map[string]interface{}, *jwtRole, oauth2.TokenSource) (interface{}, error) 64} 65