table of contents
- bookworm 2.16.1+ds-deb12u3
- bookworm-backports 2.20.1+ds-1~bpo12+1
- testing 2.20.1+ds-1
- unstable 2.20.1+ds-1
| Lemonldap::NG::Portal::Lib::OpenIDConnect(3pm) | User Contributed Perl Documentation | Lemonldap::NG::Portal::Lib::OpenIDConnect(3pm) |
NAME¶
Lemonldap::NG::Portal::Lib::OpenIDConnect - Common OpenIDConnect functions
SYNOPSIS¶
use Lemonldap::NG::Portal::Lib::OpenIDConnect;
DESCRIPTION¶
This module contains common methods for OpenIDConnect authentication and user information loading
METHODS¶
loadOPs¶
Load OpenID Connect Providers and JWKS data
loadRPs¶
Load OpenID Connect Relying Parties
refreshJWKSdata¶
Refresh JWKS data if needed
getRP¶
Get Relying Party corresponding to a Client ID
getCallbackUri¶
Compute callback URI
buildAuthorizationCodeAuthnRequest¶
Build Authentication Request URI for Authorization Code Flow
buildAuthorizationCodeAuthnResponse¶
Build Authentication Response URI for Authorization Code Flow
buildImplicitAuthnResponse¶
Build Authentication Response URI for Implicit Flow
buildHybridAuthnResponse¶
Build Authentication Response URI for Hybrid Flow
getAuthorizationCodeAccessToken¶
Get Token response with authorization code
checkTokenResponseValidity¶
Check validity of Token Response
getUserInfo¶
Get UserInfo response
decodeJSON¶
Convert JSON to HashRef
newAuthorizationCode¶
Generate new Authorization Code session
newAccessToken¶
Generate new Access Token session
newRefreshToken¶
Generate new Refresh Token session
getAuthorizationCode¶
Get existing Authorization Code session
getAccessToken¶
Get existing Access Token session
getRefreshToken¶
Get existing Refresh Token session
getOpenIDConnectSession¶
Try to recover the OpenID Connect session corresponding to id and return session
storeState¶
Store information in state database and return
extractState¶
Extract state information into $self
verifyJWTSignature¶
Check signature of a JWT
verifyHash¶
Check value hash
createHash¶
Create Hash
returnBearerError¶
Return Bearer error
getEndPointAuthenticationCredentials¶
Get Client ID and Client Secret
getEndPointAccessToken¶
Get Access Token
getAttributesListFromClaim¶
Return list of attributes authorized for a claim
buildUserInfoResponseFromId¶
Return Hash of UserInfo data from session ID
buildUserInfoResponse¶
Return Hash of UserInfo data from session object
createJWT¶
Return JWT
createIDToken¶
Return ID Token
getFlowType¶
Return flow type
getIDTokenSub¶
Return sub field of an ID Token
getJWTJSONData¶
Return payload of a JWT as Hash ref
key2jwks¶
Return JWKS representation of a key
buildLogoutRequest¶
Build Logout Request URI
buildLogoutResponse¶
Build Logout Response URI
addRouteFromConf¶
Build a Lemonldap::NG::Common::PSGI::Router route from OIDC configuration attribute
validatePKCEChallenge¶
Validate PKCE code challenge with given code challenge method
SEE ALSO¶
Lemonldap::NG::Portal::AuthOpenIDConnect, Lemonldap::NG::Portal::UserDBOpenIDConnect
AUTHORS¶
BUG REPORT¶
Use OW2 system to report bug or ask for features: <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>
DOWNLOAD¶
Lemonldap::NG is available at <https://lemonldap-ng.org/download>
COPYRIGHT AND LICENSE¶
See COPYING file for details.
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
| 2024-11-09 | perl v5.40.0 |