NAME
Lemonldap::NG::Portal::Lib::OpenIDConnect - Common OpenIDConnect functions
SYNOPSIS
use Lemonldap::NG::Portal::Lib::OpenIDConnect;
DESCRIPTION
This module contains common methods for OpenIDConnect authentication and user information loading
METHODS
loadOPs
Load OpenID Connect Providers and JWKS data
loadRPs
Load OpenID Connect Relying Parties
refreshJWKSdata
Refresh JWKS data if needed
getRP
Get Relying Party corresponding to a Client ID
getCallbackUri
Compute callback URI
buildAuthorizationCodeAuthnRequest
Build Authentication Request URI for Authorization Code Flow
buildAuthorizationCodeAuthnResponse
Build Authentication Response URI for Authorization Code Flow
buildImplicitAuthnResponse
Build Authentication Response URI for Implicit Flow
buildHybridAuthnResponse
Build Authentication Response URI for Hybrid Flow
getAuthorizationCodeAccessToken
Get Token response with authorization code
checkTokenResponseValidity
Check validity of Token Response
getUserInfo
Get UserInfo response
decodeJSON
Convert JSON to HashRef
newAuthorizationCode
Generate new Authorization Code session
newAccessToken
Generate new Access Token session
newRefreshToken
Generate new Refresh Token session
getAuthorizationCode
Get existing Authorization Code session
getAccessToken
Get existing Access Token session
getRefreshToken
Get existing Refresh Token session
getOpenIDConnectSession
Try to recover the OpenID Connect session corresponding to id and return session
storeState
Store information in state database and return
extractState
Extract state information into $self
verifyJWTSignature
Check signature of a JWT
verifyHash
Check value hash
createHash
Create Hash
returnBearerError
Return Bearer error
getEndPointAuthenticationCredentials
Get Client ID and Client Secret
getEndPointAccessToken
Get Access Token
getAttributesListFromClaim
Return list of attributes authorized for a claim
buildUserInfoResponseFromId
Return Hash of UserInfo data from session ID
buildUserInfoResponse
Return Hash of UserInfo data from session object
createJWT
Return JWT
createIDToken
Return ID Token
getFlowType
Return flow type
getIDTokenSub
Return sub field of an ID Token
getJWTJSONData
Return payload of a JWT as Hash ref
key2jwks
Return JWKS representation of a key
buildLogoutRequest
Build Logout Request URI
buildLogoutResponse
Build Logout Response URI
addRouteFromConf
Build a Lemonldap::NG::Common::PSGI::Router route from OIDC configuration attribute
validatePKCEChallenge
Validate PKCE code challenge with given code challenge method
SEE ALSO
Lemonldap::NG::Portal::AuthOpenIDConnect, Lemonldap::NG::Portal::UserDBOpenIDConnect
AUTHORS
- LemonLDAP::NG team http://lemonldap-ng.org/team
BUG REPORT
Use OW2 system to report bug or ask for features: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues
DOWNLOAD
Lemonldap::NG is available at https://lemonldap-ng.org/download
COPYRIGHT AND LICENSE
See COPYING file for details.
This library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.