certsec

package

v1.0.1 Latest Latest Go to latest Published: Dec 30, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/evidenceledger/certauth

Links

Open Source Insights

Documentation ¶

Overview ¶

Package certsec implements the server logic for handling client certificate authentication from the user's browser.

Index ¶

type Config
type RelyingPartyCUDRequest
type Server
- func New(db *database.Database, ...) (*Server, error)
- func (s *Server) Start(ctx context.Context) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// Development mode
	Development bool

	// The URL and internal port of the CertSec server
	CertSecURL  string
	CertSecPort string

	// The URL of the CertAuth server, used to redirect the user back to the CertAuth server
	CertAuthURL             string
	CertificateBackEndpoint string
}

Config is the configuration for the CertSecserver.

type RelyingPartyCUDRequest ¶

type RelyingPartyCUDRequest struct {
	ID           int    `form:"id"`
	Action       string `form:"action"`
	Name         string `form:"name"`
	Description  string `form:"description"`
	ClientID     string `form:"client_id"`
	ClientSecret string `form:"client_secret"`
	RedirectURL  string `form:"redirect_url"`
	OriginURL    string `form:"origin_url"`
	Scopes       string `form:"scopes"`
	TokenExpiry  int    `form:"token_expiry"`
}

type Server ¶

type Server struct {
	// Development mode
	Development bool

	// The URL of the CertAuth server, used to redirect the user back to the CertAuth server
	CertSecURL  string
	CertSecPort string

	// The URL of the CertAuth server, used to redirect the user back to the CertAuth server
	CertAuthURL string

	// The endpoint of the CertAuth server, used to redirect the user back to the CertAuth server
	CertificateBackEndpoint string
	// contains filtered or unexported fields
}

Server represents the CertSec certificate authentication server

func New ¶

func New(
	db *database.Database,
	authprocCache *cache.GenericCache[string, *models.AuthProcess],
	ssoCache *cache.GenericCache[string, *models.SSOSession],
	cfg *Config) (*Server, error)

New creates a new CertSec server. This is a minimal server which requests a client certificate to the client browser. It is invoked from the CertAuth server, which is the main OpenID Provider supporting eIDAS certificates and Verifiable Credentials. The CerSec server requires a reverse proxy (like Caddy or Nginx) in front, terminating the TLS connection and configured to actually requesting the client certificate.

func (*Server) Start ¶

func (s *Server) Start(ctx context.Context) error

Start starts the server

Source Files ¶

View all Source files

certsec_server.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL