Provided by: liblemonldap-ng-portal-perl_2.18.2+ds-1_all bug

NAME

       Lemonldap::NG::Portal::Lib::OpenIDConnect - Common OpenIDConnect functions

SYNOPSIS

       use Lemonldap::NG::Portal::Lib::OpenIDConnect;

DESCRIPTION

       This module contains common methods for OpenIDConnect authentication and user information
       loading

METHODS

   loadOPs
       Load OpenID Connect Providers and JWKS data

   loadRPs
       Load OpenID Connect Relying Parties

   refreshJWKSdata
       Refresh JWKS data if needed

   getRP
       Get Relying Party corresponding to a Client ID

   getCallbackUri
       Compute callback URI

   buildAuthorizationCodeAuthnRequest
       Build Authentication Request URI for Authorization Code Flow

   buildAuthorizationCodeAuthnResponse
       Build Authentication Response URI for Authorization Code Flow

   buildImplicitAuthnResponse
       Build Authentication Response URI for Implicit Flow

   buildHybridAuthnResponse
       Build Authentication Response URI for Hybrid Flow

   getAuthorizationCodeAccessToken
       Get Token response with authorization code

   checkTokenResponseValidity
       Check validity of Token Response

   getUserInfo
       Get UserInfo response

   decodeJSON
       Convert JSON to HashRef

   newAuthorizationCode
       Generate new Authorization Code session

   newAccessToken
       Generate new Access Token session

   newRefreshToken
       Generate new Refresh Token session

   getAuthorizationCode
       Get existing Authorization Code session

   getAccessToken
       Get existing Access Token session

   getRefreshToken
       Get existing Refresh Token session

   getOpenIDConnectSession
       Try to recover the OpenID Connect session corresponding to id and return session

   storeState
       Store information in state database and return

   extractState
       Extract state information into $self

   verifyJWTSignature
       Check signature of a JWT

   verifyHash
       Check value hash

   createHash
       Create Hash

   returnBearerError
       Return Bearer error

   getEndPointAuthenticationCredentials
       Get Client ID and Client Secret

   getEndPointAccessToken
       Get Access Token

   getAttributesListFromClaim
       Return list of attributes authorized for a claim

   buildUserInfoResponseFromId
       Return Hash of UserInfo data from session ID

   buildUserInfoResponse
       Return Hash of UserInfo data from session object

   createJWT
       Return JWT

   createIDToken
       Return ID Token

   getFlowType
       Return flow type

   getIDTokenSub
       Return sub field of an ID Token

   getJWTJSONData
       Return payload of a JWT as Hash ref

   key2jwks
       Return JWKS representation of a key

   buildLogoutRequest
       Build Logout Request URI

   buildLogoutResponse
       Build Logout Response URI

   addRouteFromConf
       Build a Lemonldap::NG::Common::PSGI::Router route from OIDC configuration attribute

   validatePKCEChallenge
       Validate PKCE code challenge with given code challenge method

SEE ALSO

       Lemonldap::NG::Portal::AuthOpenIDConnect, Lemonldap::NG::Portal::UserDBOpenIDConnect

AUTHORS

       LemonLDAP::NG team <http://lemonldap-ng.org/team>

BUG REPORT

       Use OW2 system to report bug or ask for features:
       <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues>

DOWNLOAD

       Lemonldap::NG is available at <https://lemonldap-ng.org/download>

COPYRIGHT AND LICENSE

       See COPYING file for details.

       This library is free software; you can redistribute it and/or modify it under the terms of
       the GNU General Public License as published by the Free Software Foundation; either
       version 2, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
       without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
       See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program.
       If not, see <http://www.gnu.org/licenses/>.

perl v5.38.2                                2024-02Lemonldap::NG::Portal::Lib::OpenIDConnect(3pm)