auth

package

v3.10.1 Latest Latest Go to latest Published: Sep 5, 2024 License: MIT Imports: 14 Imported by: 60

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/i-love-flamingo/flamingo

Links

Open Source Insights

README ¶

Auth

Design

In general, all identifying brokers are able to be specified more than once, and at any point, there can be zero to many identities available.

Identity

The auth.Identity is the minimum available information about an identified request/context situation. It consists of Broker and Subject, where the broker identifies the authenticating party and the subject identifies the primary subject the identity identifies.

WebIdentifier

The WebIdentifier primarily identifies incoming web.Requests. This could be done by means of inspecting the session, request data (auth header), etc.

WebAuthenticator

WebIdentifier who implements the authenticator interface is able to trigger authentication. This can be a redirect to an external page, setting HTTP headers, or presenting a login form.

WebLogouter

Once a logout has triggered all identifiers who implement either one of the logout methods are called. The WebLogouter will destroy session data etc., while the WebLogouterWithRedirect can return a redirect (e.g. to an OpenID Connect server).

Multiple redirects are handled automagically.

Debug

In debug mode (core.auth.web.debugController, default to flamingo.debug.mode) there is http://localhost:3322/core/auth/debug for debugging.

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Identity ¶

type Identity interface {
	Subject() string
	Broker() string
}

Identity donates an authentication object which at least identifies the authenticated subject

type IdentityTypeChecker ¶ added in v3.2.1

type IdentityTypeChecker func(identity Identity) bool

IdentityTypeChecker for type asserting an Identity

type RequestIdentifier ¶

type RequestIdentifier interface {
	Broker() string
	Identify(ctx context.Context, request *web.Request) (Identity, error)
}

RequestIdentifier identifies an request and returns a matching identity

type RequestIdentifierFactory ¶

type RequestIdentifierFactory func(config config.Map) (RequestIdentifier, error)

RequestIdentifierFactory creates RequestIdentifier

type WebAuthenticater ¶

type WebAuthenticater interface {
	Authenticate(ctx context.Context, request *web.Request) web.Result
}

WebAuthenticater allows to request an authentication

type WebCallbacker ¶

type WebCallbacker interface {
	Callback(ctx context.Context, request *web.Request, returnTo func(*web.Request) *url.URL) web.Result
}

WebCallbacker is called for callbacks to that identity broker

type WebIdentityRefresher ¶ added in v3.4.0

type WebIdentityRefresher interface {
	RefreshIdentity(ctx context.Context, request *web.Request) error
}

WebIdentityRefresher refreshs an existing identity, e.g. by invalidating cached session data

type WebIdentityService ¶

type WebIdentityService struct {
	// contains filtered or unexported fields
}

WebIdentityService calls one or more identifier to get all possible identities of a user

func (*WebIdentityService) Authenticate ¶

func (s *WebIdentityService) Authenticate(ctx context.Context, request *web.Request) (string, web.Result)

Authenticate finds the first available (enforced) authentication result

func (*WebIdentityService) AuthenticateFor ¶

func (s *WebIdentityService) AuthenticateFor(ctx context.Context, broker string, request *web.Request) web.Result

AuthenticateFor starts the authentication for a given broker

func (*WebIdentityService) Identify ¶

func (s *WebIdentityService) Identify(ctx context.Context, request *web.Request) Identity

Identify the user, if any identity is found

func (*WebIdentityService) IdentifyAll ¶

func (s *WebIdentityService) IdentifyAll(ctx context.Context, request *web.Request) []Identity

IdentifyAll collects all possible user identites, in case multiple are available

func (*WebIdentityService) IdentifyAs ¶ added in v3.2.1

func (s *WebIdentityService) IdentifyAs(ctx context.Context, request *web.Request, checkType IdentityTypeChecker) (Identity, error)

IdentifyAs returns an identity for a given interface identity, err := s.IdentifyAs(ctx, request, OpenIDTypeChecker) identity.(oauth.OpenIDIdentity)

func (*WebIdentityService) IdentifyFor ¶

func (s *WebIdentityService) IdentifyFor(ctx context.Context, broker string, request *web.Request) (Identity, error)

IdentifyFor the user with a given broker

func (*WebIdentityService) Inject ¶

func (s *WebIdentityService) Inject(
	identityProviders []RequestIdentifier,
	reverseRouter web.ReverseRouter,
	eventRouter flamingo.EventRouter,
	responder *web.Responder,
) *WebIdentityService

Inject dependencies

func (*WebIdentityService) Logout ¶

func (s *WebIdentityService) Logout(ctx context.Context, request *web.Request, postLogoutRedirect *url.URL) web.Result

Logout logs all user out

func (*WebIdentityService) LogoutFor ¶

func (s *WebIdentityService) LogoutFor(ctx context.Context, broker string, request *web.Request, postLogoutRedirect *url.URL) web.Result

LogoutFor logs a specific broker out

func (*WebIdentityService) RequestIdentifier ¶

func (s *WebIdentityService) RequestIdentifier(broker string) RequestIdentifier

RequestIdentifier returns the given request identifier

type WebLoginEvent ¶

type WebLoginEvent struct {
	Request  *web.Request
	Broker   string
	Identity Identity
}

WebLoginEvent for the current request

type WebLogoutEvent ¶

type WebLogoutEvent struct {
	Request *web.Request
	Broker  string
}

WebLogoutEvent for the current request

type WebLogoutWithRedirect ¶

type WebLogoutWithRedirect interface {
	Logout(ctx context.Context, request *web.Request) *url.URL
}

WebLogoutWithRedirect logs user out and redirects to an sso logout endpoint

type WebLogouter ¶

type WebLogouter interface {
	Logout(ctx context.Context, request *web.Request)
}

WebLogouter logs user out

type WebModule ¶

type WebModule struct{}

WebModule registers identification for web requests

func (*WebModule) Configure ¶

func (m *WebModule) Configure(injector *dingo.Injector)

Configure dependency injection

func (*WebModule) CueConfig ¶

func (*WebModule) CueConfig() string

CueConfig schema

func (*WebModule) Depends ¶

func (*WebModule) Depends() []dingo.Module

Depends marks the WebModule to depend on the flamingo session module

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
example
custom
fake
http
mock
oauth

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL