auth

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 12, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrInvalidAuth = fmt.Errorf("invalid authentication")
View Source
var ErrInvalidUser = errors.New("invalid user")

Functions

func EnsureContextTODO

func EnsureContextTODO() context.Context

EnsureContextTODO returns a provisional context marked as pertaining to an Ensure loop. TODO: see Overlord.Loop to replace it with a proper context passed to all Ensures.

func IsEnsureContext

func IsEnsureContext(ctx context.Context) bool

IsEnsureContext returns whether context was marked as pertaining to an Ensure loop.

func MacaroonDeserialize

func MacaroonDeserialize(serializedMacaroon string) (*macaroon.Macaroon, error)

MacaroonDeserialize returns a deserialized macaroon from a given store-compatible serialization

func MacaroonSerialize

func MacaroonSerialize(m *macaroon.Macaroon) (string, error)

MacaroonSerialize returns a store-compatible serialized representation of the given macaroon

func UpdateUser

func UpdateUser(st *state.State, user *UserState) error

UpdateUser updates user in state

Types

type AuthState

type AuthState struct {
	LastID      int          `json:"last-id"`
	Users       []UserState  `json:"users"`
	Device      *DeviceState `json:"device,omitempty"`
	MacaroonKey []byte       `json:"macaroon-key,omitempty"`
}

AuthState represents current authenticated users as tracked in state

type CloudInfo

type CloudInfo struct {
	Name             string `json:"name"`
	Region           string `json:"region,omitempty"`
	AvailabilityZone string `json:"availability-zone,omitempty"`
}

CloudInfo reflects cloud information for the system (as captured in the core configuration).

type DeviceState

type DeviceState struct {
	// Brand refers to the brand-id
	Brand  string `json:"brand,omitempty"`
	Model  string `json:"model,omitempty"`
	Serial string `json:"serial,omitempty"`

	KeyID string `json:"key-id,omitempty"`

	SessionMacaroon string `json:"session-macaroon,omitempty"`
}

DeviceState represents the device's identity and store credentials

type NewUserParams

type NewUserParams struct {
	// Username is the name of the user on the system
	Username string
	// Email is the email associated with the user
	Email string
	// Macaroon is the store-associated authentication macaroon
	Macaroon string
	// Discharges contains discharged store auth caveats.
	Discharges []string
	// Expiration informs the devicestate that the user should be removed
	// when passing the expiration time. This is an optional setting.
	Expiration time.Time
}

type UserState

type UserState struct {
	ID              int       `json:"id"`
	Username        string    `json:"username,omitempty"`
	Email           string    `json:"email,omitempty"`
	Macaroon        string    `json:"macaroon,omitempty"`
	Discharges      []string  `json:"discharges,omitempty"`
	StoreMacaroon   string    `json:"store-macaroon,omitempty"`
	StoreDischarges []string  `json:"store-discharges,omitempty"`
	Expiration      time.Time `json:"expiration,omitempty"`
}

UserState represents an authenticated user

func CheckMacaroon

func CheckMacaroon(st *state.State, macaroon string, discharges []string) (*UserState, error)

CheckMacaroon returns the UserState for the given macaroon/discharges credentials

func NewUser

func NewUser(st *state.State, userParams NewUserParams) (*UserState, error)

NewUser tracks a new authenticated user and saves its details in the state

func RemoveUser

func RemoveUser(st *state.State, userID int) (removed *UserState, err error)

RemoveUser removes a user from the state given its ID.

func RemoveUserByUsername

func RemoveUserByUsername(st *state.State, username string) (removed *UserState, err error)

RemoveUserByUsername removes a user from the state given its username. Returns a *UserState with the identification information for them.

func User

func User(st *state.State, id int) (*UserState, error)

User returns a user from the state given its ID.

func UserByUsername

func UserByUsername(st *state.State, username string) (*UserState, error)

UserByUsername returns a user from the state given its username.

func Users

func Users(st *state.State) ([]*UserState, error)

func (*UserState) HasExpired

func (u *UserState) HasExpired() bool

HasExpired returns true if the user has an expiration set and current time is past the expiration date.

func (*UserState) HasStoreAuth

func (u *UserState) HasStoreAuth() bool

HasStoreAuth returns true if the user has store authorization.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL