okta

package

v1.15.5 Latest Latest Go to latest Published: Oct 29, 2024 License: Apache-2.0 Imports: 8 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Cloud-Foundations/keymaster

Links

Open Source Insights

Documentation ¶

Index ¶

type OktaApiEmbeddedDataResponseType
type OktaApiLoginDataType
type OktaApiMFAFactorsType
type OktaApiPrimaryResponseType
type OktaApiPushResponseType
type OktaApiUserInfoType
type OktaApiUserProfileType
type OktaApiVerifyTOTPFactorDataType
type PasswordAuthenticator
- func NewPublic(oktaDomain string, usernameSuffix string, logger log.DebugLogger) (*PasswordAuthenticator, error)
- func NewPublicTesting(authnURL string, logger log.DebugLogger) (*PasswordAuthenticator, error)
type PushResponse

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type OktaApiEmbeddedDataResponseType ¶

type OktaApiEmbeddedDataResponseType struct {
	User   OktaApiUserInfoType     `json:"user,omitempty"`
	Factor []OktaApiMFAFactorsType `json:"factors,omitempty"`
}

type OktaApiLoginDataType ¶

type OktaApiLoginDataType struct {
	Password string `json:"password,omitempty"`
	Username string `json:"username,omitempty"`
}

type OktaApiMFAFactorsType ¶

type OktaApiMFAFactorsType struct {
	Id         string `json:"id,omitempty"`
	FactorType string `json:"factorType,omitempty"`
	Provider   string `json:"provider,omitempty"`
	VendorName string `json:"vendorName,omitempty"`
}

type OktaApiPrimaryResponseType ¶

type OktaApiPrimaryResponseType struct {
	StateToken      string                          `json:"stateToken,omitempty"`
	ExpiresAtString string                          `json:"expiresAt,omitempty"`
	Status          string                          `json:"status,omitempty"`
	Embedded        OktaApiEmbeddedDataResponseType `json:"_embedded,omitempty"`
}

type OktaApiPushResponseType ¶

type OktaApiPushResponseType struct {
	ExpiresAtString string                          `json:"expiresAt,omitempty"`
	Status          string                          `json:"status,omitempty"`
	FactorResult    string                          `json:"factorResult,omitempty"`
	Embedded        OktaApiEmbeddedDataResponseType `json:"_embedded,omitempty"`
}

type OktaApiUserInfoType ¶

type OktaApiUserInfoType struct {
	Id      string                 `json:"id,omitempty"`
	Profile OktaApiUserProfileType `json:"profile,omitempty"`
}

type OktaApiUserProfileType ¶

type OktaApiUserProfileType struct {
	Login string `json:"login,omitempty"`
}

type OktaApiVerifyTOTPFactorDataType ¶

type OktaApiVerifyTOTPFactorDataType struct {
	StateToken string `json:"stateToken,omitempty"`
	PassCode   string `json:"passCode,omitempty"`
}

type PasswordAuthenticator ¶

type PasswordAuthenticator struct {
	// contains filtered or unexported fields
}

func NewPublic ¶

func NewPublic(oktaDomain string, usernameSuffix string,
	logger log.DebugLogger) (*PasswordAuthenticator, error)

New creates a new PasswordAuthenticator using Okta as the backend. The Okta Public Application API is used, so rate limits apply. The Okta domain to check must be given by oktaDomain. Log messages are written to logger. A new *PasswordAuthenticator is returned.

func NewPublicTesting ¶

func NewPublicTesting(authnURL string, logger log.DebugLogger) (
	*PasswordAuthenticator, error)

NewPublicTesting creates a new public authenticator, but pointing to an explicit authenticator url intead of okta urls. Log messages are written to logger. A new *PasswordAuthenticator is returned.

func (*PasswordAuthenticator) GetValidUserResponse ¶ added in v1.15.5

func (pa *PasswordAuthenticator) GetValidUserResponse(username string) (*OktaApiPrimaryResponseType, error)

func (*PasswordAuthenticator) PasswordAuthenticate ¶

func (pa *PasswordAuthenticator) PasswordAuthenticate(username string,
	password []byte) (bool, error)

PasswordAuthenticate will authenticate a user using the provided username and password. It returns true if the user is authenticated, else false (due to either invalid username or incorrect password), and an error.

func (*PasswordAuthenticator) UpdateStorage ¶

func (pa *PasswordAuthenticator) UpdateStorage(storage simplestorage.SimpleStore) error

func (*PasswordAuthenticator) ValidateUserOTP ¶

func (pa *PasswordAuthenticator) ValidateUserOTP(username string, otpValue int) (bool, error)

ValidateUserOTP validates the otp value for an authenticated user. Assumes the user has a recent password authentication transaction. Returns true if the OTP value is valid according to okta, false otherwise.

func (*PasswordAuthenticator) ValidateUserPush ¶

func (pa *PasswordAuthenticator) ValidateUserPush(username string) (PushResponse, error)

ValidateUserPush initializes or checks if a user MFA push has succeed for a specific user. Returns one of PushRessponse.

type PushResponse ¶

type PushResponse int

const (
	PushResponseRejected PushResponse = iota
	PushResponseApproved
	PushResponseWaiting
	PushResonseTimeout
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL