identity

package
v0.26.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 11, 2019 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AuthorizeScopes 

func AuthorizeScopes(manager Manager, user User, scopes map[string]bool) (map[string]bool, map[string]bool)

AuthorizeScopes uses the provided manager and user to filter the provided scopes and returns a mapping of only the authorized scopes.

func GetSessionRef 

func GetSessionRef(label string, audience string, userID string) *string

GetSessionRef builds a per user and audience unique identifier.

func GetUserClaimsForScopes 

func GetUserClaimsForScopes(user User, scopes map[string]bool, requestedClaimsMaps []*payload.ClaimsRequestMap) map[string]jwt.Claims

GetUserClaimsForScopes returns a mapping of user claims of the provided user filtered by the provided scopes.

func NewContext 

func NewContext(ctx context.Context, auth AuthRecord) context.Context

NewContext returns a new Context that carries value auth.

Types

type AuthRecord 

type AuthRecord interface {
	Manager() Manager
	Subject() string
	AuthorizedScopes() map[string]bool
	AuthorizeScopes(map[string]bool)
	AuthorizedClaims() *payload.ClaimsRequest
	AuthorizeClaims(*payload.ClaimsRequest)
	Claims(...string) []jwt.Claims

	User() PublicUser
	SetUser(PublicUser)

	LoggedOn() (bool, time.Time)
	SetAuthTime(time.Time)
}

AuthRecord is an interface which provides identity auth information with scopes and claims..

func FromContext 

func FromContext(ctx context.Context) (AuthRecord, bool)

FromContext returns the AuthRecord value stored in ctx, if any.

func NewAuthRecord 

func NewAuthRecord(manager Manager, sub string, authorizedScopes map[string]bool, authorizedClaims *payload.ClaimsRequest, claimsByScope map[string]jwt.Claims) AuthRecord

NewAuthRecord returns a implementation of identity.AuthRecord holding the provided data in memory.

type Config 

type Config struct {
	SignInFormURI *url.URL
	SignedOutURI  *url.URL

	ScopesSupported []string

	Logger logrus.FieldLogger
}

Config defines a IdentityManager's configuration settings.

type IsHandledError 

type IsHandledError struct {
}

IsHandledError is an error which tells that the backend has handled the request and all further handling should stop

func (*IsHandledError) Error 

func (err *IsHandledError) Error() string

Error implements the error interface.

type LoginRequiredError 

type LoginRequiredError struct {
	// contains filtered or unexported fields
}

LoginRequiredError which backends can return to indicate that sign-in is required.

func NewLoginRequiredError 

func NewLoginRequiredError(id string, signInURI *url.URL) *LoginRequiredError

NewLoginRequiredError creates a new corresponding error with the provided id.

func (*LoginRequiredError) Error 

func (err *LoginRequiredError) Error() string

Error implements the error interface.

func (*LoginRequiredError) SignInURI 

func (err *LoginRequiredError) SignInURI() *url.URL

SignInURI returns the sign-in URL of the accociated error.

type Manager 

type Manager interface {
	Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, next Manager) (AuthRecord, error)
	Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth AuthRecord) (AuthRecord, error)
	EndSession(ctx context.Context, rw http.ResponseWriter, req *http.Request, esr *payload.EndSessionRequest) error

	ApproveScopes(ctx context.Context, sub string, audience string, approvedScopesList map[string]bool) (string, error)
	ApprovedScopes(ctx context.Context, sub string, audience string, ref string) (map[string]bool, error)

	Fetch(ctx context.Context, userID string, sessionRef *string, scopes map[string]bool, requestedClaimsMaps []*payload.ClaimsRequestMap) (AuthRecord, bool, error)

	Name() string
	ScopesSupported(scopes map[string]bool) []string
	ClaimsSupported(claims []string) []string

	AddRoutes(ctx context.Context, router *mux.Router)

	OnSetLogon(func(ctx context.Context, rw http.ResponseWriter, user User) error) error
	OnUnsetLogon(func(ctx context.Context, rw http.ResponseWriter) error) error
}

Manager is a interface to define a identity manager.

type PublicUser 

type PublicUser interface {
	Subject() string
	Raw() string
}

PublicUser is a user with a public Subject and a raw id.

type RedirectError 

type RedirectError struct {
	// contains filtered or unexported fields
}

RedirectError is an error which backends can return if a redirection is required.

func NewRedirectError 

func NewRedirectError(id string, redirectURI *url.URL) *RedirectError

NewRedirectError creates a new corresponding error with the provided id and redirect URL.

func (*RedirectError) Error 

func (err *RedirectError) Error() string

Error implements the error interface.

func (*RedirectError) RedirectURI 

func (err *RedirectError) RedirectURI() *url.URL

RedirectURI returns the redirection URL of the accociated error.

type User 

type User interface {
	Subject() string
}

User defines a most simple user with an id defined as subject.

type UserWithClaims 

type UserWithClaims interface {
	User
	Claims() jwt.MapClaims
}

UserWithClaims is a User with jwt claims.

type UserWithEmail 

type UserWithEmail interface {
	User
	Email() string
	EmailVerified() bool
}

UserWithEmail is a User with Email.

type UserWithID 

type UserWithID interface {
	User
	ID() int64
}

UserWithID is a User with a locally unique numeric id.

type UserWithProfile 

type UserWithProfile interface {
	User
	Name() string
	FamilyName() string
	GivenName() string
}

UserWithProfile is a User with Name.

type UserWithScopedClaims 

type UserWithScopedClaims interface {
	User
	ScopedClaims(authorizedScopes map[string]bool) jwt.MapClaims
}

UserWithScopedClaims is a user with jwt claims bound to provided scopes.

type UserWithSessionRef 

type UserWithSessionRef interface {
	User
	SessionRef() *string
}

UserWithSessionRef is a user which supports an underlaying session reference.

type UserWithUniqueID 

type UserWithUniqueID interface {
	User
	UniqueID() string
}

UserWithUniqueID is a User with a unique string id.

type UserWithUsername 

type UserWithUsername interface {
	User
	Username() string
}

UserWithUsername is a User with an username different from subject.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.