authlib

package module
v0.0.0-...-12a17d4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 1, 2024 License: MIT Imports: 12 Imported by: 0

README

ge-authlib

Documentation

Overview

ge-auth/pkg/clientlib/authlib/activation.go

ge-auth/pkg/clientlib/authlib/apikeys.go

ge-auth/pkg/clientlib/authlib/authclient.go

ge-auth/pkg/clientlib/authlib/password-reset.go

ge-auth/pkg/clientlib/authlib/password-update.go

ge-auth/pkg/clientlib/authlib/refresh_tokens.go

ge-auth/pkg/clientlib/authlib/service_account_keys.go

ge-auth/pkg/clientlib/authlib/service_account_tokens.go

ge-auth/pkg/clientlib/authlib/service_accounts.go

ge-auth/pkg/clientlib/authlib/service_permissions.go

ge-auth/pkg/clientlib/authlib/service_roles.go

ge-auth/pkg/clientlib/authlib/temp_data.go

ge-auth/pkg/clientlib/authlib/token_blacklist.go

ge-auth/pkg/clientlib/authlib/token_service.go

ge-auth/pkg/clientlib/authlib/authentication.go

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidInputData                   = errors.New("invalid input data")
	ErrInvalidSecretID                    = errors.New("invalid secret ID")
	ErrInvalidSecretValue                 = errors.New("invalid secret value")
	ErrInvalidProjectID                   = errors.New("invalid project ID")
	ErrFailedToCreateSecretManagerClient  = errors.New("failed to create secret manager client")
	ErrFailedToGetSecret                  = errors.New("failed to get secret")
	ErrFailedToAuthenticateServiceAccount = errors.New("failed to authenticate service account")
	ErrNotFound                           = errors.New("not found")
)

Error types

Functions

This section is empty.

Types

type APIKey

type APIKey struct {
	ID               uuid.UUID `json:"id"`
	ServiceAccountID uuid.UUID `json:"service_account_id"`
	APIKey           string    `json:"api_key"`
	CreatedAt        time.Time `json:"created_at"`
	UpdatedAt        time.Time `json:"updated_at"`
	Valid            bool      `json:"valid"`
	IsActive         bool      `json:"is_active"`
	ServiceName      string    `json:"service_name"`
}

type ActivateUserInput

type ActivateUserInput struct {
	Token string `json:"token"`
}

ActivateUserInput represents the input for activating a user.

type ActivationToken

type ActivationToken struct {
	Token     string `json:"token"`
	UserID    string `json:"user_id"`
	CreatedAt string `json:"created_at"`
}

ActivationToken represents an activation token with its details.

type AssignServicePermissionInput

type AssignServicePermissionInput struct {
	ServiceRoleID       uuid.UUID `json:"service_role_id"`
	ServicePermissionID uuid.UUID `json:"service_permission_id"`
}

type AssignServiceRoleToServiceAccountInput

type AssignServiceRoleToServiceAccountInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id"`
	ServiceRoleID    uuid.UUID `json:"service_role_id"`
	ApiKey           string    `json:"api_key,omitempty"` // Optional, for authentication
}

type AuthRequest

type AuthRequest struct {
	AccountID string `json:"account_id"`
	SecretKey string `json:"secret_key"`
}

type AuthResponse

type AuthResponse struct {
	Token string `json:"token"`
}

type AuthenticateServiceAccountError

type AuthenticateServiceAccountError struct {
	BaseError  error
	StatusCode int
}

func (*AuthenticateServiceAccountError) Error

type CheckRevokedInput

type CheckRevokedInput struct {
	TokenID uuid.UUID
	Ctx     context.Context
}

type CheckUserAuthorizationInput

type CheckUserAuthorizationInput struct {
	UserID   string `json:"user_id"`
	Resource string `json:"resource"`
	Action   string `json:"action"`
}

CheckUserAuthorizationInput represents the data required to check user authorization

type CheckUserAuthorizationOutput

type CheckUserAuthorizationOutput struct {
	Authorized bool `json:"authorized"`
}

CheckUserAuthorizationOutput represents the response from the authorization check

type Client

type Client struct {
	BaseURL    string
	HttpClient *http.Client
	ApiKey     string
	PublicKey  ed25519.PublicKey
}

Client represents an HTTP client that can be used to send requests to the authentication server.

func NewClient

func NewClient(baseURL string, apiKey string, httpClient ...*http.Client) *Client

func (*Client) ActivateUser

func (c *Client) ActivateUser(ctx context.Context, input ActivateUserInput) error

ActivateUser sends a request to the activate user endpoint and returns an error if any.

func (*Client) AssignServicePermissionToServiceRole

func (c *Client) AssignServicePermissionToServiceRole(ctx context.Context, input AssignServicePermissionInput) error

func (*Client) AssignServiceRoleToServiceAccount

func (c *Client) AssignServiceRoleToServiceAccount(ctx context.Context, input AssignServiceRoleToServiceAccountInput) (*ServiceAccount, error)

func (*Client) AuthenticateServiceAccount

func (c *Client) AuthenticateServiceAccount(ctx context.Context, serviceAccountID uuid.UUID, token string) (bool, error)

func (*Client) BlacklistToken

func (c *Client) BlacklistToken(ctx context.Context, token []byte) error

BlacklistToken blacklists the given token

func (*Client) CheckUserAuthorization

func (c *Client) CheckUserAuthorization(ctx context.Context, input CheckUserAuthorizationInput) (*CheckUserAuthorizationOutput, error)

CheckUserAuthorization checks if a user is authorized to perform a certain action on a resource

func (*Client) ClearBlacklist

func (c *Client) ClearBlacklist(ctx context.Context) error

ClearBlacklist clears the blacklist of tokens

func (*Client) CountBlacklistedTokens

func (c *Client) CountBlacklistedTokens(ctx context.Context) (int, error)

CountBlacklistedTokens gets the count of blacklisted tokens

func (*Client) CreateAPIKey

func (c *Client) CreateAPIKey(apiKey APIKey) (APIKey, error)

func (*Client) CreateActivationToken

func (c *Client) CreateActivationToken(ctx context.Context, input CreateActivationTokenInput) (*CreateActivationTokenOutput, error)

CreateActivationToken sends a request to the create activation token endpoint and returns the token on success.

func (*Client) CreateAndProcessPasswordReset

func (c *Client) CreateAndProcessPasswordReset(ctx context.Context, input CreateAndProcessPasswordResetInput) (*CreateAndProcessPasswordResetOutput, error)

CreateAndProcessPasswordReset handles both the creation of the reset token and the password reset process

func (*Client) CreatePasswordResetToken

func (c *Client) CreatePasswordResetToken(ctx context.Context, input PasswordResetTokenInput) (*CreatePasswordResetTokenOutput, error)

CreatePasswordResetToken sends a request to the create password reset token endpoint and returns the token on success

func (*Client) CreateRefreshToken

func (c *Client) CreateRefreshToken(ctx context.Context, input CreateRefreshTokenInput) (*RefreshToken, error)

CreateRefreshToken creates a new refresh token

func (*Client) CreateServicePermission

func (c *Client) CreateServicePermission(ctx context.Context, name, description string) (*ServicePermission, error)

func (*Client) CreateServiceRole

func (c *Client) CreateServiceRole(ctx context.Context, input CreateServiceRoleInput) (*ServiceRole, error)

func (*Client) CreateTemporaryData

func (c *Client) CreateTemporaryData(ctx context.Context, data []byte, ttl time.Duration) (*TemporaryData, error)

func (*Client) DecodeAccessToken

func (c *Client) DecodeAccessToken(accessToken string) (*jwt.Token, error)

DecodeAccessToken decodes the provided access token and returns the parsed claims

func (*Client) DeleteAPIKey

func (c *Client) DeleteAPIKey(id uuid.UUID) error

DeleteAPIKey deletes the APIKey with the given id.

func (*Client) DeleteActivationToken

func (c *Client) DeleteActivationToken(ctx context.Context, input DeleteActivationTokenInput) error

DeleteActivationToken sends a request to the delete activation token endpoint and returns an error on failure.

func (*Client) DeleteActivationTokenByUserID

func (c *Client) DeleteActivationTokenByUserID(ctx context.Context, input DeleteActivationTokenByUserIDInput) error

DeleteActivationTokenByUserID sends a request to the delete activation tokens by user ID endpoint and returns an error on failure.

func (*Client) DeleteExpiredActivationTokens

func (c *Client) DeleteExpiredActivationTokens(ctx context.Context) error

DeleteExpiredActivationTokens sends a request to the delete expired activation tokens endpoint.

func (*Client) DeleteExpiredPasswordResetTokens

DeleteExpiredPasswordResetTokens sends a request to delete expired password reset tokens

func (*Client) DeleteExpiredRefreshTokens

func (c *Client) DeleteExpiredRefreshTokens(ctx context.Context, input DeleteExpiredRefreshTokensInput) error

func (*Client) DeleteExpiredTemporaryData

func (c *Client) DeleteExpiredTemporaryData(ctx context.Context) error

func (*Client) DeletePasswordResetToken

func (c *Client) DeletePasswordResetToken(ctx context.Context, input DeletePasswordResetTokenInput) (*DeletePasswordResetTokenOutput, error)

DeletePasswordResetToken sends a request to delete a password reset token by its ID

func (*Client) DeletePasswordResetTokenByUserID

DeletePasswordResetTokenByUserID sends a request to delete password reset tokens for a specific user ID

func (*Client) DeleteServiceAccount

func (c *Client) DeleteServiceAccount(ctx context.Context, serviceAccountID uuid.UUID, apiKey string) error

func (*Client) DeleteServicePermission

func (c *Client) DeleteServicePermission(ctx context.Context, id uuid.UUID) error

func (*Client) DeleteServiceRole

func (c *Client) DeleteServiceRole(ctx context.Context, roleID uuid.UUID) error

func (*Client) DeleteTemporaryData

func (c *Client) DeleteTemporaryData(ctx context.Context, id uuid.UUID) error

func (*Client) DoesServicePermissionExist

func (c *Client) DoesServicePermissionExist(ctx context.Context, name string) (bool, error)

func (*Client) DoesServiceRoleExist

func (c *Client) DoesServiceRoleExist(ctx context.Context, id uuid.UUID) (bool, error)

func (*Client) FetchPrivateKey

func (c *Client) FetchPrivateKey(ctx context.Context, input FetchPrivateKeyInput) ([]byte, error)

func (*Client) GenerateAccessToken

func (c *Client) GenerateAccessToken(ctx context.Context, input GenerateAccessTokenInput, privateKey ed25519.PrivateKey, tokenTTL time.Duration) (string, error)

GenerateAccessToken generates and returns a new access token

func (*Client) GetAPIKeyByAPIKey

func (c *Client) GetAPIKeyByAPIKey(apiKey string) (*APIKey, error)

func (*Client) GetAPIKeyByID

func (c *Client) GetAPIKeyByID(id uuid.UUID) (*APIKey, error)

func (*Client) GetActivationTokenByPlaintext

func (c *Client) GetActivationTokenByPlaintext(ctx context.Context, input GetActivationTokenByPlaintextInput) (*GetActivationTokenByPlaintextOutput, error)

GetActivationTokenByPlaintext sends a request to the get activation token by plaintext endpoint and returns the token on success.

func (*Client) GetActivationTokensByUserID

func (c *Client) GetActivationTokensByUserID(ctx context.Context, input GetActivationTokensByUserIDInput) (*GetActivationTokensByUserIDOutput, error)

GetActivationTokensByUserID sends a request to the get activation tokens by user ID endpoint and returns the tokens on success.

func (*Client) GetBlacklistedTokenDetails

func (c *Client) GetBlacklistedTokenDetails(ctx context.Context, token []byte) (*TokenBlacklist, error)

GetBlacklistedTokenDetails retrieves details of a blacklisted token

func (*Client) GetPasswordResetTokenByPlaintext

GetPasswordResetTokenByPlaintext sends a request to the get password reset token by plaintext endpoint and returns the token on success

func (*Client) GetPasswordResetTokensByUserID

func (c *Client) GetPasswordResetTokensByUserID(ctx context.Context, input GetPasswordResetTokensByUserIDInput) (*GetPasswordResetTokensByUserIDOutput, error)

GetPasswordResetTokensByUserID sends a request to the get password reset tokens endpoint and returns the tokens on success

func (*Client) GetRefreshToken

func (c *Client) GetRefreshToken(ctx context.Context, input GetRefreshTokenInput) (*RefreshToken, error)

GetRefreshToken fetches the refresh token from the auth server.

func (*Client) GetRefreshTokensForUser

func (c *Client) GetRefreshTokensForUser(ctx context.Context, input GetRefreshTokensForUserInput) ([]RefreshToken, error)

GetRefreshTokensForUser sends a request to the authentication server to get all refresh tokens for a specific user.

func (*Client) GetRolesForServiceAccount

func (c *Client) GetRolesForServiceAccount(ctx context.Context, input GetRolesForServiceAccountInput) ([]string, error)

func (*Client) GetServiceAccountByAPIKey

func (c *Client) GetServiceAccountByAPIKey(ctx context.Context, apiKey string) (*ServiceAccount, error)

func (*Client) GetServiceAccountByID

func (c *Client) GetServiceAccountByID(ctx context.Context, serviceAccountID uuid.UUID) (*ServiceAccount, error)

func (*Client) GetServiceAccountByName

func (c *Client) GetServiceAccountByName(ctx context.Context, serviceName string, apiKey string) (*ServiceAccount, error)

func (*Client) GetServiceAccountTokenMetadata

func (c *Client) GetServiceAccountTokenMetadata(ctx context.Context, input GetServiceAccountTokenMetadataInput) (*ServiceAccountToken, error)

func (*Client) GetServiceAccountsByServiceRoleID

func (c *Client) GetServiceAccountsByServiceRoleID(ctx context.Context, serviceRoleID uuid.UUID) ([]ServiceAccount, error)

func (*Client) GetServicePermissionByID

func (c *Client) GetServicePermissionByID(ctx context.Context, id uuid.UUID) (*ServicePermission, error)

func (*Client) GetServicePermissionByName

func (c *Client) GetServicePermissionByName(ctx context.Context, name string) (*ServicePermission, error)

func (*Client) GetServicePermissionsByServiceID

func (c *Client) GetServicePermissionsByServiceID(ctx context.Context, serviceID uuid.UUID) ([]ServicePermission, error)

func (*Client) GetServicePermissionsByServiceRoleIDInServicePermissionModel

func (c *Client) GetServicePermissionsByServiceRoleIDInServicePermissionModel(ctx context.Context, serviceRoleID uuid.UUID) ([]ServicePermission, error)

func (*Client) GetServicePermissionsByServiceRoleIDInServiceRoleServicePermissionsModel

func (c *Client) GetServicePermissionsByServiceRoleIDInServiceRoleServicePermissionsModel(ctx context.Context, serviceRoleID uuid.UUID) ([]ServicePermission, error)

func (*Client) GetServiceRoleByID

func (c *Client) GetServiceRoleByID(ctx context.Context, id uuid.UUID) (*ServiceRole, error)

func (*Client) GetServiceRoleByName

func (c *Client) GetServiceRoleByName(ctx context.Context, name string) (*ServiceRole, error)

func (*Client) GetServiceRoleIDByName

func (c *Client) GetServiceRoleIDByName(ctx context.Context, name string) (*uuid.UUID, error)

func (*Client) GetServiceRolesByServiceAccountIDInServiceAccountModel

func (c *Client) GetServiceRolesByServiceAccountIDInServiceAccountModel(ctx context.Context, serviceAccountID uuid.UUID) ([]uuid.UUID, error)

ge-auth/pkg/clientlib/authlib/service_accounts.go

func (*Client) GetServiceRolesByServiceAccountIDInServiceRoleModel

func (c *Client) GetServiceRolesByServiceAccountIDInServiceRoleModel(ctx context.Context, serviceAccountID uuid.UUID) ([]ServiceRole, error)

func (*Client) GetServiceRolesByServicePermissionID

func (c *Client) GetServiceRolesByServicePermissionID(ctx context.Context, servicePermissionID uuid.UUID) ([]ServiceRole, error)

func (*Client) GetTemporaryData

func (c *Client) GetTemporaryData(ctx context.Context, id uuid.UUID) (*TemporaryData, error)

func (*Client) GetTokenForUser

func (c *Client) GetTokenForUser(ctx context.Context, account UserAccount) (string, error)

GetTokenForUser sends a request to the auth server to get a token for an account (user or service account).

func (*Client) InvalidateServiceAccountToken

func (c *Client) InvalidateServiceAccountToken(ctx context.Context, input InvalidateServiceAccountTokenInput) error

func (*Client) IsRefreshTokenRevoked

func (c *Client) IsRefreshTokenRevoked(input CheckRevokedInput) (bool, error)

func (*Client) IsServicePermissionAssignedToServiceRole

func (c *Client) IsServicePermissionAssignedToServiceRole(ctx context.Context, serviceRoleID, servicePermissionID uuid.UUID) (bool, error)

func (*Client) IsServiceRoleAssignedToServiceAccount

func (c *Client) IsServiceRoleAssignedToServiceAccount(ctx context.Context, input IsServiceRoleAssignedToServiceAccountInput) (bool, error)

func (*Client) IsTokenBlacklisted

func (c *Client) IsTokenBlacklisted(ctx context.Context, token []byte) (bool, error)

IsTokenBlacklisted checks if the given token is blacklisted

func (*Client) IssueServiceAccountToken

func (c *Client) IssueServiceAccountToken(ctx context.Context, input IssueServiceAccountTokenInput) (*ServiceAccountToken, error)

func (*Client) ListAPIKeys

func (c *Client) ListAPIKeys() ([]APIKey, error)

ListAPIKeys retrieves all API keys.

func (*Client) ListBlacklistedTokens

func (c *Client) ListBlacklistedTokens(ctx context.Context) ([]TokenBlacklist, error)

ListBlacklistedTokens retrieves the list of blacklisted tokens

func (*Client) ListServiceAccountTokens

func (c *Client) ListServiceAccountTokens(ctx context.Context, input ListServiceAccountTokensInput) ([]ServiceAccountToken, error)

func (*Client) ListServiceAccounts

func (c *Client) ListServiceAccounts(ctx context.Context) ([]ServiceAccount, error)

func (*Client) ListServicePermissions

func (c *Client) ListServicePermissions(ctx context.Context) ([]ServicePermission, error)

func (*Client) ListServiceRoles

func (c *Client) ListServiceRoles(ctx context.Context) (*ListServiceRolesOutput, error)

func (*Client) ListTemporaryData

func (c *Client) ListTemporaryData(ctx context.Context) ([]TemporaryData, error)

func (*Client) Login

func (c *Client) Login(ctx context.Context, input LoginInput) (*LoginOutput, error)

Login sends a request to the login endpoint and returns an access token and refresh token on successful login

func (*Client) ProcessPasswordReset

func (c *Client) ProcessPasswordReset(ctx context.Context, input ProcessPasswordResetInput) (*ProcessPasswordResetOutput, error)

ProcessPasswordReset sends a request to the process password reset endpoint and returns the response on success

func (*Client) RefreshServiceAccountToken

func (c *Client) RefreshServiceAccountToken(ctx context.Context, input RefreshServiceAccountTokenInput) (*TokenDetails, error)

func (*Client) RegisterServiceAccount

func (c *Client) RegisterServiceAccount(ctx context.Context, input RegisterServiceAccountInput) (*ServiceAccount, error)

func (*Client) RemoveServicePermissionFromServiceRole

func (c *Client) RemoveServicePermissionFromServiceRole(ctx context.Context, input RemoveServicePermissionInput) error

func (*Client) RemoveServiceRoleFromServiceAccount

func (c *Client) RemoveServiceRoleFromServiceAccount(ctx context.Context, serviceAccountID uuid.UUID, serviceRoleID uuid.UUID) error

func (*Client) RemoveTokenFromBlacklist

func (c *Client) RemoveTokenFromBlacklist(ctx context.Context, token []byte) error

RemoveTokenFromBlacklist removes the given token from the blacklist

func (*Client) RequestServiceAccountRegistration

func (c *Client) RequestServiceAccountRegistration(ctx context.Context, input RequestServiceAccountRegistrationInput) (*ServiceAccount, error)

func (*Client) RetrieveServiceAccountToken

func (c *Client) RetrieveServiceAccountToken(ctx context.Context, serviceAccountID uuid.UUID) (*TokenDetails, error)

RetrieveServiceAccountToken retrieves or refreshes a service account token

func (*Client) RevokeAllRefreshTokensForUser

func (c *Client) RevokeAllRefreshTokensForUser(ctx context.Context, input RevokeAllRefreshTokensInput) error

func (*Client) RevokeRefreshToken

func (c *Client) RevokeRefreshToken(input RevokeRefreshTokenInput) error

RevokeRefreshToken revokes a refresh token by sending a POST request to the auth server.

func (*Client) SaveServiceAccountKey

func (c *Client) SaveServiceAccountKey(ctx context.Context, input SaveServiceAccountKeyInput) (*ServiceAccountKey, error)

func (*Client) SignData

func (c *Client) SignData(ctx context.Context, input SignDataInput) (*SignDataOutput, error)

func (*Client) UpdateAPIKey

func (c *Client) UpdateAPIKey(key *APIKey) (*APIKey, error)

func (*Client) UpdateServiceAccount

func (c *Client) UpdateServiceAccount(ctx context.Context, input UpdateServiceAccountInput) (*ServiceAccount, error)

func (*Client) UpdateServicePermission

func (c *Client) UpdateServicePermission(ctx context.Context, id uuid.UUID, name, description string) (*ServicePermission, error)

func (*Client) UpdateServiceRole

func (c *Client) UpdateServiceRole(ctx context.Context, input UpdateServiceRoleInput) (*ServiceRole, error)

func (*Client) UpdateTemporaryData

func (c *Client) UpdateTemporaryData(ctx context.Context, id uuid.UUID, data []byte, ttl time.Duration) (*TemporaryData, error)

func (*Client) ValidateAPIKey

func (c *Client) ValidateAPIKey(apikey string) (bool, error)

ValidateAPIKey validates an API key.

func (*Client) ValidateAccessToken

func (c *Client) ValidateAccessToken(ctx context.Context, accessToken string) (*jwt.Token, error)

ValidateAccessToken validates the provided access token

func (*Client) ValidatePasswordResetToken

func (c *Client) ValidatePasswordResetToken(ctx context.Context, input ValidatePasswordResetTokenInput) (*ValidatePasswordResetTokenOutput, error)

ValidatePasswordResetToken sends a request to validate a password reset token

func (*Client) ValidateRefreshToken

func (c *Client) ValidateRefreshToken(ctx context.Context, input ValidateRefreshTokenInput) (bool, error)

func (*Client) VerifyActivationToken

func (c *Client) VerifyActivationToken(ctx context.Context, input VerifyActivationTokenInput) (*VerifyActivationTokenOutput, error)

VerifyActivationToken sends a request to verify the activation token and returns the token details on success.

func (*Client) VerifyPasswordResetToken

func (c *Client) VerifyPasswordResetToken(ctx context.Context, input VerifyPasswordResetTokenInput) (*VerifyPasswordResetTokenOutput, error)

VerifyPasswordResetToken sends a request to verify a password reset token

func (*Client) VerifyServiceAccountToken

func (c *Client) VerifyServiceAccountToken(ctx context.Context, input VerifyServiceAccountTokenInput) (bool, error)

func (*Client) VerifyUserAuthentication

func (c *Client) VerifyUserAuthentication(ctx context.Context, token string) (bool, error)

type CreateActivationTokenInput

type CreateActivationTokenInput struct {
	UserID string `json:"user_id"`
}

CreateActivationTokenInput represents the data required to create an activation token.

type CreateActivationTokenOutput

type CreateActivationTokenOutput struct {
	Token string `json:"token"`
}

CreateActivationTokenOutput represents the data returned after successfully creating an activation token.

type CreateAndProcessPasswordResetInput

type CreateAndProcessPasswordResetInput struct {
	Email       string `json:"email"`
	NewPassword string `json:"new_password"`
}

CreateAndProcessPasswordResetInput represents the combined input for creating and processing a password reset

type CreateAndProcessPasswordResetOutput

type CreateAndProcessPasswordResetOutput struct {
	Token  string `json:"token"`
	UserID string `json:"user_id"`
}

CreateAndProcessPasswordResetOutput represents the combined output for creating and processing a password reset

type CreatePasswordResetTokenOutput

type CreatePasswordResetTokenOutput struct {
	Token string `json:"token"`
}

CreatePasswordResetTokenOutput represents the data returned after successfully creating a password reset token

type CreateRefreshTokenInput

type CreateRefreshTokenInput struct {
	UserID    uuid.UUID `json:"user_id"`
	ExpiresAt time.Time `json:"expires_at"`
}

CreateRefreshTokenInput represents the required input to create a refresh token

type CreateServiceRoleInput

type CreateServiceRoleInput struct {
	Name        string `json:"name"`
	Description string `json:"description"`
}

type DeleteActivationTokenByUserIDInput

type DeleteActivationTokenByUserIDInput struct {
	UserID string `json:"user_id"`
}

DeleteActivationTokenByUserIDInput represents the data required to delete activation tokens by user ID.

type DeleteActivationTokenInput

type DeleteActivationTokenInput struct {
	TokenID string `json:"token_id"`
}

DeleteActivationTokenInput represents the data required to delete an activation token.

type DeleteExpiredPasswordResetTokensInput

type DeleteExpiredPasswordResetTokensInput struct{}

DeleteExpiredPasswordResetTokensInput represents the data required to delete expired password reset tokens

type DeleteExpiredPasswordResetTokensOutput

type DeleteExpiredPasswordResetTokensOutput struct {
	Message string `json:"message"`
}

DeleteExpiredPasswordResetTokensOutput represents the data returned after successfully deleting expired password reset tokens

type DeleteExpiredRefreshTokensInput

type DeleteExpiredRefreshTokensInput struct {
	Before time.Time `json:"before"`
}

DeleteExpiredRefreshTokensInput represents the input for DeleteExpiredRefreshTokens

type DeletePasswordResetTokenByUserIDInput

type DeletePasswordResetTokenByUserIDInput struct {
	UserID string `json:"user_id"`
}

DeletePasswordResetTokenByUserIDInput represents the data required to delete password reset tokens by user ID

type DeletePasswordResetTokenByUserIDOutput

type DeletePasswordResetTokenByUserIDOutput struct {
	Message string `json:"message"`
}

DeletePasswordResetTokenByUserIDOutput represents the data returned after successfully deleting password reset tokens by user ID

type DeletePasswordResetTokenInput

type DeletePasswordResetTokenInput struct {
	TokenID string `json:"token_id"`
}

DeletePasswordResetTokenInput represents the data required to delete a password reset token

type DeletePasswordResetTokenOutput

type DeletePasswordResetTokenOutput struct {
	Message string `json:"message"`
}

DeletePasswordResetTokenOutput represents the data returned after successfully deleting a password reset token

type ErrorResponse

type ErrorResponse struct {
	Message string `json:"message"`
}

ErrorResponse represents the structure of an error response

type FetchPrivateKeyInput

type FetchPrivateKeyInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id"`
}

FetchPrivateKeyInput represents the required input to fetch a service account key

type GenerateAccessTokenInput

type GenerateAccessTokenInput struct {
	AccountID string `json:"account_id"`
	SecretKey string `json:"secret_key"`
}

GenerateAccessTokenInput represents the required input to generate an access token

type GetActivationTokenByPlaintextInput

type GetActivationTokenByPlaintextInput struct {
	Plaintext string `json:"plaintext"`
}

GetActivationTokenByPlaintextInput represents the input for getting an activation token by plaintext.

type GetActivationTokenByPlaintextOutput

type GetActivationTokenByPlaintextOutput struct {
	Token     string `json:"token"`
	UserID    string `json:"user_id"`
	CreatedAt string `json:"created_at"`
}

GetActivationTokenByPlaintextOutput represents the data returned after successfully getting an activation token by plaintext.

type GetActivationTokensByUserIDInput

type GetActivationTokensByUserIDInput struct {
	UserID string `json:"user_id"`
}

GetActivationTokensByUserIDInput represents the input for getting activation tokens by user ID.

type GetActivationTokensByUserIDOutput

type GetActivationTokensByUserIDOutput struct {
	Tokens []ActivationToken `json:"tokens"`
}

GetActivationTokensByUserIDOutput represents the data returned after successfully getting activation tokens by user ID.

type GetPasswordResetTokenByPlaintextInput

type GetPasswordResetTokenByPlaintextInput struct {
	Plaintext string `json:"plaintext"`
}

GetPasswordResetTokenByPlaintextInput represents the data required to get a password reset token by plaintext

type GetPasswordResetTokenByPlaintextOutput

type GetPasswordResetTokenByPlaintextOutput struct {
	Token PasswordResetToken `json:"token"`
}

GetPasswordResetTokenByPlaintextOutput represents the data returned after successfully retrieving a password reset token

type GetPasswordResetTokensByUserIDInput

type GetPasswordResetTokensByUserIDInput struct {
	UserID string `json:"user_id"`
}

GetPasswordResetTokensByUserIDInput represents the data required to get password reset tokens by user ID

type GetPasswordResetTokensByUserIDOutput

type GetPasswordResetTokensByUserIDOutput struct {
	Tokens []PasswordResetToken `json:"tokens"`
}

GetPasswordResetTokensByUserIDOutput represents the data returned after successfully retrieving password reset tokens

type GetRefreshTokenInput

type GetRefreshTokenInput struct {
	TokenID uuid.UUID `json:"token_id"`
}

GetRefreshTokenInput defines the input for GetRefreshToken function.

type GetRefreshTokensForUserInput

type GetRefreshTokensForUserInput struct {
	UserID uuid.UUID
}

GetRefreshTokensForUserInput represents the input parameters for the GetRefreshTokensForUser function.

type GetRolesForServiceAccountInput

type GetRolesForServiceAccountInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id"`
	ApiKey           string    `json:"api_key,omitempty"` // Optional, if you want to include an ApiKey
}

type GetServiceAccountTokenMetadataInput

type GetServiceAccountTokenMetadataInput struct {
	ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"`
}

GetServiceAccountTokenMetadataInput represents the required input to get a service account token metadata

type InvalidateServiceAccountTokenInput

type InvalidateServiceAccountTokenInput struct {
	ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"`
}

InvalidateServiceAccountTokenInput represents the required input to invalidate a service account token

type IsRevokedResponse

type IsRevokedResponse struct {
	IsRevoked bool `json:"is_revoked"`
}

type IsServiceRoleAssignedToServiceAccountInput

type IsServiceRoleAssignedToServiceAccountInput struct {
	ServiceRoleID    uuid.UUID `json:"service_role_id"`
	ServiceAccountID uuid.UUID `json:"service_account_id"`
}

type IssueServiceAccountTokenInput

type IssueServiceAccountTokenInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id"`
}

IssueServiceAccountTokenInput represents the required input to issue a service account token

type ListServiceAccountTokensInput

type ListServiceAccountTokensInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id,omitempty"` // optional
}

ListServiceAccountTokensInput represents the required input to list service account tokens

type ListServiceRolesOutput

type ListServiceRolesOutput struct {
	ServiceRoles []ServiceRole `json:"service_roles"`
}

ListServiceRolesOutput is the response structure for listing service roles

type LoginInput

type LoginInput struct {
	Email    string `json:"email"`
	Password string `json:"password"`
}

LoginInput represents the data required for login

type LoginOutput

type LoginOutput struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
}

LoginOutput represents the data returned after successful login

type PasswordResetToken

type PasswordResetToken struct {
	Token     string `json:"token"`
	UserID    string `json:"user_id"`
	CreatedAt string `json:"created_at"`
}

PasswordResetToken represents a password reset token with its details

type PasswordResetTokenInput

type PasswordResetTokenInput struct {
	Email string `json:"email"`
}

PasswordResetTokenInput represents the data required to create a password reset token

type ProcessPasswordResetInput

type ProcessPasswordResetInput struct {
	Token       string `json:"token"`
	NewPassword string `json:"new_password"`
}

ProcessPasswordResetInput represents the data required to process a password reset

type ProcessPasswordResetOutput

type ProcessPasswordResetOutput struct {
	UserID string `json:"user_id"`
}

ProcessPasswordResetOutput represents the data returned after successfully processing a password reset

type RefreshServiceAccountTokenInput

type RefreshServiceAccountTokenInput struct {
	ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"`
	RefreshToken          string    `json:"refresh_token"`
}

RefreshServiceAccountTokenInput represents the required input to refresh a service account token

type RefreshToken

type RefreshToken struct {
	ID        uuid.UUID `json:"id"`
	UserID    uuid.UUID `json:"user_id"`
	TokenHash []byte    `json:"token_hash"`
	IssuedAt  time.Time `json:"issued_at"`
	ExpiresAt time.Time `json:"expires_at"`
	IsRevoked bool      `json:"is_revoked"`
}

RefreshToken represents the structure of a refresh token

type RegisterServiceAccountInput

type RegisterServiceAccountInput struct {
	ServiceName    string   `json:"service_name"`
	ApiKey         string   `json:"api_key,omitempty"`
	BootstrapToken string   `json:"bootstrap_token,omitempty"`
	Roles          []string `json:"roles"`
}

type RemoveServicePermissionInput

type RemoveServicePermissionInput struct {
	ServiceRoleID       uuid.UUID `json:"service_role_id"`
	ServicePermissionID uuid.UUID `json:"service_permission_id"`
}

type RequestServiceAccountRegistrationInput

type RequestServiceAccountRegistrationInput struct {
	ServiceName    string   `json:"service_name"`
	ApiKey         string   `json:"api_key,omitempty"`         // Optional, if you want to include an ApiKey
	BootstrapToken string   `json:"bootstrap_token,omitempty"` // Optional, if you want to include a BootstrapToken
	Roles          []string `json:"roles"`
}

type RevokeAllRefreshTokensInput

type RevokeAllRefreshTokensInput struct {
	UserID uuid.UUID
}

type RevokeRefreshTokenInput

type RevokeRefreshTokenInput struct {
	Context        context.Context
	RefreshTokenID uuid.UUID
}

RevokeRefreshTokenInput represents the input parameters for RevokeRefreshToken function

type SaveServiceAccountKeyInput

type SaveServiceAccountKeyInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id"`
}

SaveServiceAccountKeyInput represents the required input to save a service account key

type ServiceAccount

type ServiceAccount struct {
	ID           uuid.UUID  `db:"id" json:"id"`
	Secret       string     `db:"secret" json:"-"`
	HashedSecret string     `json:"hashed_secret"`
	ServiceName  string     `db:"service_name" json:"service_name"`
	ServiceRoles []string   `json:"service_roles"`
	CreatedAt    time.Time  `db:"created_at" json:"created_at"`
	ExpiresAt    *time.Time `db:"expires_at" json:"expires_at,omitempty"`
	IsActive     bool       `json:"is_active"`
	APIKey       string     `json:"-"` // Omit API Key in JSON responses by default.
	AccessToken  string     `json:"-"` // Omit AccessToken in JSON responses by default.
	RefreshToken string     `json:"-"` // Omit RefreshToken in JSON responses by default.
}

type ServiceAccountKey

type ServiceAccountKey struct {
	ID               uuid.UUID `json:"id"`
	ServiceAccountID uuid.UUID `json:"service_account_id"`
	PublicKey        []byte    `json:"public_key"`
	PrivateKey       []byte    `json:"private_key"`
	CreatedAt        time.Time `json:"created_at"`
}

ServiceAccountKey represents the structure of a service account key

type ServiceAccountToken

type ServiceAccountToken struct {
	ID                    uuid.UUID `json:"id"`
	ServiceAccountID      uuid.UUID `json:"service_account_id"`
	Token                 string    `json:"token"`
	RefreshToken          string    `json:"refresh_token"`
	IssuedAt              time.Time `json:"issued_at"`
	TokenExpiresAt        time.Time `json:"token_expires_at"`
	RefreshTokenExpiresAt time.Time `json:"refresh_token_expires_at"`
}

ServiceAccountToken represents the structure of a service account token

type ServicePermission

type ServicePermission struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
}

type ServicePermissionsResponse

type ServicePermissionsResponse struct {
	ServicePermissions []ServicePermission `json:"service_permissions"`
}

type ServiceRole

type ServiceRole struct {
	ID          uuid.UUID           `json:"id"`
	Name        string              `json:"name"`
	Description string              `json:"description"`
	Permissions []ServicePermission `json:"permissions"`
}

type ServiceRolesResponse

type ServiceRolesResponse struct {
	ServiceRoles []ServiceRole `json:"service_roles"`
}

type SignDataInput

type SignDataInput struct {
	ServiceAccountID uuid.UUID `json:"service_account_id"`
	Data             []byte    `json:"data"`
}

SignDataInput represents the required input to sign data

type SignDataOutput

type SignDataOutput struct {
	Signature []byte `json:"signature"`
}

SignDataOutput represents the response from the sign data API

type TemporaryData

type TemporaryData struct {
	ID        uuid.UUID `json:"id"`
	Data      []byte    `json:"data"`
	CreatedAt time.Time `json:"created_at"`
	ExpiresAt time.Time `json:"expires_at"`
}

TemporaryData represents the structure of a temporary data entry

type TokenBlacklist

type TokenBlacklist struct {
	Token     []byte    `json:"token"`
	CreatedAt time.Time `json:"created_at"`
}

TokenBlacklist represents the structure of a blacklisted token

type TokenDetails

type TokenDetails struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	AtExpires    int64  `json:"at_expires"`
	RtExpires    int64  `json:"rt_expires"`
}

TokenDetails represents the structure of issued tokens and their expiry details

type TokenService

type TokenService struct {
	PrivateKey ed25519.PrivateKey
	TokenTTL   time.Duration
}

type UpdateServiceAccountInput

type UpdateServiceAccountInput struct {
	ServiceAccount *ServiceAccount `json:"service_account"`
	ApiKey         string          `json:"api_key,omitempty"` // Optional, if you want to include an ApiKey
}

type UpdateServiceRoleInput

type UpdateServiceRoleInput struct {
	ID          uuid.UUID `json:"id"`
	Name        string    `json:"name"`
	Description string    `json:"description"`
}

type UserAccount

type UserAccount interface {
	GetAccountID() string
	GetCredentials() string
}

Account represents an entity (user or service account) that can authenticate.

type ValidatePasswordResetTokenInput

type ValidatePasswordResetTokenInput struct {
	Token string `json:"token"`
}

ValidatePasswordResetTokenInput represents the input required to validate a password reset token

type ValidatePasswordResetTokenOutput

type ValidatePasswordResetTokenOutput struct {
	Valid     bool   `json:"valid"`
	CreatedAt string `json:"createdAt"`
	Expiry    string `json:"expiry"`
}

ValidatePasswordResetTokenOutput represents the data returned after successfully validating a password reset token

type ValidateRefreshTokenInput

type ValidateRefreshTokenInput struct {
	RefreshTokenID uuid.UUID
	UserID         uuid.UUID
}

type ValidateRefreshTokenResponse

type ValidateRefreshTokenResponse struct {
	IsValid bool   `json:"is_valid"`
	Message string `json:"message,omitempty"`
}

type ValidateResponse

type ValidateResponse struct {
	IsValid bool `json:"is_valid"`
}

type VerifyActivationTokenInput

type VerifyActivationTokenInput struct {
	Token string `json:"token"`
}

VerifyActivationTokenInput represents the input required to verify an activation token.

type VerifyActivationTokenOutput

type VerifyActivationTokenOutput struct {
	Token     string `json:"token"`
	UserID    string `json:"user_id"`
	CreatedAt string `json:"created_at"`
	Valid     bool   `json:"valid"`
}

VerifyActivationTokenOutput represents the output after verifying an activation token.

type VerifyPasswordResetTokenInput

type VerifyPasswordResetTokenInput struct {
	Token string `json:"token"`
}

VerifyPasswordResetTokenInput represents the input required to verify a password reset token

type VerifyPasswordResetTokenOutput

type VerifyPasswordResetTokenOutput struct {
	Valid bool `json:"valid"`
}

VerifyPasswordResetTokenOutput represents the data returned after successfully verifying a password reset token

type VerifyServiceAccountTokenInput

type VerifyServiceAccountTokenInput struct {
	ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL