Documentation ¶
Overview ¶
sg-auth/pkg/clientlib/authlib/activation.go
sg-auth/pkg/clientlib/authlib/apikeys.go
sg-auth/pkg/clientlib/authlib/authclient.go
sg-auth/pkg/clientlib/authlib/password-reset.go
sg-auth/pkg/clientlib/authlib/refresh_tokens.go
sg-auth/pkg/clientlib/authlib/service_account_keys.go
sg-auth/pkg/clientlib/authlib/service_account_tokens.go
sg-auth/pkg/clientlib/authlib/service_accounts.go
sg-auth/pkg/clientlib/authlib/service_permissions.go
sg-auth/pkg/clientlib/authlib/service_roles.go
sg-auth/pkg/clientlib/authlib/temp_data.go
sg-auth/pkg/clientlib/authlib/token_blacklist.go
sg-auth/pkg/clientlib/authlib/token_service.go
sg-auth/pkg/clientlib/authlib/authentication.go
Index ¶
- Variables
- type APIKey
- type ActivateUserInput
- type ActivationToken
- type AssignServicePermissionInput
- type AssignServiceRoleToServiceAccountInput
- type AuthRequest
- type AuthResponse
- type AuthenticateServiceAccountError
- type CheckRevokedInput
- type CheckUserAuthorizationInput
- type CheckUserAuthorizationOutput
- type Client
- func (c *Client) ActivateUser(ctx context.Context, input ActivateUserInput) error
- func (c *Client) AssignServicePermissionToServiceRole(ctx context.Context, input AssignServicePermissionInput) error
- func (c *Client) AssignServiceRoleToServiceAccount(ctx context.Context, input AssignServiceRoleToServiceAccountInput) (*ServiceAccount, error)
- func (c *Client) AuthenticateServiceAccount(ctx context.Context, serviceAccountID uuid.UUID, token string) (bool, error)
- func (c *Client) BlacklistToken(ctx context.Context, token []byte) error
- func (c *Client) CheckUserAuthorization(ctx context.Context, input CheckUserAuthorizationInput) (*CheckUserAuthorizationOutput, error)
- func (c *Client) ClearBlacklist(ctx context.Context) error
- func (c *Client) CountBlacklistedTokens(ctx context.Context) (int, error)
- func (c *Client) CreateAPIKey(apiKey APIKey) (APIKey, error)
- func (c *Client) CreateActivationToken(ctx context.Context, input CreateActivationTokenInput) (*CreateActivationTokenOutput, error)
- func (c *Client) CreateAndProcessPasswordReset(ctx context.Context, input CreateAndProcessPasswordResetInput) (*CreateAndProcessPasswordResetOutput, error)
- func (c *Client) CreatePasswordResetToken(ctx context.Context, input PasswordResetTokenInput) (*CreatePasswordResetTokenOutput, error)
- func (c *Client) CreateRefreshToken(ctx context.Context, input CreateRefreshTokenInput) (*RefreshToken, error)
- func (c *Client) CreateServicePermission(ctx context.Context, name, description string) (*ServicePermission, error)
- func (c *Client) CreateServiceRole(ctx context.Context, input CreateServiceRoleInput) (*ServiceRole, error)
- func (c *Client) CreateTemporaryData(ctx context.Context, data []byte, ttl time.Duration) (*TemporaryData, error)
- func (c *Client) DecodeAccessToken(accessToken string) (*jwt.Token, error)
- func (c *Client) DeleteAPIKey(id uuid.UUID) error
- func (c *Client) DeleteActivationToken(ctx context.Context, input DeleteActivationTokenInput) error
- func (c *Client) DeleteActivationTokenByUserID(ctx context.Context, input DeleteActivationTokenByUserIDInput) error
- func (c *Client) DeleteExpiredActivationTokens(ctx context.Context) error
- func (c *Client) DeleteExpiredPasswordResetTokens(ctx context.Context, input DeleteExpiredPasswordResetTokensInput) (*DeleteExpiredPasswordResetTokensOutput, error)
- func (c *Client) DeleteExpiredRefreshTokens(ctx context.Context, input DeleteExpiredRefreshTokensInput) error
- func (c *Client) DeleteExpiredTemporaryData(ctx context.Context) error
- func (c *Client) DeletePasswordResetToken(ctx context.Context, input DeletePasswordResetTokenInput) (*DeletePasswordResetTokenOutput, error)
- func (c *Client) DeletePasswordResetTokenByUserID(ctx context.Context, input DeletePasswordResetTokenByUserIDInput) (*DeletePasswordResetTokenByUserIDOutput, error)
- func (c *Client) DeleteServiceAccount(ctx context.Context, serviceAccountID uuid.UUID, apiKey string) error
- func (c *Client) DeleteServicePermission(ctx context.Context, id uuid.UUID) error
- func (c *Client) DeleteServiceRole(ctx context.Context, roleID uuid.UUID) error
- func (c *Client) DeleteTemporaryData(ctx context.Context, id uuid.UUID) error
- func (c *Client) DoesServicePermissionExist(ctx context.Context, name string) (bool, error)
- func (c *Client) DoesServiceRoleExist(ctx context.Context, id uuid.UUID) (bool, error)
- func (c *Client) FetchPrivateKey(ctx context.Context, input FetchPrivateKeyInput) ([]byte, error)
- func (c *Client) GenerateAccessToken(ctx context.Context, input GenerateAccessTokenInput, ...) (string, error)
- func (c *Client) GetAPIKeyByAPIKey(apiKey string) (*APIKey, error)
- func (c *Client) GetAPIKeyByID(id uuid.UUID) (*APIKey, error)
- func (c *Client) GetActivationTokenByPlaintext(ctx context.Context, input GetActivationTokenByPlaintextInput) (*GetActivationTokenByPlaintextOutput, error)
- func (c *Client) GetActivationTokensByUserID(ctx context.Context, input GetActivationTokensByUserIDInput) (*GetActivationTokensByUserIDOutput, error)
- func (c *Client) GetBlacklistedTokenDetails(ctx context.Context, token []byte) (*TokenBlacklist, error)
- func (c *Client) GetPasswordResetTokenByPlaintext(ctx context.Context, input GetPasswordResetTokenByPlaintextInput) (*GetPasswordResetTokenByPlaintextOutput, error)
- func (c *Client) GetPasswordResetTokensByUserID(ctx context.Context, input GetPasswordResetTokensByUserIDInput) (*GetPasswordResetTokensByUserIDOutput, error)
- func (c *Client) GetRefreshToken(ctx context.Context, input GetRefreshTokenInput) (*RefreshToken, error)
- func (c *Client) GetRefreshTokensForUser(ctx context.Context, input GetRefreshTokensForUserInput) ([]RefreshToken, error)
- func (c *Client) GetRolesForServiceAccount(ctx context.Context, input GetRolesForServiceAccountInput) ([]string, error)
- func (c *Client) GetServiceAccountByAPIKey(ctx context.Context, apiKey string) (*ServiceAccount, error)
- func (c *Client) GetServiceAccountByID(ctx context.Context, serviceAccountID uuid.UUID) (*ServiceAccount, error)
- func (c *Client) GetServiceAccountByName(ctx context.Context, serviceName string, apiKey string) (*ServiceAccount, error)
- func (c *Client) GetServiceAccountTokenMetadata(ctx context.Context, input GetServiceAccountTokenMetadataInput) (*ServiceAccountToken, error)
- func (c *Client) GetServiceAccountsByServiceRoleID(ctx context.Context, serviceRoleID uuid.UUID) ([]ServiceAccount, error)
- func (c *Client) GetServicePermissionByID(ctx context.Context, id uuid.UUID) (*ServicePermission, error)
- func (c *Client) GetServicePermissionByName(ctx context.Context, name string) (*ServicePermission, error)
- func (c *Client) GetServicePermissionsByServiceID(ctx context.Context, serviceID uuid.UUID) ([]ServicePermission, error)
- func (c *Client) GetServicePermissionsByServiceRoleIDInServicePermissionModel(ctx context.Context, serviceRoleID uuid.UUID) ([]ServicePermission, error)
- func (c *Client) GetServicePermissionsByServiceRoleIDInServiceRoleServicePermissionsModel(ctx context.Context, serviceRoleID uuid.UUID) ([]ServicePermission, error)
- func (c *Client) GetServiceRoleByID(ctx context.Context, id uuid.UUID) (*ServiceRole, error)
- func (c *Client) GetServiceRoleByName(ctx context.Context, name string) (*ServiceRole, error)
- func (c *Client) GetServiceRoleIDByName(ctx context.Context, name string) (*uuid.UUID, error)
- func (c *Client) GetServiceRolesByServiceAccountIDInServiceAccountModel(ctx context.Context, serviceAccountID uuid.UUID) ([]uuid.UUID, error)
- func (c *Client) GetServiceRolesByServiceAccountIDInServiceRoleModel(ctx context.Context, serviceAccountID uuid.UUID) ([]ServiceRole, error)
- func (c *Client) GetServiceRolesByServicePermissionID(ctx context.Context, servicePermissionID uuid.UUID) ([]ServiceRole, error)
- func (c *Client) GetTemporaryData(ctx context.Context, id uuid.UUID) (*TemporaryData, error)
- func (c *Client) GetTokenForUser(ctx context.Context, account UserAccount) (string, error)
- func (c *Client) InvalidateServiceAccountToken(ctx context.Context, input InvalidateServiceAccountTokenInput) error
- func (c *Client) IsRefreshTokenRevoked(input CheckRevokedInput) (bool, error)
- func (c *Client) IsServicePermissionAssignedToServiceRole(ctx context.Context, serviceRoleID, servicePermissionID uuid.UUID) (bool, error)
- func (c *Client) IsServiceRoleAssignedToServiceAccount(ctx context.Context, input IsServiceRoleAssignedToServiceAccountInput) (bool, error)
- func (c *Client) IsTokenBlacklisted(ctx context.Context, token []byte) (bool, error)
- func (c *Client) IssueServiceAccountToken(ctx context.Context, input IssueServiceAccountTokenInput) (*ServiceAccountToken, error)
- func (c *Client) ListAPIKeys() ([]APIKey, error)
- func (c *Client) ListBlacklistedTokens(ctx context.Context) ([]TokenBlacklist, error)
- func (c *Client) ListServiceAccountTokens(ctx context.Context, input ListServiceAccountTokensInput) ([]ServiceAccountToken, error)
- func (c *Client) ListServiceAccounts(ctx context.Context) ([]ServiceAccount, error)
- func (c *Client) ListServicePermissions(ctx context.Context) ([]ServicePermission, error)
- func (c *Client) ListServiceRoles(ctx context.Context) (*ListServiceRolesOutput, error)
- func (c *Client) ListTemporaryData(ctx context.Context) ([]TemporaryData, error)
- func (c *Client) Login(ctx context.Context, input LoginInput) (*LoginOutput, error)
- func (c *Client) ProcessPasswordReset(ctx context.Context, input ProcessPasswordResetInput) (*ProcessPasswordResetOutput, error)
- func (c *Client) RefreshServiceAccountToken(ctx context.Context, input RefreshServiceAccountTokenInput) (*TokenDetails, error)
- func (c *Client) RegisterServiceAccount(ctx context.Context, input RegisterServiceAccountInput) (*ServiceAccount, error)
- func (c *Client) RemoveServicePermissionFromServiceRole(ctx context.Context, input RemoveServicePermissionInput) error
- func (c *Client) RemoveServiceRoleFromServiceAccount(ctx context.Context, serviceAccountID uuid.UUID, serviceRoleID uuid.UUID) error
- func (c *Client) RemoveTokenFromBlacklist(ctx context.Context, token []byte) error
- func (c *Client) RequestServiceAccountRegistration(ctx context.Context, input RequestServiceAccountRegistrationInput) (*ServiceAccount, error)
- func (c *Client) RetrieveServiceAccountToken(ctx context.Context, serviceAccountID uuid.UUID) (*TokenDetails, error)
- func (c *Client) RevokeAllRefreshTokensForUser(ctx context.Context, input RevokeAllRefreshTokensInput) error
- func (c *Client) RevokeRefreshToken(input RevokeRefreshTokenInput) error
- func (c *Client) SaveServiceAccountKey(ctx context.Context, input SaveServiceAccountKeyInput) (*ServiceAccountKey, error)
- func (c *Client) SignData(ctx context.Context, input SignDataInput) (*SignDataOutput, error)
- func (c *Client) UpdateAPIKey(key *APIKey) (*APIKey, error)
- func (c *Client) UpdateServiceAccount(ctx context.Context, input UpdateServiceAccountInput) (*ServiceAccount, error)
- func (c *Client) UpdateServicePermission(ctx context.Context, id uuid.UUID, name, description string) (*ServicePermission, error)
- func (c *Client) UpdateServiceRole(ctx context.Context, input UpdateServiceRoleInput) (*ServiceRole, error)
- func (c *Client) UpdateTemporaryData(ctx context.Context, id uuid.UUID, data []byte, ttl time.Duration) (*TemporaryData, error)
- func (c *Client) ValidateAPIKey(apikey string) (bool, error)
- func (c *Client) ValidateAccessToken(ctx context.Context, accessToken string) (*jwt.Token, error)
- func (c *Client) ValidatePasswordResetToken(ctx context.Context, input ValidatePasswordResetTokenInput) (*ValidatePasswordResetTokenOutput, error)
- func (c *Client) ValidateRefreshToken(ctx context.Context, input ValidateRefreshTokenInput) (bool, error)
- func (c *Client) VerifyActivationToken(ctx context.Context, input VerifyActivationTokenInput) (*VerifyActivationTokenOutput, error)
- func (c *Client) VerifyPasswordResetToken(ctx context.Context, input VerifyPasswordResetTokenInput) (*VerifyPasswordResetTokenOutput, error)
- func (c *Client) VerifyServiceAccountToken(ctx context.Context, input VerifyServiceAccountTokenInput) (bool, error)
- func (c *Client) VerifyUserAuthentication(ctx context.Context, token string) (bool, error)
- type CreateActivationTokenInput
- type CreateActivationTokenOutput
- type CreateAndProcessPasswordResetInput
- type CreateAndProcessPasswordResetOutput
- type CreatePasswordResetTokenOutput
- type CreateRefreshTokenInput
- type CreateServiceRoleInput
- type DeleteActivationTokenByUserIDInput
- type DeleteActivationTokenInput
- type DeleteExpiredPasswordResetTokensInput
- type DeleteExpiredPasswordResetTokensOutput
- type DeleteExpiredRefreshTokensInput
- type DeletePasswordResetTokenByUserIDInput
- type DeletePasswordResetTokenByUserIDOutput
- type DeletePasswordResetTokenInput
- type DeletePasswordResetTokenOutput
- type ErrorResponse
- type FetchPrivateKeyInput
- type GenerateAccessTokenInput
- type GetActivationTokenByPlaintextInput
- type GetActivationTokenByPlaintextOutput
- type GetActivationTokensByUserIDInput
- type GetActivationTokensByUserIDOutput
- type GetPasswordResetTokenByPlaintextInput
- type GetPasswordResetTokenByPlaintextOutput
- type GetPasswordResetTokensByUserIDInput
- type GetPasswordResetTokensByUserIDOutput
- type GetRefreshTokenInput
- type GetRefreshTokensForUserInput
- type GetRolesForServiceAccountInput
- type GetServiceAccountTokenMetadataInput
- type InvalidateServiceAccountTokenInput
- type IsRevokedResponse
- type IsServiceRoleAssignedToServiceAccountInput
- type IssueServiceAccountTokenInput
- type ListServiceAccountTokensInput
- type ListServiceRolesOutput
- type LoginInput
- type LoginOutput
- type PasswordResetToken
- type PasswordResetTokenInput
- type ProcessPasswordResetInput
- type ProcessPasswordResetOutput
- type RefreshServiceAccountTokenInput
- type RefreshToken
- type RegisterServiceAccountInput
- type RemoveServicePermissionInput
- type RequestServiceAccountRegistrationInput
- type RevokeAllRefreshTokensInput
- type RevokeRefreshTokenInput
- type SaveServiceAccountKeyInput
- type ServiceAccount
- type ServiceAccountKey
- type ServiceAccountToken
- type ServicePermission
- type ServicePermissionsResponse
- type ServiceRole
- type ServiceRolesResponse
- type SignDataInput
- type SignDataOutput
- type TemporaryData
- type TokenBlacklist
- type TokenDetails
- type TokenService
- type UpdateServiceAccountInput
- type UpdateServiceRoleInput
- type UserAccount
- type ValidatePasswordResetTokenInput
- type ValidatePasswordResetTokenOutput
- type ValidateRefreshTokenInput
- type ValidateRefreshTokenResponse
- type ValidateResponse
- type VerifyActivationTokenInput
- type VerifyActivationTokenOutput
- type VerifyPasswordResetTokenInput
- type VerifyPasswordResetTokenOutput
- type VerifyServiceAccountTokenInput
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidInputData = errors.New("invalid input data") ErrInvalidSecretID = errors.New("invalid secret ID") ErrInvalidSecretValue = errors.New("invalid secret value") ErrInvalidProjectID = errors.New("invalid project ID") ErrFailedToCreateSecretManagerClient = errors.New("failed to create secret manager client") ErrFailedToGetSecret = errors.New("failed to get secret") ErrFailedToAuthenticateServiceAccount = errors.New("failed to authenticate service account") ErrNotFound = errors.New("not found") )
Error types
Functions ¶
This section is empty.
Types ¶
type APIKey ¶
type APIKey struct { ID uuid.UUID `json:"id"` ServiceAccountID uuid.UUID `json:"service_account_id"` APIKey string `json:"api_key"` CreatedAt time.Time `json:"created_at"` UpdatedAt time.Time `json:"updated_at"` Valid bool `json:"valid"` IsActive bool `json:"is_active"` ServiceName string `json:"service_name"` }
type ActivateUserInput ¶
type ActivateUserInput struct {
Token string `json:"token"`
}
ActivateUserInput represents the input for activating a user.
type ActivationToken ¶
type ActivationToken struct { Token string `json:"token"` UserID string `json:"user_id"` CreatedAt string `json:"created_at"` }
ActivationToken represents an activation token with its details.
type AuthRequest ¶
type AuthResponse ¶
type AuthResponse struct {
Token string `json:"token"`
}
type AuthenticateServiceAccountError ¶
func (*AuthenticateServiceAccountError) Error ¶
func (e *AuthenticateServiceAccountError) Error() string
type CheckUserAuthorizationInput ¶
type CheckUserAuthorizationInput struct { UserID string `json:"user_id"` Resource string `json:"resource"` Action string `json:"action"` }
CheckUserAuthorizationInput represents the data required to check user authorization
type CheckUserAuthorizationOutput ¶
type CheckUserAuthorizationOutput struct {
Authorized bool `json:"authorized"`
}
CheckUserAuthorizationOutput represents the response from the authorization check
type Client ¶
type Client struct { BaseURL string HttpClient *http.Client ApiKey string PublicKey ed25519.PublicKey }
Client represents an HTTP client that can be used to send requests to the authentication server.
func (*Client) ActivateUser ¶
func (c *Client) ActivateUser(ctx context.Context, input ActivateUserInput) error
ActivateUser sends a request to the activate user endpoint and returns an error if any.
func (*Client) AssignServicePermissionToServiceRole ¶
func (c *Client) AssignServicePermissionToServiceRole(ctx context.Context, input AssignServicePermissionInput) error
func (*Client) AssignServiceRoleToServiceAccount ¶
func (c *Client) AssignServiceRoleToServiceAccount(ctx context.Context, input AssignServiceRoleToServiceAccountInput) (*ServiceAccount, error)
func (*Client) AuthenticateServiceAccount ¶
func (*Client) BlacklistToken ¶
BlacklistToken blacklists the given token
func (*Client) CheckUserAuthorization ¶
func (c *Client) CheckUserAuthorization(ctx context.Context, input CheckUserAuthorizationInput) (*CheckUserAuthorizationOutput, error)
CheckUserAuthorization checks if a user is authorized to perform a certain action on a resource
func (*Client) ClearBlacklist ¶
ClearBlacklist clears the blacklist of tokens
func (*Client) CountBlacklistedTokens ¶
CountBlacklistedTokens gets the count of blacklisted tokens
func (*Client) CreateActivationToken ¶
func (c *Client) CreateActivationToken(ctx context.Context, input CreateActivationTokenInput) (*CreateActivationTokenOutput, error)
CreateActivationToken sends a request to the create activation token endpoint and returns the token on success.
func (*Client) CreateAndProcessPasswordReset ¶
func (c *Client) CreateAndProcessPasswordReset(ctx context.Context, input CreateAndProcessPasswordResetInput) (*CreateAndProcessPasswordResetOutput, error)
CreateAndProcessPasswordReset handles both the creation of the reset token and the password reset process
func (*Client) CreatePasswordResetToken ¶
func (c *Client) CreatePasswordResetToken(ctx context.Context, input PasswordResetTokenInput) (*CreatePasswordResetTokenOutput, error)
CreatePasswordResetToken sends a request to the create password reset token endpoint and returns the token on success
func (*Client) CreateRefreshToken ¶
func (c *Client) CreateRefreshToken(ctx context.Context, input CreateRefreshTokenInput) (*RefreshToken, error)
CreateRefreshToken creates a new refresh token
func (*Client) CreateServicePermission ¶
func (*Client) CreateServiceRole ¶
func (c *Client) CreateServiceRole(ctx context.Context, input CreateServiceRoleInput) (*ServiceRole, error)
func (*Client) CreateTemporaryData ¶
func (*Client) DecodeAccessToken ¶
DecodeAccessToken decodes the provided access token and returns the parsed claims
func (*Client) DeleteAPIKey ¶
DeleteAPIKey deletes the APIKey with the given id.
func (*Client) DeleteActivationToken ¶
func (c *Client) DeleteActivationToken(ctx context.Context, input DeleteActivationTokenInput) error
DeleteActivationToken sends a request to the delete activation token endpoint and returns an error on failure.
func (*Client) DeleteActivationTokenByUserID ¶
func (c *Client) DeleteActivationTokenByUserID(ctx context.Context, input DeleteActivationTokenByUserIDInput) error
DeleteActivationTokenByUserID sends a request to the delete activation tokens by user ID endpoint and returns an error on failure.
func (*Client) DeleteExpiredActivationTokens ¶
DeleteExpiredActivationTokens sends a request to the delete expired activation tokens endpoint.
func (*Client) DeleteExpiredPasswordResetTokens ¶
func (c *Client) DeleteExpiredPasswordResetTokens(ctx context.Context, input DeleteExpiredPasswordResetTokensInput) (*DeleteExpiredPasswordResetTokensOutput, error)
DeleteExpiredPasswordResetTokens sends a request to delete expired password reset tokens
func (*Client) DeleteExpiredRefreshTokens ¶
func (c *Client) DeleteExpiredRefreshTokens(ctx context.Context, input DeleteExpiredRefreshTokensInput) error
func (*Client) DeleteExpiredTemporaryData ¶
func (*Client) DeletePasswordResetToken ¶
func (c *Client) DeletePasswordResetToken(ctx context.Context, input DeletePasswordResetTokenInput) (*DeletePasswordResetTokenOutput, error)
DeletePasswordResetToken sends a request to delete a password reset token by its ID
func (*Client) DeletePasswordResetTokenByUserID ¶
func (c *Client) DeletePasswordResetTokenByUserID(ctx context.Context, input DeletePasswordResetTokenByUserIDInput) (*DeletePasswordResetTokenByUserIDOutput, error)
DeletePasswordResetTokenByUserID sends a request to delete password reset tokens for a specific user ID
func (*Client) DeleteServiceAccount ¶
func (*Client) DeleteServicePermission ¶
func (*Client) DeleteServiceRole ¶
func (*Client) DeleteTemporaryData ¶
func (*Client) DoesServicePermissionExist ¶
func (*Client) DoesServiceRoleExist ¶
func (*Client) FetchPrivateKey ¶
func (*Client) GenerateAccessToken ¶
func (c *Client) GenerateAccessToken(ctx context.Context, input GenerateAccessTokenInput, privateKey ed25519.PrivateKey, tokenTTL time.Duration) (string, error)
GenerateAccessToken generates and returns a new access token
func (*Client) GetAPIKeyByAPIKey ¶
func (*Client) GetActivationTokenByPlaintext ¶
func (c *Client) GetActivationTokenByPlaintext(ctx context.Context, input GetActivationTokenByPlaintextInput) (*GetActivationTokenByPlaintextOutput, error)
GetActivationTokenByPlaintext sends a request to the get activation token by plaintext endpoint and returns the token on success.
func (*Client) GetActivationTokensByUserID ¶
func (c *Client) GetActivationTokensByUserID(ctx context.Context, input GetActivationTokensByUserIDInput) (*GetActivationTokensByUserIDOutput, error)
GetActivationTokensByUserID sends a request to the get activation tokens by user ID endpoint and returns the tokens on success.
func (*Client) GetBlacklistedTokenDetails ¶
func (c *Client) GetBlacklistedTokenDetails(ctx context.Context, token []byte) (*TokenBlacklist, error)
GetBlacklistedTokenDetails retrieves details of a blacklisted token
func (*Client) GetPasswordResetTokenByPlaintext ¶
func (c *Client) GetPasswordResetTokenByPlaintext(ctx context.Context, input GetPasswordResetTokenByPlaintextInput) (*GetPasswordResetTokenByPlaintextOutput, error)
GetPasswordResetTokenByPlaintext sends a request to the get password reset token by plaintext endpoint and returns the token on success
func (*Client) GetPasswordResetTokensByUserID ¶
func (c *Client) GetPasswordResetTokensByUserID(ctx context.Context, input GetPasswordResetTokensByUserIDInput) (*GetPasswordResetTokensByUserIDOutput, error)
GetPasswordResetTokensByUserID sends a request to the get password reset tokens endpoint and returns the tokens on success
func (*Client) GetRefreshToken ¶
func (c *Client) GetRefreshToken(ctx context.Context, input GetRefreshTokenInput) (*RefreshToken, error)
GetRefreshToken fetches the refresh token from the auth server.
func (*Client) GetRefreshTokensForUser ¶
func (c *Client) GetRefreshTokensForUser(ctx context.Context, input GetRefreshTokensForUserInput) ([]RefreshToken, error)
GetRefreshTokensForUser sends a request to the authentication server to get all refresh tokens for a specific user.
func (*Client) GetRolesForServiceAccount ¶
func (*Client) GetServiceAccountByAPIKey ¶
func (*Client) GetServiceAccountByID ¶
func (*Client) GetServiceAccountByName ¶
func (*Client) GetServiceAccountTokenMetadata ¶
func (c *Client) GetServiceAccountTokenMetadata(ctx context.Context, input GetServiceAccountTokenMetadataInput) (*ServiceAccountToken, error)
func (*Client) GetServiceAccountsByServiceRoleID ¶
func (*Client) GetServicePermissionByID ¶
func (*Client) GetServicePermissionByName ¶
func (*Client) GetServicePermissionsByServiceID ¶
func (*Client) GetServicePermissionsByServiceRoleIDInServicePermissionModel ¶
func (*Client) GetServiceRoleByID ¶
func (*Client) GetServiceRoleByName ¶
func (*Client) GetServiceRoleIDByName ¶
func (*Client) GetServiceRolesByServiceAccountIDInServiceAccountModel ¶
func (c *Client) GetServiceRolesByServiceAccountIDInServiceAccountModel(ctx context.Context, serviceAccountID uuid.UUID) ([]uuid.UUID, error)
ge-auth/pkg/clientlib/authlib/service_accounts.go
func (*Client) GetServiceRolesByServiceAccountIDInServiceRoleModel ¶
func (*Client) GetServiceRolesByServicePermissionID ¶
func (*Client) GetTemporaryData ¶
func (*Client) GetTokenForUser ¶
GetTokenForUser sends a request to the auth server to get a token for an account (user or service account).
func (*Client) InvalidateServiceAccountToken ¶
func (c *Client) InvalidateServiceAccountToken(ctx context.Context, input InvalidateServiceAccountTokenInput) error
func (*Client) IsRefreshTokenRevoked ¶
func (c *Client) IsRefreshTokenRevoked(input CheckRevokedInput) (bool, error)
func (*Client) IsServicePermissionAssignedToServiceRole ¶
func (*Client) IsServiceRoleAssignedToServiceAccount ¶
func (*Client) IsTokenBlacklisted ¶
IsTokenBlacklisted checks if the given token is blacklisted
func (*Client) IssueServiceAccountToken ¶
func (c *Client) IssueServiceAccountToken(ctx context.Context, input IssueServiceAccountTokenInput) (*ServiceAccountToken, error)
func (*Client) ListAPIKeys ¶
ListAPIKeys retrieves all API keys.
func (*Client) ListBlacklistedTokens ¶
func (c *Client) ListBlacklistedTokens(ctx context.Context) ([]TokenBlacklist, error)
ListBlacklistedTokens retrieves the list of blacklisted tokens
func (*Client) ListServiceAccountTokens ¶
func (c *Client) ListServiceAccountTokens(ctx context.Context, input ListServiceAccountTokensInput) ([]ServiceAccountToken, error)
func (*Client) ListServiceAccounts ¶
func (c *Client) ListServiceAccounts(ctx context.Context) ([]ServiceAccount, error)
func (*Client) ListServicePermissions ¶
func (c *Client) ListServicePermissions(ctx context.Context) ([]ServicePermission, error)
func (*Client) ListServiceRoles ¶
func (c *Client) ListServiceRoles(ctx context.Context) (*ListServiceRolesOutput, error)
func (*Client) ListTemporaryData ¶
func (c *Client) ListTemporaryData(ctx context.Context) ([]TemporaryData, error)
func (*Client) Login ¶
func (c *Client) Login(ctx context.Context, input LoginInput) (*LoginOutput, error)
Login sends a request to the login endpoint and returns an access token and refresh token on successful login
func (*Client) ProcessPasswordReset ¶
func (c *Client) ProcessPasswordReset(ctx context.Context, input ProcessPasswordResetInput) (*ProcessPasswordResetOutput, error)
ProcessPasswordReset sends a request to the process password reset endpoint and returns the response on success
func (*Client) RefreshServiceAccountToken ¶
func (c *Client) RefreshServiceAccountToken(ctx context.Context, input RefreshServiceAccountTokenInput) (*TokenDetails, error)
func (*Client) RegisterServiceAccount ¶
func (c *Client) RegisterServiceAccount(ctx context.Context, input RegisterServiceAccountInput) (*ServiceAccount, error)
func (*Client) RemoveServicePermissionFromServiceRole ¶
func (c *Client) RemoveServicePermissionFromServiceRole(ctx context.Context, input RemoveServicePermissionInput) error
func (*Client) RemoveServiceRoleFromServiceAccount ¶
func (*Client) RemoveTokenFromBlacklist ¶
RemoveTokenFromBlacklist removes the given token from the blacklist
func (*Client) RequestServiceAccountRegistration ¶
func (c *Client) RequestServiceAccountRegistration(ctx context.Context, input RequestServiceAccountRegistrationInput) (*ServiceAccount, error)
func (*Client) RetrieveServiceAccountToken ¶
func (c *Client) RetrieveServiceAccountToken(ctx context.Context, serviceAccountID uuid.UUID) (*TokenDetails, error)
RetrieveServiceAccountToken retrieves or refreshes a service account token
func (*Client) RevokeAllRefreshTokensForUser ¶
func (c *Client) RevokeAllRefreshTokensForUser(ctx context.Context, input RevokeAllRefreshTokensInput) error
func (*Client) RevokeRefreshToken ¶
func (c *Client) RevokeRefreshToken(input RevokeRefreshTokenInput) error
RevokeRefreshToken revokes a refresh token by sending a POST request to the auth server.
func (*Client) SaveServiceAccountKey ¶
func (c *Client) SaveServiceAccountKey(ctx context.Context, input SaveServiceAccountKeyInput) (*ServiceAccountKey, error)
func (*Client) SignData ¶
func (c *Client) SignData(ctx context.Context, input SignDataInput) (*SignDataOutput, error)
func (*Client) UpdateServiceAccount ¶
func (c *Client) UpdateServiceAccount(ctx context.Context, input UpdateServiceAccountInput) (*ServiceAccount, error)
func (*Client) UpdateServicePermission ¶
func (*Client) UpdateServiceRole ¶
func (c *Client) UpdateServiceRole(ctx context.Context, input UpdateServiceRoleInput) (*ServiceRole, error)
func (*Client) UpdateTemporaryData ¶
func (*Client) ValidateAPIKey ¶
ValidateAPIKey validates an API key.
func (*Client) ValidateAccessToken ¶
ValidateAccessToken validates the provided access token
func (*Client) ValidatePasswordResetToken ¶
func (c *Client) ValidatePasswordResetToken(ctx context.Context, input ValidatePasswordResetTokenInput) (*ValidatePasswordResetTokenOutput, error)
ValidatePasswordResetToken sends a request to validate a password reset token
func (*Client) ValidateRefreshToken ¶
func (*Client) VerifyActivationToken ¶
func (c *Client) VerifyActivationToken(ctx context.Context, input VerifyActivationTokenInput) (*VerifyActivationTokenOutput, error)
VerifyActivationToken sends a request to verify the activation token and returns the token details on success.
func (*Client) VerifyPasswordResetToken ¶
func (c *Client) VerifyPasswordResetToken(ctx context.Context, input VerifyPasswordResetTokenInput) (*VerifyPasswordResetTokenOutput, error)
VerifyPasswordResetToken sends a request to verify a password reset token
func (*Client) VerifyServiceAccountToken ¶
type CreateActivationTokenInput ¶
type CreateActivationTokenInput struct {
UserID string `json:"user_id"`
}
CreateActivationTokenInput represents the data required to create an activation token.
type CreateActivationTokenOutput ¶
type CreateActivationTokenOutput struct {
Token string `json:"token"`
}
CreateActivationTokenOutput represents the data returned after successfully creating an activation token.
type CreateAndProcessPasswordResetInput ¶
type CreateAndProcessPasswordResetInput struct { Email string `json:"email"` NewPassword string `json:"new_password"` }
CreateAndProcessPasswordResetInput represents the combined input for creating and processing a password reset
type CreateAndProcessPasswordResetOutput ¶
type CreateAndProcessPasswordResetOutput struct { Token string `json:"token"` UserID string `json:"user_id"` }
CreateAndProcessPasswordResetOutput represents the combined output for creating and processing a password reset
type CreatePasswordResetTokenOutput ¶
type CreatePasswordResetTokenOutput struct {
Token string `json:"token"`
}
CreatePasswordResetTokenOutput represents the data returned after successfully creating a password reset token
type CreateRefreshTokenInput ¶
type CreateRefreshTokenInput struct { UserID uuid.UUID `json:"user_id"` ExpiresAt time.Time `json:"expires_at"` }
CreateRefreshTokenInput represents the required input to create a refresh token
type CreateServiceRoleInput ¶
type DeleteActivationTokenByUserIDInput ¶
type DeleteActivationTokenByUserIDInput struct {
UserID string `json:"user_id"`
}
DeleteActivationTokenByUserIDInput represents the data required to delete activation tokens by user ID.
type DeleteActivationTokenInput ¶
type DeleteActivationTokenInput struct {
TokenID string `json:"token_id"`
}
DeleteActivationTokenInput represents the data required to delete an activation token.
type DeleteExpiredPasswordResetTokensInput ¶
type DeleteExpiredPasswordResetTokensInput struct{}
DeleteExpiredPasswordResetTokensInput represents the data required to delete expired password reset tokens
type DeleteExpiredPasswordResetTokensOutput ¶
type DeleteExpiredPasswordResetTokensOutput struct {
Message string `json:"message"`
}
DeleteExpiredPasswordResetTokensOutput represents the data returned after successfully deleting expired password reset tokens
type DeleteExpiredRefreshTokensInput ¶
DeleteExpiredRefreshTokensInput represents the input for DeleteExpiredRefreshTokens
type DeletePasswordResetTokenByUserIDInput ¶
type DeletePasswordResetTokenByUserIDInput struct {
UserID string `json:"user_id"`
}
DeletePasswordResetTokenByUserIDInput represents the data required to delete password reset tokens by user ID
type DeletePasswordResetTokenByUserIDOutput ¶
type DeletePasswordResetTokenByUserIDOutput struct {
Message string `json:"message"`
}
DeletePasswordResetTokenByUserIDOutput represents the data returned after successfully deleting password reset tokens by user ID
type DeletePasswordResetTokenInput ¶
type DeletePasswordResetTokenInput struct {
TokenID string `json:"token_id"`
}
DeletePasswordResetTokenInput represents the data required to delete a password reset token
type DeletePasswordResetTokenOutput ¶
type DeletePasswordResetTokenOutput struct {
Message string `json:"message"`
}
DeletePasswordResetTokenOutput represents the data returned after successfully deleting a password reset token
type ErrorResponse ¶
type ErrorResponse struct {
Message string `json:"message"`
}
ErrorResponse represents the structure of an error response
type FetchPrivateKeyInput ¶
FetchPrivateKeyInput represents the required input to fetch a service account key
type GenerateAccessTokenInput ¶
type GenerateAccessTokenInput struct { AccountID string `json:"account_id"` SecretKey string `json:"secret_key"` }
GenerateAccessTokenInput represents the required input to generate an access token
type GetActivationTokenByPlaintextInput ¶
type GetActivationTokenByPlaintextInput struct {
Plaintext string `json:"plaintext"`
}
GetActivationTokenByPlaintextInput represents the input for getting an activation token by plaintext.
type GetActivationTokenByPlaintextOutput ¶
type GetActivationTokenByPlaintextOutput struct { Token string `json:"token"` UserID string `json:"user_id"` CreatedAt string `json:"created_at"` }
GetActivationTokenByPlaintextOutput represents the data returned after successfully getting an activation token by plaintext.
type GetActivationTokensByUserIDInput ¶
type GetActivationTokensByUserIDInput struct {
UserID string `json:"user_id"`
}
GetActivationTokensByUserIDInput represents the input for getting activation tokens by user ID.
type GetActivationTokensByUserIDOutput ¶
type GetActivationTokensByUserIDOutput struct {
Tokens []ActivationToken `json:"tokens"`
}
GetActivationTokensByUserIDOutput represents the data returned after successfully getting activation tokens by user ID.
type GetPasswordResetTokenByPlaintextInput ¶
type GetPasswordResetTokenByPlaintextInput struct {
Plaintext string `json:"plaintext"`
}
GetPasswordResetTokenByPlaintextInput represents the data required to get a password reset token by plaintext
type GetPasswordResetTokenByPlaintextOutput ¶
type GetPasswordResetTokenByPlaintextOutput struct {
Token PasswordResetToken `json:"token"`
}
GetPasswordResetTokenByPlaintextOutput represents the data returned after successfully retrieving a password reset token
type GetPasswordResetTokensByUserIDInput ¶
type GetPasswordResetTokensByUserIDInput struct {
UserID string `json:"user_id"`
}
GetPasswordResetTokensByUserIDInput represents the data required to get password reset tokens by user ID
type GetPasswordResetTokensByUserIDOutput ¶
type GetPasswordResetTokensByUserIDOutput struct {
Tokens []PasswordResetToken `json:"tokens"`
}
GetPasswordResetTokensByUserIDOutput represents the data returned after successfully retrieving password reset tokens
type GetRefreshTokenInput ¶
GetRefreshTokenInput defines the input for GetRefreshToken function.
type GetRefreshTokensForUserInput ¶
GetRefreshTokensForUserInput represents the input parameters for the GetRefreshTokensForUser function.
type GetServiceAccountTokenMetadataInput ¶
type GetServiceAccountTokenMetadataInput struct {
ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"`
}
GetServiceAccountTokenMetadataInput represents the required input to get a service account token metadata
type InvalidateServiceAccountTokenInput ¶
type InvalidateServiceAccountTokenInput struct {
ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"`
}
InvalidateServiceAccountTokenInput represents the required input to invalidate a service account token
type IsRevokedResponse ¶
type IsRevokedResponse struct {
IsRevoked bool `json:"is_revoked"`
}
type IssueServiceAccountTokenInput ¶
type IssueServiceAccountTokenInput struct {
ServiceAccountID uuid.UUID `json:"service_account_id"`
}
IssueServiceAccountTokenInput represents the required input to issue a service account token
type ListServiceAccountTokensInput ¶
type ListServiceAccountTokensInput struct {
ServiceAccountID uuid.UUID `json:"service_account_id,omitempty"` // optional
}
ListServiceAccountTokensInput represents the required input to list service account tokens
type ListServiceRolesOutput ¶
type ListServiceRolesOutput struct {
ServiceRoles []ServiceRole `json:"service_roles"`
}
ListServiceRolesOutput is the response structure for listing service roles
type LoginInput ¶
LoginInput represents the data required for login
type LoginOutput ¶
type LoginOutput struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` }
LoginOutput represents the data returned after successful login
type PasswordResetToken ¶
type PasswordResetToken struct { Token string `json:"token"` UserID string `json:"user_id"` CreatedAt string `json:"created_at"` }
PasswordResetToken represents a password reset token with its details
type PasswordResetTokenInput ¶
type PasswordResetTokenInput struct {
Email string `json:"email"`
}
PasswordResetTokenInput represents the data required to create a password reset token
type ProcessPasswordResetInput ¶
type ProcessPasswordResetInput struct { Token string `json:"token"` NewPassword string `json:"new_password"` }
ProcessPasswordResetInput represents the data required to process a password reset
type ProcessPasswordResetOutput ¶
type ProcessPasswordResetOutput struct {
UserID string `json:"user_id"`
}
ProcessPasswordResetOutput represents the data returned after successfully processing a password reset
type RefreshServiceAccountTokenInput ¶
type RefreshServiceAccountTokenInput struct { ServiceAccountTokenID uuid.UUID `json:"service_account_token_id"` RefreshToken string `json:"refresh_token"` }
RefreshServiceAccountTokenInput represents the required input to refresh a service account token
type RefreshToken ¶
type RefreshToken struct { ID uuid.UUID `json:"id"` UserID uuid.UUID `json:"user_id"` TokenHash []byte `json:"token_hash"` IssuedAt time.Time `json:"issued_at"` ExpiresAt time.Time `json:"expires_at"` IsRevoked bool `json:"is_revoked"` }
RefreshToken represents the structure of a refresh token
type RequestServiceAccountRegistrationInput ¶
type RequestServiceAccountRegistrationInput struct { ServiceName string `json:"service_name"` ApiKey string `json:"api_key,omitempty"` // Optional, if you want to include an ApiKey BootstrapToken string `json:"bootstrap_token,omitempty"` // Optional, if you want to include a BootstrapToken Roles []string `json:"roles"` }
type RevokeRefreshTokenInput ¶
RevokeRefreshTokenInput represents the input parameters for RevokeRefreshToken function
type SaveServiceAccountKeyInput ¶
SaveServiceAccountKeyInput represents the required input to save a service account key
type ServiceAccount ¶
type ServiceAccount struct { ID uuid.UUID `db:"id" json:"id"` Secret string `db:"secret" json:"-"` HashedSecret string `json:"hashed_secret"` ServiceName string `db:"service_name" json:"service_name"` ServiceRoles []string `json:"service_roles"` CreatedAt time.Time `db:"created_at" json:"created_at"` ExpiresAt *time.Time `db:"expires_at" json:"expires_at,omitempty"` IsActive bool `json:"is_active"` APIKey string `json:"-"` // Omit API Key in JSON responses by default. AccessToken string `json:"-"` // Omit AccessToken in JSON responses by default. RefreshToken string `json:"-"` // Omit RefreshToken in JSON responses by default. }
type ServiceAccountKey ¶
type ServiceAccountKey struct { ID uuid.UUID `json:"id"` ServiceAccountID uuid.UUID `json:"service_account_id"` PublicKey []byte `json:"public_key"` PrivateKey []byte `json:"private_key"` CreatedAt time.Time `json:"created_at"` }
ServiceAccountKey represents the structure of a service account key
type ServiceAccountToken ¶
type ServiceAccountToken struct { ID uuid.UUID `json:"id"` ServiceAccountID uuid.UUID `json:"service_account_id"` Token string `json:"token"` RefreshToken string `json:"refresh_token"` IssuedAt time.Time `json:"issued_at"` TokenExpiresAt time.Time `json:"token_expires_at"` RefreshTokenExpiresAt time.Time `json:"refresh_token_expires_at"` }
ServiceAccountToken represents the structure of a service account token
type ServicePermission ¶
type ServicePermissionsResponse ¶
type ServicePermissionsResponse struct {
ServicePermissions []ServicePermission `json:"service_permissions"`
}
type ServiceRole ¶
type ServiceRole struct { ID uuid.UUID `json:"id"` Name string `json:"name"` Description string `json:"description"` Permissions []ServicePermission `json:"permissions"` }
type ServiceRolesResponse ¶
type ServiceRolesResponse struct {
ServiceRoles []ServiceRole `json:"service_roles"`
}
type SignDataInput ¶
type SignDataInput struct { ServiceAccountID uuid.UUID `json:"service_account_id"` Data []byte `json:"data"` }
SignDataInput represents the required input to sign data
type SignDataOutput ¶
type SignDataOutput struct {
Signature []byte `json:"signature"`
}
SignDataOutput represents the response from the sign data API
type TemporaryData ¶
type TemporaryData struct { ID uuid.UUID `json:"id"` Data []byte `json:"data"` CreatedAt time.Time `json:"created_at"` ExpiresAt time.Time `json:"expires_at"` }
TemporaryData represents the structure of a temporary data entry
type TokenBlacklist ¶
TokenBlacklist represents the structure of a blacklisted token
type TokenDetails ¶
type TokenDetails struct { AccessToken string `json:"access_token"` RefreshToken string `json:"refresh_token"` AtExpires int64 `json:"at_expires"` RtExpires int64 `json:"rt_expires"` }
TokenDetails represents the structure of issued tokens and their expiry details
type TokenService ¶
type TokenService struct { PrivateKey ed25519.PrivateKey TokenTTL time.Duration }
type UpdateServiceAccountInput ¶
type UpdateServiceAccountInput struct { ServiceAccount *ServiceAccount `json:"service_account"` ApiKey string `json:"api_key,omitempty"` // Optional, if you want to include an ApiKey }
type UpdateServiceRoleInput ¶
type UserAccount ¶
Account represents an entity (user or service account) that can authenticate.
type ValidatePasswordResetTokenInput ¶
type ValidatePasswordResetTokenInput struct {
Token string `json:"token"`
}
ValidatePasswordResetTokenInput represents the input required to validate a password reset token
type ValidatePasswordResetTokenOutput ¶
type ValidatePasswordResetTokenOutput struct { Valid bool `json:"valid"` CreatedAt string `json:"createdAt"` Expiry string `json:"expiry"` }
ValidatePasswordResetTokenOutput represents the data returned after successfully validating a password reset token
type ValidateResponse ¶
type ValidateResponse struct {
IsValid bool `json:"is_valid"`
}
type VerifyActivationTokenInput ¶
type VerifyActivationTokenInput struct {
Token string `json:"token"`
}
VerifyActivationTokenInput represents the input required to verify an activation token.
type VerifyActivationTokenOutput ¶
type VerifyActivationTokenOutput struct { Token string `json:"token"` UserID string `json:"user_id"` CreatedAt string `json:"created_at"` Valid bool `json:"valid"` }
VerifyActivationTokenOutput represents the output after verifying an activation token.
type VerifyPasswordResetTokenInput ¶
type VerifyPasswordResetTokenInput struct {
Token string `json:"token"`
}
VerifyPasswordResetTokenInput represents the input required to verify a password reset token
type VerifyPasswordResetTokenOutput ¶
type VerifyPasswordResetTokenOutput struct {
Valid bool `json:"valid"`
}
VerifyPasswordResetTokenOutput represents the data returned after successfully verifying a password reset token