Affected by GO-2022-0388 and 3 other vulnerabilities

GO-2022-0388: Argo Server TLS requests could be forged by attacker with network access in github.com/argoproj/argo-workflows

GO-2022-0405: Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client` in github.com/argoproj/argo-workflows

GO-2022-0928: Workflow re-write vulnerability using input parameter in github.com/argoproj/argo-workflows

GO-2024-3226: Argo Workflows Controller: Denial of Service via malicious daemon Workflows in github.com/argoproj/argo-workflows

The highest tagged major version is v3.

session

package

v0.3.1 Latest Latest Go to latest Published: Apr 24, 2018 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/argoproj/argo-workflows

Links

Open Source Insights

Documentation ¶

Index ¶

func MakeSignature(size int) ([]byte, error)
type SessionManager
- func MakeSessionManager(secretKey []byte) SessionManager
type SessionManagerTokenClaims

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func MakeSignature ¶

func MakeSignature(size int) ([]byte, error)

MakeSignature generates a cryptographically-secure pseudo-random token, based on a given number of random bytes, for signing purposes.

Types ¶

type SessionManager ¶

type SessionManager struct {
	// contains filtered or unexported fields
}

SessionManager generates and validates JWT tokens for login sessions.

func MakeSessionManager ¶

func MakeSessionManager(secretKey []byte) SessionManager

MakeSessionManager creates a new session manager with the given secret key.

func (SessionManager) Create ¶

func (mgr SessionManager) Create(subject string) (string, error)

Create creates a new token for a given subject (user) and returns it as a string.

func (SessionManager) LoginLocalUser ¶

func (mgr SessionManager) LoginLocalUser(username, password string, users map[string]string) (string, error)

LoginLocalUser checks if a username/password combo is correct and creates a new token if so. [TODO] This may belong elsewhere.

func (SessionManager) Parse ¶

func (mgr SessionManager) Parse(tokenString string) (*SessionManagerTokenClaims, error)

Parse tries to parse the provided string and returns the token claims.

type SessionManagerTokenClaims ¶

type SessionManagerTokenClaims struct {
	//Foo string `json:"foo"`
	jwt.StandardClaims
}

SessionManagerTokenClaims holds claim metadata for a token.

Source Files ¶

View all Source files

sessionmanager.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL