identity

package
v0.0.0-...-2b8ec9a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 1, 2023 License: Apache-2.0 Imports: 10 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	CandidateKeyIdentityID = "identity_id"
	CandidateKeyType       = "type"

	CandidateKeyProviderType      = "provider_type"
	CandidateKeyProviderAlias     = "provider_alias"
	CandidateKeyProviderSubjectID = "provider_subject_id"
	CandidateKeyProviderAppType   = "provider_app_type"

	CandidateKeyLoginIDType  = "login_id_type"
	CandidateKeyLoginIDKey   = "login_id_key"
	CandidateKeyLoginIDValue = "login_id_value"

	CandidateKeyDisplayID = "display_id"

	CandidateKeyModifyDisabled = "modify_disabled"
)
View Source 
const (
	// IdentityClaimOAuthProviderType is a claim with a string value.
	IdentityClaimOAuthProviderType string = "https://authgear.com/claims/oauth/provider_type"
	// IdentityClaimOAuthProviderAlias is a claim with a string value.
	IdentityClaimOAuthProviderAlias string = "https://authgear.com/claims/oauth/provider_alias"
	// IdentityClaimOAuthSubjectID is a claim with a string value like `1098765432`.
	IdentityClaimOAuthSubjectID string = "https://authgear.com/claims/oauth/subject_id"
	// IdentityClaimOAuthData is a claim with a map value containing raw OAuth provider profile.
	IdentityClaimOAuthProfile string = "https://authgear.com/claims/oauth/profile"

	// IdentityClaimLoginIDType is a claim with a string value indicating the type of login ID.
	IdentityClaimLoginIDType string = "https://authgear.com/claims/login_id/type"
	// IdentityClaimLoginIDValue is a claim with a string value indicating the key of login ID.
	IdentityClaimLoginIDKey string = "https://authgear.com/claims/login_id/key"
	// IdentityClaimLoginIDOriginalValue is a claim with a string value indicating the value of original login ID.
	IdentityClaimLoginIDOriginalValue string = "https://authgear.com/claims/login_id/original_value"
	// IdentityClaimLoginIDValue is a claim with a string value indicating the value of login ID.
	IdentityClaimLoginIDValue string = "https://authgear.com/claims/login_id/value"

	// IdentityClaimAnonymousKeyID is a claim with a string value containing anonymous key ID.
	IdentityClaimAnonymousKeyID string = "https://authgear.com/claims/anonymous/key_id"

	// IdentityClaimBiometricKeyID is a claim with a string value containing biometric key ID.
	IdentityClaimBiometricKeyID string = "https://authgear.com/claims/biometric/key_id"
	// IdentityClaimBiometricDeviceInfo is a claim with a map value containing device info.
	IdentityClaimBiometricDeviceInfo string = "https://authgear.com/claims/biometric/device_info"
	// IdentityClaimBiometricFormattedDeviceInfo is a claim with a string value indicating formatted device info for display.
	IdentityClaimBiometricFormattedDeviceInfo string = "https://authgear.com/claims/biometric/formatted_device_info"

	// IdentityClaimPasskeyCredentialID is a claim with a string value.
	// nolint: gosec
	IdentityClaimPasskeyCredentialID string = "https://authgear.com/claims/passkey/credential_id"
	// nolint: gosec
	IdentityClaimPasskeyDisplayName string = "https://authgear.com/claims/passkey/display_name"

	// IdentityClaimSIWEAddress is a claim with a string value.
	IdentityClaimSIWEAddress string = "https://authgear.com/claims/siwe/address"
	// IdentityClaimSIWEChainID is a claim with an interger value.
	IdentityClaimSIWEChainID string = "https://authgear.com/claims/siwe/chain_id"

	StandardClaimEmail             string = "email"
	StandardClaimPhoneNumber       string = "phone_number"
	StandardClaimPreferredUsername string = "preferred_username"
)

Variables

View Source 
var ErrIdentityAlreadyExists = errors.New("identity already exists")
View Source 
var ErrIdentityNotFound = errors.New("identity not found")

Functions

func IsOAuthSSOProviderTypeDisabled 

func IsOAuthSSOProviderTypeDisabled(typ config.OAuthSSOProviderType, featureConfig *config.OAuthSSOProvidersFeatureConfig) bool

Types

type Anonymous 

type Anonymous struct {
	ID        string    `json:"id"`
	CreatedAt time.Time `json:"created_at"`
	UpdatedAt time.Time `json:"updated_at"`
	UserID    string    `json:"user_id"`
	KeyID     string    `json:"key_id"`
	Key       []byte    `json:"key"`
}

func (*Anonymous) ToInfo 

func (i *Anonymous) ToInfo() *Info

func (*Anonymous) ToJWK 

func (i *Anonymous) ToJWK() (jwk.Key, error)

type AnonymousSpec 

type AnonymousSpec struct {
	KeyID              string `json:"key_id,omitempty"`
	Key                string `json:"key,omitempty"`
	ExistingUserID     string `json:"existing_user_id,omitempty"`
	ExistingIdentityID string `json:"existing_identity_id,omitempty"`
}

type Biometric 

type Biometric struct {
	ID         string                 `json:"id"`
	CreatedAt  time.Time              `json:"created_at"`
	UpdatedAt  time.Time              `json:"updated_at"`
	UserID     string                 `json:"user_id"`
	KeyID      string                 `json:"key_id"`
	Key        []byte                 `json:"key"`
	DeviceInfo map[string]interface{} `json:"device_info"`
}

func (*Biometric) FormattedDeviceInfo 

func (i *Biometric) FormattedDeviceInfo() string

func (*Biometric) ToInfo 

func (i *Biometric) ToInfo() *Info

func (*Biometric) ToJWK 

func (i *Biometric) ToJWK() (jwk.Key, error)

type BiometricSpec 

type BiometricSpec struct {
	KeyID      string                 `json:"key_id,omitempty"`
	Key        string                 `json:"key,omitempty"`
	DeviceInfo map[string]interface{} `json:"device_info,omitempty"`
}

type Candidate 

type Candidate map[string]interface{}

func NewLoginIDCandidate 

func NewLoginIDCandidate(c *config.LoginIDKeyConfig) Candidate

func NewOAuthCandidate 

func NewOAuthCandidate(c *config.OAuthSSOProviderConfig) Candidate

func NewSIWECandidate 

func NewSIWECandidate() Candidate

type Filter 

type Filter interface {
	Keep(ii *Info) bool
}

func KeepType 

func KeepType(types ...model.IdentityType) Filter

type FilterFunc 

type FilterFunc func(ii *Info) bool
var KeepIdentifiable FilterFunc = func(ii *Info) bool {
	switch ii.Type {
	case model.IdentityTypeLoginID:
		return true
	case model.IdentityTypeOAuth:
		return true
	case model.IdentityTypeAnonymous:
		return false
	case model.IdentityTypeBiometric:
		return false
	case model.IdentityTypePasskey:
		return false
	case model.IdentityTypeSIWE:
		return false
	default:
		panic(fmt.Sprintf("identity: unexpected identity type: %s", ii.Type))
	}
}

KeepIdentifiable keeps Login ID identity and OAuth identity.

func (FilterFunc) Keep 

func (f FilterFunc) Keep(ii *Info) bool

type Info 

type Info struct {
	ID        string             `json:"id"`
	UserID    string             `json:"user_id"`
	CreatedAt time.Time          `json:"created_at"`
	UpdatedAt time.Time          `json:"updated_at"`
	Type      model.IdentityType `json:"type"`

	LoginID   *LoginID   `json:"login_id,omitempty"`
	OAuth     *OAuth     `json:"oauth,omitempty"`
	Anonymous *Anonymous `json:"anonymous,omitempty"`
	Biometric *Biometric `json:"biometric,omitempty"`
	Passkey   *Passkey   `json:"passkey,omitempty"`
	SIWE      *SIWE      `json:"siwe,omitempty"`
}

func ApplyFilters 

func ApplyFilters(iis []*Info, filters ...Filter) (out []*Info)

func (*Info) AMR 

func (i *Info) AMR() []string

func (*Info) AllStandardClaims 

func (i *Info) AllStandardClaims() map[string]interface{}

func (*Info) DisplayID 

func (i *Info) DisplayID() string

DisplayID returns a string that is suitable for the owner to identify the identity. If it is a Login ID identity, the original login ID value is returned. If it is a OAuth identity, email, phone_number or preferred_username is returned. If it is a anonymous identity, the kid is returned. If it is a biometric identity, the kid is returned. If it is a passkey identity, the name is returned. If it is a SIWE identity, EIP681 of the address and chainID is returned

func (*Info) GetMeta 

func (i *Info) GetMeta() model.Meta

func (*Info) IdentityAwareStandardClaims 

func (i *Info) IdentityAwareStandardClaims() map[model.ClaimName]string

func (*Info) ModifyDisabled 

func (i *Info) ModifyDisabled(c *config.IdentityConfig) bool

func (*Info) PrimaryAuthenticatorTypes 

func (i *Info) PrimaryAuthenticatorTypes() []model.AuthenticatorType

func (*Info) ToModel 

func (i *Info) ToModel() model.Identity

func (*Info) ToRef 

func (i *Info) ToRef() *model.IdentityRef

func (*Info) ToSpec 

func (i *Info) ToSpec() Spec

type LoginID 

type LoginID struct {
	ID              string                 `json:"id"`
	CreatedAt       time.Time              `json:"created_at"`
	UpdatedAt       time.Time              `json:"updated_at"`
	UserID          string                 `json:"user_id"`
	LoginIDKey      string                 `json:"login_id_key"`
	LoginIDType     model.LoginIDKeyType   `json:"login_id_type"`
	LoginID         string                 `json:"login_id"`
	OriginalLoginID string                 `json:"original_login_id"`
	UniqueKey       string                 `json:"unique_key"`
	Claims          map[string]interface{} `json:"claims,omitempty"`
}

func (*LoginID) ToChannelTarget 

func (i *LoginID) ToChannelTarget() (model.AuthenticatorOOBChannel, string)

func (*LoginID) ToInfo 

func (i *LoginID) ToInfo() *Info

type LoginIDSpec 

type LoginIDSpec struct {
	Key   string               `json:"key"`
	Type  model.LoginIDKeyType `json:"type"`
	Value string               `json:"value"`
}

type NewIdentityOptions 

type NewIdentityOptions struct {
	LoginIDEmailByPassBlocklistAllowlist bool
}

type OAuth 

type OAuth struct {
	ID                string                 `json:"id"`
	CreatedAt         time.Time              `json:"created_at"`
	UpdatedAt         time.Time              `json:"updated_at"`
	UserID            string                 `json:"user_id"`
	ProviderID        config.ProviderID      `json:"provider_id"`
	ProviderSubjectID string                 `json:"provider_subject_id"`
	UserProfile       map[string]interface{} `json:"user_profile,omitempty"`
	Claims            map[string]interface{} `json:"claims,omitempty"`
	// This is a derived field and NOT persisted to database.
	// We still include it in JSON serialization so it can be persisted in the graph.
	ProviderAlias string `json:"provider_alias,omitempty"`
}

func (*OAuth) ToInfo 

func (i *OAuth) ToInfo() *Info

type OAuthSpec 

type OAuthSpec struct {
	ProviderID     config.ProviderID      `json:"provider_id"`
	SubjectID      string                 `json:"subject_id"`
	RawProfile     map[string]interface{} `json:"raw_profile,omitempty"`
	StandardClaims map[string]interface{} `json:"standard_claims,omitempty"`
}

type Passkey 

type Passkey struct {
	ID                  string                         `json:"id"`
	CreatedAt           time.Time                      `json:"created_at"`
	UpdatedAt           time.Time                      `json:"updated_at"`
	UserID              string                         `json:"user_id"`
	CredentialID        string                         `json:"credential_id"`
	CreationOptions     *model.WebAuthnCreationOptions `json:"creation_options,omitempty"`
	AttestationResponse []byte                         `json:"attestation_response,omitempty"`
}

func (*Passkey) ToInfo 

func (i *Passkey) ToInfo() *Info

type PasskeySpec 

type PasskeySpec struct {
	AttestationResponse []byte `json:"attestation_response,omitempty"`
	AssertionResponse   []byte `json:"assertion_response,omitempty"`
}

type SIWE 

type SIWE struct {
	ID        string     `json:"id"`
	CreatedAt time.Time  `json:"created_at"`
	UpdatedAt time.Time  `json:"updated_at"`
	UserID    string     `json:"user_id"`
	ChainID   int        `json:"chain_id"`
	Address   web3.EIP55 `json:"address"`

	Data *model.SIWEVerifiedData `json:"data"`
}

func (*SIWE) ToContractID 

func (i *SIWE) ToContractID() (*web3.ContractID, error)

func (*SIWE) ToERC681 

func (i *SIWE) ToERC681() (*web3.EIP681, error)

func (*SIWE) ToInfo 

func (i *SIWE) ToInfo() *Info

type SIWESpec 

type SIWESpec struct {
	Message   string `json:"message"`
	Signature string `json:"signature"`
}

type Spec 

type Spec struct {
	Type model.IdentityType `json:"type"`

	LoginID   *LoginIDSpec   `json:"login_id,omitempty"`
	OAuth     *OAuthSpec     `json:"oauth,omitempty"`
	Anonymous *AnonymousSpec `json:"anonymous,omitempty"`
	Biometric *BiometricSpec `json:"biometric,omitempty"`
	Passkey   *PasskeySpec   `json:"passkey,omitempty"`
	SIWE      *SIWESpec      `json:"siwe,omitempty"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.