Documentation
¶
Index ¶
- Constants
- Variables
- func GetRecognizedMobileDevice(ua string) (string, bool)
- type AccountIdentifier
- type Authenticator
- type AuthenticatorKind
- type AuthenticatorOOBChannel
- type AuthenticatorType
- type Authorization
- type BlockIdentifier
- type ClaimName
- type Contract
- type Domain
- type ElasticsearchUserRaw
- type ElasticsearchUserSource
- type EthereumNetwork
- type GetContractMetadataRequest
- type GetContractMetadataResult
- type Group
- type Identity
- type IdentityRef
- type IdentityType
- type ListOwnerNFTsRequest
- type LoginIDKeyType
- type Meta
- type NFT
- type NFTCollection
- type NFTOwnership
- type NetworkIdentifier
- type PageCursor
- type PageItemRef
- type ProbeCollectionRequest
- type ProbeCollectionResult
- type PublicKeyCredentialCreationOptions
- type PublicKeyCredentialDescriptor
- type PublicKeyCredentialParameter
- type PublicKeyCredentialRequestOptions
- type PublicKeyCredentialRpEntity
- type PublicKeyCredentialUserEntity
- type RecognizedMobileDevice
- type Role
- type SIWEPublicKey
- type SIWEVerificationRequest
- type SIWEVerifiedData
- type SIWEWallet
- type Session
- type SessionInfo
- type SessionType
- type SortDirection
- type Token
- type TransactionIdentifier
- type User
- type UserAgent
- type UserRef
- type UserWeb3Info
- type WebAuthnCreationOptions
- type WebAuthnRequestOptions
Constants ¶
View Source
const ( // AMRPWD is from https://tools.ietf.org/html/rfc8176#section-2 AMRPWD string = "pwd" // AMROTP is from https://tools.ietf.org/html/rfc8176#section-2 AMROTP string = "otp" // AMRSMS is from https://tools.ietf.org/html/rfc8176#section-2 AMRSMS string = "sms" // AMRMFA is from https://tools.ietf.org/html/rfc8176#section-2 AMRMFA string = "mfa" // AMRXBiometric exists because rfc8176 does not have a general // value for any biometric authentication. AMRXBiometric string = "x_biometric" // AMRXPasskey exists because rfc8176 does not a general // value for passkey. AMRXPasskey string = "x_passkey" )
View Source
const ( RecognizedMobileDeviceIOS = "iOS" RecognizedMobileDeviceChromeAndroid = "ChromeAndroid" RecognizedMobileDeviceChrome = "Chrome" RecognizedMobileDeviceSamsung = "Samsung" )
Variables ¶
View Source
var LoginIDKeyTypes = []LoginIDKeyType{ LoginIDKeyTypeEmail, LoginIDKeyTypePhone, LoginIDKeyTypeUsername, }
Functions ¶
Types ¶
type AccountIdentifier ¶
type AccountIdentifier struct {
Address string `json:"address"`
}
type Authenticator ¶
type Authenticator struct {
Meta
UserID string `json:"user_id"`
Type AuthenticatorType `json:"type"`
IsDefault bool `json:"is_default"`
Kind AuthenticatorKind `json:"kind"`
}
type AuthenticatorKind ¶
type AuthenticatorKind string
const ( AuthenticatorKindPrimary AuthenticatorKind = "primary" AuthenticatorKindSecondary AuthenticatorKind = "secondary" )
type AuthenticatorOOBChannel ¶
type AuthenticatorOOBChannel string
const ( AuthenticatorOOBChannelSMS AuthenticatorOOBChannel = "sms" AuthenticatorOOBChannelEmail AuthenticatorOOBChannel = "email" AuthenticatorOOBChannelWhatsapp AuthenticatorOOBChannel = "whatsapp" )
type AuthenticatorType ¶
type AuthenticatorType string
const ( AuthenticatorTypePassword AuthenticatorType = "password" AuthenticatorTypePasskey AuthenticatorType = "passkey" AuthenticatorTypeTOTP AuthenticatorType = "totp" AuthenticatorTypeOOBEmail AuthenticatorType = "oob_otp_email" AuthenticatorTypeOOBSMS AuthenticatorType = "oob_otp_sms" )
func Deprecated_GetOOBAuthenticatorType ¶
func Deprecated_GetOOBAuthenticatorType(channel AuthenticatorOOBChannel) (AuthenticatorType, error)
Deprecated_GetOOBAuthenticatorType is deprecated because it does not handle AuthenticatorOOBChannelWhatsapp.
func ParseOOBAuthenticatorType ¶
func ParseOOBAuthenticatorType(email_or_sms string) (AuthenticatorType, error)
func (AuthenticatorType) ToClaimName ¶
func (t AuthenticatorType) ToClaimName() ClaimName
type Authorization ¶
type BlockIdentifier ¶
type ClaimName ¶
type ClaimName string
const ( ClaimAMR ClaimName = "amr" ClaimSID ClaimName = "sid" ClaimAuthTime ClaimName = "auth_time" ClaimEmail ClaimName = "email" ClaimPhoneNumber ClaimName = "phone_number" ClaimPreferredUsername ClaimName = "preferred_username" ClaimDeviceSecretHash ClaimName = "ds_hash" ClaimAuthgearRoles ClaimName = "https://authgear.com/claims/user/roles" ClaimKeyID ClaimName = "https://authgear.com/claims/user/key_id" ClaimUserIsAnonymous ClaimName = "https://authgear.com/claims/user/is_anonymous" ClaimUserIsVerified ClaimName = "https://authgear.com/claims/user/is_verified" ClaimUserCanReauthenticate ClaimName = "https://authgear.com/claims/user/can_reauthenticate" )
func GetLoginIDKeyTypeClaim ¶
func GetLoginIDKeyTypeClaim(loginIDKeyType LoginIDKeyType) (ClaimName, bool)
type Domain ¶
type Domain struct {
ID string `json:"id"`
AppID string `json:"appID"`
CreatedAt time.Time `json:"createdAt"`
Domain string `json:"domain"`
CookieDomain string `json:"cookieDomain"`
ApexDomain string `json:"apexDomain"`
VerificationDNSRecord string `json:"verificationDNSRecord"`
IsCustom bool `json:"isCustom"`
IsVerified bool `json:"isVerified"`
}
Domain represents a domain of an app. The keys in JSON struct tags are in camel case because this struct is directly returned in the GraphQL endpoint. Making the keys in camel case saves us from writing boilerplate resolver code.
type ElasticsearchUserRaw ¶
type ElasticsearchUserRaw struct {
ID string
AppID string
CreatedAt time.Time
UpdatedAt time.Time
LastLoginAt *time.Time
IsDisabled bool
Email []string
PreferredUsername []string
PhoneNumber []string
OAuthSubjectID []string
StandardAttributes map[string]interface{}
Groups []*Group
EffectiveRoles []*Role
}
type ElasticsearchUserSource ¶
type ElasticsearchUserSource struct {
ID string `json:"id,omitempty"`
AppID string `json:"app_id,omitempty"`
CreatedAt time.Time `json:"created_at,omitempty"`
UpdatedAt time.Time `json:"updated_at,omitempty"`
LastLoginAt *time.Time `json:"last_login_at,omitempty"`
IsDisabled bool `json:"is_disabled"`
Email []string `json:"email,omitempty"`
EmailText []string `json:"email_text,omitempty"`
EmailLocalPart []string `json:"email_local_part,omitempty"`
EmailLocalPartText []string `json:"email_local_part_text,omitempty"`
EmailDomain []string `json:"email_domain,omitempty"`
EmailDomainText []string `json:"email_domain_text,omitempty"`
PreferredUsername []string `json:"preferred_username,omitempty"`
PreferredUsernameText []string `json:"preferred_username_text,omitempty"`
PhoneNumber []string `json:"phone_number,omitempty"`
PhoneNumberText []string `json:"phone_number_text,omitempty"`
PhoneNumberCountryCode []string `json:"phone_number_country_code,omitempty"`
PhoneNumberNationalNumber []string `json:"phone_number_national_number,omitempty"`
PhoneNumberNationalNumberText []string `json:"phone_number_national_number_text,omitempty"`
OAuthSubjectID []string `json:"oauth_subject_id,omitempty"`
OAuthSubjectIDText []string `json:"oauth_subject_id_text,omitempty"`
FamilyName string `json:"family_name,omitempty"`
GivenName string `json:"given_name,omitempty"`
MiddleName string `json:"middle_name,omitempty"`
Name string `json:"name,omitempty"`
Nickname string `json:"nickname,omitempty"`
Gender string `json:"gender,omitempty"`
Zoneinfo string `json:"zoneinfo,omitempty"`
Locale string `json:"locale,omitempty"`
Formatted string `json:"formatted,omitempty"`
StreetAddress string `json:"street_address,omitempty"`
Locality string `json:"locality,omitempty"`
Region string `json:"region,omitempty"`
PostalCode string `json:"postal_code,omitempty"`
Country string `json:"country,omitempty"`
RoleKey []string `json:"role_key,omitempty"`
RoleName []string `json:"role_name,omitempty"`
GroupKey []string `json:"group_key,omitempty"`
GroupName []string `json:"group_name,omitempty"`
}
type EthereumNetwork ¶
type EthereumNetwork string
const ( EthereumNetworkEthereumMainnet EthereumNetwork = "1" EthereumNetworkEthereumGoerli EthereumNetwork = "5" EthereumNetworkPolygonMainnet EthereumNetwork = "137" EthereumNetworkPolygonMumbai EthereumNetwork = "80001" )
func ParseEthereumNetwork ¶
func ParseEthereumNetwork(s string) (EthereumNetwork, bool)
type GetContractMetadataRequest ¶
type GetContractMetadataRequest struct {
ContractIDs []string `json:"contract_ids"`
}
type GetContractMetadataResult ¶
type GetContractMetadataResult struct {
Collections []NFTCollection `json:"collections"`
}
type IdentityRef ¶
type IdentityRef struct {
Meta
UserID string
Type IdentityType
}
func (*IdentityRef) ToRef ¶
func (r *IdentityRef) ToRef() *IdentityRef
type IdentityType ¶
type IdentityType string
const ( IdentityTypeLoginID IdentityType = "login_id" IdentityTypeOAuth IdentityType = "oauth" IdentityTypeAnonymous IdentityType = "anonymous" IdentityTypeBiometric IdentityType = "biometric" IdentityTypePasskey IdentityType = "passkey" IdentityTypeSIWE IdentityType = "siwe" IdentityTypeLDAP IdentityType = "ldap" )
func (IdentityType) PrimaryAuthenticatorTypes ¶
func (t IdentityType) PrimaryAuthenticatorTypes(loginIDKeyType LoginIDKeyType) []AuthenticatorType
func (IdentityType) SupportsPassword ¶
func (t IdentityType) SupportsPassword() bool
This indicates whether the identity type can be used for password-related usage e.g. reset password, change password by admin. After account linking is introduced, different users may have different OAuth accounts with same email. To avoid ambiguity, we only allow login ID to be used for password login.
type ListOwnerNFTsRequest ¶
type LoginIDKeyType ¶
type LoginIDKeyType string
const ( LoginIDKeyTypeEmail LoginIDKeyType = "email" LoginIDKeyTypePhone LoginIDKeyType = "phone" LoginIDKeyTypeUsername LoginIDKeyType = "username" )
func GetClaimLoginIDKeyType ¶
func GetClaimLoginIDKeyType(claimName ClaimName) (LoginIDKeyType, bool)
type Meta ¶
type NFTCollection ¶
type NFTCollection struct {
ID string `json:"id"`
Blockchain string `json:"blockchain"`
Network string `json:"network"`
Name string `json:"name"`
ContractAddress string `json:"contract_address"`
TotalSupply *big.Int `json:"total_supply"`
TokenType string `json:"type"`
CreatedAt time.Time `json:"created_at"`
}
type NFTOwnership ¶
type NFTOwnership struct {
AccountIdentifier AccountIdentifier `json:"account_identifier"`
NetworkIdentifier NetworkIdentifier `json:"network_identifier"`
NFTs []NFT `json:"nfts"`
}
func (*NFTOwnership) EndUserAccountID ¶
func (s *NFTOwnership) EndUserAccountID() string
type NetworkIdentifier ¶
type PageCursor ¶
type PageCursor string
type PageItemRef ¶
type PageItemRef struct {
ID string
Cursor PageCursor
}
type ProbeCollectionRequest ¶
type ProbeCollectionRequest struct {
ContractID string `json:"contract_id"`
}
type ProbeCollectionResult ¶
type ProbeCollectionResult struct {
IsLargeCollection bool `json:"is_large_collection"`
}
type PublicKeyCredentialCreationOptions ¶
type PublicKeyCredentialCreationOptions struct {
Challenge protocol.URLEncodedBase64 `json:"challenge"`
RelyingParty PublicKeyCredentialRpEntity `json:"rp"`
User PublicKeyCredentialUserEntity `json:"user"`
PublicKeyCredentialParameters []PublicKeyCredentialParameter `json:"pubKeyCredParams,omitempty"`
Timeout int `json:"timeout"`
ExcludeCredentials []PublicKeyCredentialDescriptor `json:"excludeCredentials,omitempty"`
AuthenticatorSelection protocol.AuthenticatorSelection `json:"authenticatorSelection"`
Attestation protocol.ConveyancePreference `json:"attestation"`
Extensions map[string]interface{} `json:"extensions,omitempty"`
}
type PublicKeyCredentialDescriptor ¶
type PublicKeyCredentialDescriptor struct {
Type protocol.CredentialType `json:"type"`
ID protocol.URLEncodedBase64 `json:"id"`
Transports []string `json:"transports,omitempty"`
}
type PublicKeyCredentialParameter ¶
type PublicKeyCredentialParameter struct {
Type protocol.CredentialType `json:"type"`
Algorithm webauthncose.COSEAlgorithmIdentifier `json:"alg"`
}
type PublicKeyCredentialRequestOptions ¶
type PublicKeyCredentialRequestOptions struct {
Challenge protocol.URLEncodedBase64 `json:"challenge"`
Timeout int `json:"timeout"`
RPID string `json:"rpId"`
UserVerification protocol.UserVerificationRequirement `json:"userVerification"`
// This is a pointer to slice so that omitempty will omit the key if it is nil,
// and it is an array if the value is non-nil.
AllowCredentials *[]PublicKeyCredentialDescriptor `json:"allowCredentials,omitempty"`
Extensions map[string]interface{} `json:"extensions,omitempty"`
}
type PublicKeyCredentialUserEntity ¶
type PublicKeyCredentialUserEntity struct {
ID protocol.URLEncodedBase64 `json:"id"`
Name string `json:"name"`
DisplayName string `json:"displayName"`
}
type RecognizedMobileDevice ¶
type RecognizedMobileDevice string
The name is borrowed from https://github.com/browserslist/browserslist
type SIWEPublicKey ¶
type SIWEPublicKey string
func NewSIWEPublicKey ¶
func NewSIWEPublicKey(k *ecdsa.PublicKey) (SIWEPublicKey, error)
type SIWEVerificationRequest ¶
type SIWEVerifiedData ¶
type SIWEVerifiedData struct {
Message string `json:"message"`
Signature string `json:"signature"`
EncodedPublicKey SIWEPublicKey `json:"encoded_public_key"`
}
type SIWEWallet ¶
type Session ¶
type Session struct {
Meta
Type SessionType `json:"type"`
AMR []string `json:"amr,omitempty"`
LastAccessedAt time.Time `json:"lastAccessedAt"`
CreatedByIP string `json:"createdByIP"`
LastAccessedByIP string `json:"lastAccessedByIP"`
LastAccessedByIPCountryCode string `json:"lastAccessedByIPCountryCode"`
LastAccessedByIPEnglishCountryName string `json:"lastAccessedByIPEnglishCountryName"`
ClientID *string `json:"clientID"`
DisplayName string `json:"displayName"`
ApplicationName string `json:"applicationName,omitempty"`
UserAgent string `json:"userAgent,omitempty"`
}
type SessionInfo ¶
type SessionInfo struct {
IsValid bool
UserID string
UserAnonymous bool
UserVerified bool
AuthenticatedAt time.Time
UserCanReauthenticate bool
EffectiveRoles []string
SessionAMR []string
}
func NewSessionInfoFromHeaders ¶
func NewSessionInfoFromHeaders(hdr http.Header) (info *SessionInfo, err error)
func (*SessionInfo) PopulateHeaders ¶
func (i *SessionInfo) PopulateHeaders(rw http.ResponseWriter)
type SessionType ¶
type SessionType string
const ( SessionTypeIDP SessionType = "idp" SessionTypeOfflineGrant SessionType = "offline_grant" )
type SortDirection ¶
type SortDirection string
const ( SortDirectionDefault SortDirection = "" SortDirectionAsc SortDirection = "asc" SortDirectionDesc SortDirection = "desc" )
type Token ¶
type Token struct {
TokenID string `json:"token_id"`
TransactionIdentifier TransactionIdentifier `json:"transaction_identifier"`
BlockIdentifier BlockIdentifier `json:"block_identifier"`
Balance string `json:"balance"`
}
type TransactionIdentifier ¶
type TransactionIdentifier struct {
Hash string `json:"hash"`
}
type User ¶
type User struct {
Meta
LastLoginAt *time.Time `json:"last_login_at,omitempty"`
IsAnonymous bool `json:"is_anonymous"`
IsVerified bool `json:"is_verified"`
IsDisabled bool `json:"is_disabled"`
DisableReason *string `json:"disable_reason,omitempty"`
IsDeactivated bool `json:"is_deactivated"`
DeleteAt *time.Time `json:"delete_at,omitempty"`
IsAnonymized bool `json:"is_anonymized"`
AnonymizeAt *time.Time `json:"anonymize_at,omitempty"`
CanReauthenticate bool `json:"can_reauthenticate"`
StandardAttributes map[string]interface{} `json:"standard_attributes,omitempty"`
CustomAttributes map[string]interface{} `json:"custom_attributes,omitempty"`
Web3 *UserWeb3Info `json:"x_web3,omitempty"`
Roles []string `json:"roles,omitempty"`
Groups []string `json:"groups,omitempty"`
MFAGracePeriodtEndAt *time.Time `json:"mfa_grace_period_end_at,omitempty"`
EndUserAccountID string `json:"-"`
}
type UserAgent ¶
type UserAgent struct {
Raw string `json:"raw"`
Name string `json:"name"`
Version string `json:"version"`
OS string `json:"os"`
OSVersion string `json:"os_version"`
DeviceName string `json:"device_name"`
DeviceModel string `json:"device_model"`
}
func ParseUserAgent ¶
type UserWeb3Info ¶
type UserWeb3Info struct {
Accounts []NFTOwnership `json:"accounts"`
}
type WebAuthnCreationOptions ¶
type WebAuthnCreationOptions struct {
PublicKey PublicKeyCredentialCreationOptions `json:"publicKey"`
}
type WebAuthnRequestOptions ¶
type WebAuthnRequestOptions struct {
PublicKey PublicKeyCredentialRequestOptions `json:"publicKey"`
Mediation string `json:"mediation,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.