accountmanagement

package
v0.0.0-...-bbc5cb9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 19, 2024 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AccountManagementAPIPerIP ratelimit.BucketName = "AccountManagementAPIPerIP"
)

Variables

View Source 
var DependencySet = wire.NewSet(
	wire.Struct(new(Service), "*"),
	wire.Struct(new(RedisStore), "*"),
	wire.Bind(new(Store), new(*RedisStore)),
	wire.Struct(new(RateLimitMiddleware), "*"),
)
View Source 
var ErrAccountManagementAuthenticatorNotOwnedbyToUser = apierrors.Invalid.WithReason("AccountManagementAuthenticatorNotOwnedByUser").New("authenticator not owned by current user")
View Source 
var ErrAccountManagementIdentityNotOwnedbyToUser = apierrors.Invalid.WithReason("AccountManagementIdentityNotOwnedByUser").New("identity not owned by current user")
View Source 
var ErrAccountManagementSecondaryAuthenticatorIsRequired = apierrors.Invalid.WithReason("AccountManagementSecondaryAuthenticatorIsRequired").New("at least one secondary authenticator is needed")
View Source 
var ErrAccountManagementTokenInvalid = apierrors.Invalid.WithReason("AccountManagementTokenInvalid").New("invalid token")
View Source 
var ErrAccountManagementTokenNotBoundToUser = apierrors.Invalid.WithReason("AccountManagementTokenNotBoundToUser").New("token is not bound to the current user")
View Source 
var ErrOAuthStateNotBoundToToken = apierrors.Invalid.WithReason("AccountManagementOAuthStateNotBoundToToken").New("the state parameter in query is not bound to token")
View Source 
var ErrOAuthTokenInvalid = apierrors.Invalid.WithReason("AccountManagementOAuthTokenInvalid").New("invalid token")
View Source 
var ErrOAuthTokenNotBoundToUser = apierrors.Invalid.WithReason("AccountManagementOAuthTokenNotBoundToUser").New("token is not bound to the current user")

Functions

func ExtractStateFromQuery 

func ExtractStateFromQuery(query string) (state string, err error)

func GenerateRandomState 

func GenerateRandomState() string

func GenerateToken 

func GenerateToken() string

func HashToken 

func HashToken(token string) string

func NewErrAccountManagementDuplicatedIdentity 

func NewErrAccountManagementDuplicatedIdentity(originalErr error) error

Types

type AddIdentityUsernameInput 

type AddIdentityUsernameInput struct {
	LoginID    string
	LoginIDKey string
}

type AddIdentityUsernameOutput 

type AddIdentityUsernameOutput struct {
	IdentityInfo *identity.Info
}

type AddPasskeyInput 

type AddPasskeyInput struct {
	CreationResponse *protocol.CredentialCreationResponse
}

type AddPasskeyOutput 

type AddPasskeyOutput struct {
	IdentityInfo *identity.Info
}

type AuthenticationInfoService 

type AuthenticationInfoService interface {
	Save(ctx context.Context, entry *authenticationinfo.Entry) error
}

type AuthenticatorService 

type AuthenticatorService interface {
	New(ctx context.Context, spec *authenticator.Spec) (*authenticator.Info, error)
	NewWithAuthenticatorID(ctx context.Context, authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)
	UpdatePassword(ctx context.Context, authenticatorInfo *authenticator.Info, options *service.UpdatePasswordOptions) (changed bool, info *authenticator.Info, err error)

	Get(ctx context.Context, authenticatorID string) (*authenticator.Info, error)
	List(ctx context.Context, userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)
	Create(ctx context.Context, authenticatorInfo *authenticator.Info, markVerified bool) error
	Update(ctx context.Context, authenticatorInfo *authenticator.Info) error
	Delete(ctx context.Context, authenticatorInfo *authenticator.Info) error
	VerifyWithSpec(ctx context.Context, info *authenticator.Info, spec *authenticator.Spec, options *facade.VerifyOptions) (verifyResult *service.VerifyResult, err error)
}

type ChangePrimaryPasswordInput 

type ChangePrimaryPasswordInput struct {
	OAuthSessionID string
	RedirectURI    string
	OldPassword    string
	NewPassword    string
}

type ChangePrimaryPasswordOutput 

type ChangePrimaryPasswordOutput struct {
	RedirectURI string
}

type ChangeSecondaryPasswordInput 

type ChangeSecondaryPasswordInput struct {
	OldPassword string
	NewPassword string
}

type ChangeSecondaryPasswordOutput 

type ChangeSecondaryPasswordOutput struct {
}

type CreateSecondaryPasswordInput 

type CreateSecondaryPasswordInput struct {
	PlainPassword string
}

type CreateSecondaryPasswordOutput 

type CreateSecondaryPasswordOutput struct {
}

type DeleteIdentityBiometricInput 

type DeleteIdentityBiometricInput struct {
	IdentityID string
}

type DeleteIdentityBiometricOuput 

type DeleteIdentityBiometricOuput struct {
	IdentityInfo *identity.Info
}

type DeleteIdentityEmailInput 

type DeleteIdentityEmailInput struct {
	IdentityID string
}

type DeleteIdentityEmailOutput 

type DeleteIdentityEmailOutput struct {
	IdentityInfo *identity.Info
}

type DeleteIdentityOAuthInput 

type DeleteIdentityOAuthInput struct {
	IdentityID string
}

type DeleteIdentityOAuthOutput 

type DeleteIdentityOAuthOutput struct {
	IdentityInfo *identity.Info
}

type DeleteIdentityPhoneInput 

type DeleteIdentityPhoneInput struct {
	IdentityID string
}

type DeleteIdentityPhoneOutput 

type DeleteIdentityPhoneOutput struct {
	IdentityInfo *identity.Info
}

type DeleteIdentityUsernameInput 

type DeleteIdentityUsernameInput struct {
	IdentityID string
}

type DeleteIdentityUsernameOutput 

type DeleteIdentityUsernameOutput struct {
	IdentityInfo *identity.Info
}

type DeleteOOBOTPAuthenticatorInput 

type DeleteOOBOTPAuthenticatorInput struct {
	AuthenticatorID string
}

type DeleteOOBOTPAuthenticatorOutput 

type DeleteOOBOTPAuthenticatorOutput struct {
	Info *authenticator.Info
}

type DeletePasskeyInput 

type DeletePasskeyInput struct {
	IdentityID string
}

type DeletePasskeyOutput 

type DeletePasskeyOutput struct {
	IdentityInfo *identity.Info
}

type DeleteSecondaryPasswordInput 

type DeleteSecondaryPasswordInput struct {
}

type DeleteSecondaryPasswordOutput 

type DeleteSecondaryPasswordOutput struct {
}

type DeleteTOTPAuthenticatorInput 

type DeleteTOTPAuthenticatorInput struct {
	AuthenticatorID string
}

type DeleteTOTPAuthenticatorOutput 

type DeleteTOTPAuthenticatorOutput struct {
	Info *authenticator.Info
}

type EventService 

type EventService interface {
	DispatchEventOnCommit(ctx context.Context, payload event.Payload) error
}

type FinishAddOOBOTPAuthenticatorInput 

type FinishAddOOBOTPAuthenticatorInput struct {
}

type FinishAddOOBOTPAuthenticatorOutput 

type FinishAddOOBOTPAuthenticatorOutput struct {
	Info *authenticator.Info
}

type FinishAddTOTPAuthenticatorInput 

type FinishAddTOTPAuthenticatorInput struct {
}

type FinishAddTOTPAuthenticatorOutput 

type FinishAddTOTPAuthenticatorOutput struct {
	Info *authenticator.Info
}

type FinishAddingIdentityOAuthInput 

type FinishAddingIdentityOAuthInput struct {
	Token string
	Query string
}

type FinishAddingIdentityOAuthOutput 

type FinishAddingIdentityOAuthOutput struct {
}

type FinishAddingInput 

type FinishAddingInput struct {
	UserID string
	Token  string
	Query  string
}

type FinishAddingOutput 

type FinishAddingOutput struct {
}

type GenerateRecoveryCodesInput 

type GenerateRecoveryCodesInput struct {
}

type GenerateRecoveryCodesOutput 

type GenerateRecoveryCodesOutput struct {
	Info *authenticator.Info
}

type GenerateTokenOptions 

type GenerateTokenOptions struct {
	UserID string

	// OAuth
	Alias       string
	MaybeState  string
	RedirectURI string

	// Phone
	IdentityChannel     model.AuthenticatorOOBChannel
	IdentityPhoneNumber string
	// Email
	IdentityEmail string
	// IdentityID for updating identity
	IdentityID string

	// AuthenticatorID for updating authenticator
	AuthenticatorID                   string
	AuthenticatorRecoveryCodes        []string
	AuthenticatorRecoveryCodesCreated bool
	AuthenticatorType                 model.AuthenticatorType

	// TOTP
	AuthenticatorTOTPIssuer           string
	AuthenticatorTOTPEndUserAccountID string
	AuthenticatorTOTPDisplayName      string
	AuthenticatorTOTPSecret           string
	AuthenticatorTOTPVerified         bool

	// OOB OTP
	AuthenticatorOOBOTPChannel  model.AuthenticatorOOBChannel
	AuthenticatorOOBOTPTarget   string
	AuthenticatorOOBOTPVerified bool
}

type IdentityService 

type IdentityService interface {
	New(ctx context.Context, userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)
	UpdateWithSpec(ctx context.Context, is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

	Get(ctx context.Context, id string) (*identity.Info, error)
	ListByUser(ctx context.Context, userID string) ([]*identity.Info, error)
	CheckDuplicated(ctx context.Context, info *identity.Info) (dupe *identity.Info, err error)
	Create(ctx context.Context, info *identity.Info) error
	Update(ctx context.Context, oldInfo *identity.Info, newInfo *identity.Info) error
	Delete(ctx context.Context, is *identity.Info) error
}

type MFAService 

type MFAService interface {
	GenerateRecoveryCodes(ctx context.Context) []string

	ReplaceRecoveryCodes(ctx context.Context, userID string, codes []string) ([]*mfa.RecoveryCode, error)
	ListRecoveryCodes(ctx context.Context, userID string) ([]*mfa.RecoveryCode, error)
}

type OAuthProvider 

type OAuthProvider interface {
	GetProviderConfig(alias string) (oauthrelyingparty.ProviderConfig, error)

	GetAuthorizationURL(ctx context.Context, alias string, options oauthrelyingparty.GetAuthorizationURLOptions) (string, error)
	GetUserProfile(ctx context.Context, alias string, options oauthrelyingparty.GetUserProfileOptions) (oauthrelyingparty.UserProfile, error)
}

type OTPCodeService 

type OTPCodeService interface {
	GenerateOTP(ctx context.Context, kind otp.Kind, target string, form otp.Form, opt *otp.GenerateOptions) (string, error)
	VerifyOTP(ctx context.Context, kind otp.Kind, target string, otp string, opts *otp.VerifyOptions) error
}

type OTPSender 

type OTPSender interface {
	Send(ctx context.Context, opts otp.SendOptions) error
}

type PasskeyService 

type PasskeyService interface {
	ConsumeAttestationResponse(ctx context.Context, attestationResponse []byte) (err error)
}

type RateLimitMiddleware 

type RateLimitMiddleware struct {
	RateLimiter RateLimitMiddlewareRateLimiter
	RemoteIP    httputil.RemoteIP
	JSON        RateLimitMiddlewareJSONResponseWriter
}

func (*RateLimitMiddleware) Handle 

func (m *RateLimitMiddleware) Handle(next http.Handler) http.Handler

type RateLimitMiddlewareJSONResponseWriter 

type RateLimitMiddlewareJSONResponseWriter interface {
	WriteResponse(rw http.ResponseWriter, resp *api.Response)
}

type RateLimitMiddlewareRateLimiter 

type RateLimitMiddlewareRateLimiter interface {
	Allow(ctx context.Context, spec ratelimit.BucketSpec) (*ratelimit.FailedReservation, error)
}

type RedisStore 

type RedisStore struct {
	AppID config.AppID
	Redis *appredis.Handle
	Clock clock.Clock
}

func (*RedisStore) ConsumeToken 

func (s *RedisStore) ConsumeToken(ctx context.Context, tokenStr string) (*Token, error)

func (*RedisStore) ConsumeToken_OAuth 

func (s *RedisStore) ConsumeToken_OAuth(ctx context.Context, tokenStr string) (*Token, error)

func (*RedisStore) GenerateToken 

func (s *RedisStore) GenerateToken(ctx context.Context, options GenerateTokenOptions) (string, error)

func (*RedisStore) GetToken 

func (s *RedisStore) GetToken(ctx context.Context, tokenStr string) (*Token, error)

type ResumeAddIdentityEmailInput 

type ResumeAddIdentityEmailInput struct {
	LoginIDKey string
	Code       string
}

type ResumeAddIdentityEmailOutput 

type ResumeAddIdentityEmailOutput struct {
	IdentityInfo *identity.Info
}

type ResumeAddIdentityPhoneInput 

type ResumeAddIdentityPhoneInput struct {
	LoginIDKey string
	Code       string
}

type ResumeAddIdentityPhoneOutput 

type ResumeAddIdentityPhoneOutput struct {
	IdentityInfo *identity.Info
}

type ResumeAddOOBOTPAuthenticatorInput 

type ResumeAddOOBOTPAuthenticatorInput struct {
	Code string
}

type ResumeAddOOBOTPAuthenticatorOutput 

type ResumeAddOOBOTPAuthenticatorOutput struct {
	Token                string
	RecoveryCodesCreated bool
}

type ResumeAddOrUpdateIdentityEmailInput 

type ResumeAddOrUpdateIdentityEmailInput struct {
	LoginIDKey string
	Code       string
}

type ResumeAddOrUpdateIdentityEmailOutput 

type ResumeAddOrUpdateIdentityEmailOutput struct {
	OldInfo *identity.Info
	NewInfo *identity.Info
}

type ResumeAddOrUpdateIdentityPhoneInput 

type ResumeAddOrUpdateIdentityPhoneInput struct {
	LoginIDKey string
	Code       string
}

type ResumeAddOrUpdateIdentityPhoneOutput 

type ResumeAddOrUpdateIdentityPhoneOutput struct {
	OldInfo *identity.Info
	NewInfo *identity.Info
}

type ResumeAddTOTPAuthenticatorInput 

type ResumeAddTOTPAuthenticatorInput struct {
	DisplayName string
	Code        string
}

type ResumeAddTOTPAuthenticatorOutput 

type ResumeAddTOTPAuthenticatorOutput struct {
	Token                string
	RecoveryCodesCreated bool
}

type ResumeUpdateIdentityEmailInput 

type ResumeUpdateIdentityEmailInput struct {
	LoginIDKey string
	Code       string
}

type ResumeUpdateIdentityEmailOutput 

type ResumeUpdateIdentityEmailOutput struct {
	OldInfo *identity.Info
	NewInfo *identity.Info
}

type ResumeUpdateIdentityPhoneInput 

type ResumeUpdateIdentityPhoneInput struct {
	LoginIDKey string
	Code       string
}

type ResumeUpdateIdentityPhoneOutput 

type ResumeUpdateIdentityPhoneOutput struct {
	OldInfo *identity.Info
	NewInfo *identity.Info
}

type Service 

type Service struct {
	Database                  *appdb.Handle
	Config                    *config.AppConfig
	HTTPOrigin                httputil.HTTPOrigin
	Users                     UserService
	Store                     Store
	OAuthProvider             OAuthProvider
	Identities                IdentityService
	Events                    EventService
	OTPSender                 OTPSender
	OTPCodeService            OTPCodeService
	Authenticators            AuthenticatorService
	AuthenticationInfoService AuthenticationInfoService
	MFA                       MFAService
	PasskeyService            PasskeyService
	Verification              VerificationService
	UIInfoResolver            UIInfoResolver
}

func (*Service) AddIdentityUsername 

func (s *Service) AddIdentityUsername(ctx context.Context, resolvedSession session.ResolvedSession, input *AddIdentityUsernameInput) (*AddIdentityUsernameOutput, error)

func (*Service) AddPasskey 

func (s *Service) AddPasskey(ctx context.Context, resolvedSession session.ResolvedSession, input *AddPasskeyInput) (*AddPasskeyOutput, error)

func (*Service) ChangePrimaryPassword 

func (s *Service) ChangePrimaryPassword(ctx context.Context, resolvedSession session.ResolvedSession, input *ChangePrimaryPasswordInput) (*ChangePrimaryPasswordOutput, error)

If have OAuthSessionID, it means the user is changing password after login with SDK. Then do special handling such as authenticationInfo

func (*Service) ChangeSecondaryPassword 

func (s *Service) ChangeSecondaryPassword(ctx context.Context, resolvedSession session.ResolvedSession, input *ChangeSecondaryPasswordInput) (*ChangeSecondaryPasswordOutput, error)

func (*Service) CheckIdentityVerified 

func (s *Service) CheckIdentityVerified(ctx context.Context, info *identity.Info) (bool, error)

func (*Service) CreateSecondaryPassword 

func (s *Service) CreateSecondaryPassword(ctx context.Context, resolvedSession session.ResolvedSession, input CreateSecondaryPasswordInput) (*CreateSecondaryPasswordOutput, error)

func (*Service) DeleteIdentityBiometric 

func (s *Service) DeleteIdentityBiometric(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteIdentityBiometricInput) (*DeleteIdentityBiometricOuput, error)

func (*Service) DeleteIdentityEmail 

func (s *Service) DeleteIdentityEmail(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteIdentityEmailInput) (*DeleteIdentityEmailOutput, error)

func (*Service) DeleteIdentityOAuth 

func (s *Service) DeleteIdentityOAuth(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteIdentityOAuthInput) (*DeleteIdentityOAuthOutput, error)

func (*Service) DeleteIdentityPhone 

func (s *Service) DeleteIdentityPhone(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteIdentityPhoneInput) (*DeleteIdentityPhoneOutput, error)

func (*Service) DeleteIdentityUsername 

func (s *Service) DeleteIdentityUsername(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteIdentityUsernameInput) (*DeleteIdentityUsernameOutput, error)

func (*Service) DeleteOOBOTPAuthenticator 

func (s *Service) DeleteOOBOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteOOBOTPAuthenticatorInput) (output *DeleteOOBOTPAuthenticatorOutput, err error)

func (*Service) DeletePasskey 

func (s *Service) DeletePasskey(ctx context.Context, resolvedSession session.ResolvedSession, input *DeletePasskeyInput) (*DeletePasskeyOutput, error)

func (*Service) DeleteSecondaryPassword 

func (s *Service) DeleteSecondaryPassword(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteSecondaryPasswordInput) (*DeleteSecondaryPasswordOutput, error)

func (*Service) DeleteTOTPAuthenticator 

func (s *Service) DeleteTOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, input *DeleteTOTPAuthenticatorInput) (output *DeleteTOTPAuthenticatorOutput, err error)

func (*Service) FinishAddOOBOTPAuthenticator 

func (s *Service) FinishAddOOBOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *FinishAddOOBOTPAuthenticatorInput) (output *FinishAddOOBOTPAuthenticatorOutput, err error)

func (*Service) FinishAddTOTPAuthenticator 

func (s *Service) FinishAddTOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *FinishAddTOTPAuthenticatorInput) (output *FinishAddTOTPAuthenticatorOutput, err error)

func (*Service) FinishAdding 

func (s *Service) FinishAdding(ctx context.Context, input *FinishAddingInput) (*FinishAddingOutput, error)

func (*Service) FinishAddingIdentityOAuth 

func (s *Service) FinishAddingIdentityOAuth(ctx context.Context, resolvedSession session.ResolvedSession, input *FinishAddingIdentityOAuthInput) (*FinishAddingIdentityOAuthOutput, error)

func (*Service) GenerateRecoveryCodes 

func (s *Service) GenerateRecoveryCodes(ctx context.Context, resolvedSession session.ResolvedSession, input *GenerateRecoveryCodesInput) (output *GenerateRecoveryCodesOutput, err error)

func (*Service) GetToken 

func (s *Service) GetToken(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string) (*Token, error)

func (*Service) ResendOTPCode 

func (s *Service) ResendOTPCode(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string) (err error)

func (*Service) ResumeAddIdentityEmail 

func (s *Service) ResumeAddIdentityEmail(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeAddIdentityEmailInput) (output *ResumeAddIdentityEmailOutput, err error)

func (*Service) ResumeAddIdentityPhone 

func (s *Service) ResumeAddIdentityPhone(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeAddIdentityPhoneInput) (output *ResumeAddIdentityPhoneOutput, err error)

func (*Service) ResumeAddOOBOTPAuthenticator 

func (s *Service) ResumeAddOOBOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeAddOOBOTPAuthenticatorInput) (output *ResumeAddOOBOTPAuthenticatorOutput, err error)

func (*Service) ResumeAddOrUpdateIdentityEmail 

func (s *Service) ResumeAddOrUpdateIdentityEmail(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeAddOrUpdateIdentityEmailInput) (*ResumeAddOrUpdateIdentityEmailOutput, error)

func (*Service) ResumeAddOrUpdateIdentityPhone 

func (s *Service) ResumeAddOrUpdateIdentityPhone(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeAddOrUpdateIdentityPhoneInput) (*ResumeAddOrUpdateIdentityPhoneOutput, error)

func (*Service) ResumeAddTOTPAuthenticator 

func (s *Service) ResumeAddTOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeAddTOTPAuthenticatorInput) (output *ResumeAddTOTPAuthenticatorOutput, err error)

func (*Service) ResumeUpdateIdentityEmail 

func (s *Service) ResumeUpdateIdentityEmail(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeUpdateIdentityEmailInput) (output *ResumeUpdateIdentityEmailOutput, err error)

func (*Service) ResumeUpdateIdentityPhone 

func (s *Service) ResumeUpdateIdentityPhone(ctx context.Context, resolvedSession session.ResolvedSession, tokenString string, input *ResumeUpdateIdentityPhoneInput) (output *ResumeUpdateIdentityPhoneOutput, err error)

func (*Service) StartAddIdentityEmail 

func (s *Service) StartAddIdentityEmail(ctx context.Context, resolvedSession session.ResolvedSession, input *StartAddIdentityEmailInput) (*StartAddIdentityEmailOutput, error)

func (*Service) StartAddIdentityOAuth 

func (s *Service) StartAddIdentityOAuth(ctx context.Context, resolvedSession session.ResolvedSession, input *StartAddIdentityOAuthInput) (*StartAddIdentityOAuthOutput, error)

func (*Service) StartAddIdentityPhone 

func (s *Service) StartAddIdentityPhone(ctx context.Context, resolvedSession session.ResolvedSession, input *StartAddIdentityPhoneInput) (*StartAddIdentityPhoneOutput, error)

func (*Service) StartAddOOBOTPAuthenticator 

func (s *Service) StartAddOOBOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, input *StartAddOOBOTPAuthenticatorInput) (*StartAddOOBOTPAuthenticatorOutput, error)

func (*Service) StartAddTOTPAuthenticator 

func (s *Service) StartAddTOTPAuthenticator(ctx context.Context, resolvedSession session.ResolvedSession, input *StartAddTOTPAuthenticatorInput) (*StartAddTOTPAuthenticatorOutput, error)

func (*Service) StartAdding 

func (s *Service) StartAdding(ctx context.Context, input *StartAddingInput) (*StartAddingOutput, error)

func (*Service) StartUpdateIdentityEmail 

func (s *Service) StartUpdateIdentityEmail(ctx context.Context, resolvedSession session.ResolvedSession, input *StartUpdateIdentityEmailInput) (*StartUpdateIdentityEmailOutput, error)

func (*Service) StartUpdateIdentityPhone 

func (s *Service) StartUpdateIdentityPhone(ctx context.Context, resolvedSession session.ResolvedSession, input *StartUpdateIdentityPhoneInput) (*StartUpdateIdentityPhoneOutput, error)

func (*Service) UpdateIdentityUsername 

func (s *Service) UpdateIdentityUsername(ctx context.Context, resolvedSession session.ResolvedSession, input *UpdateIdentityUsernameInput) (*UpdateIdentityUsernameOutput, error)

func (*Service) VerifyOTP 

func (s *Service) VerifyOTP(ctx context.Context, userID string, channel model.AuthenticatorOOBChannel, target string, code string, skipConsume bool) error

type StartAddIdentityEmailInput 

type StartAddIdentityEmailInput struct {
	LoginID    string
	LoginIDKey string
}

type StartAddIdentityEmailOutput 

type StartAddIdentityEmailOutput struct {
	IdentityInfo     *identity.Info
	NeedVerification bool
	Token            string
}

type StartAddIdentityOAuthInput 

type StartAddIdentityOAuthInput struct {
	Alias       string
	RedirectURI string
}

type StartAddIdentityOAuthOutput 

type StartAddIdentityOAuthOutput struct {
	Token            string
	AuthorizationURL string
}

type StartAddIdentityPhoneInput 

type StartAddIdentityPhoneInput struct {
	Channel    model.AuthenticatorOOBChannel
	LoginID    string
	LoginIDKey string
}

type StartAddIdentityPhoneOutput 

type StartAddIdentityPhoneOutput struct {
	IdentityInfo     *identity.Info
	NeedVerification bool
	Token            string
}

type StartAddOOBOTPAuthenticatorInput 

type StartAddOOBOTPAuthenticatorInput struct {
	Channel model.AuthenticatorOOBChannel
	Target  string
}

type StartAddOOBOTPAuthenticatorOutput 

type StartAddOOBOTPAuthenticatorOutput struct {
	Token string
}

type StartAddTOTPAuthenticatorInput 

type StartAddTOTPAuthenticatorInput struct{}

type StartAddTOTPAuthenticatorOutput 

type StartAddTOTPAuthenticatorOutput struct {
	Token                   string
	EndUserAccountID        string
	AuthenticatorTOTPIssuer string
	AuthenticatorTOTPSecret string
}

type StartAddingInput 

type StartAddingInput struct {
	UserID                                          string
	Alias                                           string
	RedirectURI                                     string
	IncludeStateAuthorizationURLAndBindStateToToken bool
}

type StartAddingOutput 

type StartAddingOutput struct {
	Token            string `json:"token,omitempty"`
	AuthorizationURL string `json:"authorization_url,omitempty"`
}

type StartUpdateIdentityEmailInput 

type StartUpdateIdentityEmailInput struct {
	IdentityID string
	LoginID    string
	LoginIDKey string
}

type StartUpdateIdentityEmailOutput 

type StartUpdateIdentityEmailOutput struct {
	OldInfo          *identity.Info
	NewInfo          *identity.Info
	NeedVerification bool
	Token            string
}

type StartUpdateIdentityPhoneInput 

type StartUpdateIdentityPhoneInput struct {
	Channel    model.AuthenticatorOOBChannel
	IdentityID string
	LoginID    string
	LoginIDKey string
}

type StartUpdateIdentityPhoneOutput 

type StartUpdateIdentityPhoneOutput struct {
	IdentityInfo     *identity.Info
	NeedVerification bool
	Token            string
}

type Store 

type Store interface {
	GenerateToken(ctx context.Context, options GenerateTokenOptions) (string, error)
	GetToken(ctx context.Context, tokenStr string) (*Token, error)
	ConsumeToken(ctx context.Context, tokenStr string) (*Token, error)
	ConsumeToken_OAuth(ctx context.Context, tokenStr string) (*Token, error)
}

type Token 

type Token struct {
	AppID     string     `json:"app_id,omitempty"`
	UserID    string     `json:"user_id,omitempty"`
	TokenHash string     `json:"token_hash,omitempty"`
	CreatedAt *time.Time `json:"created_at,omitempty"`
	ExpireAt  *time.Time `json:"expire_at,omitempty"`

	// Adding OAuth
	Alias       string `json:"alias,omitempty"`
	RedirectURI string `json:"redirect_uri,omitempty"`
	State       string `json:"state,omitempty"`

	// Adding Identity
	Identity *TokenIdentity `json:"token_identity,omitempty"`

	// Authenticator
	Authenticator *TokenAuthenticator `json:"token_authenticator,omitempty"`
}

func (*Token) CheckState 

func (t *Token) CheckState(state string) error

func (*Token) CheckUser 

func (t *Token) CheckUser(userID string) error

func (*Token) CheckUser_OAuth 

func (t *Token) CheckUser_OAuth(userID string) error

type TokenAuthenticator 

type TokenAuthenticator struct {
	AuthenticatorID   string `json:"authenticator_id,omitempty"`
	AuthenticatorType string `json:"authenticator_type,omitempty"`

	// Recovery Codes
	RecoveryCodes        []string `json:"recovery_codes,omitempty"`
	RecoveryCodesCreated bool     `json:"recovery_codes_created,omitempty"`

	// TOTP
	TOTPIssuer           string `json:"totp_issuer,omitempty"`
	TOTPDisplayName      string `json:"totp_display_name,omitempty"`
	TOTPEndUserAccountID string `json:"end_user_account_id,omitempty"`
	TOTPSecret           string `json:"totp_secret,omitempty"`
	TOTPVerified         bool   `json:"totp_verified,omitempty"`

	// OOB OTP
	OOBOTPChannel  model.AuthenticatorOOBChannel `json:"oob_otp_channel,omitempty"`
	OOBOTPTarget   string                        `json:"oob_otp_target,omitempty"`
	OOBOTPVerified bool                          `json:"oob_otp_verified,omitempty"`
}

type TokenIdentity 

type TokenIdentity struct {
	IdentityID  string `json:"identity_id,omitempty"`
	Channel     string `json:"channel,omitempty"`
	PhoneNumber string `json:"phone_number,omitempty"`
	Email       string `json:"email,omitempty"`
}

type UIInfoResolver 

type UIInfoResolver interface {
	SetAuthenticationInfoInQuery(redirectURI string, e *authenticationinfo.Entry) string
}

type UpdateIdentityUsernameInput 

type UpdateIdentityUsernameInput struct {
	LoginID    string
	LoginIDKey string
	IdentityID string
}

type UpdateIdentityUsernameOutput 

type UpdateIdentityUsernameOutput struct {
	IdentityInfo *identity.Info
}

type UserService 

type UserService interface {
	Get(ctx context.Context, id string, role accesscontrol.Role) (*model.User, error)
	UpdateMFAEnrollment(ctx context.Context, userID string, t *time.Time) error
}

type VerificationService 

type VerificationService interface {
	NewVerifiedClaim(ctx context.Context, userID string, claimName string, claimValue string) *verification.Claim

	MarkClaimVerified(ctx context.Context, claim *verification.Claim) error
	GetIdentityVerificationStatus(ctx context.Context, i *identity.Info) ([]verification.ClaimStatus, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.