session

package
v0.0.0-...-2bc625b Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 18 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

View Source
var AppAccessTokenCookieDef = &httputil.CookieDef{
	NameSuffix:    "app_access_token",
	Path:          "/",
	SameSite:      http.SameSiteLaxMode,
	IsNonHostOnly: true,
}
View Source
var AppSessionTokenCookieDef = &httputil.CookieDef{
	NameSuffix:    "app_session",
	Path:          "/",
	SameSite:      http.SameSiteLaxMode,
	IsNonHostOnly: true,
}
View Source
var ErrInvalidSession = errors.New("provided session is invalid")
View Source
var ErrSessionNotFound = errors.New("session not found")

Functions

func GetUserID

func GetUserID(ctx context.Context) *string

func HasValidSession

func HasValidSession(ctx context.Context) bool

func NewInfo

func NewInfo(s ResolvedSession, isAnonymous bool, isVerified bool, userCanReauthenticate bool, effectiveRoles []string) *model.SessionInfo

func WithInvalidSession

func WithInvalidSession(ctx context.Context) context.Context

func WithSession

func WithSession(ctx context.Context, s ResolvedSession) context.Context

Types

type AccessTokenSessionManager

type AccessTokenSessionManager ManagementService

type AccessTokenSessionResolver

type AccessTokenSessionResolver Resolver

type Attrs

type Attrs struct {
	UserID string                          `json:"user_id"`
	Claims map[model.ClaimName]interface{} `json:"claims"`
}

func NewAttrs

func NewAttrs(userID string) *Attrs

func NewAttrsFromAuthenticationInfo

func NewAttrsFromAuthenticationInfo(info authenticationinfo.T) *Attrs

func (*Attrs) GetAMR

func (a *Attrs) GetAMR() ([]string, bool)

func (*Attrs) SetAMR

func (a *Attrs) SetAMR(value []string)

type CookieDef

type CookieDef struct {
	Def               *httputil.CookieDef
	SameSiteStrictDef *httputil.CookieDef
}

func NewSessionCookieDef

func NewSessionCookieDef(sessionCfg *config.SessionConfig) CookieDef

type CookieManager

type CookieManager interface {
	GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error)
	ClearCookie(def *httputil.CookieDef) *http.Cookie
}

type CreateReason

type CreateReason string
const (
	CreateReasonSignup         CreateReason = "signup"
	CreateReasonLogin          CreateReason = "login"
	CreateReasonPromote        CreateReason = "promote"
	CreateReasonReauthenticate CreateReason = "reauthenticate"
)

type EventService

type EventService interface {
	DispatchEventOnCommit(ctx context.Context, payload event.Payload) error
}

type IDPSessionManager

type IDPSessionManager ManagementService

type IDPSessionResolver

type IDPSessionResolver Resolver

type ListableSession

type ListableSession interface {
	SessionBase
	ListableSession()
	GetCreatedAt() time.Time
	GetAccessInfo() *access.Info
	GetDeviceInfo() (map[string]interface{}, bool)

	ToAPIModel() *model.Session

	// IsSameSSOGroup indicates whether the session is in the same SSO group
	IsSameSSOGroup(s SessionBase) bool
	EqualSession(s SessionBase) bool

	GetParticipatedSAMLServiceProviderIDsSet() setutil.Set[string]
}

type ManagementService

type ManagementService interface {
	ClearCookie() []*http.Cookie
	Get(ctx context.Context, id string) (ListableSession, error)
	Delete(ctx context.Context, s ListableSession) error
	List(ctx context.Context, userID string) ([]ListableSession, error)
	TerminateAllExcept(ctx context.Context, userID string, currentSession ResolvedSession) ([]ListableSession, error)
}

type Manager

type Manager struct {
	IDPSessions         IDPSessionManager
	AccessTokenSessions AccessTokenSessionManager
	Events              EventService
}

func (*Manager) Get

func (m *Manager) Get(ctx context.Context, id string) (ListableSession, error)

func (*Manager) List

func (m *Manager) List(ctx context.Context, userID string) ([]ListableSession, error)

func (*Manager) Logout

func (m *Manager) Logout(ctx context.Context, session SessionBase, rw http.ResponseWriter) ([]ListableSession, error)

func (*Manager) RevokeWithEvent

func (m *Manager) RevokeWithEvent(ctx context.Context, session SessionBase, isTermination bool, isAdminAPI bool) error

func (*Manager) RevokeWithoutEvent

func (m *Manager) RevokeWithoutEvent(ctx context.Context, session SessionBase) error

func (*Manager) TerminateAllExcept

func (m *Manager) TerminateAllExcept(ctx context.Context, userID string, currentSession ResolvedSession, isAdminAPI bool) error

type MeterService

type MeterService interface {
	TrackActiveUser(ctx context.Context, userID string) error
}

type Middleware

type Middleware struct {
	SessionCookie              CookieDef
	Cookies                    CookieManager
	IDPSessionResolver         IDPSessionResolver
	AccessTokenSessionResolver AccessTokenSessionResolver
	AccessEvents               *access.EventProvider
	Users                      UserQuery
	Database                   *appdb.Handle
	Logger                     MiddlewareLogger
	MeterService               MeterService
}

func (*Middleware) Handle

func (m *Middleware) Handle(next http.Handler) http.Handler

type MiddlewareLogger

type MiddlewareLogger struct{ *log.Logger }

func NewMiddlewareLogger

func NewMiddlewareLogger(lf *log.Factory) MiddlewareLogger

type ResolvedSession

type ResolvedSession interface {
	SessionBase
	Session()
	GetCreatedAt() time.Time
	GetExpireAt() time.Time
	GetAccessInfo() *access.Info
	CreateNewAuthenticationInfoByThisSession() authenticationinfo.T
}

func GetSession

func GetSession(ctx context.Context) ResolvedSession

type Resolver

type Resolver interface {
	Resolve(ctx context.Context, rw http.ResponseWriter, r *http.Request) (ResolvedSession, error)
}

type SessionBase

type SessionBase interface {
	SessionID() string
	SessionType() Type
	GetAuthenticationInfo() authenticationinfo.T
	// SSOGroupIDPSessionID returns the IDP session id of the SSO group
	// if the session is not SSO enabled, SSOGroupIDPSessionID will be empty
	SSOGroupIDPSessionID() string
}

type Type

type Type string
const (
	TypeIdentityProvider Type = "idp"
	TypeOfflineGrant     Type = "offline_grant"
)

type UserQuery

type UserQuery interface {
	Get(ctx context.Context, id string, role accesscontrol.Role) (*model.User, error)
	GetRaw(ctx context.Context, id string) (*user.User, error)
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL