Documentation ¶
Index ¶
Constants ¶
View Source
const ErrLoginRequired params.ErrorCode = "login required"
ErrLoginRequired is returned by the /debug/* endpoints when OpenID authentication is required.
Variables ¶
View Source
var ( ReqServer = httprequest.Server{ ErrorMapper: errToResp, } WriteError = ReqServer.WriteError )
Functions ¶
This section is empty.
Types ¶
type HandlerParams ¶
type HandlerParams struct { ServerParams // Oven contains a bakery.Oven that should be used by handlers to // mint new macaroons. Oven *bakery.Oven // Authorizer contains an auth.Authroizer that should be used by // handlers to authorize requests. Authorizer *auth.Authorizer // MeetingPlace contains the meeting place that should be used by // handlers to complete rendezvous. MeetingPlace *meeting.Place }
type NewAPIHandlerFunc ¶
type NewAPIHandlerFunc func(HandlerParams) ([]httprequest.Handler, error)
NewAPIHandlerFunc is a function that returns set of httprequest handlers that uses the given Store pool, and server params.
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server serves the identity endpoints.
func New ¶
func New(sp ServerParams, versions map[string]NewAPIHandlerFunc) (*Server, error)
New returns a handler that serves the given identity API versions using the db to store identity data. The key of the versions map is the version name.
type ServerParams ¶
type ServerParams struct { // MeetingStore holds the storage that will be used to store // rendezvous information. MeetingStore meeting.Store // ProviderDataStore holds the storeage that can be used by // identity providers to store data that is not associated with // an individual identity. ProviderDataStore store.ProviderDataStore // RootKeyStore holds the root key store that will be used to // store macaroon root keys within the identity server. RootKeyStore bakery.RootKeyStore // Store holds the identities store for the identity server. Store store.Store // AdminPassword holds the password for admin login. AdminPassword string // Key holds the keypair to use with the bakery service. Key *bakery.KeyPair // Location holds a URL representing the externally accessible // base URL of the service, without a trailing slash. Location string // PrivateAddr should hold a dialable address that will be used // for communication between identity servers. Note that this // should not contain a port. PrivateAddr string // IdentityProviders contains the set of identity providers that // should be initialised by the service. IdentityProviders []idp.IdentityProvider // MFAAuthenticator holds the multi-factor authenticator. MFAAuthenticator *mfa.Authenticator // DebugTeams contains the set of launchpad teams that may access // the restricted debug endpoints. // TODO remove this. DebugTeams []string // AdminAgentPublicKey contains the public key of the admin agent. AdminAgentPublicKey *bakery.PublicKey // StaticFileSystem contains an http.FileSystem that can be used // to serve static files. StaticFileSystem http.FileSystem // Template contains a set of templates that are used to generate // html output. Template *template.Template // DebugStatusCheckerFuncs contains functions that will be // executed as part of a /debug/status check. DebugStatusCheckerFuncs []debugstatus.CheckerFunc // RendezvousTimeout holds the time after which an interactive discharge wait // request will time out. RendezvousTimeout time.Duration // ACLStore holds the ACLStore for the identity server. ACLStore aclstore.ACLStore // RedirectLoginTrustedURLs contains a list of URLs that are // trusted to be used as return_to URLs during an interactive // login. RedirectLoginTrustedURLs []string // RedirectLoginTrustedDomains contains a list of domain names that // are fully trusted to be used as return_to URLs during an // interactive login. If the domain starts with the sequence "*." // then all subdomains of the subsequent domain will be trusted. RedirectLoginTrustedDomains []string // APIMacaroonTimeout is the maximum life of an API macaroon. APIMacaroonTimeout time.Duration // DischargeMacaroonTimeout is the maximum life of a Discharge // macaroon. DischargeMacaroonTimeout time.Duration // DischargeTokenTimeout is the maximum life of a Discharge // token. DischargeTokenTimeout time.Duration // SkipLocationForCookiePaths instructs if the Cookie Paths are to // be set relative to the Location Path or not. SkipLocationForCookiePaths bool // EnableEmailLogin enables the login with email address link on the // authentication required page. EnableEmailLogin bool }
ServerParams contains configuration parameters for a server.
Click to show internal directories.
Click to hide internal directories.