auth

package
v0.15.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 16, 2023 License: AGPL-3.0 Imports: 15 Imported by: 0

Documentation

Overview

Package auth is a generated GoMock package.

Package auth is a generated GoMock package.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AdminAuthorizer 

func AdminAuthorizer(adminGroup string) func(next http.Handler) http.Handler

AdminAuthorizer only allows users belonging to adminGroup to access administrative endpoints. The middleware currently gates all endpoints in the format /api/v1/admin/*

func IsAdmin 

func IsAdmin(ctx context.Context) bool

IsAdmin returns whether the user is an administrator or not. It requires that the AdminAuthorizer middleware has run.

func Middleware 

func Middleware(authenticator Authenticator, db ddb.Storage, idp IdentitySyncer) func(next http.Handler) http.Handler

Middleware is authentication middleware for the Common Fate API.

It takes an Authenticator which knows how to extract the user's identity from the incoming request. If the user doesn't exist in the database the middleware will attempt to sync it from the connected identity provider.

func TestingSetIsAdmin 

func TestingSetIsAdmin(ctx context.Context, isAdmin bool) context.Context

TestingSetIsAdmin allows the isAdmin to be set in the context for testing purposes.

func TestingSetUser 

func TestingSetUser(ctx context.Context, user identity.User) context.Context

TestingSetUserID allows the user ID to be set in the context for testing purposes.

func TestingSetUserID 

func TestingSetUserID(ctx context.Context, userID string) context.Context

TestingSetUserID allows the user ID to be set in the context for testing purposes.

func UserFromContext 

func UserFromContext(ctx context.Context) *identity.User

UserIDFromContext returns the current user's ID. It requires that auth.Middleware has run.

func UserIDFromContext 

func UserIDFromContext(ctx context.Context) string

UserIDFromContext returns the current user's ID. It requires that auth.Middleware has run.

Types

type Authenticator 

type Authenticator interface {
	Authenticate(r *http.Request) (*Claims, error)
}

Authenticators can extract Claims representing a user's authentication from an incoming request.

type Claims 

type Claims struct {
	Sub   string `json:"sub"`
	Email string `json:"email"`
}

Claims stores the relevant claims from a user's provided auth token. The identity token contains more claims, but we only parse the ones that we need.

type IdentitySyncer 

type IdentitySyncer interface {
	Sync(ctx context.Context) error
}

IdentitySyncer syncs the users with the external identity provider, like Okta or Google Workspaces.

type LambdaAuthenticator 

type LambdaAuthenticator struct{}

LambdaAuthenticator is an authenticator used in production. It reads the Claims from the API Gateway request context.

func (*LambdaAuthenticator) Authenticate 

func (a *LambdaAuthenticator) Authenticate(r *http.Request) (*Claims, error)

type MockAuthenticator 

type MockAuthenticator struct {
	// contains filtered or unexported fields
}

MockAuthenticator is a mock of Authenticator interface.

func NewMockAuthenticator 

func NewMockAuthenticator(ctrl *gomock.Controller) *MockAuthenticator

NewMockAuthenticator creates a new mock instance.

func (*MockAuthenticator) Authenticate 

func (m *MockAuthenticator) Authenticate(arg0 *http.Request) (*Claims, error)

Authenticate mocks base method.

func (*MockAuthenticator) EXPECT 

func (m *MockAuthenticator) EXPECT() *MockAuthenticatorMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

type MockAuthenticatorMockRecorder 

type MockAuthenticatorMockRecorder struct {
	// contains filtered or unexported fields
}

MockAuthenticatorMockRecorder is the mock recorder for MockAuthenticator.

func (*MockAuthenticatorMockRecorder) Authenticate 

func (mr *MockAuthenticatorMockRecorder) Authenticate(arg0 interface{}) *gomock.Call

Authenticate indicates an expected call of Authenticate.

type MockIdentitySyncer 

type MockIdentitySyncer struct {
	// contains filtered or unexported fields
}

MockIdentitySyncer is a mock of IdentitySyncer interface.

func NewMockIdentitySyncer 

func NewMockIdentitySyncer(ctrl *gomock.Controller) *MockIdentitySyncer

NewMockIdentitySyncer creates a new mock instance.

func (*MockIdentitySyncer) EXPECT 

func (m *MockIdentitySyncer) EXPECT() *MockIdentitySyncerMockRecorder

EXPECT returns an object that allows the caller to indicate expected use.

func (*MockIdentitySyncer) Sync 

func (m *MockIdentitySyncer) Sync(arg0 context.Context) error

Sync mocks base method.

type MockIdentitySyncerMockRecorder 

type MockIdentitySyncerMockRecorder struct {
	// contains filtered or unexported fields
}

MockIdentitySyncerMockRecorder is the mock recorder for MockIdentitySyncer.

func (*MockIdentitySyncerMockRecorder) Sync 

func (mr *MockIdentitySyncerMockRecorder) Sync(arg0 interface{}) *gomock.Call

Sync indicates an expected call of Sync.

Source Files

View all Source files

Directories

Path Synopsis
Package localauth contains authentication logic for use in local development.
 Package localauth contains authentication logic for use in local development.
Package nolocalauth contains authentication logic for use in local development when no auth is desired.
 Package nolocalauth contains authentication logic for use in local development when no auth is desired.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.