server

package
v0.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 29, 2016 License: Apache-2.0 Imports: 42 Imported by: 114

Documentation

Index

Constants

View Source
const (
	AdminAPIVersion      = "v1"
	AdminAPISecretLength = 128
)
View Source
const (
	LoginPageTemplateName              = "login.html"
	RegisterTemplateName               = "register.html"
	VerifyEmailTemplateName            = "verify-email.html"
	SendResetPasswordEmailTemplateName = "send-reset-password.html"
	ResetPasswordTemplateName          = "reset-password.html"
	OOBTemplateName                    = "oob-template.html"
	APIVersion                         = "v1"
)

Variables

View Source
var (
	AdminGetEndpoint          = addBasePath("/admin/:id")
	AdminCreateEndpoint       = addBasePath("/admin")
	AdminGetStateEndpoint     = addBasePath("/state")
	AdminCreateClientEndpoint = addBasePath("/client")
	AdminConnectorsEndpoint   = addBasePath("/connectors")
)
View Source
var (
	UsersSubTree                  = "/users"
	UsersListEndpoint             = addBasePath(UsersSubTree)
	UsersCreateEndpoint           = addBasePath(UsersSubTree)
	UsersGetEndpoint              = addBasePath(UsersSubTree + "/:id")
	UsersDisableEndpoint          = addBasePath(UsersSubTree + "/:id/disable")
	UsersResendInvitationEndpoint = addBasePath(UsersSubTree + "/:id/resend-invitation")
	AccountSubTree                = "/account"
	AccountListRefreshTokens      = addBasePath(AccountSubTree + "/:userid/refresh")
	AccountRevokeRefreshToken     = addBasePath(AccountSubTree + "/:userid/refresh/:clientid")
)

Functions

This section is empty.

Types

type AdminServer

type AdminServer struct {
	// contains filtered or unexported fields
}

AdminServer serves the admin API.

func NewAdminServer

func NewAdminServer(adminAPI *admin.AdminAPI, rotator *key.PrivateKeyRotator, secret string) *AdminServer

func (*AdminServer) HTTPHandler

func (s *AdminServer) HTTPHandler() http.Handler

type InvitationHandler added in v0.2.0

type InvitationHandler struct {
	// contains filtered or unexported fields
}

func (*InvitationHandler) ServeHTTP added in v0.2.0

func (h *InvitationHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type JWTVerifierFactory

type JWTVerifierFactory func(clientID string) oidc.JWTVerifier
type Link struct {
	URL         string
	ID          string
	DisplayName string
}

type MultiServerConfig

type MultiServerConfig struct {
	KeySecrets     [][]byte
	DatabaseConfig db.Config
	UseOldFormat   bool
}

func (*MultiServerConfig) Configure

func (cfg *MultiServerConfig) Configure(srv *Server) error

type OIDCServer

type OIDCServer interface {
	Client(string) (client.Client, error)
	NewSession(connectorID, clientID, clientState string, redirectURL url.URL, nonce string, register bool, scope []string) (string, error)
	Login(oidc.Identity, string) (string, error)

	// CodeToken exchanges a code for an ID token and a refresh token string on success.
	CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, time.Time, error)

	ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, time.Time, error)

	// RefreshToken takes a previously generated refresh token and returns a new ID token and new refresh token
	// if the token is valid.
	RefreshToken(creds oidc.ClientCredentials, scopes scope.Scopes, token string) (*jose.JWT, string, time.Time, error)

	KillSession(string) error

	CrossClientAuthAllowed(requestingClientID, authorizingClientID string) (bool, error)
}

type ResetPasswordHandler

type ResetPasswordHandler struct {
	// contains filtered or unexported fields
}

func (*ResetPasswordHandler) ServeHTTP

func (h *ResetPasswordHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type SendResetPasswordEmailHandler

type SendResetPasswordEmailHandler struct {
	// contains filtered or unexported fields
}

func (*SendResetPasswordEmailHandler) ServeHTTP

type Server

type Server struct {
	IssuerURL url.URL

	Templates                      *template.Template
	LoginTemplate                  *template.Template
	RegisterTemplate               *template.Template
	VerifyEmailTemplate            *template.Template
	SendResetPasswordEmailTemplate *template.Template
	ResetPasswordTemplate          *template.Template
	OOBTemplate                    *template.Template

	HealthChecks []health.Checkable
	// TODO(ericchiang): Make this a map of ID to connector.
	Connectors []connector.Connector

	ClientRepo          client.ClientRepo
	ConnectorConfigRepo connector.ConnectorConfigRepo
	KeySetRepo          key.PrivateKeySetRepo
	RefreshTokenRepo    refresh.RefreshTokenRepo
	UserRepo            user.UserRepo
	PasswordInfoRepo    user.PasswordInfoRepo

	ClientManager  *clientmanager.ClientManager
	KeyManager     key.PrivateKeyManager
	SessionManager *sessionmanager.SessionManager
	UserManager    *usermanager.UserManager

	UserEmailer *useremail.UserEmailer

	EnableRegistration           bool
	EnableClientRegistration     bool
	EnableClientCredentialAccess bool
	RegisterOnFirstLogin         bool
	// contains filtered or unexported fields
}

func (*Server) AddConnector

func (s *Server) AddConnector(cfg connector.ConnectorConfig) error

func (*Server) Client added in v0.5.0

func (s *Server) Client(clientID string) (client.Client, error)

func (*Server) ClientCredsToken

func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, time.Time, error)

func (*Server) CodeToken

func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, time.Time, error)

func (*Server) CrossClientAuthAllowed added in v0.5.0

func (s *Server) CrossClientAuthAllowed(requestingClientID, authorizingClientID string) (bool, error)

func (*Server) HTTPHandler

func (s *Server) HTTPHandler() http.Handler

func (*Server) JWTVerifierFactory

func (s *Server) JWTVerifierFactory() JWTVerifierFactory

func (*Server) KillSession

func (s *Server) KillSession(sessionKey string) error

func (*Server) Login

func (s *Server) Login(ident oidc.Identity, key string) (string, error)

func (*Server) NewClientTokenAuthHandler

func (s *Server) NewClientTokenAuthHandler(handler http.Handler) http.Handler

NewClientTokenAuthHandler returns the given handler wrapped in middleware which requires a Client Bearer token.

func (*Server) NewSession

func (s *Server) NewSession(ipdcID, clientID, clientState string, redirectURL url.URL, nonce string, register bool, scope []string) (string, error)

func (*Server) ProviderConfig

func (s *Server) ProviderConfig() oidc.ProviderConfig

func (*Server) RefreshToken

func (s *Server) RefreshToken(creds oidc.ClientCredentials, scopes scope.Scopes, token string) (*jose.JWT, string, time.Time, error)

func (*Server) Run

func (s *Server) Run() chan struct{}

type ServerConfig

type ServerConfig struct {
	IssuerURL                    string
	IssuerName                   string
	IssuerLogoURL                string
	TemplateDir                  string
	EmailTemplateDirs            []string
	EmailFromAddress             string
	EmailerConfigFile            string
	StateConfig                  StateConfigurer
	EnableRegistration           bool
	EnableClientRegistration     bool
	EnableClientCredentialAccess bool
	RegisterOnFirstLogin         bool
}

func (*ServerConfig) Server

func (cfg *ServerConfig) Server() (*Server, error)

type SingleServerConfig

type SingleServerConfig struct {
	ClientsFile    string
	ConnectorsFile string
	UsersFile      string
}

func (*SingleServerConfig) Configure

func (cfg *SingleServerConfig) Configure(srv *Server) error

type StateConfigurer

type StateConfigurer interface {
	Configure(*Server) error
}

type Template added in v0.2.2

type Template interface {
	Execute(io.Writer, interface{}) error
}

type UserMgmtServer

type UserMgmtServer struct {
	// contains filtered or unexported fields
}

func NewUserMgmtServer

func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *usermanager.UserManager, cm *clientmanager.ClientManager, allowClientCredsAuth bool) *UserMgmtServer

func (*UserMgmtServer) HTTPHandler

func (s *UserMgmtServer) HTTPHandler() http.Handler

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL