Documentation ¶
Index ¶
- Constants
- Variables
- func AddAudScopeToAudience(ctx context.Context, audience, scopes []string) []string
- func AssetURL(prefix, resourceOwner, key string) string
- func AvatarURL(prefix, resourceOwner, key string) string
- func CheckForInvalidRoles(roles []string, rolePrefix string, validRoles []authz.RoleMapping) []string
- func CheckRedirectUrisCode(compliance *Compliance, appType OIDCApplicationType, redirectUris []string)
- func CheckRedirectUrisImplicit(compliance *Compliance, appType OIDCApplicationType, redirectUris []string)
- func CheckRedirectUrisImplicitAndCode(compliance *Compliance, appType OIDCApplicationType, redirectUris []string)
- func ContainsOIDCGrantTypes(shouldContain, list []OIDCGrantType) bool
- func ContainsRequiredGrantTypes(responseTypes []OIDCResponseType, grantTypes []OIDCGrantType) bool
- func EnsureValidExpirationDate(key expiration) error
- func FromRefreshToken(refreshToken string, algorithm crypto.EncryptionAlgorithm) (userID, tokenID, token string, err error)
- func GenerateLoginName(username, domain string, appendDomain bool) string
- func GetHumanAvatarAssetPath(userID string) string
- func GetOIDCV1NativeApplicationCompliance(compliance *Compliance, authMethod OIDCAuthMethodType)
- func GetOIDCV1UserAgentApplicationCompliance(compliance *Compliance, authMethod OIDCAuthMethodType)
- func GetRemovedRoles(existingRoles, newRoles []string) []string
- func IsMessageTextType(textType string) bool
- func IsPrompt(prompt []Prompt, requestedPrompt Prompt) bool
- func NewAuthNKeyPair(keySize int) (privateKey, publicKey []byte, err error)
- func NewClientID(idGenerator id.Generator, projectName string) (string, error)
- func NewClientSecret(generator crypto.Generator) (*crypto.CryptoValue, string, error)
- func NewGeneratedInstanceDomain(instanceName, iamDomain string) (string, error)
- func NewIAMDomainName(orgName, iamDomain string) string
- func NewOTPKey(issuer, accountName string, cryptoAlg crypto.EncryptionAlgorithm) (*otp.Key, *crypto.CryptoValue, error)
- func NewRefreshToken(userID, tokenID string, algorithm crypto.EncryptionAlgorithm) (string, error)
- func OIDCOriginAllowList(redirectURIs, additionalOrigins []string) ([]string, error)
- func PasswordlessInitCodeLink(baseURL, userID, resourceOwner, codeID, code string) string
- func RefreshToken(userID, tokenID, token string, algorithm crypto.EncryptionAlgorithm) (string, error)
- func SetNewAuthNKeyPair(key authNKey, keySize int) error
- func SetNewClientID(a oAuthApplication, idGenerator id.Generator, project *Project) error
- func SetNewClientSecretIfNeeded(a oAuthApplication, generator crypto.Generator) (string, error)
- func ValidateDefaultRedirectURI(rawURL string) bool
- func ValidateExpirationDate(date time.Time) (time.Time, error)
- func VerifyMFAOTP(code string, secret *crypto.CryptoValue, cryptoAlg crypto.EncryptionAlgorithm) error
- type APIApp
- type APIAuthMethodType
- type Action
- type ActionState
- type ActionsAllowed
- type Address
- type AddressState
- type AppState
- type Application
- type ApplicationKey
- type AssetInfo
- type AuthNKeyType
- type AuthRequest
- func (a *AuthRequest) AppendAudIfNotExisting(aud string)
- func (a *AuthRequest) GetScopeOrgID() string
- func (a *AuthRequest) GetScopeOrgPrimaryDomain() string
- func (a *AuthRequest) MFALevel() MFALevel
- func (a *AuthRequest) SetOrgInformation(id, name, primaryDomain string, requestedByDomain bool)
- func (a *AuthRequest) SetUserInfo(userID, userName, loginName, displayName, avatar, userOrgID string)
- func (a *AuthRequest) WithCurrentInfo(info *BrowserInfo) *AuthRequest
- type AuthRequestOIDC
- type AuthRequestSAML
- type AuthRequestType
- type AuthenticatorAttachment
- type BrowserInfo
- type BucketInfo
- type ChangeApp
- type ChangePasswordStep
- type ChangeUsernameStep
- type Compliance
- type CustomLoginText
- type CustomMessageText
- type CustomText
- type CustomTextState
- type DomainPolicy
- type Email
- type EmailCode
- type EmailVerificationDoneScreenText
- type EmailVerificationScreenText
- type ExternalLoginStep
- type ExternalNotFoundOptionStep
- type ExternalRegistrationUserOverviewScreenText
- type ExternalUser
- type ExternalUserNotFoundScreenText
- type FactorState
- type FlowState
- type FlowType
- type FooterText
- type Gender
- type GrantRequiredStep
- type HashedPassword
- type Human
- func (u *Human) CheckDomainPolicy(policy *DomainPolicy) error
- func (h Human) GetState() UserState
- func (h Human) GetUsername() string
- func (u *Human) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm, ...) error
- func (u *Human) IsInitialState(passwordless, externalIDPs bool) bool
- func (u *Human) IsValid() bool
- func (u *Human) SetNamesAsDisplayname()
- type HumanDetails
- type IDPConfig
- type IDPConfigState
- type IDPConfigStylingType
- type IDPConfigType
- type IDPConfigView
- type IDPProvider
- type IdentityProviderState
- type IdentityProviderType
- type InitMFADoneScreenText
- type InitMFAOTPScreenText
- type InitMFAPromptScreenText
- type InitMFAU2FScreenText
- type InitPasswordDoneScreenText
- type InitPasswordScreenText
- type InitPasswordStep
- type InitUserCode
- type InitUserStep
- type InitializeUserDoneScreenText
- type InitializeUserScreenText
- type InstanceDomainState
- type InstanceState
- type JWTIDPConfig
- type Key
- type KeyPair
- type KeyUsage
- type LabelPolicy
- type LabelPolicyState
- type LevelOfAssurance
- type LinkUsersStep
- type LinkingUserDoneScreenText
- type LockoutPolicy
- type LoginPolicy
- type LoginScreenText
- type LoginStep
- type LoginSucceededStep
- type LogoutDoneScreenText
- type MFALevel
- type MFAPromptStep
- type MFAProvidersText
- type MFAState
- type MFAType
- type MFAVerificationStep
- type Machine
- type MachineKey
- type MachineKeyState
- type MailTemplate
- type Member
- type MemberState
- type MemberType
- type MessageTexts
- type Metadata
- type MetadataSearchKey
- type MetadataSearchQuery
- type MetadataSearchRequest
- type MetadataSearchResponse
- type MetadataState
- type MultiFactorType
- type MultifactorConfigs
- type NextStep
- type NextStepType
- type NotificationProviderState
- type NotificationProviderType
- type NotificationType
- type OIDCApp
- type OIDCApplicationType
- type OIDCAuthMethodType
- type OIDCCodeChallenge
- type OIDCCodeChallengeMethod
- type OIDCGrantType
- type OIDCIDPConfig
- type OIDCMappingField
- type OIDCResponseType
- type OIDCSettings
- type OIDCSettingsState
- type OIDCTokenType
- type OIDCVersion
- type OTP
- type OTPConfig
- type ObjectDetails
- type Org
- type OrgDomain
- type OrgDomainState
- type OrgDomainValidationType
- type OrgState
- type Password
- type PasswordAgePolicy
- type PasswordChangeDoneScreenText
- type PasswordChangeScreenText
- type PasswordCode
- type PasswordComplexityPolicy
- type PasswordResetDoneScreenText
- type PasswordScreenText
- type PasswordStep
- type PasswordlessInitCode
- type PasswordlessInitCodeState
- type PasswordlessPromptScreenText
- type PasswordlessRegistrationDoneScreenText
- type PasswordlessRegistrationPromptStep
- type PasswordlessRegistrationScreenText
- type PasswordlessScreenText
- type PasswordlessStep
- type PasswordlessType
- type Permissions
- type PersonalAccessTokenState
- type Phone
- type PhoneCode
- type PhoneState
- type PolicyState
- type PrivacyPolicy
- type PrivateLabelingSetting
- type Profile
- type Project
- type ProjectGrant
- type ProjectGrantIDs
- type ProjectGrantMember
- type ProjectGrantState
- type ProjectRequiredStep
- type ProjectRole
- type ProjectRoleState
- type ProjectState
- type Prompt
- type RedirectToCallbackStep
- type RedirectToExternalIDPStep
- type RegistrationOptionScreenText
- type RegistrationOrgScreenText
- type RegistrationStep
- type RegistrationUserScreenText
- type Request
- type SAMLApp
- type SMSConfigState
- type SMTPConfigState
- type SearchMethod
- type SecondFactorType
- type SecretGeneratorState
- type SecretGeneratorType
- type SelectAccountScreenText
- type SelectUserStep
- type Step
- type SuccessLoginScreenText
- type Token
- type TriggerType
- type UniqueConstraintMigration
- type User
- type UserAuthMethodType
- type UserGrant
- type UserGrantState
- type UserIDPLink
- type UserIDPLinkState
- type UserMembership
- type UserSelection
- type UserSessionState
- type UserState
- type UserType
- type UserVerificationRequirement
- type UsernameChangeDoneScreenText
- type UsernameChangeScreenText
- type VerifyEMailStep
- type VerifyMFAOTPScreenText
- type VerifyMFAU2FScreenText
- type WebAuthNLogin
- type WebAuthNToken
Constants ¶
View Source
const ( UsersAssetPath = "users" AvatarAssetPath = "/avatar" LabelPolicyPrefix = policyPrefix + "/label" Dark = "dark" CssPath = LabelPolicyPrefix + "/css" CssVariablesFileName = "variables.css" LabelPolicyLogoPath = labelPolicyLogoPrefix LabelPolicyIconPath = labelPolicyIconPrefix LabelPolicyFontPath = labelPolicyFontPrefix )
View Source
const ( LoginCustomText = "Login" LoginKeyLogin = "Login." LoginKeyLoginTitle = LoginKeyLogin + "Title" LoginKeyLoginDescription = LoginKeyLogin + "Description" LoginKeyLoginTitleLinkingProcess = LoginKeyLogin + "TitleLinking" LoginKeyLoginDescriptionLinkingProcess = LoginKeyLogin + "DescriptionLinking" LoginKeyLoginNameLabel = LoginKeyLogin + "LoginNameLabel" LoginKeyLoginUsernamePlaceHolder = LoginKeyLogin + "UsernamePlaceHolder" LoginKeyLoginLoginnamePlaceHolder = LoginKeyLogin + "LoginnamePlaceHolder" LoginKeyLoginRegisterButtonText = LoginKeyLogin + "RegisterButtonText" LoginKeyLoginNextButtonText = LoginKeyLogin + "NextButtonText" LoginKeyLoginExternalUserDescription = LoginKeyLogin + "ExternalUserDescription" LoginKeyLoginUserMustBeMemberOfOrg = LoginKeyLogin + "MustBeMemberOfOrg" LoginKeySelectAccount = "SelectAccount." LoginKeySelectAccountTitle = LoginKeySelectAccount + "Title" LoginKeySelectAccountDescription = LoginKeySelectAccount + "Description" LoginKeySelectAccountTitleLinkingProcess = LoginKeySelectAccount + "TitleLinking" LoginKeySelectAccountDescriptionLinkingProcess = LoginKeySelectAccount + "DescriptionLinking" LoginKeySelectAccountOtherUser = LoginKeySelectAccount + "OtherUser" LoginKeySelectAccountSessionStateActive = LoginKeySelectAccount + "SessionState0" LoginKeySelectAccountSessionStateInactive = LoginKeySelectAccount + "SessionState1" LoginKeySelectAccountUserMustBeMemberOfOrg = LoginKeySelectAccount + "MustBeMemberOfOrg" LoginKeyPassword = "Password." LoginKeyPasswordTitle = LoginKeyPassword + "Title" LoginKeyPasswordDescription = LoginKeyPassword + "Description" LoginKeyPasswordLabel = LoginKeyPassword + "PasswordLabel" LoginKeyPasswordMinLength = LoginKeyPassword + "MinLength" LoginKeyPasswordHasUppercase = LoginKeyPassword + "HasUppercase" LoginKeyPasswordHasLowercase = LoginKeyPassword + "HasLowercase" LoginKeyPasswordHasNumber = LoginKeyPassword + "HasNumber" LoginKeyPasswordHasSymbol = LoginKeyPassword + "HasSymbol" LoginKeyPasswordConfirmation = LoginKeyPassword + "Confirmation" LoginKeyPasswordResetLinkText = LoginKeyPassword + "ResetLinkText" LoginKeyPasswordBackButtonText = LoginKeyPassword + "BackButtonText" LoginKeyPasswordNextButtonText = LoginKeyPassword + "NextButtonText" LoginKeyUsernameChange = "UsernameChange." LoginKeyUsernameChangeTitle = LoginKeyUsernameChange + "Title" LoginKeyUsernameChangeDescription = LoginKeyUsernameChange + "Description" LoginKeyUsernameChangeUsernameLabel = LoginKeyUsernameChange + "UsernameLabel" LoginKeyUsernameChangeCancelButtonText = LoginKeyUsernameChange + "CancelButtonText" LoginKeyUsernameChangeNextButtonText = LoginKeyUsernameChange + "NextButtonText" LoginKeyUsernameChangeDone = "UsernameChangeDone." LoginKeyUsernameChangeDoneTitle = LoginKeyUsernameChangeDone + "Title" LoginKeyUsernameChangeDoneDescription = LoginKeyUsernameChangeDone + "Description" LoginKeyUsernameChangeDoneNextButtonText = LoginKeyUsernameChangeDone + "NextButtonText" LoginKeyInitPassword = "InitPassword." LoginKeyInitPasswordTitle = LoginKeyInitPassword + "Title" LoginKeyInitPasswordDescription = LoginKeyInitPassword + "Description" LoginKeyInitPasswordCodeLabel = LoginKeyInitPassword + "CodeLabel" LoginKeyInitPasswordNewPasswordLabel = LoginKeyInitPassword + "NewPasswordLabel" LoginKeyInitPasswordNewPasswordConfirmLabel = LoginKeyInitPassword + "NewPasswordConfirmLabel" LoginKeyInitPasswordNextButtonText = LoginKeyInitPassword + "NextButtonText" LoginKeyInitPasswordResendButtonText = LoginKeyInitPassword + "ResendButtonText" LoginKeyInitPasswordDone = "InitPasswordDone." LoginKeyInitPasswordDoneTitle = LoginKeyInitPasswordDone + "Title" LoginKeyInitPasswordDoneDescription = LoginKeyInitPasswordDone + "Description" LoginKeyInitPasswordDoneNextButtonText = LoginKeyInitPasswordDone + "NextButtonText" LoginKeyInitPasswordDoneCancelButtonText = LoginKeyInitPasswordDone + "CancelButtonText" LoginKeyEmailVerification = "EmailVerification." LoginKeyEmailVerificationTitle = LoginKeyEmailVerification + "Title" LoginKeyEmailVerificationDescription = LoginKeyEmailVerification + "Description" LoginKeyEmailVerificationCodeLabel = LoginKeyEmailVerification + "CodeLabel" LoginKeyEmailVerificationNextButtonText = LoginKeyEmailVerification + "NextButtonText" LoginKeyEmailVerificationResendButtonText = LoginKeyEmailVerification + "ResendButtonText" LoginKeyEmailVerificationDone = "EmailVerificationDone." LoginKeyEmailVerificationDoneTitle = LoginKeyEmailVerificationDone + "Title" LoginKeyEmailVerificationDoneDescription = LoginKeyEmailVerificationDone + "Description" LoginKeyEmailVerificationDoneNextButtonText = LoginKeyEmailVerificationDone + "NextButtonText" LoginKeyEmailVerificationDoneCancelButtonText = LoginKeyEmailVerificationDone + "CancelButtonText" LoginKeyEmailVerificationDoneLoginButtonText = LoginKeyEmailVerificationDone + "LoginButtonText" LoginKeyInitializeUser = "InitUser." LoginKeyInitializeUserTitle = LoginKeyInitializeUser + "Title" LoginKeyInitializeUserDescription = LoginKeyInitializeUser + "Description" LoginKeyInitializeUserCodeLabel = LoginKeyInitializeUser + "CodeLabel" LoginKeyInitializeUserNewPasswordLabel = LoginKeyInitializeUser + "NewPasswordLabel" LoginKeyInitializeUserNewPasswordConfirmLabel = LoginKeyInitializeUser + "NewPasswordConfirm" LoginKeyInitializeUserResendButtonText = LoginKeyInitializeUser + "ResendButtonText" LoginKeyInitializeUserNextButtonText = LoginKeyInitializeUser + "NextButtonText" LoginKeyInitUserDone = "InitUserDone." LoginKeyInitUserDoneTitle = LoginKeyInitUserDone + "Title" LoginKeyInitUserDoneDescription = LoginKeyInitUserDone + "Description" LoginKeyInitUserDoneCancelButtonText = LoginKeyInitUserDone + "CancelButtonText" LoginKeyInitUserDoneNextButtonText = LoginKeyInitUserDone + "NextButtonText" LoginKeyInitMFAPrompt = "InitMFAPrompt." LoginKeyInitMFAPromptTitle = LoginKeyInitMFAPrompt + "Title" LoginKeyInitMFAPromptDescription = LoginKeyInitMFAPrompt + "Description" LoginKeyInitMFAPromptOTPOption = LoginKeyInitMFAPrompt + "Provider0" LoginKeyInitMFAPromptU2FOption = LoginKeyInitMFAPrompt + "Provider1" LoginKeyInitMFAPromptSkipButtonText = LoginKeyInitMFAPrompt + "SkipButtonText" LoginKeyInitMFAPromptNextButtonText = LoginKeyInitMFAPrompt + "NextButtonText" LoginKeyInitMFAOTP = "InitMFAOTP." LoginKeyInitMFAOTPTitle = LoginKeyInitMFAOTP + "Title" LoginKeyInitMFAOTPDescription = LoginKeyInitMFAOTP + "Description" LoginKeyInitMFAOTPDescriptionOTP = LoginKeyInitMFAOTP + "OTPDescription" LoginKeyInitMFAOTPSecretLabel = LoginKeyInitMFAOTP + "SecretLabel" LoginKeyInitMFAOTPCodeLabel = LoginKeyInitMFAOTP + "CodeLabel" LoginKeyInitMFAOTPNextButtonText = LoginKeyInitMFAOTP + "NextButtonText" LoginKeyInitMFAOTPCancelButtonText = LoginKeyInitMFAOTP + "CancelButtonText" LoginKeyInitMFAU2F = "InitMFAU2F." LoginKeyInitMFAU2FTitle = LoginKeyInitMFAU2F + "Title" LoginKeyInitMFAU2FDescription = LoginKeyInitMFAU2F + "Description" LoginKeyInitMFAU2FTokenNameLabel = LoginKeyInitMFAU2F + "TokenNameLabel" LoginKeyInitMFAU2FNotSupported = LoginKeyInitMFAU2F + "NotSupported" LoginKeyInitMFAU2FRegisterTokenButtonText = LoginKeyInitMFAU2F + "RegisterTokenButtonText" LoginKeyInitMFAU2FErrorRetry = LoginKeyInitMFAU2F + "ErrorRetry" LoginKeyInitMFADone = "InitMFADone." LoginKeyInitMFADoneTitle = LoginKeyInitMFADone + "Title" LoginKeyInitMFADoneDescription = LoginKeyInitMFADone + "Description" LoginKeyInitMFADoneCancelButtonText = LoginKeyInitMFADone + "CancelButtonText" LoginKeyInitMFADoneNextButtonText = LoginKeyInitMFADone + "NextButtonText" LoginKeyMFAProviders = "MFAProvider." LoginKeyMFAProvidersChooseOther = LoginKeyMFAProviders + "ChooseOther" LoginKeyMFAProvidersOTP = LoginKeyMFAProviders + "Provider0" LoginKeyMFAProvidersU2F = LoginKeyMFAProviders + "Provider1" LoginKeyVerifyMFAOTP = "VerifyMFAOTP." LoginKeyVerifyMFAOTPTitle = LoginKeyVerifyMFAOTP + "Title" LoginKeyVerifyMFAOTPDescription = LoginKeyVerifyMFAOTP + "Description" LoginKeyVerifyMFAOTPCodeLabel = LoginKeyVerifyMFAOTP + "CodeLabel" LoginKeyVerifyMFAOTPNextButtonText = LoginKeyVerifyMFAOTP + "NextButtonText" LoginKeyVerifyMFAU2F = "VerifyMFAU2F." LoginKeyVerifyMFAU2FTitle = LoginKeyVerifyMFAU2F + "Title" LoginKeyVerifyMFAU2FDescription = LoginKeyVerifyMFAU2F + "Description" LoginKeyVerifyMFAU2FNotSupported = LoginKeyVerifyMFAU2F + "NotSupported" LoginKeyVerifyMFAU2FValidateTokenText = LoginKeyVerifyMFAU2F + "ValidateTokenButtonText" LoginKeyVerifyMFAU2FErrorRetry = LoginKeyVerifyMFAU2F + "ErrorRetry" LoginKeyPasswordless = "Passwordless." LoginKeyPasswordlessTitle = LoginKeyPasswordless + "Title" LoginKeyPasswordlessDescription = LoginKeyPasswordless + "Description" LoginKeyPasswordlessLoginWithPwButtonText = LoginKeyPasswordless + "LoginWithPwButtonText" LoginKeyPasswordlessValidateTokenButtonText = LoginKeyPasswordless + "ValidateTokenButtonText" LoginKeyPasswordlessNotSupported = LoginKeyPasswordless + "NotSupported" LoginKeyPasswordlessErrorRetry = LoginKeyPasswordless + "ErrorRetry" LoginKeyPasswordlessPrompt = "PasswordlessPrompt." LoginKeyPasswordlessPromptTitle = LoginKeyPasswordlessPrompt + "Title" LoginKeyPasswordlessPromptDescription = LoginKeyPasswordlessPrompt + "Description" LoginKeyPasswordlessPromptDescriptionInit = LoginKeyPasswordlessPrompt + "DescriptionInit" LoginKeyPasswordlessPromptPasswordlessButtonText = LoginKeyPasswordlessPrompt + "PasswordlessButtonText" LoginKeyPasswordlessPromptNextButtonText = LoginKeyPasswordlessPrompt + "NextButtonText" LoginKeyPasswordlessPromptSkipButtonText = LoginKeyPasswordlessPrompt + "SkipButtonText" LoginKeyPasswordlessRegistration = "PasswordlessRegistration." LoginKeyPasswordlessRegistrationTitle = LoginKeyPasswordlessRegistration + "Title" LoginKeyPasswordlessRegistrationDescription = LoginKeyPasswordlessRegistration + "Description" LoginKeyPasswordlessRegistrationRegisterTokenButtonText = LoginKeyPasswordlessRegistration + "RegisterTokenButtonText" LoginKeyPasswordlessRegistrationTokenNameLabel = LoginKeyPasswordlessRegistration + "TokenNameLabel" LoginKeyPasswordlessRegistrationNotSupported = LoginKeyPasswordlessRegistration + "NotSupported" LoginKeyPasswordlessRegistrationErrorRetry = LoginKeyPasswordlessRegistration + "ErrorRetry" LoginKeyPasswordlessRegistrationDone = "PasswordlessRegistrationDone." LoginKeyPasswordlessRegistrationDoneTitle = LoginKeyPasswordlessRegistrationDone + "Title" LoginKeyPasswordlessRegistrationDoneDescription = LoginKeyPasswordlessRegistrationDone + "Description" LoginKeyPasswordlessRegistrationDoneDescriptionClose = LoginKeyPasswordlessRegistrationDone + "DescriptionClose" LoginKeyPasswordlessRegistrationDoneNextButtonText = LoginKeyPasswordlessRegistrationDone + "NextButtonText" LoginKeyPasswordlessRegistrationDoneCancelButtonText = LoginKeyPasswordlessRegistrationDone + "CancelButtonText" LoginKeyPasswordChange = "PasswordChange." LoginKeyPasswordChangeTitle = LoginKeyPasswordChange + "Title" LoginKeyPasswordChangeDescription = LoginKeyPasswordChange + "Description" LoginKeyPasswordChangeOldPasswordLabel = LoginKeyPasswordChange + "OldPasswordLabel" LoginKeyPasswordChangeNewPasswordLabel = LoginKeyPasswordChange + "NewPasswordLabel" LoginKeyPasswordChangeNewPasswordConfirmLabel = LoginKeyPasswordChange + "NewPasswordConfirmLabel" LoginKeyPasswordChangeCancelButtonText = LoginKeyPasswordChange + "CancelButtonText" LoginKeyPasswordChangeNextButtonText = LoginKeyPasswordChange + "NextButtonText" LoginKeyPasswordChangeDone = "PasswordChangeDone." LoginKeyPasswordChangeDoneTitle = LoginKeyPasswordChangeDone + "Title" LoginKeyPasswordChangeDoneDescription = LoginKeyPasswordChangeDone + "Description" LoginKeyPasswordChangeDoneNextButtonText = LoginKeyPasswordChangeDone + "NextButtonText" LoginKeyPasswordResetDone = "PasswordResetDone." LoginKeyPasswordResetDoneTitle = LoginKeyPasswordResetDone + "Title" LoginKeyPasswordResetDoneDescription = LoginKeyPasswordResetDone + "Description" LoginKeyPasswordResetDoneNextButtonText = LoginKeyPasswordResetDone + "NextButtonText" LoginKeyRegistrationOption = "RegisterOption." LoginKeyRegistrationOptionTitle = LoginKeyRegistrationOption + "Title" LoginKeyRegistrationOptionDescription = LoginKeyRegistrationOption + "Description" LoginKeyRegistrationOptionUserNameButtonText = LoginKeyRegistrationOption + "RegisterUsernamePasswordButtonText" LoginKeyRegistrationOptionExternalLoginDescription = LoginKeyRegistrationOption + "ExternalLoginDescription" LoginKeyRegistrationUser = "RegistrationUser." LoginKeyRegistrationUserTitle = LoginKeyRegistrationUser + "Title" LoginKeyRegistrationUserDescription = LoginKeyRegistrationUser + "Description" LoginKeyRegistrationUserDescriptionOrgRegister = LoginKeyRegistrationUser + "DescriptionOrgRegister" LoginKeyRegistrationUserFirstnameLabel = LoginKeyRegistrationUser + "FirstnameLabel" LoginKeyRegistrationUserLastnameLabel = LoginKeyRegistrationUser + "LastnameLabel" LoginKeyRegistrationUserEmailLabel = LoginKeyRegistrationUser + "EmailLabel" LoginKeyRegistrationUserUsernameLabel = LoginKeyRegistrationUser + "UsernameLabel" LoginKeyRegistrationUserLanguageLabel = LoginKeyRegistrationUser + "LanguageLabel" LoginKeyRegistrationUserGenderLabel = LoginKeyRegistrationUser + "GenderLabel" LoginKeyRegistrationUserPasswordLabel = LoginKeyRegistrationUser + "PasswordLabel" LoginKeyRegistrationUserPasswordConfirmLabel = LoginKeyRegistrationUser + "PasswordConfirmLabel" LoginKeyRegistrationUserTOSAndPrivacyLabel = LoginKeyRegistrationUser + "TosAndPrivacyLabel" LoginKeyRegistrationUserTOSConfirm = LoginKeyRegistrationUser + "TosConfirm" LoginKeyRegistrationUserTOSLinkText = LoginKeyRegistrationUser + "TosLinkText" LoginKeyRegistrationUserTOSConfirmAnd = LoginKeyRegistrationUser + "TosConfirmAnd" LoginKeyRegistrationUserPrivacyLinkText = LoginKeyRegistrationUser + "PrivacyLinkText" LoginKeyRegistrationUserNextButtonText = LoginKeyRegistrationUser + "NextButtonText" LoginKeyRegistrationUserBackButtonText = LoginKeyRegistrationUser + "BackButtonText" LoginKeyExternalRegistrationUserOverview = "ExternalRegistrationUserOverview." LoginKeyExternalRegistrationUserOverviewTitle = LoginKeyExternalRegistrationUserOverview + "Title" LoginKeyExternalRegistrationUserOverviewDescription = LoginKeyExternalRegistrationUserOverview + "Description" LoginKeyExternalRegistrationUserOverviewEmailLabel = LoginKeyExternalRegistrationUserOverview + "EmailLabel" LoginKeyExternalRegistrationUserOverviewUsernameLabel = LoginKeyExternalRegistrationUserOverview + "UsernameLabel" LoginKeyExternalRegistrationUserOverviewFirstnameLabel = LoginKeyExternalRegistrationUserOverview + "FirstnameLabel" LoginKeyExternalRegistrationUserOverviewLastnameLabel = LoginKeyExternalRegistrationUserOverview + "LastnameLabel" LoginKeyExternalRegistrationUserOverviewNicknameLabel = LoginKeyExternalRegistrationUserOverview + "NicknameLabel" LoginKeyExternalRegistrationUserOverviewPhoneLabel = LoginKeyExternalRegistrationUserOverview + "PhoneLabel" LoginKeyExternalRegistrationUserOverviewLanguageLabel = LoginKeyExternalRegistrationUserOverview + "LanguageLabel" LoginKeyExternalRegistrationUserOverviewTOSAndPrivacyLabel = LoginKeyExternalRegistrationUserOverview + "TosAndPrivacyLabel" LoginKeyExternalRegistrationUserOverviewTOSConfirm = LoginKeyExternalRegistrationUserOverview + "TosConfirm" LoginKeyExternalRegistrationUserOverviewTOSLinkText = LoginKeyExternalRegistrationUserOverview + "TosLinkText" LoginKeyExternalRegistrationUserOverviewTOSConfirmAnd = LoginKeyExternalRegistrationUserOverview + "TosConfirmAnd" LoginKeyExternalRegistrationUserOverviewPrivacyLinkText = LoginKeyExternalRegistrationUserOverview + "PrivacyLinkText" LoginKeyExternalRegistrationUserOverviewBackButtonText = LoginKeyExternalRegistrationUserOverview + "BackButtonText" LoginKeyExternalRegistrationUserOverviewNextButtonText = LoginKeyExternalRegistrationUserOverview + "NextButtonText" LoginKeyRegistrationOrg = "RegistrationOrg." LoginKeyRegisterOrgTitle = LoginKeyRegistrationOrg + "Title" LoginKeyRegisterOrgDescription = LoginKeyRegistrationOrg + "Description" LoginKeyRegisterOrgOrgNameLabel = LoginKeyRegistrationOrg + "OrgNameLabel" LoginKeyRegisterOrgFirstnameLabel = LoginKeyRegistrationOrg + "FirstnameLabel" LoginKeyRegisterOrgLastnameLabel = LoginKeyRegistrationOrg + "LastnameLabel" LoginKeyRegisterOrgUsernameLabel = LoginKeyRegistrationOrg + "UsernameLabel" LoginKeyRegisterOrgEmailLabel = LoginKeyRegistrationOrg + "EmailLabel" LoginKeyRegisterOrgPasswordLabel = LoginKeyRegistrationOrg + "PasswordLabel" LoginKeyRegisterOrgPasswordConfirmLabel = LoginKeyRegistrationOrg + "PasswordConfirmLabel" LoginKeyRegisterOrgTOSAndPrivacyLabel = LoginKeyRegistrationOrg + "TosAndPrivacyLabel" LoginKeyRegisterOrgTOSConfirm = LoginKeyRegistrationOrg + "TosConfirm" LoginKeyRegisterOrgTOSLinkText = LoginKeyRegistrationOrg + "TosLinkText" LoginKeyRegisterOrgTosConfirmAnd = LoginKeyRegistrationOrg + "TosConfirmAnd" LoginKeyRegisterOrgPrivacyLinkText = LoginKeyRegistrationOrg + "PrivacyLinkText" LoginKeyRegisterOrgSaveButtonText = LoginKeyRegistrationOrg + "SaveButtonText" LoginKeyLinkingUserDone = "LinkingUsersDone." LoginKeyLinkingUserDoneTitle = LoginKeyLinkingUserDone + "Title" LoginKeyLinkingUserDoneDescription = LoginKeyLinkingUserDone + "Description" LoginKeyLinkingUserDoneCancelButtonText = LoginKeyLinkingUserDone + "CancelButtonText" LoginKeyLinkingUserDoneNextButtonText = LoginKeyLinkingUserDone + "NextButtonText" LoginKeyExternalNotFound = "ExternalNotFound." LoginKeyExternalNotFoundTitle = LoginKeyExternalNotFound + "Title" LoginKeyExternalNotFoundDescription = LoginKeyExternalNotFound + "Description" LoginKeyExternalNotFoundLinkButtonText = LoginKeyExternalNotFound + "LinkButtonText" LoginKeyExternalNotFoundAutoRegisterButtonText = LoginKeyExternalNotFound + "AutoRegisterButtonText" LoginKeyExternalNotFoundTOSAndPrivacyLabel = LoginKeyExternalNotFound + "TosAndPrivacyLabel" LoginKeyExternalNotFoundTOSConfirm = LoginKeyExternalNotFound + "TosConfirm" LoginKeyExternalNotFoundTOSLinkText = LoginKeyExternalNotFound + "TosLinkText" LoginKeyExternalNotFoundTOSConfirmAnd = LoginKeyExternalNotFound + "TosConfirmAnd" LoginKeyExternalNotFoundPrivacyLinkText = LoginKeyExternalNotFound + "PrivacyLinkText" LoginKeySuccessLogin = "LoginSuccess." LoginKeySuccessLoginTitle = LoginKeySuccessLogin + "Title" LoginKeySuccessLoginAutoRedirectDescription = LoginKeySuccessLogin + "AutoRedirectDescription" LoginKeySuccessLoginRedirectedDescription = LoginKeySuccessLogin + "RedirectedDescription" LoginKeySuccessLoginNextButtonText = LoginKeySuccessLogin + "NextButtonText" LoginKeyLogoutDone = "LogoutDone." LoginKeyLogoutDoneTitle = LoginKeyLogoutDone + "Title" LoginKeyLogoutDoneDescription = LoginKeyLogoutDone + "Description" LoginKeyLogoutDoneLoginButtonText = LoginKeyLogoutDone + "LoginButtonText" )
View Source
const ( InitCodeMessageType = "InitCode" PasswordResetMessageType = "PasswordReset" VerifyEmailMessageType = "VerifyEmail" VerifyPhoneMessageType = "VerifyPhone" DomainClaimedMessageType = "DomainClaimed" PasswordlessRegistrationMessageType = "PasswordlessRegistration" MessageTitle = "Title" MessagePreHeader = "PreHeader" MessageSubject = "Subject" MessageGreeting = "Greeting" MessageText = "Text" MessageButtonText = "ButtonText" )
View Source
const ( OrgDomainPrimaryScope = "urn:zitadel:iam:org:domain:primary:" OrgIDScope = "urn:zitadel:iam:org:id:" OrgDomainPrimaryClaim = "urn:zitadel:iam:org:domain:primary" OrgIDClaim = "urn:zitadel:iam:org:id" ProjectIDScope = "urn:zitadel:iam:org:project:id:" ProjectIDScopeZITADEL = "zitadel" AudSuffix = ":aud" SelectIDPScope = "urn:zitadel:iam:org:idp:id:" )
View Source
const ( IAMRolePrefix = "IAM" OrgRolePrefix = "ORG" ProjectRolePrefix = "PROJECT" ProjectGrantRolePrefix = "PROJECT_GRANT" RoleOrgOwner = "ORG_OWNER" RoleOrgProjectCreator = "ORG_PROJECT_CREATOR" RoleIAMOwner = "IAM_OWNER" RoleProjectOwner = "PROJECT_OWNER" RoleProjectOwnerGlobal = "PROJECT_OWNER_GLOBAL" RoleSelfManagementGlobal = "SELF_MANAGEMENT_GLOBAL" )
View Source
const (
IAMID = "IAM"
)
Variables ¶
View Source
var (
EmailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
)
Functions ¶
func AddAudScopeToAudience ¶
func CheckForInvalidRoles ¶
func CheckForInvalidRoles(roles []string, rolePrefix string, validRoles []authz.RoleMapping) []string
func CheckRedirectUrisCode ¶
func CheckRedirectUrisCode(compliance *Compliance, appType OIDCApplicationType, redirectUris []string)
func CheckRedirectUrisImplicit ¶
func CheckRedirectUrisImplicit(compliance *Compliance, appType OIDCApplicationType, redirectUris []string)
func CheckRedirectUrisImplicitAndCode ¶
func CheckRedirectUrisImplicitAndCode(compliance *Compliance, appType OIDCApplicationType, redirectUris []string)
func ContainsOIDCGrantTypes ¶
func ContainsOIDCGrantTypes(shouldContain, list []OIDCGrantType) bool
func ContainsRequiredGrantTypes ¶
func ContainsRequiredGrantTypes(responseTypes []OIDCResponseType, grantTypes []OIDCGrantType) bool
func EnsureValidExpirationDate ¶
func EnsureValidExpirationDate(key expiration) error
func FromRefreshToken ¶
func FromRefreshToken(refreshToken string, algorithm crypto.EncryptionAlgorithm) (userID, tokenID, token string, err error)
func GenerateLoginName ¶
func GetHumanAvatarAssetPath ¶
func GetOIDCV1NativeApplicationCompliance ¶
func GetOIDCV1NativeApplicationCompliance(compliance *Compliance, authMethod OIDCAuthMethodType)
func GetOIDCV1UserAgentApplicationCompliance ¶
func GetOIDCV1UserAgentApplicationCompliance(compliance *Compliance, authMethod OIDCAuthMethodType)
func GetRemovedRoles ¶
func IsMessageTextType ¶
func NewAuthNKeyPair ¶
func NewClientSecret ¶
func NewIAMDomainName ¶
func NewOTPKey ¶
func NewOTPKey(issuer, accountName string, cryptoAlg crypto.EncryptionAlgorithm) (*otp.Key, *crypto.CryptoValue, error)
func NewRefreshToken ¶
func NewRefreshToken(userID, tokenID string, algorithm crypto.EncryptionAlgorithm) (string, error)
func OIDCOriginAllowList ¶
func RefreshToken ¶
func RefreshToken(userID, tokenID, token string, algorithm crypto.EncryptionAlgorithm) (string, error)
func SetNewAuthNKeyPair ¶
func SetNewClientID ¶
ClientID random_number@projectname (eg. 495894098234@zitadel)
func VerifyMFAOTP ¶
func VerifyMFAOTP(code string, secret *crypto.CryptoValue, cryptoAlg crypto.EncryptionAlgorithm) error
Types ¶
type APIApp ¶
type APIApp struct { models.ObjectRoot AppID string AppName string ClientID string ClientSecret *crypto.CryptoValue ClientSecretString string AuthMethodType APIAuthMethodType State AppState }
func (*APIApp) GenerateClientSecretIfNeeded ¶
func (*APIApp) GetApplicationName ¶
type APIAuthMethodType ¶
type APIAuthMethodType int32
const ( APIAuthMethodTypeBasic APIAuthMethodType = iota APIAuthMethodTypePrivateKeyJWT )
type Action ¶
type Action struct { models.ObjectRoot Name string Script string Timeout time.Duration AllowedToFail bool State ActionState }
type ActionState ¶
type ActionState int32
const ( ActionStateUnspecified ActionState = iota ActionStateActive ActionStateInactive ActionStateRemoved )
func (ActionState) Exists ¶
func (s ActionState) Exists() bool
func (ActionState) Valid ¶
func (s ActionState) Valid() bool
type ActionsAllowed ¶
type ActionsAllowed int32
const ( ActionsNotAllowed ActionsAllowed = iota ActionsMaxAllowed ActionsAllowedUnlimited )
type AddressState ¶
type AddressState int32
const ( AddressStateUnspecified AddressState = iota AddressStateActive AddressStateRemoved )
func (AddressState) Valid ¶
func (s AddressState) Valid() bool
type Application ¶
type ApplicationKey ¶
type ApplicationKey struct { models.ObjectRoot ApplicationID string ClientID string KeyID string Type AuthNKeyType ExpirationDate time.Time PrivateKey []byte PublicKey []byte }
func (*ApplicationKey) Detail ¶
func (k *ApplicationKey) Detail() ([]byte, error)
func (*ApplicationKey) MarshalJSON ¶
func (k *ApplicationKey) MarshalJSON() ([]byte, error)
type AuthNKeyType ¶
type AuthNKeyType int32
const ( AuthNKeyTypeNONE AuthNKeyType = iota AuthNKeyTypeJSON )
func (AuthNKeyType) Valid ¶
func (k AuthNKeyType) Valid() bool
type AuthRequest ¶
type AuthRequest struct { ID string AgentID string CreationDate time.Time ChangeDate time.Time BrowserInfo *BrowserInfo ApplicationID string CallbackURI string TransferState string Prompt []Prompt PossibleLOAs []LevelOfAssurance UiLocales []string LoginHint string MaxAuthAge *time.Duration InstanceID string Request Request UserID string UserName string LoginName string DisplayName string AvatarKey string PresignedAvatar string UserOrgID string RequestedOrgID string RequestedOrgName string RequestedPrimaryDomain string RequestedOrgDomain bool ApplicationResourceOwner string PrivateLabelingSetting PrivateLabelingSetting SelectedIDPConfigID string LinkingUsers []*ExternalUser PossibleSteps []NextStep PasswordVerified bool MFAsVerified []MFAType Audience []string AuthTime time.Time Code string LoginPolicy *LoginPolicy AllowedExternalIDPs []*IDPProvider LabelPolicy *LabelPolicy PrivacyPolicy *PrivacyPolicy LockoutPolicy *LockoutPolicy DefaultTranslations []*CustomText OrgTranslations []*CustomText // contains filtered or unexported fields }
func NewAuthRequestFromType ¶
func NewAuthRequestFromType(requestType AuthRequestType) (*AuthRequest, error)
func (*AuthRequest) AppendAudIfNotExisting ¶
func (a *AuthRequest) AppendAudIfNotExisting(aud string)
func (*AuthRequest) GetScopeOrgID ¶
func (a *AuthRequest) GetScopeOrgID() string
func (*AuthRequest) GetScopeOrgPrimaryDomain ¶
func (a *AuthRequest) GetScopeOrgPrimaryDomain() string
func (*AuthRequest) MFALevel ¶
func (a *AuthRequest) MFALevel() MFALevel
func (*AuthRequest) SetOrgInformation ¶
func (a *AuthRequest) SetOrgInformation(id, name, primaryDomain string, requestedByDomain bool)
func (*AuthRequest) SetUserInfo ¶
func (a *AuthRequest) SetUserInfo(userID, userName, loginName, displayName, avatar, userOrgID string)
func (*AuthRequest) WithCurrentInfo ¶
func (a *AuthRequest) WithCurrentInfo(info *BrowserInfo) *AuthRequest
type AuthRequestOIDC ¶
type AuthRequestOIDC struct { Scopes []string ResponseType OIDCResponseType Nonce string CodeChallenge *OIDCCodeChallenge }
func (*AuthRequestOIDC) IsValid ¶
func (a *AuthRequestOIDC) IsValid() bool
func (*AuthRequestOIDC) Type ¶
func (a *AuthRequestOIDC) Type() AuthRequestType
type AuthRequestSAML ¶
type AuthRequestSAML struct { ID string RequestID string BindingType string Code string Issuer string IssuerName string Destination string }
func (*AuthRequestSAML) IsValid ¶
func (a *AuthRequestSAML) IsValid() bool
func (*AuthRequestSAML) Type ¶
func (a *AuthRequestSAML) Type() AuthRequestType
type AuthRequestType ¶
type AuthRequestType int32
const ( AuthRequestTypeOIDC AuthRequestType = iota AuthRequestTypeSAML )
type AuthenticatorAttachment ¶
type AuthenticatorAttachment int32
const ( AuthenticatorAttachmentUnspecified AuthenticatorAttachment = iota AuthenticatorAttachmentPlattform AuthenticatorAttachmentCrossPlattform )
type BrowserInfo ¶
func BrowserInfoFromRequest ¶
func BrowserInfoFromRequest(r *net_http.Request) *BrowserInfo
type BucketInfo ¶
type ChangeApp ¶
func (*ChangeApp) GetApplicationName ¶
type ChangePasswordStep ¶
type ChangePasswordStep struct{}
func (*ChangePasswordStep) Type ¶
func (s *ChangePasswordStep) Type() NextStepType
type ChangeUsernameStep ¶
type ChangeUsernameStep struct{}
func (*ChangeUsernameStep) Type ¶
func (s *ChangeUsernameStep) Type() NextStepType
type Compliance ¶
func GetOIDCCompliance ¶
func GetOIDCCompliance(version OIDCVersion, appType OIDCApplicationType, grantTypes []OIDCGrantType, responseTypes []OIDCResponseType, authMethod OIDCAuthMethodType, redirectUris []string) *Compliance
func GetOIDCV1Compliance ¶
func GetOIDCV1Compliance(appType OIDCApplicationType, grantTypes []OIDCGrantType, authMethod OIDCAuthMethodType, redirectUris []string) *Compliance
type CustomLoginText ¶
type CustomLoginText struct { models.ObjectRoot State PolicyState Default bool Language language.Tag IsDefault bool SelectAccount SelectAccountScreenText Login LoginScreenText Password PasswordScreenText UsernameChange UsernameChangeScreenText UsernameChangeDone UsernameChangeDoneScreenText InitPassword InitPasswordScreenText InitPasswordDone InitPasswordDoneScreenText EmailVerification EmailVerificationScreenText EmailVerificationDone EmailVerificationDoneScreenText InitUser InitializeUserScreenText InitUserDone InitializeUserDoneScreenText InitMFAPrompt InitMFAPromptScreenText InitMFAOTP InitMFAOTPScreenText InitMFAU2F InitMFAU2FScreenText InitMFADone InitMFADoneScreenText MFAProvider MFAProvidersText VerifyMFAOTP VerifyMFAOTPScreenText VerifyMFAU2F VerifyMFAU2FScreenText Passwordless PasswordlessScreenText PasswordlessPrompt PasswordlessPromptScreenText PasswordlessRegistration PasswordlessRegistrationScreenText PasswordlessRegistrationDone PasswordlessRegistrationDoneScreenText PasswordChange PasswordChangeScreenText PasswordChangeDone PasswordChangeDoneScreenText PasswordResetDone PasswordResetDoneScreenText RegisterOption RegistrationOptionScreenText RegistrationUser RegistrationUserScreenText ExternalRegistrationUserOverview ExternalRegistrationUserOverviewScreenText RegistrationOrg RegistrationOrgScreenText LinkingUsersDone LinkingUserDoneScreenText ExternalNotFoundOption ExternalUserNotFoundScreenText LoginSuccess SuccessLoginScreenText LogoutDone LogoutDoneScreenText }
func (*CustomLoginText) IsValid ¶
func (m *CustomLoginText) IsValid() bool
type CustomMessageText ¶
type CustomMessageText struct { models.ObjectRoot State PolicyState Default bool MessageTextType string Language language.Tag Title string PreHeader string Subject string Greeting string Text string ButtonText string }
func (*CustomMessageText) IsValid ¶
func (m *CustomMessageText) IsValid() bool
type CustomText ¶
type CustomText struct { models.ObjectRoot State CustomTextState Default bool Template string Key string Language language.Tag Text string }
func (*CustomText) IsValid ¶
func (m *CustomText) IsValid() bool
type CustomTextState ¶
type CustomTextState int32
const ( CustomTextStateUnspecified CustomTextState = iota CustomTextStateActive CustomTextStateRemoved )
type DomainPolicy ¶
type EmailCode ¶
type EmailCode struct { es_models.ObjectRoot Code *crypto.CryptoValue Expiry time.Duration }
type ExternalLoginStep ¶
type ExternalLoginStep struct {
SelectedIDPConfigID string
}
func (*ExternalLoginStep) Type ¶
func (s *ExternalLoginStep) Type() NextStepType
type ExternalNotFoundOptionStep ¶
type ExternalNotFoundOptionStep struct{}
func (*ExternalNotFoundOptionStep) Type ¶
func (s *ExternalNotFoundOptionStep) Type() NextStepType
type ExternalRegistrationUserOverviewScreenText ¶
type ExternalRegistrationUserOverviewScreenText struct { Title string Description string EmailLabel string UsernameLabel string FirstnameLabel string LastnameLabel string NicknameLabel string LanguageLabel string PhoneLabel string TOSAndPrivacyLabel string TOSConfirm string TOSLinkText string TOSConfirmAnd string PrivacyLinkText string BackButtonText string NextButtonText string }
type ExternalUser ¶
type FactorState ¶
type FactorState int32
const ( FactorStateUnspecified FactorState = iota FactorStateActive FactorStateRemoved )
func (FactorState) Valid ¶
func (f FactorState) Valid() bool
type FlowType ¶
type FlowType int32
func (FlowType) HasTrigger ¶
func (s FlowType) HasTrigger(triggerType TriggerType) bool
func (FlowType) LocalizationKey ¶
func (FlowType) TriggerTypes ¶
func (s FlowType) TriggerTypes() []TriggerType
type FooterText ¶
type FooterText struct {}
type GrantRequiredStep ¶
type GrantRequiredStep struct{}
func (*GrantRequiredStep) Type ¶
func (s *GrantRequiredStep) Type() NextStepType
type HashedPassword ¶
type HashedPassword struct { es_models.ObjectRoot SecretString string SecretCrypto *crypto.CryptoValue }
func NewHashedPassword ¶
func NewHashedPassword(password, algorithm string) *HashedPassword
type Human ¶
type Human struct { es_models.ObjectRoot Username string State UserState *Password *HashedPassword *Profile *Email *Phone *Address }
func (*Human) CheckDomainPolicy ¶
func (u *Human) CheckDomainPolicy(policy *DomainPolicy) error
func (Human) GetUsername ¶
func (*Human) HashPasswordIfExisting ¶
func (u *Human) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm, onetime bool) error
func (*Human) IsInitialState ¶
func (*Human) SetNamesAsDisplayname ¶
func (u *Human) SetNamesAsDisplayname()
type HumanDetails ¶
type HumanDetails struct { ID string ObjectDetails }
type IDPConfig ¶
type IDPConfig struct { es_models.ObjectRoot IDPConfigID string Type IDPConfigType Name string StylingType IDPConfigStylingType State IDPConfigState OIDCConfig *OIDCIDPConfig JWTConfig *JWTIDPConfig AutoRegister bool }
type IDPConfigState ¶
type IDPConfigState int32
const ( IDPConfigStateUnspecified IDPConfigState = iota IDPConfigStateActive IDPConfigStateInactive IDPConfigStateRemoved )
func (IDPConfigState) Exists ¶
func (s IDPConfigState) Exists() bool
func (IDPConfigState) Valid ¶
func (s IDPConfigState) Valid() bool
type IDPConfigStylingType ¶
type IDPConfigStylingType int32
const ( IDPConfigStylingTypeUnspecified IDPConfigStylingType = iota IDPConfigStylingTypeGoogle )
func (IDPConfigStylingType) GetCSSClass ¶
func (st IDPConfigStylingType) GetCSSClass() string
func (IDPConfigStylingType) Valid ¶
func (f IDPConfigStylingType) Valid() bool
type IDPConfigType ¶
type IDPConfigType int32
const ( IDPConfigTypeOIDC IDPConfigType = iota IDPConfigTypeSAML IDPConfigTypeJWT IDPConfigTypeUnspecified IDPConfigType = -1 )
func (IDPConfigType) Valid ¶
func (f IDPConfigType) Valid() bool
type IDPConfigView ¶
type IDPConfigView struct { AggregateID string IDPConfigID string Name string StylingType IDPConfigStylingType State IDPConfigState CreationDate time.Time ChangeDate time.Time Sequence uint64 IDPProviderType IdentityProviderType AutoRegister bool IsOIDC bool OIDCClientID string OIDCClientSecret *crypto.CryptoValue OIDCIssuer string OIDCScopes []string OIDCIDPDisplayNameMapping OIDCMappingField OIDCUsernameMapping OIDCMappingField OAuthAuthorizationEndpoint string OAuthTokenEndpoint string JWTEndpoint string JWTIssuer string JWTKeysEndpoint string }
type IDPProvider ¶
type IDPProvider struct { models.ObjectRoot Type IdentityProviderType IDPConfigID string Name string StylingType IDPConfigStylingType IDPConfigType IDPConfigType IDPState IDPConfigState }
func (IDPProvider) IsValid ¶
func (p IDPProvider) IsValid() bool
type IdentityProviderState ¶
type IdentityProviderState int32
const ( IdentityProviderStateUnspecified IdentityProviderState = iota IdentityProviderStateActive IdentityProviderStateRemoved )
func (IdentityProviderState) Valid ¶
func (s IdentityProviderState) Valid() bool
type IdentityProviderType ¶
type IdentityProviderType int8
const ( IdentityProviderTypeSystem IdentityProviderType = iota IdentityProviderTypeOrg )
func (IdentityProviderType) Valid ¶
func (f IdentityProviderType) Valid() bool
type InitMFADoneScreenText ¶
type InitMFAOTPScreenText ¶
type InitMFAPromptScreenText ¶
type InitMFAU2FScreenText ¶
type InitPasswordScreenText ¶
type InitPasswordStep ¶
type InitPasswordStep struct{}
func (*InitPasswordStep) Type ¶
func (s *InitPasswordStep) Type() NextStepType
type InitUserCode ¶
type InitUserCode struct { es_models.ObjectRoot Code *crypto.CryptoValue Expiry time.Duration }
func NewInitUserCode ¶
func NewInitUserCode(generator crypto.Generator) (*InitUserCode, error)
type InitUserStep ¶
type InitUserStep struct {
PasswordSet bool
}
func (*InitUserStep) Type ¶
func (s *InitUserStep) Type() NextStepType
type InstanceDomainState ¶
type InstanceDomainState int32
const ( InstanceDomainStateUnspecified InstanceDomainState = iota InstanceDomainStateActive InstanceDomainStateRemoved )
func (InstanceDomainState) Exists ¶
func (f InstanceDomainState) Exists() bool
func (InstanceDomainState) Valid ¶
func (f InstanceDomainState) Valid() bool
type InstanceState ¶
type InstanceState int32
const ( InstanceStateUnspecified InstanceState = iota InstanceStateActive InstanceStateRemoved )
func (InstanceState) Valid ¶
func (f InstanceState) Valid() bool
type JWTIDPConfig ¶
type KeyPair ¶
type LabelPolicy ¶
type LabelPolicy struct { models.ObjectRoot State LabelPolicyState Default bool PrimaryColor string BackgroundColor string WarnColor string FontColor string LogoURL string IconURL string PrimaryColorDark string BackgroundColorDark string WarnColorDark string FontColorDark string LogoDarkURL string IconDarkURL string Font string HideLoginNameSuffix bool ErrorMsgPopup bool DisableWatermark bool }
func (LabelPolicy) IsValid ¶
func (f LabelPolicy) IsValid() error
type LabelPolicyState ¶
type LabelPolicyState int32
const ( LabelPolicyStateUnspecified LabelPolicyState = iota LabelPolicyStateActive LabelPolicyStateRemoved LabelPolicyStatePreview )
func (LabelPolicyState) Exists ¶
func (s LabelPolicyState) Exists() bool
func (LabelPolicyState) Valid ¶
func (f LabelPolicyState) Valid() bool
type LevelOfAssurance ¶
type LevelOfAssurance int
const (
LevelOfAssuranceNone LevelOfAssurance = iota
)
type LinkUsersStep ¶
type LinkUsersStep struct{}
func (*LinkUsersStep) Type ¶
func (s *LinkUsersStep) Type() NextStepType
type LockoutPolicy ¶
type LockoutPolicy struct { models.ObjectRoot Default bool MaxPasswordAttempts uint64 ShowLockOutFailures bool }
type LoginPolicy ¶
type LoginPolicy struct { models.ObjectRoot Default bool AllowUsernamePassword bool AllowRegister bool AllowExternalIDP bool IDPProviders []*IDPProvider ForceMFA bool SecondFactors []SecondFactorType MultiFactors []MultiFactorType PasswordlessType PasswordlessType HidePasswordReset bool IgnoreUnknownUsernames bool AllowDomainDiscovery bool DefaultRedirectURI string PasswordCheckLifetime time.Duration ExternalLoginCheckLifetime time.Duration MFAInitSkipLifetime time.Duration SecondFactorCheckLifetime time.Duration MultiFactorCheckLifetime time.Duration DisableLoginWithEmail bool DisableLoginWithPhone bool }
func (*LoginPolicy) HasMultiFactors ¶
func (p *LoginPolicy) HasMultiFactors() bool
func (*LoginPolicy) HasSecondFactors ¶
func (p *LoginPolicy) HasSecondFactors() bool
type LoginScreenText ¶
type LoginStep ¶
type LoginStep struct{}
func (*LoginStep) Type ¶
func (s *LoginStep) Type() NextStepType
type LoginSucceededStep ¶
type LoginSucceededStep struct{}
func (*LoginSucceededStep) Type ¶
func (s *LoginSucceededStep) Type() NextStepType
type LogoutDoneScreenText ¶
type MFAPromptStep ¶
func (*MFAPromptStep) Type ¶
func (s *MFAPromptStep) Type() NextStepType
type MFAProvidersText ¶
type MFAVerificationStep ¶
type MFAVerificationStep struct {
MFAProviders []MFAType
}
func (*MFAVerificationStep) Type ¶
func (s *MFAVerificationStep) Type() NextStepType
type Machine ¶
type Machine struct { models.ObjectRoot Username string State UserState Name string Description string }
func (Machine) GetUsername ¶
type MachineKey ¶
type MachineKey struct { models.ObjectRoot KeyID string Type AuthNKeyType ExpirationDate time.Time PrivateKey []byte PublicKey []byte }
func (*MachineKey) Detail ¶
func (key *MachineKey) Detail() ([]byte, error)
func (*MachineKey) GenerateNewMachineKeyPair ¶
func (key *MachineKey) GenerateNewMachineKeyPair(keySize int) error
func (*MachineKey) MarshalJSON ¶
func (key *MachineKey) MarshalJSON() ([]byte, error)
type MachineKeyState ¶
type MachineKeyState int32
const ( MachineKeyStateUnspecified MachineKeyState = iota MachineKeyStateActive MachineKeyStateRemoved )
func (MachineKeyState) Valid ¶
func (f MachineKeyState) Valid() bool
type MailTemplate ¶
type MailTemplate struct { models.ObjectRoot State PolicyState Default bool Template []byte }
func (*MailTemplate) IsValid ¶
func (m *MailTemplate) IsValid() bool
type Member ¶
type Member struct { es_models.ObjectRoot UserID string Roles []string }
func (*Member) IsIAMValid ¶
type MemberState ¶
type MemberState int32
const ( MemberStateUnspecified MemberState = iota MemberStateActive MemberStateRemoved )
func (MemberState) Valid ¶
func (f MemberState) Valid() bool
type MemberType ¶
type MemberType int32
const ( MemberTypeUnspecified MemberType = iota MemberTypeOrganisation MemberTypeProject MemberTypeProjectGrant MemberTypeIam )
type MessageTexts ¶
type MessageTexts struct { InitCode CustomMessageText PasswordReset CustomMessageText VerifyEmail CustomMessageText VerifyPhone CustomMessageText DomainClaimed CustomMessageText PasswordlessRegistration CustomMessageText }
func (*MessageTexts) GetMessageTextByType ¶
func (m *MessageTexts) GetMessageTextByType(msgType string) *CustomMessageText
type Metadata ¶
type Metadata struct { es_models.ObjectRoot State MetadataState Key string Value []byte }
type MetadataSearchKey ¶
type MetadataSearchKey int32
const ( MetadataSearchKeyUnspecified MetadataSearchKey = iota MetadataSearchKeyAggregateID MetadataSearchKeyResourceOwner MetadataSearchKeyKey MetadataSearchKeyValue )
type MetadataSearchQuery ¶
type MetadataSearchQuery struct { Key MetadataSearchKey Method SearchMethod Value interface{} }
type MetadataSearchRequest ¶
type MetadataSearchRequest struct { Offset uint64 Limit uint64 SortingColumn MetadataSearchKey Asc bool Queries []*MetadataSearchQuery }
func (*MetadataSearchRequest) AppendAggregateIDQuery ¶
func (r *MetadataSearchRequest) AppendAggregateIDQuery(aggregateID string)
func (*MetadataSearchRequest) AppendResourceOwnerQuery ¶
func (r *MetadataSearchRequest) AppendResourceOwnerQuery(resourceOwner string)
func (*MetadataSearchRequest) EnsureLimit ¶
func (r *MetadataSearchRequest) EnsureLimit(limit uint64) error
type MetadataSearchResponse ¶
type MetadataState ¶
type MetadataState int32
const ( MetadataStateUnspecified MetadataState = iota MetadataStateActive MetadataStateRemoved )
func (MetadataState) Exists ¶
func (s MetadataState) Exists() bool
type MultiFactorType ¶
type MultiFactorType int32
const ( MultiFactorTypeUnspecified MultiFactorType = iota MultiFactorTypeU2FWithPIN )
func MultiFactorTypes ¶
func MultiFactorTypes() []MultiFactorType
func (MultiFactorType) Valid ¶
func (f MultiFactorType) Valid() bool
type MultifactorConfigs ¶
type MultifactorConfigs struct {
OTP OTPConfig
}
type NextStep ¶
type NextStep interface {
Type() NextStepType
}
type NextStepType ¶
type NextStepType int32
const ( NextStepUnspecified NextStepType = iota NextStepLogin NextStepUserSelection NextStepInitUser NextStepPassword NextStepChangePassword NextStepInitPassword NextStepVerifyEmail NextStepMFAPrompt NextStepMFAVerify NextStepRedirectToCallback NextStepChangeUsername NextStepLinkUsers NextStepExternalNotFoundOption NextStepExternalLogin NextStepGrantRequired NextStepPasswordless NextStepPasswordlessRegistrationPrompt NextStepRegistration NextStepProjectRequired NextStepRedirectToExternalIDP NextStepLoginSucceeded )
type NotificationProviderState ¶
type NotificationProviderState int32
const ( NotificationProviderStateUnspecified NotificationProviderState = iota NotificationProviderStateActive NotificationProviderStateRemoved )
func (NotificationProviderState) Exists ¶
func (s NotificationProviderState) Exists() bool
type NotificationProviderType ¶
type NotificationProviderType int32
const ( NotificationProviderTypeFile NotificationProviderType = iota NotificationProviderTypeLog )
type NotificationType ¶
type NotificationType int32
const ( NotificationTypeEmail NotificationType = iota NotificationTypeSms )
func (NotificationType) Valid ¶
func (f NotificationType) Valid() bool
type OIDCApp ¶
type OIDCApp struct { models.ObjectRoot AppID string AppName string ClientID string ClientSecret *crypto.CryptoValue ClientSecretString string RedirectUris []string ResponseTypes []OIDCResponseType GrantTypes []OIDCGrantType ApplicationType OIDCApplicationType AuthMethodType OIDCAuthMethodType PostLogoutRedirectUris []string OIDCVersion OIDCVersion Compliance *Compliance DevMode bool AccessTokenType OIDCTokenType AccessTokenRoleAssertion bool IDTokenRoleAssertion bool IDTokenUserinfoAssertion bool ClockSkew time.Duration AdditionalOrigins []string State AppState }
func (*OIDCApp) FillCompliance ¶
func (a *OIDCApp) FillCompliance()
func (*OIDCApp) GetApplicationName ¶
func (*OIDCApp) OriginsValid ¶
type OIDCApplicationType ¶
type OIDCApplicationType int32
const ( OIDCApplicationTypeWeb OIDCApplicationType = iota OIDCApplicationTypeUserAgent OIDCApplicationTypeNative )
type OIDCAuthMethodType ¶
type OIDCAuthMethodType int32
const ( OIDCAuthMethodTypeBasic OIDCAuthMethodType = iota OIDCAuthMethodTypePost OIDCAuthMethodTypeNone OIDCAuthMethodTypePrivateKeyJWT )
type OIDCCodeChallenge ¶
type OIDCCodeChallenge struct { Challenge string Method OIDCCodeChallengeMethod }
func (*OIDCCodeChallenge) IsValid ¶
func (c *OIDCCodeChallenge) IsValid() bool
type OIDCCodeChallengeMethod ¶
type OIDCCodeChallengeMethod int32
const ( CodeChallengeMethodPlain OIDCCodeChallengeMethod = iota CodeChallengeMethodS256 )
type OIDCGrantType ¶
type OIDCGrantType int32
const ( OIDCGrantTypeAuthorizationCode OIDCGrantType = iota OIDCGrantTypeImplicit OIDCGrantTypeRefreshToken )
func RequiredOIDCGrantTypes ¶
func RequiredOIDCGrantTypes(responseTypes []OIDCResponseType) (grantTypes []OIDCGrantType)
type OIDCIDPConfig ¶
type OIDCIDPConfig struct { es_models.ObjectRoot IDPConfigID string ClientID string ClientSecret *crypto.CryptoValue ClientSecretString string Issuer string AuthorizationEndpoint string TokenEndpoint string Scopes []string IDPDisplayNameMapping OIDCMappingField UsernameMapping OIDCMappingField }
type OIDCMappingField ¶
type OIDCMappingField int32
const ( OIDCMappingFieldUnspecified OIDCMappingField = iota OIDCMappingFieldPreferredLoginName OIDCMappingFieldEmail )
func (OIDCMappingField) Valid ¶
func (f OIDCMappingField) Valid() bool
type OIDCResponseType ¶
type OIDCResponseType int32
const ( OIDCResponseTypeCode OIDCResponseType = iota OIDCResponseTypeIDToken OIDCResponseTypeIDTokenToken )
type OIDCSettings ¶
type OIDCSettingsState ¶
type OIDCSettingsState int32
const ( OIDCSettingsStateUnspecified OIDCSettingsState = iota OIDCSettingsStateActive OIDCSettingsStateRemoved )
func (OIDCSettingsState) Exists ¶
func (s OIDCSettingsState) Exists() bool
func (OIDCSettingsState) Valid ¶
func (c OIDCSettingsState) Valid() bool
type OIDCTokenType ¶
type OIDCTokenType int32
const ( OIDCTokenTypeBearer OIDCTokenType = iota OIDCTokenTypeJWT )
type OTP ¶
type OTP struct { es_models.ObjectRoot Secret *crypto.CryptoValue SecretString string Url string State MFAState }
type OTPConfig ¶
type OTPConfig struct { Issuer string CryptoMFA crypto.EncryptionAlgorithm }
type ObjectDetails ¶
type Org ¶
type Org struct { models.ObjectRoot State OrgState Name string PrimaryDomain string Domains []*OrgDomain }
func (*Org) AddIAMDomain ¶
type OrgDomain ¶
type OrgDomain struct { models.ObjectRoot Domain string Primary bool Verified bool ValidationType OrgDomainValidationType ValidationCode *crypto.CryptoValue }
func (*OrgDomain) GenerateVerificationCode ¶
type OrgDomainState ¶
type OrgDomainState int32
const ( OrgDomainStateUnspecified OrgDomainState = iota OrgDomainStateActive OrgDomainStateRemoved )
func (OrgDomainState) Valid ¶
func (f OrgDomainState) Valid() bool
type OrgDomainValidationType ¶
type OrgDomainValidationType int32
const ( OrgDomainValidationTypeUnspecified OrgDomainValidationType = iota OrgDomainValidationTypeHTTP OrgDomainValidationTypeDNS )
type Password ¶
type Password struct { es_models.ObjectRoot SecretString string SecretCrypto *crypto.CryptoValue ChangeRequired bool }
func NewPassword ¶
func (*Password) HashPasswordIfExisting ¶
func (p *Password) HashPasswordIfExisting(policy *PasswordComplexityPolicy, passwordAlg crypto.HashAlgorithm) error
type PasswordAgePolicy ¶
type PasswordAgePolicy struct { models.ObjectRoot MaxAgeDays uint64 ExpireWarnDays uint64 }
type PasswordCode ¶
type PasswordCode struct { es_models.ObjectRoot Code *crypto.CryptoValue Expiry time.Duration NotificationType NotificationType }
func NewPasswordCode ¶
func NewPasswordCode(passwordGenerator crypto.Generator) (*PasswordCode, error)
type PasswordComplexityPolicy ¶
type PasswordComplexityPolicy struct { models.ObjectRoot MinLength uint64 HasLowercase bool HasUppercase bool HasNumber bool HasSymbol bool Default bool }
func (*PasswordComplexityPolicy) Check ¶
func (p *PasswordComplexityPolicy) Check(password string) error
func (*PasswordComplexityPolicy) IsValid ¶
func (p *PasswordComplexityPolicy) IsValid() error
type PasswordScreenText ¶
type PasswordStep ¶
type PasswordStep struct{}
func (*PasswordStep) Type ¶
func (s *PasswordStep) Type() NextStepType
type PasswordlessInitCode ¶
type PasswordlessInitCode struct { es_models.ObjectRoot CodeID string Code string Expiration time.Duration State PasswordlessInitCodeState }
func (*PasswordlessInitCode) Link ¶
func (p *PasswordlessInitCode) Link(baseURL string) string
type PasswordlessInitCodeState ¶
type PasswordlessInitCodeState int32
const ( PasswordlessInitCodeStateUnspecified PasswordlessInitCodeState = iota PasswordlessInitCodeStateRequested PasswordlessInitCodeStateActive PasswordlessInitCodeStateRemoved )
type PasswordlessRegistrationPromptStep ¶
type PasswordlessRegistrationPromptStep struct{}
func (*PasswordlessRegistrationPromptStep) Type ¶
func (s *PasswordlessRegistrationPromptStep) Type() NextStepType
type PasswordlessScreenText ¶
type PasswordlessStep ¶
type PasswordlessStep struct {
PasswordSet bool
}
func (*PasswordlessStep) Type ¶
func (s *PasswordlessStep) Type() NextStepType
type PasswordlessType ¶
type PasswordlessType int32
const ( PasswordlessTypeNotAllowed PasswordlessType = iota PasswordlessTypeAllowed )
func (PasswordlessType) Valid ¶
func (f PasswordlessType) Valid() bool
type Permissions ¶
type Permissions struct {
Permissions []string
}
func (*Permissions) AppendPermissions ¶
func (p *Permissions) AppendPermissions(ctxID string, permissions ...string)
type PersonalAccessTokenState ¶
type PersonalAccessTokenState int32
const ( PersonalAccessTokenStateUnspecified PersonalAccessTokenState = iota PersonalAccessTokenStateActive PersonalAccessTokenStateRemoved )
func (PersonalAccessTokenState) Valid ¶
func (f PersonalAccessTokenState) Valid() bool
type PhoneCode ¶
type PhoneCode struct { es_models.ObjectRoot Code *crypto.CryptoValue Expiry time.Duration }
type PhoneState ¶
type PhoneState int32
const ( PhoneStateUnspecified PhoneState = iota PhoneStateActive PhoneStateRemoved )
func (PhoneState) Exists ¶
func (s PhoneState) Exists() bool
func (PhoneState) Valid ¶
func (s PhoneState) Valid() bool
type PolicyState ¶
type PolicyState int32
const ( PolicyStateUnspecified PolicyState = iota PolicyStateActive PolicyStateRemoved )
func (PolicyState) Exists ¶
func (s PolicyState) Exists() bool
func (PolicyState) Valid ¶
func (f PolicyState) Valid() bool
type PrivacyPolicy ¶
type PrivacyPolicy struct { models.ObjectRoot State PolicyState Default bool TOSLink string PrivacyLink string HelpLink string }
type PrivateLabelingSetting ¶
type PrivateLabelingSetting int32
const ( PrivateLabelingSettingUnspecified PrivateLabelingSetting = iota PrivateLabelingSettingEnforceProjectResourceOwnerPolicy PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy )
func (PrivateLabelingSetting) Valid ¶
func (s PrivateLabelingSetting) Valid() bool
type Profile ¶
type Project ¶
type Project struct { models.ObjectRoot State ProjectState Name string ProjectRoleAssertion bool ProjectRoleCheck bool HasProjectCheck bool PrivateLabelingSetting PrivateLabelingSetting }
type ProjectGrant ¶
type ProjectGrant struct { es_models.ObjectRoot GrantID string GrantedOrgID string State ProjectGrantState RoleKeys []string }
func (*ProjectGrant) HasInvalidRoles ¶
func (g *ProjectGrant) HasInvalidRoles(validRoles []string) bool
func (*ProjectGrant) IsValid ¶
func (p *ProjectGrant) IsValid() bool
type ProjectGrantIDs ¶
type ProjectGrantMember ¶
type ProjectGrantMember struct { es_models.ObjectRoot GrantID string UserID string Roles []string }
func NewProjectGrantMember ¶
func NewProjectGrantMember(aggregateID, userID, grantID string, roles ...string) *ProjectGrantMember
func (*ProjectGrantMember) IsValid ¶
func (i *ProjectGrantMember) IsValid() bool
type ProjectGrantState ¶
type ProjectGrantState int32
const ( ProjectGrantStateUnspecified ProjectGrantState = iota ProjectGrantStateActive ProjectGrantStateInactive ProjectGrantStateRemoved )
type ProjectRequiredStep ¶
type ProjectRequiredStep struct{}
func (*ProjectRequiredStep) Type ¶
func (s *ProjectRequiredStep) Type() NextStepType
type ProjectRole ¶
type ProjectRole struct { models.ObjectRoot Key string DisplayName string Group string }
func NewProjectRole ¶
func NewProjectRole(projectID, key string) *ProjectRole
func (*ProjectRole) IsValid ¶
func (p *ProjectRole) IsValid() bool
type ProjectRoleState ¶
type ProjectRoleState int32
const ( ProjectRoleStateUnspecified ProjectRoleState = iota ProjectRoleStateActive ProjectRoleStateRemoved )
type ProjectState ¶
type ProjectState int32
const ( ProjectStateUnspecified ProjectState = iota ProjectStateActive ProjectStateInactive ProjectStateRemoved )
func (ProjectState) Valid ¶
func (s ProjectState) Valid() bool
type RedirectToCallbackStep ¶
type RedirectToCallbackStep struct{}
func (*RedirectToCallbackStep) Type ¶
func (s *RedirectToCallbackStep) Type() NextStepType
type RedirectToExternalIDPStep ¶
type RedirectToExternalIDPStep struct{}
func (*RedirectToExternalIDPStep) Type ¶
func (s *RedirectToExternalIDPStep) Type() NextStepType
type RegistrationOrgScreenText ¶
type RegistrationOrgScreenText struct { Title string Description string OrgNameLabel string FirstnameLabel string LastnameLabel string UsernameLabel string EmailLabel string PasswordLabel string PasswordConfirmLabel string TOSAndPrivacyLabel string TOSConfirm string TOSLinkText string TOSConfirmAnd string PrivacyLinkText string SaveButtonText string }
type RegistrationStep ¶
type RegistrationStep struct{}
func (*RegistrationStep) Type ¶
func (s *RegistrationStep) Type() NextStepType
type RegistrationUserScreenText ¶
type RegistrationUserScreenText struct { Title string Description string DescriptionOrgRegister string FirstnameLabel string LastnameLabel string EmailLabel string UsernameLabel string LanguageLabel string GenderLabel string PasswordLabel string PasswordConfirmLabel string TOSAndPrivacyLabel string TOSConfirm string TOSLinkText string TOSConfirmAnd string PrivacyLinkText string NextButtonText string BackButtonText string }
type Request ¶
type Request interface { Type() AuthRequestType IsValid() bool }
TODO: Change AuthRequest to interface and let oidcauthreqesut implement it
type SAMLApp ¶
type SAMLApp struct { models.ObjectRoot AppID string AppName string EntityID string Metadata []byte MetadataURL string State AppState }
func (*SAMLApp) GetApplicationName ¶
func (*SAMLApp) GetMetadata ¶
func (*SAMLApp) GetMetadataURL ¶
type SMSConfigState ¶
type SMSConfigState int32
const ( SMSConfigStateUnspecified SMSConfigState = iota SMSConfigStateActive SMSConfigStateInactive SMSConfigStateRemoved )
func (SMSConfigState) Exists ¶
func (s SMSConfigState) Exists() bool
type SMTPConfigState ¶
type SMTPConfigState int32
const ( SMTPConfigStateUnspecified SMTPConfigState = iota SMTPConfigStateActive SMTPConfigStateRemoved )
type SearchMethod ¶
type SearchMethod int32
const ( SearchMethodEquals SearchMethod = iota SearchMethodStartsWith SearchMethodContains SearchMethodEqualsIgnoreCase SearchMethodStartsWithIgnoreCase SearchMethodContainsIgnoreCase SearchMethodNotEquals SearchMethodGreaterThan SearchMethodLessThan SearchMethodIsOneOf SearchMethodListContains SearchMethodEndsWith SearchMethodEndsWithIgnoreCase )
type SecondFactorType ¶
type SecondFactorType int32
const ( SecondFactorTypeUnspecified SecondFactorType = iota SecondFactorTypeOTP SecondFactorTypeU2F )
func SecondFactorTypes ¶
func SecondFactorTypes() []SecondFactorType
func (SecondFactorType) Valid ¶
func (f SecondFactorType) Valid() bool
type SecretGeneratorState ¶
type SecretGeneratorState int32
const ( SecretGeneratorStateUnspecified SecretGeneratorState = iota SecretGeneratorStateActive SecretGeneratorStateRemoved )
type SecretGeneratorType ¶
type SecretGeneratorType int32
const ( SecretGeneratorTypeUnspecified SecretGeneratorType = iota SecretGeneratorTypeInitCode SecretGeneratorTypeVerifyEmailCode SecretGeneratorTypeVerifyPhoneCode SecretGeneratorTypeVerifyDomain SecretGeneratorTypePasswordResetCode SecretGeneratorTypePasswordlessInitCode SecretGeneratorTypeAppSecret )
func (SecretGeneratorType) Valid ¶
func (t SecretGeneratorType) Valid() bool
type SelectAccountScreenText ¶
type SelectUserStep ¶
type SelectUserStep struct {
Users []UserSelection
}
func (*SelectUserStep) Type ¶
func (s *SelectUserStep) Type() NextStepType
type SuccessLoginScreenText ¶
type TriggerType ¶
type TriggerType int32
const ( TriggerTypeUnspecified TriggerType = iota TriggerTypePostAuthentication TriggerTypePreCreation TriggerTypePostCreation TriggerTypePreUserinfoCreation TriggerTypePreAccessTokenCreation )
func (TriggerType) ID ¶
func (s TriggerType) ID() string
func (TriggerType) LocalizationKey ¶
func (s TriggerType) LocalizationKey() string
func (TriggerType) Valid ¶
func (s TriggerType) Valid() bool
type UserAuthMethodType ¶
type UserAuthMethodType int32
const ( UserAuthMethodTypeUnspecified UserAuthMethodType = iota UserAuthMethodTypeOTP UserAuthMethodTypeU2F UserAuthMethodTypePasswordless )
func (UserAuthMethodType) Valid ¶
func (f UserAuthMethodType) Valid() bool
type UserGrant ¶
type UserGrant struct { es_models.ObjectRoot State UserGrantState UserID string ProjectID string ProjectGrantID string RoleKeys []string }
func (*UserGrant) HasInvalidRoles ¶
type UserGrantState ¶
type UserGrantState int32
const ( UserGrantStateUnspecified UserGrantState = iota UserGrantStateActive UserGrantStateInactive UserGrantStateRemoved )
type UserIDPLink ¶
type UserIDPLink struct { es_models.ObjectRoot IDPConfigID string ExternalUserID string DisplayName string }
func (*UserIDPLink) IsValid ¶
func (idp *UserIDPLink) IsValid() bool
type UserIDPLinkState ¶
type UserIDPLinkState int32
const ( UserIDPLinkStateUnspecified UserIDPLinkState = iota UserIDPLinkStateActive UserIDPLinkStateRemoved )
func (UserIDPLinkState) Valid ¶
func (s UserIDPLinkState) Valid() bool
type UserMembership ¶
type UserMembership struct { UserID string MemberType MemberType AggregateID string //ObjectID differs from aggregate id if obejct is sub of an aggregate ObjectID string Roles []string DisplayName string CreationDate time.Time ChangeDate time.Time ResourceOwner string ResourceOwnerName string Sequence uint64 }
type UserSelection ¶
type UserSessionState ¶
type UserSessionState int32
const ( UserSessionStateActive UserSessionState = iota UserSessionStateTerminated )
type UserVerificationRequirement ¶
type UserVerificationRequirement int32
const ( UserVerificationRequirementUnspecified UserVerificationRequirement = iota UserVerificationRequirementRequired UserVerificationRequirementPreferred UserVerificationRequirementDiscouraged )
type VerifyEMailStep ¶
type VerifyEMailStep struct{}
func (*VerifyEMailStep) Type ¶
func (s *VerifyEMailStep) Type() NextStepType
type VerifyMFAOTPScreenText ¶
type VerifyMFAU2FScreenText ¶
type WebAuthNLogin ¶
type WebAuthNLogin struct { es_models.ObjectRoot CredentialAssertionData []byte Challenge string AllowedCredentialIDs [][]byte UserVerification UserVerificationRequirement }
type WebAuthNToken ¶
type WebAuthNToken struct { es_models.ObjectRoot WebAuthNTokenID string CredentialCreationData []byte State MFAState Challenge string AllowedCredentialIDs [][]byte UserVerification UserVerificationRequirement KeyID []byte PublicKey []byte AttestationType string AAGUID []byte SignCount uint32 WebAuthNTokenName string }
func GetTokenByKeyID ¶
func GetTokenByKeyID(tokens []*WebAuthNToken, keyID []byte) (int, *WebAuthNToken)
func GetTokenToVerify ¶
func GetTokenToVerify(tokens []*WebAuthNToken) (int, *WebAuthNToken)
Source Files ¶
- action.go
- application.go
- application_api.go
- application_key.go
- application_oauth.go
- application_oidc.go
- application_saml.go
- asset.go
- auth_request.go
- authn_key.go
- browser_info.go
- bucket.go
- custom_login_text.go
- custom_message_text.go
- custom_text.go
- expiration.go
- factors.go
- flow.go
- human.go
- human_address.go
- human_email.go
- human_hashed_password.go
- human_otp.go
- human_password.go
- human_phone.go
- human_profile.go
- human_web_auth_n.go
- idp_config.go
- instance.go
- instance_domain.go
- key_pair.go
- machine.go
- machine_key.go
- member.go
- metadata.go
- mfa.go
- next_step.go
- notification.go
- object.go
- oidc_code_challenge.go
- oidc_mapping_field.go
- oidc_settings.go
- org.go
- org_domain.go
- permission.go
- policy.go
- policy_domain.go
- policy_label.go
- policy_login.go
- policy_mail_template.go
- policy_password_age.go
- policy_password_complexity.go
- policy_password_lockout.go
- policy_privacy.go
- project.go
- project_grant.go
- project_grant_member.go
- project_role.go
- provider.go
- refresh_token.go
- request.go
- roles.go
- search_method.go
- secret_generator.go
- sms.go
- smtp.go
- step.go
- token.go
- unique_constraint_migration.go
- user.go
- user_grant.go
- user_idp_link.go
- user_membership.go
Click to show internal directories.
Click to hide internal directories.