oauth

package

v0.750.2 Latest Latest Go to latest Published: Aug 19, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/determined-ai/determined

Documentation ¶

Index ¶

Constants
Variables
func RegisterAPIHandler(e *echo.Echo, s *Service)
type OauthAuthZ
type OauthAuthZBasic
- func (a *OauthAuthZBasic) CanAdministrateOauth(_ context.Context, curUser model.User) error
type OauthAuthZPermissive
- func (a *OauthAuthZPermissive) CanAdministrateOauth(ctx context.Context, curUser model.User) error
type OauthAuthZRBAC
- func (a *OauthAuthZRBAC) CanAdministrateOauth(ctx context.Context, curUser model.User) (err error)
type Service
- func New(users *user.Service, db *db.PgDB) (*Service, error)
- func (s *Service) ValidateRequest(c echo.Context) (bool, error)

Constants ¶

View Source

const Root = "/oauth2"

Root is the root of all OAuth-related routes.

Variables ¶

View Source

var AuthZProvider authz.AuthZProviderType[OauthAuthZ]

AuthZProvider is the authz registry for experiments.

Functions ¶

func RegisterAPIHandler ¶

func RegisterAPIHandler(e *echo.Echo, s *Service)

RegisterAPIHandler registers endpoints used by OAuth.

Types ¶

type OauthAuthZ ¶

type OauthAuthZ interface {
	// CanAdministrateOauth returns an error if the user is not authorized to manage oauth.
	CanAdministrateOauth(ctx context.Context, curUser model.User) error
}

OauthAuthZ describes authz methods for experiments.

type OauthAuthZBasic ¶

type OauthAuthZBasic struct{}

OauthAuthZBasic is basic OSS controls.

func (*OauthAuthZBasic) CanAdministrateOauth ¶

func (a *OauthAuthZBasic) CanAdministrateOauth(
	_ context.Context, curUser model.User,
) error

CanAdministrateOauth returns an error if the current user is not an admin.

type OauthAuthZPermissive ¶

type OauthAuthZPermissive struct{}

OauthAuthZPermissive is the permission implementation.

func (*OauthAuthZPermissive) CanAdministrateOauth ¶

func (a *OauthAuthZPermissive) CanAdministrateOauth(ctx context.Context,
	curUser model.User,
) error

CanAdministrateOauth calls RBAC authz but enforces basic authz.

type OauthAuthZRBAC ¶

type OauthAuthZRBAC struct{}

OauthAuthZRBAC is the RBAC implementation of the OauthAuthZ interface.

func (*OauthAuthZRBAC) CanAdministrateOauth ¶

func (a *OauthAuthZRBAC) CanAdministrateOauth(
	ctx context.Context, curUser model.User,
) (err error)

CanAdministrateOauth checks if the user has permission to view and modify oauth clients and settings.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service is an OAuth service capable of handling the OAuth 2.0 authorization code flow and managing clients and tokens.

func New ¶

func New(users *user.Service, db *db.PgDB) (*Service, error)

New constructs a new OAuth service.

func (*Service) ValidateRequest ¶

func (s *Service) ValidateRequest(c echo.Context) (bool, error)

ValidateRequest checks whether the given request contains valid OAuth credentials.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL