auth

package
v0.0.0-...-e99be67 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 4, 2017 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const AuthCookieName = "ATC-Authorization"
View Source 
const BuildContextKey = "build"
View Source 
const CSRFHeaderName = "X-Csrf-Token"
View Source 
const CSRFRequiredKey = "CSRFRequired"
View Source 
const OAuthStateCookie = "_concourse_oauth_state"
View Source 
const PipelineContextKey = "pipeline"
View Source 
const TokenTypeBearer = "Bearer"

Variables

View Source 
var ErrUnparsableHeader = errors.New("cannot parse 'Authorization' header")
View Source 
var SigningMethod = jwt.SigningMethodRS256

Functions

func CSRFValidationHandler 

func CSRFValidationHandler(
	handler http.Handler,
	rejector Rejector,
	userContextReader UserContextReader,
) http.Handler

func CheckAdminHandler 

func CheckAdminHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func CheckAuthenticationHandler 

func CheckAuthenticationHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func CheckAuthorizationHandler 

func CheckAuthorizationHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func IsAdmin 

func IsAdmin(r *http.Request) bool

func IsAuthenticated 

func IsAuthenticated(r *http.Request) bool

func IsAuthorized 

func IsAuthorized(r *http.Request) bool

func IsSystem 

func IsSystem(r *http.Request) bool

func NewCheckBuildReadAccessHandlerFactory 

func NewCheckBuildReadAccessHandlerFactory(
	buildFactory dbng.BuildFactory,
) *checkBuildReadAccessHandlerFactory

func NewCheckBuildWriteAccessHandlerFactory 

func NewCheckBuildWriteAccessHandlerFactory(
	buildFactory dbng.BuildFactory,
) *checkBuildWriteAccessHandlerFactory

func NewCheckPipelineAccessHandlerFactory 

func NewCheckPipelineAccessHandlerFactory(
	teamFactory dbng.TeamFactory,
) *checkPipelineAccessHandlerFactory

func NewLogOutHandler 

func NewLogOutHandler(logger lager.Logger) http.Handler

func NewOAuthBeginHandler 

func NewOAuthBeginHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	privateKey *rsa.PrivateKey,
	teamFactory dbng.TeamFactory,
	expire time.Duration,
	isTLSEnabled bool,
) http.Handler

func NewOAuthCallbackHandler 

func NewOAuthCallbackHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	privateKey *rsa.PrivateKey,
	teamFactory dbng.TeamFactory,
	expire time.Duration,
	isTLSEnabled bool,
) http.Handler

func NewOAuthHandler 

func NewOAuthHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	teamFactory dbng.TeamFactory,
	signingKey *rsa.PrivateKey,
	expire time.Duration,
	isTLSEnabled bool,
) (http.Handler, error)

func WrapHandler 

func WrapHandler(
	handler http.Handler,
	validator Validator,
	userContextReader UserContextReader,
) http.Handler

Types

type AuthDB 

type AuthDB interface {
	GetTeam() (db.SavedTeam, bool, error)
}

type AuthTokenGenerator 

type AuthTokenGenerator interface {
	GenerateToken(expiration time.Time, teamName string, isAdmin bool, csrfToken string) (TokenType, TokenValue, error)
}

func NewAuthTokenGenerator 

func NewAuthTokenGenerator(privateKey *rsa.PrivateKey) AuthTokenGenerator

type CSRFTokenGenerator 

type CSRFTokenGenerator interface {
	GenerateToken() (string, error)
}

func NewCSRFTokenGenerator 

func NewCSRFTokenGenerator() CSRFTokenGenerator

type CheckBuildReadAccessHandlerFactory 

type CheckBuildReadAccessHandlerFactory interface {
	AnyJobHandler(delegateHandler http.Handler, rejector Rejector) http.Handler
	CheckIfPrivateJobHandler(delegateHandler http.Handler, rejector Rejector) http.Handler
}

type CheckBuildWriteAccessHandlerFactory 

type CheckBuildWriteAccessHandlerFactory interface {
	HandlerFor(delegateHandler http.Handler, rejector Rejector) http.Handler
}

type CheckPipelineAccessHandlerFactory 

type CheckPipelineAccessHandlerFactory interface {
	HandlerFor(pipelineScopedHandler http.Handler, rejector Rejector) http.Handler
}

type CheckWorkerTeamAccessHandlerFactory 

type CheckWorkerTeamAccessHandlerFactory interface {
	HandlerFor(pipelineScopedHandler http.Handler, rejector Rejector) http.Handler
}

func NewCheckWorkerTeamAccessHandlerFactory 

func NewCheckWorkerTeamAccessHandlerFactory(
	workerFactory dbng.WorkerFactory,
) CheckWorkerTeamAccessHandlerFactory

type CookieSetHandler 

type CookieSetHandler struct {
	Handler http.Handler
}

func (CookieSetHandler) ServeHTTP 

func (handler CookieSetHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type JWTReader 

type JWTReader struct {
	PublicKey *rsa.PublicKey
}

func (JWTReader) GetCSRFToken 

func (jr JWTReader) GetCSRFToken(r *http.Request) (string, bool)

func (JWTReader) GetSystem 

func (jr JWTReader) GetSystem(r *http.Request) (bool, bool)

func (JWTReader) GetTeam 

func (jr JWTReader) GetTeam(r *http.Request) (string, bool, bool)

type JWTValidator 

type JWTValidator struct {
	PublicKey *rsa.PublicKey
}

func (JWTValidator) IsAuthenticated 

func (validator JWTValidator) IsAuthenticated(r *http.Request) bool

type LogOutHandler 

type LogOutHandler struct {
	// contains filtered or unexported fields
}

func (*LogOutHandler) ServeHTTP 

func (handler *LogOutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthBeginHandler 

type OAuthBeginHandler struct {
	// contains filtered or unexported fields
}

func (*OAuthBeginHandler) ServeHTTP 

func (handler *OAuthBeginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthCallbackHandler 

type OAuthCallbackHandler struct {
	// contains filtered or unexported fields
}

func (*OAuthCallbackHandler) ServeHTTP 

func (handler *OAuthCallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthFactory 

type OAuthFactory struct {
	// contains filtered or unexported fields
}

func NewOAuthFactory 

func NewOAuthFactory(logger lager.Logger, atcExternalURL string, routes rata.Routes, callback string) OAuthFactory

func (OAuthFactory) GetProvider 

func (of OAuthFactory) GetProvider(team dbng.Team, providerName string) (provider.Provider, bool, error)

type OAuthState 

type OAuthState struct {
	Redirect     string `json:"redirect"`
	TeamName     string `json:"team_name"`
	FlyLocalPort string `json:"fly_local_port"`
}

type ProviderFactory 

type ProviderFactory interface {
	GetProvider(dbng.Team, string) (provider.Provider, bool, error)
}

type Rejector 

type Rejector interface {
	Unauthorized(http.ResponseWriter, *http.Request)
	Forbidden(http.ResponseWriter, *http.Request)
}

type Team 

type Team interface {
	Name() string
	IsAdmin() bool
	IsAuthorized(teamName string) bool
}

func GetTeam 

func GetTeam(r *http.Request) (Team, bool)

type TokenType 

type TokenType string

type TokenValue 

type TokenValue string

type UnauthorizedRejector 

type UnauthorizedRejector struct{}

func (UnauthorizedRejector) Forbidden 

func (UnauthorizedRejector) Forbidden(w http.ResponseWriter, r *http.Request)

func (UnauthorizedRejector) Unauthorized 

func (UnauthorizedRejector) Unauthorized(w http.ResponseWriter, r *http.Request)

type UserContextReader 

type UserContextReader interface {
	GetTeam(r *http.Request) (string, bool, bool)
	GetSystem(r *http.Request) (bool, bool)
	GetCSRFToken(r *http.Request) (string, bool)
}

type Validator 

type Validator interface {
	IsAuthenticated(*http.Request) bool
}

func NewBasicAuthValidator 

func NewBasicAuthValidator(team dbng.Team) Validator

func NewTeamAuthValidator 

func NewTeamAuthValidator(
	teamFactory dbng.TeamFactory,
	jwtValidator Validator,
) Validator

Source Files

View all Source files

Directories

Path Synopsis
This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
 This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
githubfakes
This file was generated by counterfeiter
 This file was generated by counterfeiter
providerfakes
This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
 This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.