authorization

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 23, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNoSuchAuthorization = errors.New("no such authorization")
)

Functions

This section is empty.

Types

type Authorization 

type Authorization interface {
	IsAuthorized() bool
	EnvVars() sys.EnvVars
	Flow() configuration.FlowName
	Remote() net.Remote
	FindSession() session.Session
	FindSessionsPublicKey() ssh.PublicKey
	Dispose(context.Context) (bool, error)
}

func Forbidden 

func Forbidden(remote net.Remote) Authorization

type Authorizer 

type Authorizer interface {
	AuthorizePublicKey(PublicKeyRequest) (Authorization, error)
	AuthorizePassword(PasswordRequest) (Authorization, error)
	AuthorizeInteractive(InteractiveRequest) (Authorization, error)

	// RestoreFromSession tries to restore the existing authorization from the given
	// session.Session. If the given session does not contain enough information to restore
	// the Authorization ErrNoSuchAuthorization is returned.
	RestoreFromSession(context.Context, session.Session, *RestoreOpts) (Authorization, error)
}

type AuthorizerFacade 

type AuthorizerFacade struct {
	// contains filtered or unexported fields
}

func NewAuthorizerFacade 

func NewAuthorizerFacade(ctx context.Context, flows *configuration.Flows) (*AuthorizerFacade, error)

func (*AuthorizerFacade) AuthorizeInteractive 

func (this *AuthorizerFacade) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*AuthorizerFacade) AuthorizePassword 

func (this *AuthorizerFacade) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*AuthorizerFacade) AuthorizePublicKey 

func (this *AuthorizerFacade) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*AuthorizerFacade) Close 

func (this *AuthorizerFacade) Close() (rErr error)

func (*AuthorizerFacade) RestoreFromSession 

func (this *AuthorizerFacade) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type AuthorizerFactory added in v0.2.0 

type AuthorizerFactory[C any, A CloseableAuthorizer] func(ctx context.Context, flow configuration.FlowName, conf C) (A, error)

func RegisterAuthorizer added in v0.2.0 

func RegisterAuthorizer[C any, A CloseableAuthorizer](factory AuthorizerFactory[C, A]) AuthorizerFactory[C, A]

type CloseableAuthorizer 

type CloseableAuthorizer interface {
	Authorizer
	io.Closer
}

type ContextEnabled 

type ContextEnabled interface {
	Context() glssh.Context
}

type HtpasswdAuthorizer added in v0.2.0 

type HtpasswdAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewHtpasswd added in v0.2.0 

func NewHtpasswd(_ context.Context, flow configuration.FlowName, conf *configuration.AuthorizationHtpasswd) (*HtpasswdAuthorizer, error)

func (*HtpasswdAuthorizer) AuthorizeInteractive added in v0.2.0 

func (this *HtpasswdAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*HtpasswdAuthorizer) AuthorizePassword added in v0.2.0 

func (this *HtpasswdAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*HtpasswdAuthorizer) AuthorizePublicKey added in v0.2.0 

func (this *HtpasswdAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*HtpasswdAuthorizer) Close added in v0.2.0 

func (this *HtpasswdAuthorizer) Close() error

func (*HtpasswdAuthorizer) RestoreFromSession added in v0.2.0 

func (this *HtpasswdAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, _ *RestoreOpts) (Authorization, error)

type InteractiveRequest 

type InteractiveRequest interface {
	Request
	SendInfo(string) error
	SendError(string) error
	Prompt(msg string, echoOn bool) (string, error)
}

type LocalAuthorizer 

type LocalAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewLocal 

func NewLocal(ctx context.Context, flow configuration.FlowName, conf *configuration.AuthorizationLocal) (*LocalAuthorizer, error)

func (*LocalAuthorizer) AuthorizeInteractive 

func (this *LocalAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*LocalAuthorizer) AuthorizePassword 

func (this *LocalAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*LocalAuthorizer) AuthorizePublicKey 

func (this *LocalAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*LocalAuthorizer) Close 

func (this *LocalAuthorizer) Close() error

func (*LocalAuthorizer) RestoreFromSession 

func (this *LocalAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type NoneAuthorizer added in v0.4.0 

type NoneAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewNone added in v0.4.0 

func NewNone(_ context.Context, flow configuration.FlowName, conf *configuration.AuthorizationNone) (*NoneAuthorizer, error)

func (*NoneAuthorizer) AuthorizeInteractive added in v0.4.0 

func (this *NoneAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*NoneAuthorizer) AuthorizePassword added in v0.4.0 

func (this *NoneAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*NoneAuthorizer) AuthorizePublicKey added in v0.4.0 

func (this *NoneAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*NoneAuthorizer) Close added in v0.4.0 

func (this *NoneAuthorizer) Close() error

func (*NoneAuthorizer) RestoreFromSession added in v0.4.0 

func (this *NoneAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, _ *RestoreOpts) (Authorization, error)

type OidcDeviceAuthAuthorizer 

type OidcDeviceAuthAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewOidcDeviceAuth 

func NewOidcDeviceAuth(ctx context.Context, flow configuration.FlowName, conf *configuration.AuthorizationOidcDeviceAuth) (*OidcDeviceAuthAuthorizer, error)

func (*OidcDeviceAuthAuthorizer) AuthorizeInteractive 

func (this *OidcDeviceAuthAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) AuthorizePassword 

func (this *OidcDeviceAuthAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) AuthorizePublicKey 

func (this *OidcDeviceAuthAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) Close 

func (this *OidcDeviceAuthAuthorizer) Close() error

func (*OidcDeviceAuthAuthorizer) RestoreFromSession 

func (this *OidcDeviceAuthAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type OidcIdToken 

type OidcIdToken struct {
	*coidc.IDToken
	// contains filtered or unexported fields
}

func (*OidcIdToken) GetField 

func (this *OidcIdToken) GetField(name string) (_ any, _ bool, err error)

type OidcToken 

type OidcToken struct {
	*oauth2.Token
}

func (OidcToken) GetField 

func (this OidcToken) GetField(name string) (any, bool)

func (*OidcToken) SetRaw 

func (this *OidcToken) SetRaw(v *oauth2.Token) error

type OidcUserInfo 

type OidcUserInfo struct {
	*coidc.UserInfo
	// contains filtered or unexported fields
}

func (*OidcUserInfo) GetField 

func (this *OidcUserInfo) GetField(name string) (_ any, _ bool, err error)

type PasswordRequest 

type PasswordRequest interface {
	Request
	RemotePassword() string
}

type PublicKeyRequest 

type PublicKeyRequest interface {
	Request
	RemotePublicKey() gossh.PublicKey
}

type Request 

type Request interface {
	Sessions() session.Repository
	Connection() connection.Connection
	Context() glssh.Context
	Validate(Authorization) (bool, error)
}

type RestoreOpts 

type RestoreOpts struct {
	// AutoCleanUpAllowed tells the Authorizer to clean up everything
	// automatically while executing the search. The requester will never
	// see the requested result. This is false by default because it could
	// lead to quite performance impacts or other unwanted side effects.
	//
	// Therefore: Use with caution.
	AutoCleanUpAllowed *bool

	// Logger will be used (if any log is required) instead of the standard logger.
	Logger log.Logger
}

RestoreOpts adds some more hints what should happen when find methods of Repository are executed.

func (*RestoreOpts) GetLogger 

func (this *RestoreOpts) GetLogger(or func() log.Logger) log.Logger

func (*RestoreOpts) IsAutoCleanUpAllowed 

func (this *RestoreOpts) IsAutoCleanUpAllowed() bool

type SimpleAuthorizer added in v0.2.0 

type SimpleAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewSimple added in v0.2.0 

func NewSimple(_ context.Context, flow configuration.FlowName, conf *configuration.AuthorizationSimple) (*SimpleAuthorizer, error)

func (*SimpleAuthorizer) AuthorizeInteractive added in v0.2.0 

func (this *SimpleAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*SimpleAuthorizer) AuthorizePassword added in v0.2.0 

func (this *SimpleAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*SimpleAuthorizer) AuthorizePublicKey added in v0.2.0 

func (this *SimpleAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*SimpleAuthorizer) Close added in v0.2.0 

func (this *SimpleAuthorizer) Close() error

func (*SimpleAuthorizer) RestoreFromSession added in v0.2.0 

func (this *SimpleAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.