authorization

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrNoSuchAuthorization = errors.New("no such authorization")
)

Functions

This section is empty.

Types

type Authorization

type Authorization interface {
	IsAuthorized() bool
	EnvVars() sys.EnvVars
	Flow() configuration.FlowName
	Remote() net.Remote
	FindSession() session.Session
	FindSessionsPublicKey() ssh.PublicKey
	Dispose(context.Context) (bool, error)
}

func Forbidden

func Forbidden(remote net.Remote) Authorization

type Authorizer

type Authorizer interface {
	AuthorizePublicKey(PublicKeyRequest) (Authorization, error)
	AuthorizePassword(PasswordRequest) (Authorization, error)
	AuthorizeInteractive(InteractiveRequest) (Authorization, error)

	// RestoreFromSession tries to restore the existing authorization from the given
	// session.Session. If the given session does not contain enough information to restore
	// the Authorization ErrNoSuchAuthorization is returned.
	RestoreFromSession(context.Context, session.Session, *RestoreOpts) (Authorization, error)
}

type AuthorizerFacade

type AuthorizerFacade struct {
	// contains filtered or unexported fields
}

func NewAuthorizerFacade

func NewAuthorizerFacade(ctx context.Context, flows *configuration.Flows) (*AuthorizerFacade, error)

func (*AuthorizerFacade) AuthorizeInteractive

func (this *AuthorizerFacade) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*AuthorizerFacade) AuthorizePassword

func (this *AuthorizerFacade) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*AuthorizerFacade) AuthorizePublicKey

func (this *AuthorizerFacade) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*AuthorizerFacade) Close

func (this *AuthorizerFacade) Close() (rErr error)

func (*AuthorizerFacade) RestoreFromSession

func (this *AuthorizerFacade) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type AuthorizerFactory added in v0.2.0

type AuthorizerFactory[C any, A CloseableAuthorizer] func(ctx context.Context, flow configuration.FlowName, conf C) (A, error)

func RegisterAuthorizer added in v0.2.0

func RegisterAuthorizer[C any, A CloseableAuthorizer](factory AuthorizerFactory[C, A]) AuthorizerFactory[C, A]

type CloseableAuthorizer

type CloseableAuthorizer interface {
	Authorizer
	io.Closer
}

type ContextEnabled

type ContextEnabled interface {
	Context() glssh.Context
}

type HtpasswdAuthorizer added in v0.2.0

type HtpasswdAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func (*HtpasswdAuthorizer) AuthorizeInteractive added in v0.2.0

func (this *HtpasswdAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*HtpasswdAuthorizer) AuthorizePassword added in v0.2.0

func (this *HtpasswdAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*HtpasswdAuthorizer) AuthorizePublicKey added in v0.2.0

func (this *HtpasswdAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*HtpasswdAuthorizer) Close added in v0.2.0

func (this *HtpasswdAuthorizer) Close() error

func (*HtpasswdAuthorizer) RestoreFromSession added in v0.2.0

func (this *HtpasswdAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, _ *RestoreOpts) (Authorization, error)

type InteractiveRequest

type InteractiveRequest interface {
	Request
	SendInfo(string) error
	SendError(string) error
	Prompt(msg string, echoOn bool) (string, error)
}

type LocalAuthorizer

type LocalAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func (*LocalAuthorizer) AuthorizeInteractive

func (this *LocalAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*LocalAuthorizer) AuthorizePassword

func (this *LocalAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*LocalAuthorizer) AuthorizePublicKey

func (this *LocalAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*LocalAuthorizer) Close

func (this *LocalAuthorizer) Close() error

func (*LocalAuthorizer) RestoreFromSession

func (this *LocalAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type NoneAuthorizer added in v0.4.0

type NoneAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewNone added in v0.4.0

func (*NoneAuthorizer) AuthorizeInteractive added in v0.4.0

func (this *NoneAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*NoneAuthorizer) AuthorizePassword added in v0.4.0

func (this *NoneAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*NoneAuthorizer) AuthorizePublicKey added in v0.4.0

func (this *NoneAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*NoneAuthorizer) Close added in v0.4.0

func (this *NoneAuthorizer) Close() error

func (*NoneAuthorizer) RestoreFromSession added in v0.4.0

func (this *NoneAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, _ *RestoreOpts) (Authorization, error)

type OidcDeviceAuthAuthorizer

type OidcDeviceAuthAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func (*OidcDeviceAuthAuthorizer) AuthorizeInteractive

func (this *OidcDeviceAuthAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) AuthorizePassword

func (this *OidcDeviceAuthAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) AuthorizePublicKey

func (this *OidcDeviceAuthAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) Close

func (this *OidcDeviceAuthAuthorizer) Close() error

func (*OidcDeviceAuthAuthorizer) RestoreFromSession

func (this *OidcDeviceAuthAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type OidcIdToken

type OidcIdToken struct {
	*coidc.IDToken
	// contains filtered or unexported fields
}

func (*OidcIdToken) GetField

func (this *OidcIdToken) GetField(name string) (_ any, _ bool, err error)

type OidcToken

type OidcToken struct {
	*oauth2.Token
}

func (OidcToken) GetField

func (this OidcToken) GetField(name string) (any, bool)

func (*OidcToken) SetRaw

func (this *OidcToken) SetRaw(v *oauth2.Token) error

type OidcUserInfo

type OidcUserInfo struct {
	*coidc.UserInfo
	// contains filtered or unexported fields
}

func (*OidcUserInfo) GetField

func (this *OidcUserInfo) GetField(name string) (_ any, _ bool, err error)

type PasswordRequest

type PasswordRequest interface {
	Request
	RemotePassword() string
}

type PublicKeyRequest

type PublicKeyRequest interface {
	Request
	RemotePublicKey() gossh.PublicKey
}

type Request

type Request interface {
	Sessions() session.Repository
	Connection() connection.Connection
	Context() glssh.Context
	Validate(Authorization) (bool, error)
}

type RestoreOpts

type RestoreOpts struct {
	// AutoCleanUpAllowed tells the Authorizer to clean up everything
	// automatically while executing the search. The requester will never
	// see the requested result. This is false by default because it could
	// lead to quite performance impacts or other unwanted side effects.
	//
	// Therefore: Use with caution.
	AutoCleanUpAllowed *bool

	// Logger will be used (if any log is required) instead of the standard logger.
	Logger log.Logger
}

RestoreOpts adds some more hints what should happen when find methods of Repository are executed.

func (*RestoreOpts) GetLogger

func (this *RestoreOpts) GetLogger(or func() log.Logger) log.Logger

func (*RestoreOpts) IsAutoCleanUpAllowed

func (this *RestoreOpts) IsAutoCleanUpAllowed() bool

type SimpleAuthorizer added in v0.2.0

type SimpleAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewSimple added in v0.2.0

func (*SimpleAuthorizer) AuthorizeInteractive added in v0.2.0

func (this *SimpleAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*SimpleAuthorizer) AuthorizePassword added in v0.2.0

func (this *SimpleAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*SimpleAuthorizer) AuthorizePublicKey added in v0.2.0

func (this *SimpleAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*SimpleAuthorizer) Close added in v0.2.0

func (this *SimpleAuthorizer) Close() error

func (*SimpleAuthorizer) RestoreFromSession added in v0.2.0

func (this *SimpleAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL