Documentation ¶
Overview ¶
Implements authenticator.Password by making a BasicAuth call to a remote endpoint, and extracting user information from a JSON response.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New ¶
func New(providerName string, url string, transport http.RoundTripper, mapper authapi.UserIdentityMapper) authenticator.Password
New returns an authenticator which will make a basic auth call to the given url. A custom transport can be provided (typically to customize TLS options like trusted roots or present a client certificate). If no transport is provided, http.DefaultTransport is used
Types ¶
type Authenticator ¶
type Authenticator struct {
// contains filtered or unexported fields
}
Authenticator uses basic auth to make a request to a JSON-returning URL. A 401 status indicate failed auth. A non-200 status or the presence of an "error" key with a non-empty
value indicates an error: {"error":"Error message"}
A 200 status with an "id" key indicates success:
{"id":"userid"}
A successful response may also include name and/or email:
{"id":"userid", "name": "User Name", "email":"user@example.com"}
func (*Authenticator) AuthenticatePassword ¶
type RemoteError ¶
type RemoteError struct {
Error string
}
RemoteError holds error data returned from a remote authentication request
type RemoteUserData ¶
type RemoteUserData struct { // ID is the immutable identity of the user ID string // Login is the optional login of the user // Useful when the id is different than the username/login used by the user to authenticate Login string // Name is the optional display name of the user Name string // Email is the optional email address of the user Email string }
RemoteUserData holds user data returned from a remote basic-auth protected endpoint. These field names can not be changed unless external integrators are also updated.