Documentation ¶
Index ¶
- Constants
- Variables
- func RegisterConnectorConfigType(connectorType string, fn NewConnectorConfigFunc)
- type BitbucketConnectorConfig
- type Connector
- type ConnectorConfig
- type ConnectorConfigRepo
- type GitHubConnectorConfig
- type LDAPConnector
- func (c *LDAPConnector) Healthy() error
- func (c *LDAPConnector) ID() string
- func (c *LDAPConnector) Identity(username, password string) (*oidc.Identity, error)
- func (c *LDAPConnector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *LDAPConnector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *LDAPConnector) Sync() chan struct{}
- func (c *LDAPConnector) TrustedEmailProvider() bool
- type LDAPConnectorConfig
- type LDAPPool
- type LocalConnector
- func (c *LocalConnector) Healthy() error
- func (c *LocalConnector) ID() string
- func (c *LocalConnector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *LocalConnector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *LocalConnector) SetLocalIdentityProvider(idp *LocalIdentityProvider)
- func (c *LocalConnector) Sync() chan struct{}
- func (c *LocalConnector) TrustedEmailProvider() bool
- type LocalConnectorConfig
- type LocalIdentityProvider
- type NewConnectorConfigFunc
- type OAuth2Connector
- func (c *OAuth2Connector) Healthy() error
- func (c *OAuth2Connector) ID() string
- func (c *OAuth2Connector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *OAuth2Connector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *OAuth2Connector) Sync() chan struct{}
- func (c *OAuth2Connector) TrustedEmailProvider() bool
- type OIDCConnector
- func (c *OIDCConnector) Healthy() error
- func (c *OIDCConnector) ID() string
- func (c *OIDCConnector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *OIDCConnector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *OIDCConnector) Sync() chan struct{}
- func (c *OIDCConnector) TrustedEmailProvider() bool
- type OIDCConnectorConfig
- type Page
Constants ¶
View Source
const ( LDAPConnectorType = "ldap" LDAPLoginPageTemplateName = "ldap-login.html" )
View Source
const ( LocalConnectorType = "local" LoginPageTemplateName = "local-login.html" )
View Source
const (
BitbucketConnectorType = "bitbucket"
)
View Source
const (
GitHubConnectorType = "github"
)
View Source
const (
OIDCConnectorType = "oidc"
)
Variables ¶
View Source
var ErrorNotFound = errors.New("connector not found in repository")
Functions ¶
func RegisterConnectorConfigType ¶
func RegisterConnectorConfigType(connectorType string, fn NewConnectorConfigFunc)
Types ¶
type BitbucketConnectorConfig ¶ added in v0.2.0
type BitbucketConnectorConfig struct { ID string `json:"id"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` }
func (*BitbucketConnectorConfig) ConnectorID ¶ added in v0.2.0
func (cfg *BitbucketConnectorConfig) ConnectorID() string
func (*BitbucketConnectorConfig) ConnectorType ¶ added in v0.2.0
func (cfg *BitbucketConnectorConfig) ConnectorType() string
type Connector ¶
type Connector interface { // ID returns the ID of the ConnectorConfig used to create the Connector. ID() string // LoginURL returns the backend's authorization URL for a sessionKey // and OAuth2 prompt type. LoginURL(sessionKey, prompt string) (string, error) // Register allows connectors to register a callback handler with the // dex server. // // Connectors should register with a path that extends the namespace // URL provided when the Connector is instantiated. Register(mux *http.ServeMux, errorURL url.URL) // Sync triggers any long-running tasks needed to maintain the // Connector's operation. For example, this would encompass // repeatedly caching any remote resources for local use. Sync() chan struct{} // TrustedEmailProvider indicates whether or not we can trust that email // claims coming from this provider. TrustedEmailProvider() bool health.Checkable }
type ConnectorConfig ¶
type ConnectorConfig interface { // ConnectorID returns a unique end user facing identifier. For example "google". ConnectorID() string // ConnectorType returns an implementation specific identifier. For example "oidc". ConnectorType() string // Connector is invoked by the dex server and returns a Connector configured // to use the provided arguments. URL namespace is used to register callbacks. // loginFunc is used to associate remote identies with dex session keys. // // The returned Connector must call loginFunc once upon successful // identification of a user. // // Additional templates are passed for connectors that require rendering HTML // pages, such as the "local" connector. Connector(ns url.URL, loginFunc oidc.LoginFunc, tpls *template.Template) (Connector, error) }
func NewConnectorConfigFromType ¶
func NewConnectorConfigFromType(connectorType string) (ConnectorConfig, error)
func ReadConfigs ¶ added in v0.3.0
func ReadConfigs(r io.Reader) ([]ConnectorConfig, error)
type ConnectorConfigRepo ¶
type ConnectorConfigRepo interface { All() ([]ConnectorConfig, error) GetConnectorByID(repo.Transaction, string) (ConnectorConfig, error) Set(cfgs []ConnectorConfig) error }
type GitHubConnectorConfig ¶ added in v0.2.0
type GitHubConnectorConfig struct { ID string `json:"id"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` }
func (*GitHubConnectorConfig) ConnectorID ¶ added in v0.2.0
func (cfg *GitHubConnectorConfig) ConnectorID() string
func (*GitHubConnectorConfig) ConnectorType ¶ added in v0.2.0
func (cfg *GitHubConnectorConfig) ConnectorType() string
type LDAPConnector ¶ added in v0.3.0
type LDAPConnector struct {
// contains filtered or unexported fields
}
func (*LDAPConnector) Healthy ¶ added in v0.3.0
func (c *LDAPConnector) Healthy() error
func (*LDAPConnector) ID ¶ added in v0.3.0
func (c *LDAPConnector) ID() string
func (*LDAPConnector) Identity ¶ added in v0.5.1
func (c *LDAPConnector) Identity(username, password string) (*oidc.Identity, error)
func (*LDAPConnector) LoginURL ¶ added in v0.3.0
func (c *LDAPConnector) LoginURL(sessionKey, prompt string) (string, error)
func (*LDAPConnector) Register ¶ added in v0.3.0
func (c *LDAPConnector) Register(mux *http.ServeMux, errorURL url.URL)
func (*LDAPConnector) Sync ¶ added in v0.3.0
func (c *LDAPConnector) Sync() chan struct{}
func (*LDAPConnector) TrustedEmailProvider ¶ added in v0.3.0
func (c *LDAPConnector) TrustedEmailProvider() bool
type LDAPConnectorConfig ¶ added in v0.3.0
type LDAPConnectorConfig struct { ID string `json:"id"` // Host and port of ldap service in form "host:port" Host string `json:"host"` // UseTLS indicates that the connector should use the TLS port. UseTLS bool `json:"useTLS"` UseSSL bool `json:"useSSL"` // Trusted TLS certificate when connecting to the LDAP server. If empty the // host's root certificates will be used. CaFile string `json:"caFile"` // CertFile and KeyFile are used to specifiy client certificate data. CertFile string `json:"certFile"` KeyFile string `json:"keyFile"` MaxIdleConn int `json:"maxIdleConn"` NameAttribute string `json:"nameAttribute"` EmailAttribute string `json:"emailAttribute"` // The place to start all searches from. BaseDN string `json:"baseDN"` // Search fields indicate how to search for user records in LDAP. SearchBeforeAuth bool `json:"searchBeforeAuth"` SearchFilter string `json:"searchFilter"` SearchScope string `json:"searchScope"` SearchBindDN string `json:"searchBindDN"` SearchBindPw string `json:"searchBindPw"` SearchGroupFilter string `json:"searchGroupFilter"` // BindTemplate is a format string that maps user names to a record to bind as. // It's passed both the username entered by the end user and the base DN. // // For example the bindTemplate // // "uid=%u,%d" // // with the username "johndoe" and basename "ou=People,dc=example,dc=com" would attempt // to bind as // // "uid=johndoe,ou=People,dc=example,dc=com" // BindTemplate string `json:"bindTemplate"` // DEPRICATED fields that exist for backward compatibility. // Use "host" instead of "ServerHost" and "ServerPort" ServerHost string `json:"serverHost"` ServerPort uint16 `json:"serverPort"` Timeout time.Duration `json:"timeout"` }
func (*LDAPConnectorConfig) ConnectorID ¶ added in v0.3.0
func (cfg *LDAPConnectorConfig) ConnectorID() string
func (*LDAPConnectorConfig) ConnectorType ¶ added in v0.3.0
func (cfg *LDAPConnectorConfig) ConnectorType() string
type LDAPPool ¶ added in v0.5.0
type LDAPPool struct { MaxIdleConn int PoolCheckTimer time.Duration Host string UseTLS bool UseSSL bool TLSConfig *tls.Config // contains filtered or unexported fields }
A LDAPPool is a Connection Pool for LDAP connections. Use Do() to request connections from the pool.
func (*LDAPPool) CheckConnections ¶ added in v0.5.0
CheckConnections attempts to iterate over all the connections in the pool and check wheter they are alive or not. Live connections are put back into the pool, dead ones are discarded.
type LocalConnector ¶
type LocalConnector struct {
// contains filtered or unexported fields
}
func (*LocalConnector) Healthy ¶
func (c *LocalConnector) Healthy() error
func (*LocalConnector) ID ¶
func (c *LocalConnector) ID() string
func (*LocalConnector) LoginURL ¶
func (c *LocalConnector) LoginURL(sessionKey, prompt string) (string, error)
func (*LocalConnector) Register ¶
func (c *LocalConnector) Register(mux *http.ServeMux, errorURL url.URL)
func (*LocalConnector) SetLocalIdentityProvider ¶
func (c *LocalConnector) SetLocalIdentityProvider(idp *LocalIdentityProvider)
func (*LocalConnector) Sync ¶
func (c *LocalConnector) Sync() chan struct{}
func (*LocalConnector) TrustedEmailProvider ¶
func (c *LocalConnector) TrustedEmailProvider() bool
type LocalConnectorConfig ¶
type LocalConnectorConfig struct {
ID string `json:"id"`
}
func (*LocalConnectorConfig) ConnectorID ¶
func (cfg *LocalConnectorConfig) ConnectorID() string
func (*LocalConnectorConfig) ConnectorType ¶
func (cfg *LocalConnectorConfig) ConnectorType() string
type LocalIdentityProvider ¶
type LocalIdentityProvider struct { PasswordInfoRepo user.PasswordInfoRepo UserRepo user.UserRepo }
type NewConnectorConfigFunc ¶
type NewConnectorConfigFunc func() ConnectorConfig
type OAuth2Connector ¶ added in v0.2.0
type OAuth2Connector struct {
// contains filtered or unexported fields
}
func (*OAuth2Connector) Healthy ¶ added in v0.2.0
func (c *OAuth2Connector) Healthy() error
func (*OAuth2Connector) ID ¶ added in v0.2.0
func (c *OAuth2Connector) ID() string
func (*OAuth2Connector) LoginURL ¶ added in v0.2.0
func (c *OAuth2Connector) LoginURL(sessionKey, prompt string) (string, error)
func (*OAuth2Connector) Register ¶ added in v0.2.0
func (c *OAuth2Connector) Register(mux *http.ServeMux, errorURL url.URL)
func (*OAuth2Connector) Sync ¶ added in v0.2.0
func (c *OAuth2Connector) Sync() chan struct{}
func (*OAuth2Connector) TrustedEmailProvider ¶ added in v0.2.0
func (c *OAuth2Connector) TrustedEmailProvider() bool
type OIDCConnector ¶
type OIDCConnector struct {
// contains filtered or unexported fields
}
func (*OIDCConnector) Healthy ¶
func (c *OIDCConnector) Healthy() error
func (*OIDCConnector) ID ¶
func (c *OIDCConnector) ID() string
func (*OIDCConnector) LoginURL ¶
func (c *OIDCConnector) LoginURL(sessionKey, prompt string) (string, error)
func (*OIDCConnector) Register ¶
func (c *OIDCConnector) Register(mux *http.ServeMux, errorURL url.URL)
func (*OIDCConnector) Sync ¶
func (c *OIDCConnector) Sync() chan struct{}
func (*OIDCConnector) TrustedEmailProvider ¶
func (c *OIDCConnector) TrustedEmailProvider() bool
type OIDCConnectorConfig ¶
type OIDCConnectorConfig struct { ID string `json:"id"` IssuerURL string `json:"issuerURL"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` TrustedEmailProvider bool `json:"trustedEmailProvider"` }
func (*OIDCConnectorConfig) ConnectorID ¶
func (cfg *OIDCConnectorConfig) ConnectorID() string
func (*OIDCConnectorConfig) ConnectorType ¶
func (cfg *OIDCConnectorConfig) ConnectorType() string
Click to show internal directories.
Click to hide internal directories.