connector

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 24, 2016 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source
const (
	LDAPConnectorType         = "ldap"
	LDAPLoginPageTemplateName = "ldap-login.html"
)
View Source
const (
	LocalConnectorType    = "local"
	LoginPageTemplateName = "local-login.html"
)
View Source
const (
	BitbucketConnectorType = "bitbucket"
)
View Source
const (
	GitHubConnectorType = "github"
)
View Source
const (
	OIDCConnectorType = "oidc"
)

Variables

View Source
var ErrorNotFound = errors.New("connector not found in repository")

Functions

func RegisterConnectorConfigType

func RegisterConnectorConfigType(connectorType string, fn NewConnectorConfigFunc)

Types

type BitbucketConnectorConfig added in v0.2.0

type BitbucketConnectorConfig struct {
	ID           string `json:"id"`
	ClientID     string `json:"clientID"`
	ClientSecret string `json:"clientSecret"`
}

func (*BitbucketConnectorConfig) Connector added in v0.2.0

func (cfg *BitbucketConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *template.Template) (Connector, error)

func (*BitbucketConnectorConfig) ConnectorID added in v0.2.0

func (cfg *BitbucketConnectorConfig) ConnectorID() string

func (*BitbucketConnectorConfig) ConnectorType added in v0.2.0

func (cfg *BitbucketConnectorConfig) ConnectorType() string

type Connector

type Connector interface {
	// ID returns the ID of the ConnectorConfig used to create the Connector.
	ID() string

	// LoginURL returns the backend's authorization URL for a sessionKey
	// and OAuth2 prompt type.
	LoginURL(sessionKey, prompt string) (string, error)

	// Register allows connectors to register a callback handler with the
	// dex server.
	//
	// Connectors should register with a path that extends the namespace
	// URL provided when the Connector is instantiated.
	Register(mux *http.ServeMux, errorURL url.URL)

	// Sync triggers any long-running tasks needed to maintain the
	// Connector's operation. For example, this would encompass
	// repeatedly caching any remote resources for local use.
	Sync() chan struct{}

	// TrustedEmailProvider indicates whether or not we can trust that email
	// claims coming from this provider.
	TrustedEmailProvider() bool

	health.Checkable
}

type ConnectorConfig

type ConnectorConfig interface {
	// ConnectorID returns a unique end user facing identifier. For example "google".
	ConnectorID() string

	// ConnectorType returns an implementation specific identifier. For example "oidc".
	ConnectorType() string

	// Connector is invoked by the dex server and returns a Connector configured
	// to use the provided arguments. URL namespace is used to register callbacks.
	// loginFunc is used to associate remote identies with dex session keys.
	//
	// The returned Connector must call loginFunc once upon successful
	// identification of a user.
	//
	// Additional templates are passed for connectors that require rendering HTML
	// pages, such as the "local" connector.
	Connector(ns url.URL, loginFunc oidc.LoginFunc, tpls *template.Template) (Connector, error)
}

func NewConnectorConfigFromType

func NewConnectorConfigFromType(connectorType string) (ConnectorConfig, error)

func ReadConfigs added in v0.5.0

func ReadConfigs(r io.Reader) ([]ConnectorConfig, error)

type ConnectorConfigRepo

type ConnectorConfigRepo interface {
	All() ([]ConnectorConfig, error)
	GetConnectorByID(repo.Transaction, string) (ConnectorConfig, error)
	Set(cfgs []ConnectorConfig) error
}

type GitHubConnectorConfig added in v0.2.0

type GitHubConnectorConfig struct {
	ID           string `json:"id"`
	ClientID     string `json:"clientID"`
	ClientSecret string `json:"clientSecret"`
}

func (*GitHubConnectorConfig) Connector added in v0.2.0

func (cfg *GitHubConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *template.Template) (Connector, error)

func (*GitHubConnectorConfig) ConnectorID added in v0.2.0

func (cfg *GitHubConnectorConfig) ConnectorID() string

func (*GitHubConnectorConfig) ConnectorType added in v0.2.0

func (cfg *GitHubConnectorConfig) ConnectorType() string

type IdentityProvider added in v0.5.0

type IdentityProvider interface {
	Identity(email, password string) (*oidc.Identity, error)
}

type LDAPConnector added in v0.5.0

type LDAPConnector struct {
	// contains filtered or unexported fields
}

func (*LDAPConnector) Healthy added in v0.5.0

func (c *LDAPConnector) Healthy() error

func (*LDAPConnector) ID added in v0.5.0

func (c *LDAPConnector) ID() string

func (*LDAPConnector) LoginURL added in v0.5.0

func (c *LDAPConnector) LoginURL(sessionKey, prompt string) (string, error)

func (*LDAPConnector) Register added in v0.5.0

func (c *LDAPConnector) Register(mux *http.ServeMux, errorURL url.URL)

func (*LDAPConnector) Sync added in v0.5.0

func (c *LDAPConnector) Sync() chan struct{}

func (*LDAPConnector) TrustedEmailProvider added in v0.5.0

func (c *LDAPConnector) TrustedEmailProvider() bool

type LDAPConnectorConfig added in v0.5.0

type LDAPConnectorConfig struct {
	ID                   string        `json:"id"`
	ServerHost           string        `json:"serverHost"`
	ServerPort           uint16        `json:"serverPort"`
	Timeout              time.Duration `json:"timeout"`
	UseTLS               bool          `json:"useTLS"`
	UseSSL               bool          `json:"useSSL"`
	CertFile             string        `json:"certFile"`
	KeyFile              string        `json:"keyFile"`
	CaFile               string        `json:"caFile"`
	SkipCertVerification bool          `json:"skipCertVerification"`
	MaxIdleConn          int           `json:"maxIdleConn"`
	BaseDN               string        `json:"baseDN"`
	NameAttribute        string        `json:"nameAttribute"`
	EmailAttribute       string        `json:"emailAttribute"`
	SearchBeforeAuth     bool          `json:"searchBeforeAuth"`
	SearchFilter         string        `json:"searchFilter"`
	SearchScope          string        `json:"searchScope"`
	SearchBindDN         string        `json:"searchBindDN"`
	SearchBindPw         string        `json:"searchBindPw"`
	BindTemplate         string        `json:"bindTemplate"`
	TrustedEmailProvider bool          `json:"trustedEmailProvider"`
}

func (*LDAPConnectorConfig) Connector added in v0.5.0

func (cfg *LDAPConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *template.Template) (Connector, error)

func (*LDAPConnectorConfig) ConnectorID added in v0.5.0

func (cfg *LDAPConnectorConfig) ConnectorID() string

func (*LDAPConnectorConfig) ConnectorType added in v0.5.0

func (cfg *LDAPConnectorConfig) ConnectorType() string

type LDAPIdentityProvider added in v0.5.0

type LDAPIdentityProvider struct {
	// contains filtered or unexported fields
}

func (*LDAPIdentityProvider) Identity added in v0.5.0

func (m *LDAPIdentityProvider) Identity(username, password string) (*oidc.Identity, error)

func (*LDAPIdentityProvider) ParseString added in v0.5.0

func (m *LDAPIdentityProvider) ParseString(template, username string) string

type LDAPPool added in v0.5.0

type LDAPPool struct {
	MaxIdleConn    int
	PoolCheckTimer time.Duration
	ServerHost     string
	ServerPort     uint16
	UseTLS         bool
	UseSSL         bool
	TLSConfig      *tls.Config
	// contains filtered or unexported fields
}

A LDAPPool is a Connection Pool for LDAP connections Initialize exported fields and use Acquire() to get a connection. Use Put() to put it back into the pool.

func (*LDAPPool) Acquire added in v0.5.0

func (p *LDAPPool) Acquire() (*ldap.Conn, error)

Acquire removes and returns a random connection from the pool. A new connection is returned if there are no connections available in the pool.

func (*LDAPPool) CheckConnections added in v0.5.0

func (p *LDAPPool) CheckConnections() (int, int)

CheckConnections attempts to iterate over all the connections in the pool and check wheter they are alive or not. Live connections are put back into the pool, dead ones are discarded.

func (*LDAPPool) Put added in v0.5.0

func (p *LDAPPool) Put(c *ldap.Conn)

Put makes a connection ready for re-use and puts it back into the pool. If the connection cannot be reused it is discarded. If there already are MaxIdleConn connections in the pool the connection is discarded.

type LocalConnector

type LocalConnector struct {
	// contains filtered or unexported fields
}

func (*LocalConnector) Healthy

func (c *LocalConnector) Healthy() error

func (*LocalConnector) ID

func (c *LocalConnector) ID() string

func (*LocalConnector) LoginURL

func (c *LocalConnector) LoginURL(sessionKey, prompt string) (string, error)

func (*LocalConnector) Register

func (c *LocalConnector) Register(mux *http.ServeMux, errorURL url.URL)

func (*LocalConnector) SetLocalIdentityProvider

func (c *LocalConnector) SetLocalIdentityProvider(idp *LocalIdentityProvider)

func (*LocalConnector) Sync

func (c *LocalConnector) Sync() chan struct{}

func (*LocalConnector) TrustedEmailProvider

func (c *LocalConnector) TrustedEmailProvider() bool

type LocalConnectorConfig

type LocalConnectorConfig struct {
	ID string `json:"id"`
}

func (*LocalConnectorConfig) Connector

func (cfg *LocalConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *template.Template) (Connector, error)

func (*LocalConnectorConfig) ConnectorID

func (cfg *LocalConnectorConfig) ConnectorID() string

func (*LocalConnectorConfig) ConnectorType

func (cfg *LocalConnectorConfig) ConnectorType() string

type LocalIdentityProvider

type LocalIdentityProvider struct {
	PasswordInfoRepo user.PasswordInfoRepo
	UserRepo         user.UserRepo
}

func (*LocalIdentityProvider) Identity

func (m *LocalIdentityProvider) Identity(email, password string) (*oidc.Identity, error)

type NewConnectorConfigFunc

type NewConnectorConfigFunc func() ConnectorConfig

type OAuth2Connector added in v0.2.0

type OAuth2Connector struct {
	// contains filtered or unexported fields
}

func (*OAuth2Connector) Healthy added in v0.2.0

func (c *OAuth2Connector) Healthy() error

func (*OAuth2Connector) ID added in v0.2.0

func (c *OAuth2Connector) ID() string

func (*OAuth2Connector) LoginURL added in v0.2.0

func (c *OAuth2Connector) LoginURL(sessionKey, prompt string) (string, error)

func (*OAuth2Connector) Register added in v0.2.0

func (c *OAuth2Connector) Register(mux *http.ServeMux, errorURL url.URL)

func (*OAuth2Connector) Sync added in v0.2.0

func (c *OAuth2Connector) Sync() chan struct{}

func (*OAuth2Connector) TrustedEmailProvider added in v0.2.0

func (c *OAuth2Connector) TrustedEmailProvider() bool

type OIDCConnector

type OIDCConnector struct {
	// contains filtered or unexported fields
}

func (*OIDCConnector) Healthy

func (c *OIDCConnector) Healthy() error

func (*OIDCConnector) ID

func (c *OIDCConnector) ID() string

func (*OIDCConnector) LoginURL

func (c *OIDCConnector) LoginURL(sessionKey, prompt string) (string, error)

func (*OIDCConnector) Register

func (c *OIDCConnector) Register(mux *http.ServeMux, errorURL url.URL)

func (*OIDCConnector) Sync

func (c *OIDCConnector) Sync() chan struct{}

func (*OIDCConnector) TrustedEmailProvider

func (c *OIDCConnector) TrustedEmailProvider() bool

type OIDCConnectorConfig

type OIDCConnectorConfig struct {
	ID                   string `json:"id"`
	IssuerURL            string `json:"issuerURL"`
	ClientID             string `json:"clientID"`
	ClientSecret         string `json:"clientSecret"`
	TrustedEmailProvider bool   `json:"trustedEmailProvider"`
}

func (*OIDCConnectorConfig) Connector

func (cfg *OIDCConnectorConfig) Connector(ns url.URL, lf oidc.LoginFunc, tpls *template.Template) (Connector, error)

func (*OIDCConnectorConfig) ConnectorID

func (cfg *OIDCConnectorConfig) ConnectorID() string

func (*OIDCConnectorConfig) ConnectorType

func (cfg *OIDCConnectorConfig) ConnectorType() string

type Page

type Page struct {
	PostURL    string
	Name       string
	Error      bool
	Message    string
	SessionKey string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL