Documentation ¶
Index ¶
- Constants
- Variables
- func RegisterConnectorConfigType(connectorType string, fn NewConnectorConfigFunc)
- type BitbucketConnectorConfig
- type Connector
- type ConnectorConfig
- type ConnectorConfigRepo
- type GitHubConnectorConfig
- type IdentityProvider
- type LDAPConnector
- func (c *LDAPConnector) Healthy() error
- func (c *LDAPConnector) ID() string
- func (c *LDAPConnector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *LDAPConnector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *LDAPConnector) Sync() chan struct{}
- func (c *LDAPConnector) TrustedEmailProvider() bool
- type LDAPConnectorConfig
- type LDAPIdentityProvider
- type LDAPPool
- type LocalConnector
- func (c *LocalConnector) Healthy() error
- func (c *LocalConnector) ID() string
- func (c *LocalConnector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *LocalConnector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *LocalConnector) SetLocalIdentityProvider(idp *LocalIdentityProvider)
- func (c *LocalConnector) Sync() chan struct{}
- func (c *LocalConnector) TrustedEmailProvider() bool
- type LocalConnectorConfig
- type LocalIdentityProvider
- type NewConnectorConfigFunc
- type OAuth2Connector
- func (c *OAuth2Connector) Healthy() error
- func (c *OAuth2Connector) ID() string
- func (c *OAuth2Connector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *OAuth2Connector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *OAuth2Connector) Sync() chan struct{}
- func (c *OAuth2Connector) TrustedEmailProvider() bool
- type OIDCConnector
- func (c *OIDCConnector) Healthy() error
- func (c *OIDCConnector) ID() string
- func (c *OIDCConnector) LoginURL(sessionKey, prompt string) (string, error)
- func (c *OIDCConnector) Register(mux *http.ServeMux, errorURL url.URL)
- func (c *OIDCConnector) Sync() chan struct{}
- func (c *OIDCConnector) TrustedEmailProvider() bool
- type OIDCConnectorConfig
- type Page
Constants ¶
View Source
const ( LDAPConnectorType = "ldap" LDAPLoginPageTemplateName = "ldap-login.html" )
View Source
const ( LocalConnectorType = "local" LoginPageTemplateName = "local-login.html" )
View Source
const (
BitbucketConnectorType = "bitbucket"
)
View Source
const (
GitHubConnectorType = "github"
)
View Source
const (
OIDCConnectorType = "oidc"
)
Variables ¶
View Source
var ErrorNotFound = errors.New("connector not found in repository")
Functions ¶
func RegisterConnectorConfigType ¶
func RegisterConnectorConfigType(connectorType string, fn NewConnectorConfigFunc)
Types ¶
type BitbucketConnectorConfig ¶ added in v0.2.0
type BitbucketConnectorConfig struct { ID string `json:"id"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` }
func (*BitbucketConnectorConfig) ConnectorID ¶ added in v0.2.0
func (cfg *BitbucketConnectorConfig) ConnectorID() string
func (*BitbucketConnectorConfig) ConnectorType ¶ added in v0.2.0
func (cfg *BitbucketConnectorConfig) ConnectorType() string
type Connector ¶
type Connector interface { // ID returns the ID of the ConnectorConfig used to create the Connector. ID() string // LoginURL returns the backend's authorization URL for a sessionKey // and OAuth2 prompt type. LoginURL(sessionKey, prompt string) (string, error) // Register allows connectors to register a callback handler with the // dex server. // // Connectors should register with a path that extends the namespace // URL provided when the Connector is instantiated. Register(mux *http.ServeMux, errorURL url.URL) // Sync triggers any long-running tasks needed to maintain the // Connector's operation. For example, this would encompass // repeatedly caching any remote resources for local use. Sync() chan struct{} // TrustedEmailProvider indicates whether or not we can trust that email // claims coming from this provider. TrustedEmailProvider() bool health.Checkable }
type ConnectorConfig ¶
type ConnectorConfig interface { // ConnectorID returns a unique end user facing identifier. For example "google". ConnectorID() string // ConnectorType returns an implementation specific identifier. For example "oidc". ConnectorType() string // Connector is invoked by the dex server and returns a Connector configured // to use the provided arguments. URL namespace is used to register callbacks. // loginFunc is used to associate remote identies with dex session keys. // // The returned Connector must call loginFunc once upon successful // identification of a user. // // Additional templates are passed for connectors that require rendering HTML // pages, such as the "local" connector. Connector(ns url.URL, loginFunc oidc.LoginFunc, tpls *template.Template) (Connector, error) }
func NewConnectorConfigFromType ¶
func NewConnectorConfigFromType(connectorType string) (ConnectorConfig, error)
func ReadConfigs ¶ added in v0.5.0
func ReadConfigs(r io.Reader) ([]ConnectorConfig, error)
type ConnectorConfigRepo ¶
type ConnectorConfigRepo interface { All() ([]ConnectorConfig, error) GetConnectorByID(repo.Transaction, string) (ConnectorConfig, error) Set(cfgs []ConnectorConfig) error }
type GitHubConnectorConfig ¶ added in v0.2.0
type GitHubConnectorConfig struct { ID string `json:"id"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` }
func (*GitHubConnectorConfig) ConnectorID ¶ added in v0.2.0
func (cfg *GitHubConnectorConfig) ConnectorID() string
func (*GitHubConnectorConfig) ConnectorType ¶ added in v0.2.0
func (cfg *GitHubConnectorConfig) ConnectorType() string
type IdentityProvider ¶ added in v0.5.0
type LDAPConnector ¶ added in v0.5.0
type LDAPConnector struct {
// contains filtered or unexported fields
}
func (*LDAPConnector) Healthy ¶ added in v0.5.0
func (c *LDAPConnector) Healthy() error
func (*LDAPConnector) ID ¶ added in v0.5.0
func (c *LDAPConnector) ID() string
func (*LDAPConnector) LoginURL ¶ added in v0.5.0
func (c *LDAPConnector) LoginURL(sessionKey, prompt string) (string, error)
func (*LDAPConnector) Register ¶ added in v0.5.0
func (c *LDAPConnector) Register(mux *http.ServeMux, errorURL url.URL)
func (*LDAPConnector) Sync ¶ added in v0.5.0
func (c *LDAPConnector) Sync() chan struct{}
func (*LDAPConnector) TrustedEmailProvider ¶ added in v0.5.0
func (c *LDAPConnector) TrustedEmailProvider() bool
type LDAPConnectorConfig ¶ added in v0.5.0
type LDAPConnectorConfig struct { ID string `json:"id"` ServerHost string `json:"serverHost"` ServerPort uint16 `json:"serverPort"` Timeout time.Duration `json:"timeout"` UseTLS bool `json:"useTLS"` UseSSL bool `json:"useSSL"` CertFile string `json:"certFile"` KeyFile string `json:"keyFile"` CaFile string `json:"caFile"` SkipCertVerification bool `json:"skipCertVerification"` MaxIdleConn int `json:"maxIdleConn"` BaseDN string `json:"baseDN"` NameAttribute string `json:"nameAttribute"` EmailAttribute string `json:"emailAttribute"` SearchBeforeAuth bool `json:"searchBeforeAuth"` SearchFilter string `json:"searchFilter"` SearchScope string `json:"searchScope"` SearchBindDN string `json:"searchBindDN"` SearchBindPw string `json:"searchBindPw"` BindTemplate string `json:"bindTemplate"` TrustedEmailProvider bool `json:"trustedEmailProvider"` }
func (*LDAPConnectorConfig) ConnectorID ¶ added in v0.5.0
func (cfg *LDAPConnectorConfig) ConnectorID() string
func (*LDAPConnectorConfig) ConnectorType ¶ added in v0.5.0
func (cfg *LDAPConnectorConfig) ConnectorType() string
type LDAPIdentityProvider ¶ added in v0.5.0
type LDAPIdentityProvider struct {
// contains filtered or unexported fields
}
func (*LDAPIdentityProvider) Identity ¶ added in v0.5.0
func (m *LDAPIdentityProvider) Identity(username, password string) (*oidc.Identity, error)
func (*LDAPIdentityProvider) ParseString ¶ added in v0.5.0
func (m *LDAPIdentityProvider) ParseString(template, username string) string
type LDAPPool ¶ added in v0.5.0
type LDAPPool struct { MaxIdleConn int PoolCheckTimer time.Duration ServerHost string ServerPort uint16 UseTLS bool UseSSL bool TLSConfig *tls.Config // contains filtered or unexported fields }
A LDAPPool is a Connection Pool for LDAP connections Initialize exported fields and use Acquire() to get a connection. Use Put() to put it back into the pool.
func (*LDAPPool) Acquire ¶ added in v0.5.0
Acquire removes and returns a random connection from the pool. A new connection is returned if there are no connections available in the pool.
func (*LDAPPool) CheckConnections ¶ added in v0.5.0
CheckConnections attempts to iterate over all the connections in the pool and check wheter they are alive or not. Live connections are put back into the pool, dead ones are discarded.
type LocalConnector ¶
type LocalConnector struct {
// contains filtered or unexported fields
}
func (*LocalConnector) Healthy ¶
func (c *LocalConnector) Healthy() error
func (*LocalConnector) ID ¶
func (c *LocalConnector) ID() string
func (*LocalConnector) LoginURL ¶
func (c *LocalConnector) LoginURL(sessionKey, prompt string) (string, error)
func (*LocalConnector) Register ¶
func (c *LocalConnector) Register(mux *http.ServeMux, errorURL url.URL)
func (*LocalConnector) SetLocalIdentityProvider ¶
func (c *LocalConnector) SetLocalIdentityProvider(idp *LocalIdentityProvider)
func (*LocalConnector) Sync ¶
func (c *LocalConnector) Sync() chan struct{}
func (*LocalConnector) TrustedEmailProvider ¶
func (c *LocalConnector) TrustedEmailProvider() bool
type LocalConnectorConfig ¶
type LocalConnectorConfig struct {
ID string `json:"id"`
}
func (*LocalConnectorConfig) ConnectorID ¶
func (cfg *LocalConnectorConfig) ConnectorID() string
func (*LocalConnectorConfig) ConnectorType ¶
func (cfg *LocalConnectorConfig) ConnectorType() string
type LocalIdentityProvider ¶
type LocalIdentityProvider struct { PasswordInfoRepo user.PasswordInfoRepo UserRepo user.UserRepo }
type NewConnectorConfigFunc ¶
type NewConnectorConfigFunc func() ConnectorConfig
type OAuth2Connector ¶ added in v0.2.0
type OAuth2Connector struct {
// contains filtered or unexported fields
}
func (*OAuth2Connector) Healthy ¶ added in v0.2.0
func (c *OAuth2Connector) Healthy() error
func (*OAuth2Connector) ID ¶ added in v0.2.0
func (c *OAuth2Connector) ID() string
func (*OAuth2Connector) LoginURL ¶ added in v0.2.0
func (c *OAuth2Connector) LoginURL(sessionKey, prompt string) (string, error)
func (*OAuth2Connector) Register ¶ added in v0.2.0
func (c *OAuth2Connector) Register(mux *http.ServeMux, errorURL url.URL)
func (*OAuth2Connector) Sync ¶ added in v0.2.0
func (c *OAuth2Connector) Sync() chan struct{}
func (*OAuth2Connector) TrustedEmailProvider ¶ added in v0.2.0
func (c *OAuth2Connector) TrustedEmailProvider() bool
type OIDCConnector ¶
type OIDCConnector struct {
// contains filtered or unexported fields
}
func (*OIDCConnector) Healthy ¶
func (c *OIDCConnector) Healthy() error
func (*OIDCConnector) ID ¶
func (c *OIDCConnector) ID() string
func (*OIDCConnector) LoginURL ¶
func (c *OIDCConnector) LoginURL(sessionKey, prompt string) (string, error)
func (*OIDCConnector) Register ¶
func (c *OIDCConnector) Register(mux *http.ServeMux, errorURL url.URL)
func (*OIDCConnector) Sync ¶
func (c *OIDCConnector) Sync() chan struct{}
func (*OIDCConnector) TrustedEmailProvider ¶
func (c *OIDCConnector) TrustedEmailProvider() bool
type OIDCConnectorConfig ¶
type OIDCConnectorConfig struct { ID string `json:"id"` IssuerURL string `json:"issuerURL"` ClientID string `json:"clientID"` ClientSecret string `json:"clientSecret"` TrustedEmailProvider bool `json:"trustedEmailProvider"` }
func (*OIDCConnectorConfig) ConnectorID ¶
func (cfg *OIDCConnectorConfig) ConnectorID() string
func (*OIDCConnectorConfig) ConnectorType ¶
func (cfg *OIDCConnectorConfig) ConnectorType() string
Click to show internal directories.
Click to hide internal directories.