README
¶
Identity client
This package provides client code to interact with the identity to macaroon authentication server.
Documentation
¶
Index ¶
- Constants
- func LoginMethods(client *http.Client, u *url.URL) (*params.LoginMethods, error)
- type Client
- func (c *Client) QueryUsers(p *params.QueryUsersRequest) ([]string, error)
- func (c *Client) SetUser(p *params.SetUserRequest) error
- func (c *Client) SetUserExtraInfo(p *params.SetUserExtraInfoRequest) error
- func (c *Client) SetUserExtraInfoItem(p *params.SetUserExtraInfoItemRequest) error
- func (c *Client) User(p *params.UserRequest) (*params.User, error)
- func (c *Client) UserExtraInfo(p *params.UserExtraInfoRequest) (map[string]interface{}, error)
- func (c *Client) UserExtraInfoItem(p *params.UserExtraInfoItemRequest) (interface{}, error)
- func (c *Client) UserGroups(p *params.UserGroupsRequest) ([]string, error)
- func (c *Client) UserIDPGroups(p *params.UserIDPGroupsRequest) ([]string, error)
- func (c *Client) UserToken(p *params.UserTokenRequest) (*macaroon.Macaroon, error)
- func (c *Client) VerifyToken(p *params.VerifyTokenRequest) (map[string]string, error)
- type NewParams
- type PermChecker
Constants ¶
const ( Production = "https://api.jujucharms.com/identity" Staging = "https://api.staging.jujucharms.com/identity" )
Variables ¶
This section is empty.
Functions ¶
func LoginMethods ¶
LoginMethods returns information about the available login methods for the given URL, which is expected to be a URL as passed to a VisitWebPage function during the macaroon bakery discharge process.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client represents the client of an identity server.
func (*Client) QueryUsers ¶
func (c *Client) QueryUsers(p *params.QueryUsersRequest) ([]string, error)
QueryUsers serves the /u endpoint. See http://tinyurl.com/lu3mmr9 for details.
func (*Client) SetUser ¶
func (c *Client) SetUser(p *params.SetUserRequest) error
func (*Client) SetUserExtraInfo ¶
func (c *Client) SetUserExtraInfo(p *params.SetUserExtraInfoRequest) error
SetUserExtraInfo serves the /v1/u/:username/extra-info endpoint, see http://tinyurl.com/mqpynlw for details.
func (*Client) SetUserExtraInfoItem ¶
func (c *Client) SetUserExtraInfoItem(p *params.SetUserExtraInfoItemRequest) error
ServeUserPutExtraInfoItem serves the /u/:username/extra-info/:item endpoint, see http://tinyurl.com/l5dc4r4 for details.
func (*Client) User ¶
func (c *Client) User(p *params.UserRequest) (*params.User, error)
User serves the /u/$username endpoint. See http://tinyurl.com/lrdjwmw for details.
func (*Client) UserExtraInfo ¶
func (c *Client) UserExtraInfo(p *params.UserExtraInfoRequest) (map[string]interface{}, error)
UserExtraInfo serves the /v1/u/:username/extra-info endpoint, see http://tinyurl.com/mxo24yy for details.
func (*Client) UserExtraInfoItem ¶
func (c *Client) UserExtraInfoItem(p *params.UserExtraInfoItemRequest) (interface{}, error)
UserExtraInfoItem serves the /u/:username/extra-info/:item endpoint, see http://tinyurl.com/mjuu7dt for details.
func (*Client) UserGroups ¶
func (c *Client) UserGroups(p *params.UserGroupsRequest) ([]string, error)
serveUserGroups serves the /u/$username/groups endpoint, and returns the list of groups associated with the user.
func (*Client) UserIDPGroups ¶
func (c *Client) UserIDPGroups(p *params.UserIDPGroupsRequest) ([]string, error)
UserIDPGroups serves the /u/$username/idpgroups endpoint, and returns the list of groups associated with the user. This endpoint should no longer be used and is maintained for backwards compatibility purposes only.
func (*Client) UserToken ¶
func (c *Client) UserToken(p *params.UserTokenRequest) (*macaroon.Macaroon, error)
UserToken serves a token, in the form of a macaroon, identifying the user. This token can only be generated by an administrator.
func (*Client) VerifyToken ¶
func (c *Client) VerifyToken(p *params.VerifyTokenRequest) (map[string]string, error)
type NewParams ¶
type NewParams struct {
BaseURL string
Client *httpbakery.Client
// AuthUsername holds the username for admin login.
AuthUsername string
// AuthPassword holds the password for admin login.
AuthPassword string
}
NewParams holds the parameters for creating a new client.
type PermChecker ¶
type PermChecker struct {
// contains filtered or unexported fields
}
PermChecker provides a way to query ACLs using the identity client.
func NewPermChecker ¶
func NewPermChecker(c *Client, cacheTime time.Duration) *PermChecker
NewPermChecker returns a permission checker that uses the given identity client to check permissions.
It will cache results for at most cacheTime.
func (*PermChecker) Allow ¶
func (c *PermChecker) Allow(username string, acl []string) (bool, error)
Allow reports whether the given ACL admits the user with the given name. If the user does not exist and the ACL does not allow username or everyone, it will return (false, nil).
func (*PermChecker) CacheEvict ¶
func (c *PermChecker) CacheEvict(username string)
CacheEvict evicts username from the cache.
func (*PermChecker) CacheEvictAll ¶
func (c *PermChecker) CacheEvictAll()
CacheEvictAll evicts everything from the cache.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package idmtest holds a mock implementation of the identity manager suitable for testing.
|
Package idmtest holds a mock implementation of the identity manager suitable for testing. |
|
Package ussologin defines functionality used for allowing clients to authenticate with the IDM server using USSO OAuth.
|
Package ussologin defines functionality used for allowing clients to authenticate with the IDM server using USSO OAuth. |