Documentation ¶
Overview ¶
package eap implements an XML eap-config parser compliant with the XML schema found at https://github.com/GEANT/CAT/blob/master/devices/eap_config/eap-metadata.xsd A part of this was generated with xgen https://github.com/xuri/xgen By hand modified: - Use NonEAPAuthNumbers as alias instead of hardcoded int - Removed -Properties
Index ¶
- func LocalizedInteractiveValue(slice []*LocalizedInteractive) (string, error)
- func LocalizedNonInteractiveValue(slice []*LocalizedNonInteractive) (string, error)
- type AuthenticationMethod
- type AuthenticationMethods
- type CertData
- type ClientCredentialVariants
- type CredentialApplicabilityType
- type EAPIdentityProvider
- type EAPIdentityProviderList
- type EAPMethod
- type HelpdeskDetailElements
- type IEEE80211
- type IEEE80211RSNProtocols
- type IEEE8023
- type InnerAuthenticationMethod
- type LocalizedInteractive
- type LocalizedNonInteractive
- type LocationElements
- type LogoData
- type NonEAPAuthMethod
- type NonEAPAuthNumbers
- type ProviderInfoElements
- type ServerCredentialVariants
- type TypeSpecificExtension
- type VendorSpecificExtension
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func LocalizedInteractiveValue ¶
func LocalizedInteractiveValue(slice []*LocalizedInteractive) (string, error)
LocalizedInteractiveValue gets the first non-nil value from the localized interactive slice if no value is available, it returns an error
func LocalizedNonInteractiveValue ¶
func LocalizedNonInteractiveValue(slice []*LocalizedNonInteractive) (string, error)
LocalizedNonInteractiveValue gets the first non-nil value from the localized non interactive slice if no value is available, it returns an error
Types ¶
type AuthenticationMethod ¶
type AuthenticationMethod struct { EAPMethod *EAPMethod `xml:"EAPMethod"` ServerSideCredential *ServerCredentialVariants `xml:"ServerSideCredential"` ClientSideCredential *ClientCredentialVariants `xml:"ClientSideCredential"` InnerAuthenticationMethod []*InnerAuthenticationMethod `xml:"InnerAuthenticationMethod"` }
AuthenticationMethod ...
func (*AuthenticationMethod) Network ¶
func (am *AuthenticationMethod) Network(ssid string, minrsn string, pinfo network.ProviderInfo) (network.Network, error)
Network gets a network for an authentication method, the SSID and MinRSN are strings that are based to the network
func (*AuthenticationMethod) NonTLSNetwork ¶
NonTLSNetwork creates a network that is Non-TLS using the authentication method The base that is passed here are settings that are common between TLS and NON-TLS networks
func (*AuthenticationMethod) TLSNetwork ¶
TLSNetwork creates a TLS network using the authentication method. The base that is passed here are settings that are common between TLS and NON-TLS networks
type AuthenticationMethods ¶
type AuthenticationMethods struct {
AuthenticationMethod []*AuthenticationMethod `xml:"AuthenticationMethod"`
}
AuthenticationMethods ...
type CertData ¶
type CertData struct { FormatAttr string `xml:"format,attr"` EncodingAttr string `xml:"encoding,attr"` Value string `xml:",chardata"` }
CertData ...
type ClientCredentialVariants ¶
type ClientCredentialVariants struct { AllowsaveAttr bool `xml:"allow_save,attr,omitempty"` OuterIdentity string `xml:"OuterIdentity"` InnerIdentityPrefix string `xml:"InnerIdentityPrefix"` InnerIdentitySuffix string `xml:"InnerIdentitySuffix"` InnerIdentityHint bool `xml:"InnerIdentityHint"` // TODO: support `Username` (notice the n lowercase)? // See: https://github.com/geteduroam/windows-app/pull/39 // Probably not needed as that pr states it is still not used // But maybe good to define here so we can check what is all in the xml? UserName string `xml:"UserName"` Password string `xml:"Password"` ClientCertificate *CertData `xml:"ClientCertificate"` IntermediateCACertificate []*CertData `xml:"IntermediateCACertificate"` Passphrase string `xml:"Passphrase"` PAC string `xml:"PAC"` ProvisionPAC bool `xml:"ProvisionPAC"` }
ClientCredentialVariants is Not all EAP types and non-EAP authentication methods need or
support all types of credentials in the list below. While the Schema allows to put all kinds of credential information inside every AuthenticationMethod, even where the information is not applicable, tags which are not applicable for an authentication EAP or non-EAP type SHOULD NOT be included in the corresponding instance of AuthenticationMethod or InnerAuthenticationMethod when producing the XML file, and MUST be ignored by the entity consuming the XML file if present in the XML file.
type CredentialApplicabilityType ¶
type CredentialApplicabilityType struct { IEEE80211 []*IEEE80211 `xml:"IEEE80211"` IEEE8023 []*IEEE8023 `xml:"IEEE8023"` }
CredentialApplicabilityType ...
type EAPIdentityProvider ¶
type EAPIdentityProvider struct { IDAttr string `xml:"ID,attr"` NamespaceAttr string `xml:"namespace,attr"` VersionAttr int `xml:"version,attr,omitempty"` LangAttr string `xml:"lang,attr,omitempty"` ValidUntil string `xml:"ValidUntil"` AuthenticationMethods *AuthenticationMethods `xml:"AuthenticationMethods"` CredentialApplicability *CredentialApplicabilityType `xml:"CredentialApplicability"` ProviderInfo *ProviderInfoElements `xml:"ProviderInfo"` VendorSpecific *VendorSpecificExtension `xml:"VendorSpecific"` }
EAPIdentityProvider ...
func (*EAPIdentityProvider) AuthMethods ¶
func (p *EAPIdentityProvider) AuthMethods() ([]*AuthenticationMethod, error)
AuthMethods gets a list of authentication methods by checking if it is NON-NULL and NON-EMPTY
func (*EAPIdentityProvider) PInfo ¶
func (p *EAPIdentityProvider) PInfo() network.ProviderInfo
PInfo gets the ProviderInfo element from the EAP identity provider If it cannot find certain values this will fallback to the default of the type, e.g. an empty string TODO: Log errors here
func (*EAPIdentityProvider) SSIDSettings ¶
func (p *EAPIdentityProvider) SSIDSettings() (string, string, error)
SSIDSettings returns the first valid SSID and the MinRSNProto associated with it It loops through the credential applicability list and gets the first valid candidate The candidate filtering was based on https://github.com/geteduroam/windows-app/blob/f11f00dee3eb71abd38537e18881463f83b180d3/EduroamConfigure/EapConfig.cs#L84 A candidate is valid if:
- MinRSNProto is not empty, TODO: shouldn't we just default to CCMP?
- The SSID is not empty
- The MinRSNProto is NOT TKIP as that is insecure
type EAPIdentityProviderList ¶
type EAPIdentityProviderList struct {
EAPIdentityProvider *EAPIdentityProvider `xml:"EAPIdentityProvider"`
}
EAPIdentityProviderList ...
func Parse ¶
func Parse(data []byte) (*EAPIdentityProviderList, error)
Parse parses a byte array into the main EAPIdentityProviderList struct. It returns nil if error
type EAPMethod ¶
type EAPMethod struct { Type int `xml:"Type"` TypeSpecific *TypeSpecificExtension `xml:"TypeSpecific"` VendorSpecific []*VendorSpecificExtension `xml:"VendorSpecific"` }
EAPMethod ...
type HelpdeskDetailElements ¶
type HelpdeskDetailElements struct { EmailAddress []*LocalizedInteractive `xml:"EmailAddress"` WebAddress []*LocalizedNonInteractive `xml:"WebAddress"` Phone []*LocalizedInteractive `xml:"Phone"` }
HelpdeskDetailElements ...
type IEEE80211 ¶
type IEEE80211 struct { XMLName xml.Name `xml:"IEEE80211"` SSID string `xml:"SSID"` ConsortiumOID string `xml:"ConsortiumOID"` MinRSNProto string `xml:"MinRSNProto"` }
IEEE80211 is The conditions inside this element are considered AND conditions.
It does e.g. not make sense to have multiple SSIDs in one IEEE80211 field because the condition would never match. To specify multiple ORed network properties, use multiple IEEE80211 instances.
type IEEE80211RSNProtocols ¶
type IEEE80211RSNProtocols string
IEEE80211RSNProtocols is CTR with CBC-MAC Protocol (if used, only crypto setting
"WPA2/AES" and possible future protos are acceptable).
type InnerAuthenticationMethod ¶
type InnerAuthenticationMethod struct { EAPMethod *EAPMethod `xml:"EAPMethod"` NonEAPAuthMethod *NonEAPAuthMethod `xml:"NonEAPAuthMethod"` ServerSideCredential *ServerCredentialVariants `xml:"ServerSideCredential"` ClientSideCredential *ClientCredentialVariants `xml:"ClientSideCredential"` }
InnerAuthenticationMethod ...
type LocalizedInteractive ¶
type LocalizedInteractive struct { LangAttr string `xml:"lang,attr,omitempty"` Value string `xml:",chardata"` }
LocalizedInteractive ...
type LocalizedNonInteractive ¶
type LocalizedNonInteractive struct { LangAttr string `xml:"lang,attr,omitempty"` Value string `xml:",chardata"` }
LocalizedNonInteractive ...
type LocationElements ¶
type LocationElements struct { Longitude string `xml:"Longitude"` Latitude string `xml:"Latitude"` }
LocationElements ...
type LogoData ¶
type LogoData struct { MimeAttr string `xml:"mime,attr"` EncodingAttr string `xml:"encoding,attr"` Value string `xml:",chardata"` }
LogoData ...
type NonEAPAuthMethod ¶
type NonEAPAuthMethod struct { Type NonEAPAuthNumbers `xml:"Type"` TypeSpecific *TypeSpecificExtension `xml:"TypeSpecific"` VendorSpecific []*VendorSpecificExtension `xml:"VendorSpecific"` }
NonEAPAuthMethod ...
type ProviderInfoElements ¶
type ProviderInfoElements struct { DisplayName []*LocalizedNonInteractive `xml:"DisplayName"` Description []*LocalizedNonInteractive `xml:"Description"` ProviderLocation []*LocationElements `xml:"ProviderLocation"` ProviderLogo *LogoData `xml:"ProviderLogo"` TermsOfUse []*LocalizedNonInteractive `xml:"TermsOfUse"` Helpdesk *HelpdeskDetailElements `xml:"Helpdesk"` }
ProviderInfoElements ...
func (*ProviderInfoElements) Logo ¶
func (pi *ProviderInfoElements) Logo() (string, error)
Logo returns the logo for the provider info elements If the logo is an unexpected type: nil, no PNG, no base64, we return an empty string and an error TODO: Note that right now we assume that every logo is a base64 and PNG, we need to determine if this is the only possible type that will be returned
type ServerCredentialVariants ¶
type ServerCredentialVariants struct { CA []*CertData `xml:"CA"` ServerID []string `xml:"ServerID"` }
ServerCredentialVariants is Not all EAP types and non-EAP authentication methods need or
support all types of credentials in the list below. While the Schema allows to put all kinds of credential information inside every AuthenticationMethod, even where the information is not applicable, tags which are not applicable for an authentication EAP or non-EAP type SHOULD NOT be included in the corresponding instance of AuthenticationMethod or InnerAuthenticationMethod when producing the XML file, and MUST be ignored by the entity consuming the XML file if present in the XML file.
type VendorSpecificExtension ¶
type VendorSpecificExtension struct {
VendorAttr int `xml:"vendor,attr"`
}
VendorSpecificExtension ...