auth

package
v0.0.0-...-fbda11f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 20, 2024 License: Apache-2.0 Imports: 10 Imported by: 5

Documentation

Overview

Package auth contains authentication related code supporting secret passwords and oauth2 tokens on GCE.

Index

Constants

View Source
const (
	// The official google oauth2 endpoint.
	GoogleTokenInfoEndpoint = "https://oauth2.googleapis.com/tokeninfo"
	// Used in the config map as a prefix to distinguish auth identifiers from secret passwords
	// (which contain arbitrary strings, that can't have this prefix).
	OauthMagic = "OauthSubject:"
)
View Source
const (
	DashboardAudience = "https://syzkaller.appspot.com/api"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Endpoint

type Endpoint struct {
	// contains filtered or unexported fields
}

Represent a verification backend.

func MakeEndpoint

func MakeEndpoint(u string) Endpoint

func (*Endpoint) DetermineAuthSubj

func (auth *Endpoint) DetermineAuthSubj(now time.Time, authHeader []string) (string, error)

Returns the verified subject value based on the provided header value or "" if it can't be determined. A valid result starts with auth.OauthMagic. The now parameter is the current time to compare the claims against. The authHeader is styled as is typical for HTTP headers which carry the tokens prefixed by "Bearer " string.

type TokenCache

type TokenCache struct {
	// contains filtered or unexported fields
}

TokenCache keeps the tokens for reuse by Get.

func MakeCache

func MakeCache(ctor func(method, url string, body io.Reader) (*http.Request, error),
	doer func(req *http.Request) (*http.Response, error)) (*TokenCache, error)

MakeCache creates a new cache or returns an error if tokens aren't available.

func (*TokenCache) Get

func (cache *TokenCache) Get(now time.Time) (string, error)

Get returns a potentially cached value of the token or renews as necessary. The now parameter provides the current time for cache expiration. The returned value is suitable for Authorization header and syz-hub Key requests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL