usersservice

package
v0.0.0-...-3bfe646 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2023 License: Apache-2.0 Imports: 21 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(cfg Config) (users.Identity, error)

New returns a new instance of UsersService

func NewLocalKeyStore 

func NewLocalKeyStore(path string) (*users.KeyStore, error)

NewLocalKeyStore returns new user-local key storage

Types

type Config 

type Config struct {
	// Backend is a storage backend
	Backend storage.Backend
	// Clock is an optional clock that helps to fake time in with tests,
	// if omitted, system time is used
	Clock clockwork.Clock
}

Config holds configuration parameters for users service

type LocalLogins 

type LocalLogins struct {
	clockwork.Clock
	// contains filtered or unexported fields
}

LocalLogins store local logins with remote ops centers

func (*LocalLogins) DeleteLoginEntry 

func (l *LocalLogins) DeleteLoginEntry(opsCenterURL string) error

func (*LocalLogins) GetCurrentOpsCenter 

func (l *LocalLogins) GetCurrentOpsCenter() string

func (*LocalLogins) GetLoginEntries 

func (l *LocalLogins) GetLoginEntries() ([]storage.LoginEntry, error)

func (*LocalLogins) GetLoginEntry 

func (l *LocalLogins) GetLoginEntry(opsCenterURL string) (*storage.LoginEntry, error)

func (*LocalLogins) SetCurrentOpsCenter 

func (l *LocalLogins) SetCurrentOpsCenter(o string) error

func (*LocalLogins) UpsertLoginEntry 

func (l *LocalLogins) UpsertLoginEntry(e storage.LoginEntry) (*storage.LoginEntry, error)

type UsersService 

type UsersService struct {
	// contains filtered or unexported fields
}

func (*UsersService) AcquireLock 

func (c *UsersService) AcquireLock(token string, ttl time.Duration) error

AcquireLock grabs a lock that will be released automatically in ttl time

func (*UsersService) ActivateCertAuthority 

func (c *UsersService) ActivateCertAuthority(id teleservices.CertAuthID) error

ActivateCertAuthority moves a CertAuthority from the deactivated list to the normal list.

func (*UsersService) AddUserLoginAttempt 

func (c *UsersService) AddUserLoginAttempt(user string, attempt teleservices.LoginAttempt, ttl time.Duration) error

AddUserLoginAttempt logs user login attempt

func (*UsersService) AuthenticateUser 

func (c *UsersService) AuthenticateUser(creds httplib.AuthCreds) (storage.User, teleservices.AccessChecker, error)

AuthenticateUser authenticates a user by given credentials, it supports basic auth only that is used by agents running on sites

func (*UsersService) AuthenticateUserBasicAuth 

func (c *UsersService) AuthenticateUserBasicAuth(username, password string) (storage.User, error)

AuthenticateUserBasicAuth authenticates user using basic auth, where password's hash is checked against stored hash for AdminUser and token is compared as is for AgentUser (treated as API key)

func (*UsersService) AuthenticateUserBearerAuth 

func (c *UsersService) AuthenticateUserBearerAuth(token string) (storage.User, error)

AuthenticateUserBearerAuth is used to authenticate site agent users that connect using provisioning tokens or API keys

func (*UsersService) CompareAndSwapCertAuthority 

func (c *UsersService) CompareAndSwapCertAuthority(new, existing teleservices.CertAuthority) error

CompareAndSwapCertAuthority updates existing cert authority if the existing cert authority value matches the value stored in the backend

func (*UsersService) CreateAPIKey 

func (c *UsersService) CreateAPIKey(key storage.APIKey, upsert bool) (*storage.APIKey, error)

func (*UsersService) CreateAccount 

func (c *UsersService) CreateAccount(a users.Account) (*users.Account, error)

CreateAccount creates a new user account from the specified attributes

func (*UsersService) CreateAdmin 

func (c *UsersService) CreateAdmin(email, password string) error

CreateAdmin creates a new admin user for the locally running site.

func (*UsersService) CreateAgent 

func (c *UsersService) CreateAgent(agent storage.User) (storage.User, error)

CreateAgent creates a new "robot" agent user used by various automation tools (e.g. release automation) with correct privileges

func (*UsersService) CreateAgentFromLoginEntry 

func (c *UsersService) CreateAgentFromLoginEntry(clusterName string, entry storage.LoginEntry, admin bool) (storage.User, error)

CreateAgentFromLoginEntry creates a new agent user from the provided login entry

func (*UsersService) CreateCertAuthority 

func (c *UsersService) CreateCertAuthority(ca teleservices.CertAuthority) error

CreateCertAuthority creates a new certificate authority

func (*UsersService) CreateClusterAdminAgent 

func (c *UsersService) CreateClusterAdminAgent(clusterName string, agent storage.User) (storage.User, error)

CreateClusterAdminAgent creates privileged agent user

func (*UsersService) CreateClusterAgent 

func (c *UsersService) CreateClusterAgent(clusterName string, agent storage.User) (storage.User, error)

CreateClusterAgent creates unprivileged agent user

func (*UsersService) CreateGatekeeper 

func (c *UsersService) CreateGatekeeper(gatekeeper users.RemoteAccessUser) (*users.RemoteAccessUser, error)

CreateGatekeeper creates a new remote access agent user used to connect remote sites to Ops Centers.

func (*UsersService) CreateGithubAuthRequest 

func (c *UsersService) CreateGithubAuthRequest(req teleservices.GithubAuthRequest) error

CreateGithubAuthRequest creates a new auth request for Github OAuth2 flow

func (*UsersService) CreateGithubConnector 

func (c *UsersService) CreateGithubConnector(connector teleservices.GithubConnector) error

CreateGithubConnector creates a new Github connector

func (*UsersService) CreateInstallToken 

func (c *UsersService) CreateInstallToken(t storage.InstallToken) (token *storage.InstallToken, err error)

CreateInstallToken creates a new one-time installation token

func (*UsersService) CreateInviteToken 

func (c *UsersService) CreateInviteToken(advertiseURL string, userInvite storage.UserInvite) (*storage.UserToken, error)

CreateInviteToken invites a user

func (*UsersService) CreateOIDCAuthRequest 

func (c *UsersService) CreateOIDCAuthRequest(req teleservices.OIDCAuthRequest, ttl time.Duration) error

CreateOIDCAuthRequest creates new auth request

func (*UsersService) CreateProvisioningToken 

func (c *UsersService) CreateProvisioningToken(t storage.ProvisioningToken) (*storage.ProvisioningToken, error)

CreateProvisioningToken creates a new token from the specified template t

func (*UsersService) CreateRemoteAgent 

func (c *UsersService) CreateRemoteAgent(agent users.RemoteAccessUser) (storage.User, error)

CreateRemoteAgent creates a new site agent user that replicates the agent of a remote site. The user usually has a bound API key which is replicated locally.

func (*UsersService) CreateRemoteCluster 

func (c *UsersService) CreateRemoteCluster(conn teleservices.RemoteCluster) error

CreateRemoteCluster creates a remote cluster

func (*UsersService) CreateResetToken 

func (c *UsersService) CreateResetToken(advertiseURL string, username string, ttl time.Duration) (*storage.UserToken, error)

CreateResetToken resets user password and creates a token to let existing user to change it

func (*UsersService) CreateRole 

func (c *UsersService) CreateRole(role teleservices.Role, ttl time.Duration) error

CreateRole creates new role

func (*UsersService) CreateSAMLAuthRequest 

func (c *UsersService) CreateSAMLAuthRequest(req teleservices.SAMLAuthRequest, ttl time.Duration) error

CreateSAMLAuthRequest creates new auth request

func (*UsersService) CreateSAMLConnector 

func (c *UsersService) CreateSAMLConnector(connector teleservices.SAMLConnector) error

CreateSAMLConnector upserts SAML Connector

func (*UsersService) CreateUser 

func (c *UsersService) CreateUser(user teleservices.User) error

CreateUser creates a new generic user without privileges

func (*UsersService) CreateUserWithToken 

func (c *UsersService) CreateUserWithToken(completeReq users.UserTokenCompleteRequest) (teleservices.WebSession, error)

CreateUserWithToken creates a user with a token

func (*UsersService) DeactivateCertAuthority 

func (c *UsersService) DeactivateCertAuthority(id teleservices.CertAuthID) error

DeactivateCertAuthority moves a CertAuthority from the normal list to the deactivated list.

func (*UsersService) DeleteAPIKey 

func (c *UsersService) DeleteAPIKey(userEmail, token string) error

func (*UsersService) DeleteAllCertAuthorities 

func (c *UsersService) DeleteAllCertAuthorities(caType teleservices.CertAuthType) error

DeleteAllCertAuthorities deletes all cert authorities

func (*UsersService) DeleteAllNamespaces 

func (c *UsersService) DeleteAllNamespaces() error

DeleteAllNamespaces deletes all namespaces

func (*UsersService) DeleteAllNodes 

func (c *UsersService) DeleteAllNodes(namespace string) error

DeleteAllNodes deletes all nodes

func (*UsersService) DeleteAllProxies 

func (c *UsersService) DeleteAllProxies() error

DeleteAllProxies deletes all proxies

func (*UsersService) DeleteAllRemoteClusters 

func (c *UsersService) DeleteAllRemoteClusters() error

DeleteAllRemoteClusters deletes all remote clusters

func (*UsersService) DeleteAllReverseTunnels 

func (c *UsersService) DeleteAllReverseTunnels() error

DeleteAllReverseTunnels deletes all reverse tunnels

func (*UsersService) DeleteAllRoles 

func (c *UsersService) DeleteAllRoles() error

DeleteAllRoles deletes all roles

func (*UsersService) DeleteAllTunnelConnections 

func (c *UsersService) DeleteAllTunnelConnections() error

DeleteAllTunnelConnections deletes all tunnel connections for cluster

func (*UsersService) DeleteAllUsers 

func (c *UsersService) DeleteAllUsers() error

DeleteAllUsers deletes all users

func (*UsersService) DeleteCertAuthority 

func (c *UsersService) DeleteCertAuthority(id teleservices.CertAuthID) error

DeleteCertAuthority deletes particular certificate authority

func (*UsersService) DeleteGithubConnector 

func (c *UsersService) DeleteGithubConnector(name string) error

DeleteGithubConnector deletes a Github connector by its name

func (*UsersService) DeleteNamespace 

func (c *UsersService) DeleteNamespace(namespace string) error

DeleteNamespace deletes a namespace with all the keys from the backend

func (*UsersService) DeleteOIDCConnector 

func (c *UsersService) DeleteOIDCConnector(connectorID string) error

DeleteOIDCConnector deletes OIDC Connector

func (*UsersService) DeleteRemoteCluster 

func (c *UsersService) DeleteRemoteCluster(clusterName string) error

DeleteRemoteCluster deletes remote cluster by name

func (*UsersService) DeleteReverseTunnel 

func (c *UsersService) DeleteReverseTunnel(domainName string) error

DeleteReverseTunnel deletes reverse tunnel by it's domain name

func (*UsersService) DeleteRole 

func (c *UsersService) DeleteRole(roleName string) error

DeleteRole deletes a role with all the keys from the backend

func (*UsersService) DeleteSAMLConnector 

func (c *UsersService) DeleteSAMLConnector(connectorID string) error

DeleteSAMLConnector deletes SAML Connector

func (*UsersService) DeleteSignupToken 

func (c *UsersService) DeleteSignupToken(token string) error

DeleteSignupToken deletes signup token from the storage

func (*UsersService) DeleteToken 

func (*UsersService) DeleteToken(token string) error

DeleteToken deletes provisioning token

func (*UsersService) DeleteTrustedCluster 

func (c *UsersService) DeleteTrustedCluster(name string) error

DeleteTrustedCluster removes a TrustedCluster from the backend by name.

func (*UsersService) DeleteTunnelConnection 

func (c *UsersService) DeleteTunnelConnection(clusterName string, connName string) error

DeleteTunnelConnection deletes tunnel connection by name

func (*UsersService) DeleteTunnelConnections 

func (c *UsersService) DeleteTunnelConnections(clusterName string) error

DeleteTunnelConnections deletes all tunnel connections for cluster

func (*UsersService) DeleteUsedTOTPToken 

func (c *UsersService) DeleteUsedTOTPToken(user string) error

DeleteUsedTOTPToken removes the used token from the backend. This should only be used during tests.

func (*UsersService) DeleteUser 

func (c *UsersService) DeleteUser(email string) error

DeleteUser deletes a user by email

func (*UsersService) DeleteUserInvite 

func (c *UsersService) DeleteUserInvite(accountID, email string) error

DeleteUserInvite deletes user invite

func (*UsersService) DeleteUserLoginAttempts 

func (c *UsersService) DeleteUserLoginAttempts(user string) error

DeleteUserLoginAttempts removes all login attempts of a user. Should be called after successful login.

func (*UsersService) DeleteWebSession 

func (c *UsersService) DeleteWebSession(user, sid string) error

DeleteWebSession deletes web session from the storage

func (*UsersService) GetAPIKeyByToken 

func (c *UsersService) GetAPIKeyByToken(token string) (key *storage.APIKey, err error)

func (*UsersService) GetAPIKeys 

func (c *UsersService) GetAPIKeys(userEmail string) (keys []storage.APIKey, err error)

func (*UsersService) GetAccessChecker 

func (c *UsersService) GetAccessChecker(user storage.User) (teleservices.AccessChecker, error)

GetAccessChecker returns access checker for user based on users roles

func (*UsersService) GetAccount 

func (c *UsersService) GetAccount(accountID string) (*users.Account, error)

func (*UsersService) GetAccounts 

func (c *UsersService) GetAccounts() ([]users.Account, error)

GetAccounts returns accounts

func (*UsersService) GetAllTunnelConnections 

func (c *UsersService) GetAllTunnelConnections(opts ...teleservices.MarshalOption) ([]teleservices.TunnelConnection, error)

GetAllTunnelConnections returns all tunnel connections

func (*UsersService) GetAuthPreference 

func (c *UsersService) GetAuthPreference() (teleservices.AuthPreference, error)

GetAuthPreference returns cluster auth preference

func (*UsersService) GetAuthServers 

func (c *UsersService) GetAuthServers() ([]teleservices.Server, error)

GetAuthServers returns a list of registered servers

func (*UsersService) GetCertAuthorities 

func (c *UsersService) GetCertAuthorities(caType teleservices.CertAuthType, loadSigningKeys bool, opts ...teleservices.MarshalOption) ([]teleservices.CertAuthority, error)

GetCertAuthorities returns a list of authorities of a given type loadSigningKeys controls whether signing keys should be loaded or not

func (*UsersService) GetCertAuthority 

func (c *UsersService) GetCertAuthority(id teleservices.CertAuthID, loadSigningKeys bool, opts ...teleservices.MarshalOption) (teleservices.CertAuthority, error)

GetCertAuthority returns certificate authority by given id. Parameter loadSigningKeys controls if signing keys are loaded

func (*UsersService) GetClusterConfig 

func (c *UsersService) GetClusterConfig() (teleservices.ClusterConfig, error)

GetClusterConfig returns cluster configuration

func (*UsersService) GetClusterName 

func (c *UsersService) GetClusterName() (teleservices.ClusterName, error)

GetClusterName returns cluster name from cluster configuration

func (*UsersService) GetGithubAuthRequest 

func (c *UsersService) GetGithubAuthRequest(stateToken string) (*teleservices.GithubAuthRequest, error)

GetGithubAuthRequest retrieves Github auth request by the token

func (*UsersService) GetGithubConnector 

func (c *UsersService) GetGithubConnector(name string, withSecrets bool) (teleservices.GithubConnector, error)

GetGithubConnector returns a Github connector by its name

func (*UsersService) GetGithubConnectors 

func (c *UsersService) GetGithubConnectors(withSecrets bool) ([]teleservices.GithubConnector, error)

GetGithubConnectors returns all configured Github connectors

func (*UsersService) GetHOTP 

func (c *UsersService) GetHOTP(username string) (*hotp.HOTP, error)

GetHOTP gets HOTP token state for a user

func (*UsersService) GetInstallToken 

func (c *UsersService) GetInstallToken(tokenID string) (*storage.InstallToken, error)

GetInstallToken returns the token by ID

func (*UsersService) GetInstallTokenByUser 

func (c *UsersService) GetInstallTokenByUser(email string) (*storage.InstallToken, error)

GetInstallTokenByUser returns the token by user ID

func (*UsersService) GetInstallTokenForCluster 

func (c *UsersService) GetInstallTokenForCluster(name string) (*storage.InstallToken, error)

GetInstallTokenForCluster returns token by cluster name

func (*UsersService) GetLocalClusterName 

func (c *UsersService) GetLocalClusterName() (string, error)

func (*UsersService) GetNamespace 

func (c *UsersService) GetNamespace(name string) (*teleservices.Namespace, error)

GetNamespace returns a namespace by name

func (*UsersService) GetNamespaces 

func (c *UsersService) GetNamespaces() ([]teleservices.Namespace, error)

GetNamespaces returns a list of namespaces

func (*UsersService) GetNodes 

func (c *UsersService) GetNodes(namespace string, opts ...teleservices.MarshalOption) ([]teleservices.Server, error)

GetNodes returns a list of registered servers

func (*UsersService) GetOIDCAuthRequest 

func (c *UsersService) GetOIDCAuthRequest(stateToken string) (*teleservices.OIDCAuthRequest, error)

GetOIDCAuthRequest returns OIDC auth request if found

func (*UsersService) GetOIDCConnector 

func (c *UsersService) GetOIDCConnector(id string, withSecrets bool) (teleservices.OIDCConnector, error)

GetOIDCConnector returns OIDC connector data, withSecrets adds or removes client secret from return results

func (*UsersService) GetOIDCConnectors 

func (c *UsersService) GetOIDCConnectors(withSecrets bool) ([]teleservices.OIDCConnector, error)

GetOIDCConnectors returns registered connectors, withSecrets adds or removes client secret from return results

func (*UsersService) GetOperationProvisioningToken 

func (c *UsersService) GetOperationProvisioningToken(clusterName, operationID string) (*storage.ProvisioningToken, error)

GetOperationProvisioningToken returns token created for the particular site operation

func (*UsersService) GetPasswordHash 

func (c *UsersService) GetPasswordHash(username string) ([]byte, error)

GetPasswordHash returns the password hash for a given user

func (*UsersService) GetProvisioningToken 

func (c *UsersService) GetProvisioningToken(token string) (*storage.ProvisioningToken, error)

GetProvisioningToken returns token by ID

func (*UsersService) GetProxies 

func (c *UsersService) GetProxies() ([]teleservices.Server, error)

GetProxies returns a list of registered proxies

func (*UsersService) GetRemoteCluster 

func (c *UsersService) GetRemoteCluster(clusterName string) (teleservices.RemoteCluster, error)

GetRemoteCluster returns a remote cluster by name

func (*UsersService) GetRemoteClusters 

func (c *UsersService) GetRemoteClusters(opts ...teleservices.MarshalOption) ([]teleservices.RemoteCluster, error)

GetRemoteClusters returns a list of remote clusters

func (*UsersService) GetReverseTunnel 

func (c *UsersService) GetReverseTunnel(name string) (teleservices.ReverseTunnel, error)

GetReverseTunnel returns reverse tunnel by name

func (*UsersService) GetReverseTunnels 

func (c *UsersService) GetReverseTunnels() ([]teleservices.ReverseTunnel, error)

GetReverseTunnels returns a list of registered servers

func (*UsersService) GetRole 

func (c *UsersService) GetRole(name string) (teleservices.Role, error)

GetRole returns a role by name

func (*UsersService) GetRoles 

func (c *UsersService) GetRoles() ([]teleservices.Role, error)

GetRoles returns a list of roles registered with the local auth server

func (*UsersService) GetSAMLAuthRequest 

func (c *UsersService) GetSAMLAuthRequest(stateToken string) (*teleservices.SAMLAuthRequest, error)

GetSAMLAuthRequest returns SAML auth request if found

func (*UsersService) GetSAMLConnector 

func (c *UsersService) GetSAMLConnector(id string, withSecrets bool) (teleservices.SAMLConnector, error)

GetSAMLConnector returns SAML connector data, withSecrets adds or removes client secret from return results

func (*UsersService) GetSAMLConnectors 

func (c *UsersService) GetSAMLConnectors(withSecrets bool) ([]teleservices.SAMLConnector, error)

GetSAMLConnectors returns registered connectors, withSecrets adds or removes client secret from return results

func (*UsersService) GetSignupToken 

func (c *UsersService) GetSignupToken(token string) (*teleservices.SignupToken, error)

GetSignupToken returns signup token data

func (*UsersService) GetSignupTokens 

func (c *UsersService) GetSignupTokens() ([]teleservices.SignupToken, error)

GetSignupTokens returns a list of signup tokens

func (*UsersService) GetSiteProvisioningTokens 

func (c *UsersService) GetSiteProvisioningTokens(siteDomain string) ([]storage.ProvisioningToken, error)

func (*UsersService) GetStaticTokens 

func (c *UsersService) GetStaticTokens() (teleservices.StaticTokens, error)

GetStaticTokens returns static tokens from cluster configuration

func (*UsersService) GetTOTP 

func (c *UsersService) GetTOTP(user string) (string, error)

GetTOTP returns the secret key used by the TOTP algorithm to validate tokens

func (*UsersService) GetTelekubeUser 

func (c *UsersService) GetTelekubeUser(email string) (storage.User, error)

GetTelekubeUser finds user by email

func (*UsersService) GetToken 

func (c *UsersService) GetToken(token string) (*teleservices.ProvisionToken, error)

GetToken is called by Teleport to verify the token supplied by a connecting trusted cluster, it is expected to be an API key of Gatekeeper user

func (*UsersService) GetTokens 

func (*UsersService) GetTokens() ([]teleservices.ProvisionToken, error)

GetTokens returns all non-expired tokens

func (*UsersService) GetTrustedCluster 

func (c *UsersService) GetTrustedCluster(name string) (teleservices.TrustedCluster, error)

GetTrustedCluster returns a single TrustedCluster by name.

func (*UsersService) GetTrustedClusters 

func (c *UsersService) GetTrustedClusters() ([]teleservices.TrustedCluster, error)

GetTrustedClusters returns all TrustedClusters in the backend.

func (*UsersService) GetTunnelConnections 

func (c *UsersService) GetTunnelConnections(clusterName string, opts ...teleservices.MarshalOption) ([]teleservices.TunnelConnection, error)

GetTunnelConnections returns tunnel connections for a given cluster

func (*UsersService) GetU2FRegisterChallenge 

func (c *UsersService) GetU2FRegisterChallenge(token string) (*u2f.Challenge, error)

GetU2FRegisterChallenge returns a U2F challenge for a new user corresponding to the token

func (*UsersService) GetU2FRegistration 

func (c *UsersService) GetU2FRegistration(user string) (*u2f.Registration, error)

GetU2FRegistration returns a U2F registration from a valid register response

func (*UsersService) GetU2FRegistrationCounter 

func (c *UsersService) GetU2FRegistrationCounter(user string) (counter uint32, e error)

GetU2FRegistrationCounter returns a counter associated with a U2F registration

func (*UsersService) GetU2FSignChallenge 

func (c *UsersService) GetU2FSignChallenge(user string) (*u2f.Challenge, error)

GetU2FSignChallenge returns a U2F sign (auth) challenge

func (*UsersService) GetUsedTOTPToken 

func (c *UsersService) GetUsedTOTPToken(user string) (string, error)

GetUsedTOTPToken returns the last successfully used TOTP token. If no token is found zero is returned.

func (*UsersService) GetUser 

func (c *UsersService) GetUser(email string) (teleservices.User, error)

GetUser finds user by email

func (*UsersService) GetUserByGithubIdentity 

func (c *UsersService) GetUserByGithubIdentity(id teleservices.ExternalIdentity) (teleservices.User, error)

GetUserByGithubIdentity returns a user by it's specified Github Identity, returns first user specified with this identity

func (*UsersService) GetUserByOIDCIdentity 

func (c *UsersService) GetUserByOIDCIdentity(id teleservices.ExternalIdentity) (teleservices.User, error)

GetUserByOIDCIdentity returns a user by it's specified OIDC Identity, returns first user specified with this identity

func (*UsersService) GetUserBySAMLIdentity 

func (c *UsersService) GetUserBySAMLIdentity(id teleservices.ExternalIdentity) (teleservices.User, error)

GetUserBySAMLIdentity returns a user by it's specified SAML Identity, returns first user specified with this identity

func (*UsersService) GetUserInvites 

func (c *UsersService) GetUserInvites(accountID string) ([]storage.UserInvite, error)

GetUserInvites returns user invites

func (*UsersService) GetUserLoginAttempts 

func (c *UsersService) GetUserLoginAttempts(user string) ([]teleservices.LoginAttempt, error)

GetUserLoginAttempts returns user login attempts

func (*UsersService) GetUserToken 

func (c *UsersService) GetUserToken(token string) (*storage.UserToken, error)

GetUserToken returns information about this signup token based on its id

func (*UsersService) GetUsers 

func (c *UsersService) GetUsers() ([]teleservices.User, error)

func (*UsersService) GetUsersByAccountID 

func (c *UsersService) GetUsersByAccountID(accountID string) ([]storage.User, error)

GetUsersByAccountID returns user account

func (*UsersService) GetWebSession 

func (c *UsersService) GetWebSession(user, sid string) (teleservices.WebSession, error)

GetWebSession returns a web session state for a given user and session id

func (*UsersService) LoginWithInstallToken 

func (c *UsersService) LoginWithInstallToken(tokenID string) (*users.LoginResult, error)

func (*UsersService) Migrate 

func (c *UsersService) Migrate() error

Migrate launches migrations for users and roles

func (*UsersService) ProcessUserTokenCompleteRequest 

func (c *UsersService) ProcessUserTokenCompleteRequest(tokenType string, req users.UserTokenCompleteRequest) (*storage.UserToken, []byte, error)

ProcessUserTokenCompleteRequest processes user token complete request

func (*UsersService) ReleaseLock 

func (c *UsersService) ReleaseLock(token string) error

ReleaseLock releases lock by token name

func (*UsersService) ResetPassword 

func (c *UsersService) ResetPassword(email string) (string, error)

ResetPassword resets the user password and returns the new one

func (*UsersService) ResetUserWithToken 

func (c *UsersService) ResetUserWithToken(req users.UserTokenCompleteRequest) (teleservices.WebSession, error)

ResetUserWithToken sets user password based on user token and logs in user after that in case of successful operation

func (*UsersService) SetAuth 

func (c *UsersService) SetAuth(auth teleauth.ClientI)

func (*UsersService) SetAuthPreference 

func (c *UsersService) SetAuthPreference(authP teleservices.AuthPreference) error

SetAuthPreference updates cluster auth preference

func (*UsersService) SetClusterConfig 

func (c *UsersService) SetClusterConfig(config teleservices.ClusterConfig) error

SetClusterConfig returns cluster configuration

func (*UsersService) SetClusterName 

func (c *UsersService) SetClusterName(clusterName teleservices.ClusterName) error

SetClusterName sets the name of the cluster in the backend. SetClusterName can only be called once on a cluster after which it will return trace.AlreadyExists.

func (*UsersService) SetStaticTokens 

func (c *UsersService) SetStaticTokens(tokens teleservices.StaticTokens) error

SetStaticTokens updates static tokens in cluster configuration

func (*UsersService) TryAcquireLock 

func (c *UsersService) TryAcquireLock(token string, ttl time.Duration) error

TryAcquireLock grabs a lock that will be released automatically in ttl time

func (*UsersService) UpdateInstallToken 

func (c *UsersService) UpdateInstallToken(req users.InstallTokenUpdateRequest) (*storage.InstallToken, teleservices.Role, error)

UpdateInstallToken updates an existing install token and changes role for the user associated with the install token to reduce it's scope to the just created cluster

func (*UsersService) UpdatePassword 

func (c *UsersService) UpdatePassword(email string, oldPassword, newPassword users.Password) error

UpdatePassword updates users password based on the old password

func (*UsersService) UpdateUser 

func (c *UsersService) UpdateUser(username string, req storage.UpdateUserReq) error

UpdateUser updates certain user fields

func (*UsersService) UpsertAuthServer 

func (c *UsersService) UpsertAuthServer(server teleservices.Server) error

UpsertAuthServer registers auth server presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second

func (*UsersService) UpsertCertAuthority 

func (c *UsersService) UpsertCertAuthority(ca teleservices.CertAuthority) error

UpsertCertAuthority updates or inserts a new certificate authority

func (*UsersService) UpsertGithubConnector 

func (c *UsersService) UpsertGithubConnector(connector teleservices.GithubConnector) error

UpsertGithubConnector creates or updates a new Github connector

func (*UsersService) UpsertHOTP 

func (c *UsersService) UpsertHOTP(user string, otp *hotp.HOTP) error

UpsertHOTP upserts HOTP state for user

func (*UsersService) UpsertLocalClusterName 

func (c *UsersService) UpsertLocalClusterName(clusterName string) error

func (*UsersService) UpsertNamespace 

func (c *UsersService) UpsertNamespace(n teleservices.Namespace) error

UpsertNamespace upserts namespace

func (*UsersService) UpsertNode 

func (c *UsersService) UpsertNode(server teleservices.Server) error

UpsertNode registers node presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second

func (*UsersService) UpsertNodes 

func (c *UsersService) UpsertNodes(namespace string, servers []teleservices.Server) error

UpsertNodes upserts multiple nodes

func (*UsersService) UpsertOIDCConnector 

func (c *UsersService) UpsertOIDCConnector(connector teleservices.OIDCConnector) error

UpsertOIDCConnector upserts OIDC Connector

func (*UsersService) UpsertPassword 

func (c *UsersService) UpsertPassword(user string, password []byte) error

UpsertPassword upserts new password and HOTP token

func (*UsersService) UpsertPasswordHash 

func (c *UsersService) UpsertPasswordHash(user string, hash []byte) error

UpsertPasswordHash upserts user password hash

func (*UsersService) UpsertProxy 

func (c *UsersService) UpsertProxy(server teleservices.Server) error

UpsertProxy registers proxy server presence, permanently if ttl is 0 or for the specified duration with second resolution if it's >= 1 second

func (*UsersService) UpsertReverseTunnel 

func (c *UsersService) UpsertReverseTunnel(tunnel teleservices.ReverseTunnel) error

UpsertReverseTunnel upserts reverse tunnel entry temporarily or permanently

func (*UsersService) UpsertRole 

func (c *UsersService) UpsertRole(role teleservices.Role, ttl time.Duration) error

UpsertRole updates parameters about role

func (*UsersService) UpsertSAMLConnector 

func (c *UsersService) UpsertSAMLConnector(connector teleservices.SAMLConnector) error

UpsertSAMLConnector upserts SAML Connector

func (*UsersService) UpsertSignupToken 

func (c *UsersService) UpsertSignupToken(token string, tokenData teleservices.SignupToken, ttl time.Duration) error

UpsertSignupToken upserts signup token - one time token that lets user to create a user account

func (*UsersService) UpsertTOTP 

func (c *UsersService) UpsertTOTP(user string, secretKey string) error

UpsertTOTP upserts TOTP secret key for a user that can be used to generate and validate tokens.

func (*UsersService) UpsertToken 

func (*UsersService) UpsertToken(token string, roles teleport.Roles, ttl time.Duration) error

UpsertToken adds provisioning tokens for the auth server

func (*UsersService) UpsertTrustedCluster 

func (c *UsersService) UpsertTrustedCluster(trustedCluster teleservices.TrustedCluster) (teleservices.TrustedCluster, error)

UpsertTrustedCluster creates or updates a TrustedCluster in the backend.

func (*UsersService) UpsertTunnelConnection 

func (c *UsersService) UpsertTunnelConnection(conn teleservices.TunnelConnection) error

UpsertTunnelConnection upserts tunnel connection

func (*UsersService) UpsertU2FRegisterChallenge 

func (c *UsersService) UpsertU2FRegisterChallenge(token string, u2fChallenge *u2f.Challenge) error

UpsertU2FRegisterChallenge upserts a U2F challenge for a new user corresponding to the token

func (*UsersService) UpsertU2FRegistration 

func (c *UsersService) UpsertU2FRegistration(user string, u2fReg *u2f.Registration) error

UpsertU2FRegistration upserts a U2F registration from a valid register response

func (*UsersService) UpsertU2FRegistrationCounter 

func (c *UsersService) UpsertU2FRegistrationCounter(user string, counter uint32) error

UpsertU2FRegistrationCounter upserts a counter associated with a U2F registration

func (*UsersService) UpsertU2FSignChallenge 

func (c *UsersService) UpsertU2FSignChallenge(user string, u2fChallenge *u2f.Challenge) error

UpsertU2FSignChallenge upserts a U2F sign (auth) challenge

func (*UsersService) UpsertUsedTOTPToken 

func (c *UsersService) UpsertUsedTOTPToken(user string, otpToken string) error

UpsertUsedTOTPToken upserts a TOTP token to the backend so it can't be used again during the 30 second window it's valid.

func (*UsersService) UpsertUser 

func (c *UsersService) UpsertUser(teleuser teleservices.User) error

UpsertUser creates a new user or updates existing user In case of AgentUser it will generate a random token - API key In case of AdminUser or Regular user it requires a password to be set and uses bcrypt to store password's hash

func (*UsersService) UpsertWebSession 

func (c *UsersService) UpsertWebSession(user, sid string, session teleservices.WebSession) error

UpsertWebSession updates or inserts a web session for a user and session id

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.