Documentation
¶
Index ¶
- Constants
- func CheckNetRegAndHostUpdate(networks []string, h *models.Host)
- func HandleAuthCallback(w http.ResponseWriter, r *http.Request)
- func HandleAuthLogin(w http.ResponseWriter, r *http.Request)
- func HandleHeadlessSSO(w http.ResponseWriter, r *http.Request)
- func HandleHeadlessSSOCallback(w http.ResponseWriter, r *http.Request)
- func HandleHostSSOCallback(w http.ResponseWriter, r *http.Request)
- func InitializeAuthProvider() string
- func IsOauthUser(user *models.User) error
- func RegisterHostSSO(w http.ResponseWriter, r *http.Request)
- func SessionHandler(conn *websocket.Conn)
- type OAuthUser
Constants ¶
const OIDC_TIMEOUT = 10 * time.Second
Variables ¶
This section is empty.
Functions ¶
func CheckNetRegAndHostUpdate ¶
CheckNetRegAndHostUpdate - run through networks and send a host update
func HandleAuthCallback ¶
func HandleAuthCallback(w http.ResponseWriter, r *http.Request)
HandleAuthCallback - handles oauth callback Note: not included in API reference as part of the OAuth process itself.
func HandleAuthLogin ¶
func HandleAuthLogin(w http.ResponseWriter, r *http.Request)
swagger:route GET /api/oauth/login nodes HandleAuthLogin
Handles OAuth login.
Schemes: https Security: oauth Responses: 200: okResponse
func HandleHeadlessSSO ¶
func HandleHeadlessSSO(w http.ResponseWriter, r *http.Request)
HandleHeadlessSSO - handles the OAuth login flow for headless interfaces such as Netmaker CLI via websocket
func HandleHeadlessSSOCallback ¶
func HandleHeadlessSSOCallback(w http.ResponseWriter, r *http.Request)
HandleHeadlessSSOCallback - handle OAuth callback for headless logins such as Netmaker CLI
func HandleHostSSOCallback ¶
func HandleHostSSOCallback(w http.ResponseWriter, r *http.Request)
HandleHostSSOCallback handles the callback from the sso endpoint It is the analogue of auth.handleNodeSSOCallback but takes care of the end point flow Retrieves the mkey from the state cache and adds the machine to the users email namespace TODO: A confirmation page for new machines should be added to avoid phishing vulnerabilities TODO: Add groups information from OIDC tokens into machine HostInfo Listens in /oidc/callback.
func InitializeAuthProvider ¶
func InitializeAuthProvider() string
InitializeAuthProvider - initializes the auth provider if any is present
func RegisterHostSSO ¶
func RegisterHostSSO(w http.ResponseWriter, r *http.Request)
RegisterHostSSO redirects to the IDP for authentication Puts machine key in cache so the callback can retrieve it using the oidc state param Listens in /oidc/register/:regKey.
func SessionHandler ¶
SessionHandler - called by the HTTP router when user is calling netclient with join/register -s parameter in order to authenticate via SSO mechanism by OAuth2 protocol flow. This triggers a session start and it is managed by the flow implemented here and callback When this method finishes - the auth flow has finished either OK or by timeout or any other error occured
Types ¶
type OAuthUser ¶
type OAuthUser struct {
Name string `json:"name" bson:"name"`
Email string `json:"email" bson:"email"`
Login string `json:"login" bson:"login"`
UserPrincipalName string `json:"userPrincipalName" bson:"userPrincipalName"`
AccessToken string `json:"accesstoken" bson:"accesstoken"`
}
OAuthUser - generic OAuth strategy user
Source Files