request

package
v0.7.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2022 License: MPL-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_controller_storage_auth_oidc_request_v1_request_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type State

type State struct {

	// token_request_id is the id. This id is used by the client to poll for a Boundary
	// token, once the final leg of the authen flow is compeleted.  The Callback uses this
	// id to create a "pending" token for that polling process.
	TokenRequestId string `protobuf:"bytes,10,opt,name=token_request_id,json=tokenRequestId,proto3" json:"token_request_id,omitempty"`
	// create_time of the request that started the authentication flow.
	CreateTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
	// expiration_time of the authenticaion flow.
	ExpirationTime *timestamp.Timestamp `protobuf:"bytes,30,opt,name=expiration_time,json=expirationTime,proto3" json:"expiration_time,omitempty"`
	// final_redirect_url that will be sent back to the client after the callback
	FinalRedirectUrl string `protobuf:"bytes,40,opt,name=final_redirect_url,json=finalRedirectUrl,proto3" json:"final_redirect_url,omitempty"`
	// nonce of the request which is used to verify the ID Token in the third leg
	// as a way to prevent replay attacks.
	//
	// See https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
	// and https://openid.net/specs/openid-connect-core-1_0.html#NonceNotes.
	Nonce string `protobuf:"bytes,50,opt,name=nonce,proto3" json:"nonce,omitempty"`
	// provider_config_hash can be used to see if the provider's config has changed
	// since the request started.
	ProviderConfigHash uint64 `protobuf:"varint,60,opt,name=provider_config_hash,json=providerConfigHash,proto3" json:"provider_config_hash,omitempty"`
	// contains filtered or unexported fields
}

First, State is used in constructing the authorization URL, in the first leg of the authen flow. State represents the unique data used to construct an oidc.Request (see: https://github.com/hashicorp/cap/blob/main/oidc/request.go). State needs enough information, that when combined with a Boundary oidc auth method, a proper oidc.Request can be recreated during the second leg of the authen flow. State also needs the provider.ConfigHash() used to from the first leg, so it can verify the Boundary's oidc auth method configuration hasn't changed since the authen flow began.

func (*State) Descriptor deprecated

func (*State) Descriptor() ([]byte, []int)

Deprecated: Use State.ProtoReflect.Descriptor instead.

func (*State) GetCreateTime

func (x *State) GetCreateTime() *timestamp.Timestamp

func (*State) GetExpirationTime

func (x *State) GetExpirationTime() *timestamp.Timestamp

func (*State) GetFinalRedirectUrl

func (x *State) GetFinalRedirectUrl() string

func (*State) GetNonce

func (x *State) GetNonce() string

func (*State) GetProviderConfigHash

func (x *State) GetProviderConfigHash() uint64

func (*State) GetTokenRequestId

func (x *State) GetTokenRequestId() string

func (*State) ProtoMessage

func (*State) ProtoMessage()

func (*State) ProtoReflect

func (x *State) ProtoReflect() protoreflect.Message

func (*State) Reset

func (x *State) Reset()

func (*State) String

func (x *State) String() string

func (*State) Validate

func (s *State) Validate(ctx context.Context) error

Validate the request.State

type Token

type Token struct {

	// request_id for the token.
	RequestId string `protobuf:"bytes,10,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// expiration_time of the authenticaion flow.
	ExpirationTime *timestamp.Timestamp `protobuf:"bytes,20,opt,name=expiration_time,json=expirationTime,proto3" json:"expiration_time,omitempty"`
	// contains filtered or unexported fields
}

Token is the request token that's returned as part of the auth_token_url from oidc.StartAuth(...)

func (*Token) Descriptor deprecated

func (*Token) Descriptor() ([]byte, []int)

Deprecated: Use Token.ProtoReflect.Descriptor instead.

func (*Token) GetExpirationTime

func (x *Token) GetExpirationTime() *timestamp.Timestamp

func (*Token) GetRequestId

func (x *Token) GetRequestId() string

func (*Token) ProtoMessage

func (*Token) ProtoMessage()

func (*Token) ProtoReflect

func (x *Token) ProtoReflect() protoreflect.Message

func (*Token) Reset

func (x *Token) Reset()

func (*Token) String

func (x *Token) String() string

func (*Token) Validate

func (t *Token) Validate(ctx context.Context) error

Validate the request.Token

type Wrapper

type Wrapper struct {

	// auth_method_id is the auth method of the oidc request
	AuthMethodId string `protobuf:"bytes,10,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty"`
	// scope_id is the auth method's scope
	ScopeId string `protobuf:"bytes,20,opt,name=scope_id,json=scopeId,proto3" json:"scope_id,omitempty"`
	// wrapper_key_id is the DEK wrapper key id which was used to derive the
	// cipher's key
	WrapperKeyId string `protobuf:"bytes,30,opt,name=wrapper_key_id,json=wrapperKeyId,proto3" json:"wrapper_key_id,omitempty"`
	// ct is the encrypted cipher text
	Ct []byte `protobuf:"bytes,40,opt,name=ct,proto3" json:"ct,omitempty"`
	// contains filtered or unexported fields
}

Wrapper wraps an encrypted cipher text with non-sensitive info which allows Boundary to determine how to decrypt the wrappered cipher text (ct) field.

func (*Wrapper) Descriptor deprecated

func (*Wrapper) Descriptor() ([]byte, []int)

Deprecated: Use Wrapper.ProtoReflect.Descriptor instead.

func (*Wrapper) GetAuthMethodId

func (x *Wrapper) GetAuthMethodId() string

func (*Wrapper) GetCt

func (x *Wrapper) GetCt() []byte

func (*Wrapper) GetScopeId

func (x *Wrapper) GetScopeId() string

func (*Wrapper) GetWrapperKeyId

func (x *Wrapper) GetWrapperKeyId() string

func (*Wrapper) ProtoMessage

func (*Wrapper) ProtoMessage()

func (*Wrapper) ProtoReflect

func (x *Wrapper) ProtoReflect() protoreflect.Message

func (*Wrapper) Reset

func (x *Wrapper) Reset()

func (*Wrapper) String

func (x *Wrapper) String() string

func (*Wrapper) Validate

func (w *Wrapper) Validate(ctx context.Context) error

Validate the request.Wrapper

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL