Affected by GO-2022-0559 and 8 other vulnerabilities

GO-2022-0559: HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul

GO-2022-0593: HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul

GO-2022-0615: Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul

GO-2022-0894: Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul

GO-2022-0895: HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul

GO-2022-0953: HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers in github.com/hashicorp/consul

GO-2022-1029: HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul

GO-2023-1827: Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul

GO-2024-3242: Hashicorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul

ssoauth

package

v1.8.12 Latest Latest Go to latest Published: Jun 4, 2021 License: MPL-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hashicorp/consul

Links

Open Source Insights

Documentation ¶

Index ¶

type Config
type Validator
- func NewValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (*Validator, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// common for type=oidc and type=jwt
	JWTSupportedAlgs    []string          `json:",omitempty"`
	BoundAudiences      []string          `json:",omitempty"`
	ClaimMappings       map[string]string `json:",omitempty"`
	ListClaimMappings   map[string]string `json:",omitempty"`
	OIDCDiscoveryURL    string            `json:",omitempty"`
	OIDCDiscoveryCACert string            `json:",omitempty"`

	// just for type=jwt
	JWKSURL              string        `json:",omitempty"`
	JWKSCACert           string        `json:",omitempty"`
	JWTValidationPubKeys []string      `json:",omitempty"`
	BoundIssuer          string        `json:",omitempty"`
	ExpirationLeeway     time.Duration `json:",omitempty"`
	NotBeforeLeeway      time.Duration `json:",omitempty"`
	ClockSkewLeeway      time.Duration `json:",omitempty"`
	// contains filtered or unexported fields
}

Config is the collection of all settings that pertain to doing OIDC-based authentication and direct JWT-based authentication processes.

type Validator ¶

type Validator struct {
	// contains filtered or unexported fields
}

Validator is the wrapper around the go-sso library that also conforms to the authmethod.Validator interface.

func NewValidator ¶

func NewValidator(logger hclog.Logger, method *structs.ACLAuthMethod) (*Validator, error)

func (*Validator) Name ¶

func (v *Validator) Name() string

Name implements authmethod.Validator.

func (*Validator) NewIdentity ¶

func (v *Validator) NewIdentity() *authmethod.Identity

NewIdentity implements authmethod.Validator.

func (*Validator) Stop ¶

func (v *Validator) Stop()

Stop implements authmethod.Validator.

func (*Validator) ValidateLogin ¶

func (v *Validator) ValidateLogin(ctx context.Context, loginToken string) (*authmethod.Identity, error)

ValidateLogin implements authmethod.Validator.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL