Documentation
¶
Index ¶
- type AzureProvider
- type FacebookProvider
- type GitHubProvider
- type GitLabProvider
- type GoogleProvider
- func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
- func (p *GoogleProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
- func (p *GoogleProvider) SetGroupRestriction(groups []string, adminEmail string, credentialsReader io.Reader)
- func (p *GoogleProvider) ValidateGroup(email string) bool
- type LinkedInProvider
- type MyUsaProvider
- type Provider
- type ProviderData
- func (p *ProviderData) CookieForSession(s *SessionState, c *cookie.Cipher) (string, error)
- func (p *ProviderData) Data() *ProviderData
- func (p *ProviderData) GetEmailAddress(s *SessionState) (string, error)
- func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string
- func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error)
- func (p *ProviderData) RefreshSessionIfNeeded(s *SessionState) (bool, error)
- func (p *ProviderData) SessionFromCookie(v string, c *cookie.Cipher) (s *SessionState, err error)
- func (p *ProviderData) ValidateGroup(email string) bool
- func (p *ProviderData) ValidateSessionState(s *SessionState) bool
- type RoleProvider
- type SessionState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AzureProvider ¶
type AzureProvider struct {
*ProviderData
Tenant string
}
func NewAzureProvider ¶
func NewAzureProvider(p *ProviderData) *AzureProvider
func (*AzureProvider) Configure ¶
func (p *AzureProvider) Configure(tenant string)
func (*AzureProvider) GetEmailAddress ¶
func (p *AzureProvider) GetEmailAddress(s *SessionState) (string, error)
type FacebookProvider ¶
type FacebookProvider struct {
*ProviderData
}
func NewFacebookProvider ¶
func NewFacebookProvider(p *ProviderData) *FacebookProvider
func (*FacebookProvider) GetEmailAddress ¶
func (p *FacebookProvider) GetEmailAddress(s *SessionState) (string, error)
func (*FacebookProvider) ValidateSessionState ¶
func (p *FacebookProvider) ValidateSessionState(s *SessionState) bool
type GitHubProvider ¶
type GitHubProvider struct {
*ProviderData
Org string
Team string
// contains filtered or unexported fields
}
func NewGitHubProvider ¶
func NewGitHubProvider(p *ProviderData) *GitHubProvider
func (*GitHubProvider) GetEmailAddress ¶
func (p *GitHubProvider) GetEmailAddress(s *SessionState) (string, error)
func (*GitHubProvider) GetUserRoles ¶
func (p *GitHubProvider) GetUserRoles() string
Return a filtered list of all teams assigned to a user by the organization defined in the configuration
func (*GitHubProvider) SetOrgTeam ¶
func (p *GitHubProvider) SetOrgTeam(org, team string)
func (*GitHubProvider) SetUserRoles ¶
func (p *GitHubProvider) SetUserRoles(accessToken string) (bool, error)
type GitLabProvider ¶
type GitLabProvider struct {
*ProviderData
}
func NewGitLabProvider ¶
func NewGitLabProvider(p *ProviderData) *GitLabProvider
func (*GitLabProvider) GetEmailAddress ¶
func (p *GitLabProvider) GetEmailAddress(s *SessionState) (string, error)
type GoogleProvider ¶
type GoogleProvider struct {
*ProviderData
RedeemRefreshURL *url.URL
// GroupValidator is a function that determines if the passed email is in
// the configured Google group.
GroupValidator func(string) bool
}
func NewGoogleProvider ¶
func NewGoogleProvider(p *ProviderData) *GoogleProvider
func (*GoogleProvider) Redeem ¶
func (p *GoogleProvider) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*GoogleProvider) RefreshSessionIfNeeded ¶
func (p *GoogleProvider) RefreshSessionIfNeeded(s *SessionState) (bool, error)
func (*GoogleProvider) SetGroupRestriction ¶
func (p *GoogleProvider) SetGroupRestriction(groups []string, adminEmail string, credentialsReader io.Reader)
SetGroupRestriction configures the GoogleProvider to restrict access to the specified group(s). AdminEmail has to be an administrative email on the domain that is checked. CredentialsFile is the path to a json file containing a Google service account credentials.
func (*GoogleProvider) ValidateGroup ¶
func (p *GoogleProvider) ValidateGroup(email string) bool
ValidateGroup validates that the provided email exists in the configured Google group(s).
type LinkedInProvider ¶
type LinkedInProvider struct {
*ProviderData
}
func NewLinkedInProvider ¶
func NewLinkedInProvider(p *ProviderData) *LinkedInProvider
func (*LinkedInProvider) GetEmailAddress ¶
func (p *LinkedInProvider) GetEmailAddress(s *SessionState) (string, error)
func (*LinkedInProvider) ValidateSessionState ¶
func (p *LinkedInProvider) ValidateSessionState(s *SessionState) bool
type MyUsaProvider ¶
type MyUsaProvider struct {
*ProviderData
}
func NewMyUsaProvider ¶
func NewMyUsaProvider(p *ProviderData) *MyUsaProvider
func (*MyUsaProvider) GetEmailAddress ¶
func (p *MyUsaProvider) GetEmailAddress(s *SessionState) (string, error)
type Provider ¶
type Provider interface {
Data() *ProviderData
GetEmailAddress(*SessionState) (string, error)
Redeem(string, string) (*SessionState, error)
ValidateGroup(string) bool
ValidateSessionState(*SessionState) bool
GetLoginURL(redirectURI, finalRedirect string) string
RefreshSessionIfNeeded(*SessionState) (bool, error)
SessionFromCookie(string, *cookie.Cipher) (*SessionState, error)
CookieForSession(*SessionState, *cookie.Cipher) (string, error)
}
Provider is the primary interface for an authentication provider all provider
func New ¶
func New(provider string, p *ProviderData) Provider
New gives you an instance of the given provider
type ProviderData ¶
type ProviderData struct {
ProviderName string
ClientID string
ClientSecret string
LoginURL *url.URL
RedeemURL *url.URL
ProfileURL *url.URL
ProtectedResource *url.URL
ValidateURL *url.URL
Scope string
ApprovalPrompt string
PreferredEmailDomains []string
}
func (*ProviderData) CookieForSession ¶
func (p *ProviderData) CookieForSession(s *SessionState, c *cookie.Cipher) (string, error)
CookieForSession serializes a session state for storage in a cookie
func (*ProviderData) Data ¶
func (p *ProviderData) Data() *ProviderData
func (*ProviderData) GetEmailAddress ¶
func (p *ProviderData) GetEmailAddress(s *SessionState) (string, error)
func (*ProviderData) GetLoginURL ¶
func (p *ProviderData) GetLoginURL(redirectURI, finalRedirect string) string
GetLoginURL with typical oauth parameters
func (*ProviderData) Redeem ¶
func (p *ProviderData) Redeem(redirectURL, code string) (s *SessionState, err error)
func (*ProviderData) RefreshSessionIfNeeded ¶
func (p *ProviderData) RefreshSessionIfNeeded(s *SessionState) (bool, error)
RefreshSessionIfNeeded
func (*ProviderData) SessionFromCookie ¶
func (p *ProviderData) SessionFromCookie(v string, c *cookie.Cipher) (s *SessionState, err error)
SessionFromCookie deserializes a session from a cookie value
func (*ProviderData) ValidateGroup ¶
func (p *ProviderData) ValidateGroup(email string) bool
ValidateGroup validates that the provided email exists in the configured provider email group(s).
func (*ProviderData) ValidateSessionState ¶
func (p *ProviderData) ValidateSessionState(s *SessionState) bool
type RoleProvider ¶
RoleProvider is an optional interface that exposes a list of roles for a user. For Providers like GitHub this would be the teams the user is a member of.
type SessionState ¶
type SessionState struct {
AccessToken string
ExpiresOn time.Time
RefreshToken string
Email string
User string
}
func DecodeSessionState ¶
func DecodeSessionState(v string, c *cookie.Cipher) (s *SessionState, err error)
func (*SessionState) EncodeSessionState ¶
func (s *SessionState) EncodeSessionState(c *cookie.Cipher) (string, error)
func (*SessionState) EncryptedString ¶
func (s *SessionState) EncryptedString(c *cookie.Cipher) (string, error)
func (*SessionState) IsExpired ¶
func (s *SessionState) IsExpired() bool
func (*SessionState) String ¶
func (s *SessionState) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.