Versions in this module Expand all Collapse all v1 v1.10.2 Oct 20, 2023 v1.10.1 Mar 17, 2023 v1.10.0 Aug 23, 2022 Changes in this version type AuthMux + AfterLogoutURL string v1.9.4 Mar 22, 2022 v1.9.3 Jan 25, 2022 v1.9.2 Jan 25, 2022 v1.9.1 Oct 8, 2021 Changes in this version + const DefaultCookieName + const HerokuAccountRoute + const TenMinutes + var DefaultNowTime = func() time.Time + var ErrAuthentication = errors.New("user not authenticated") + var ErrOrgMembership = errors.New("not a member of the required organization") + var GoogleEndpoint = oauth2.Endpoint + var PrincipalKey = principalKey("principal") + type Auth0 struct + Organizations map[string]bool + func NewAuth0(auth0Domain, clientID, clientSecret, redirectURL string, ...) (Auth0, error) + func (a *Auth0) Group(provider *http.Client) (string, error) + func (a *Auth0) PrincipalID(provider *http.Client) (string, error) + type AuthMux struct + Auth Authenticator + CodeExchange CodeExchange + FailureURL string + Logger chronograf.Logger + LoginHint string + Now func() time.Time + Provider Provider + SuccessURL string + Tokens Tokenizer + UseIDToken bool + func NewAuthMux(p Provider, a Authenticator, t Tokenizer, basepath string, l chronograf.Logger, ...) *AuthMux + func (j *AuthMux) Callback() http.Handler + func (j *AuthMux) Login() http.Handler + func (j *AuthMux) Logout() http.Handler + type Authenticator interface + Authorize func(context.Context, http.ResponseWriter, Principal) error + Expire func(http.ResponseWriter) + Extend func(context.Context, http.ResponseWriter, Principal) (Principal, error) + Validate func(context.Context, *http.Request) (Principal, error) + func NewCookieJWT(secret string, lifespan, inactivity time.Duration) Authenticator + type Claims struct + Group string + Organization string + func (c *Claims) Valid() error + type CodeExchange interface + AuthCodeURL func(ctx context.Context, j *AuthMux) (string, error) + ExchangeCodeForToken func(ctx context.Context, state, code string, j *AuthMux) (*oauth2.Token, error) + func NewCodeExchange(withPKCE bool, secret string) CodeExchange + type CodeExchangeCSRF struct + func (p *CodeExchangeCSRF) AuthCodeURL(ctx context.Context, j *AuthMux) (string, error) + func (p *CodeExchangeCSRF) ExchangeCodeForToken(ctx context.Context, state, code string, j *AuthMux) (*oauth2.Token, error) + type CodeExchangePKCE struct + Secret string + func (c *CodeExchangePKCE) Decrypt(encrypted string) ([]byte, error) + func (c *CodeExchangePKCE) Encrypt(codeVerifier []byte) (string, error) + func (p *CodeExchangePKCE) AuthCodeURL(ctx context.Context, j *AuthMux) (string, error) + func (p *CodeExchangePKCE) ExchangeCodeForToken(ctx context.Context, state, code string, j *AuthMux) (*oauth2.Token, error) + type ExtendedProvider interface + GroupFromClaims func(claims gojwt.MapClaims) (string, error) + PrincipalIDFromClaims func(claims gojwt.MapClaims) (string, error) + type Generic struct + APIKey string + APIURL string + AuthURL string + ClientID string + ClientSecret string + Domains []string + Logger chronograf.Logger + PageName string + RedirectURL string + RequiredScopes []string + TokenURL string + func (g *Generic) Config() *oauth2.Config + func (g *Generic) Group(provider *http.Client) (string, error) + func (g *Generic) GroupFromClaims(claims gojwt.MapClaims) (string, error) + func (g *Generic) ID() string + func (g *Generic) Name() string + func (g *Generic) PrincipalID(provider *http.Client) (string, error) + func (g *Generic) PrincipalIDFromClaims(claims gojwt.MapClaims) (string, error) + func (g *Generic) Scopes() []string + func (g *Generic) Secret() string + type Github struct + BaseURL string + ClientID string + ClientSecret string + Logger chronograf.Logger + Orgs []string + func (g *Github) Config() *oauth2.Config + func (g *Github) Group(provider *http.Client) (string, error) + func (g *Github) ID() string + func (g *Github) Name() string + func (g *Github) PrincipalID(provider *http.Client) (string, error) + func (g *Github) Scopes() []string + func (g *Github) Secret() string + type Google struct + ClientID string + ClientSecret string + Domains []string + Logger chronograf.Logger + RedirectURL string + func (g *Google) Config() *oauth2.Config + func (g *Google) Group(provider *http.Client) (string, error) + func (g *Google) ID() string + func (g *Google) Name() string + func (g *Google) PrincipalID(provider *http.Client) (string, error) + func (g *Google) Scopes() []string + func (g *Google) Secret() string + type Heroku struct + ClientID string + ClientSecret string + Logger chronograf.Logger + Organizations []string + func (h *Heroku) Config() *oauth2.Config + func (h *Heroku) Group(provider *http.Client) (string, error) + func (h *Heroku) ID() string + func (h *Heroku) Name() string + func (h *Heroku) PrincipalID(provider *http.Client) (string, error) + func (h *Heroku) Scopes() []string + func (h *Heroku) Secret() string + type JWK struct + Alg string + E string + Kid string + Kty string + N string + Use string + X5c []string + X5t string + type JWKS struct + Keys []JWK + type JWT struct + Jwksurl string + Now func() time.Time + Secret string + func NewJWT(secret string, jwksurl string) *JWT + func (j *JWT) Create(ctx context.Context, user Principal) (Token, error) + func (j *JWT) ExtendedPrincipal(ctx context.Context, principal Principal, extension time.Duration) (Principal, error) + func (j *JWT) GetClaims(tokenString string) (gojwt.MapClaims, error) + func (j *JWT) KeyFunc(token *gojwt.Token) (interface{}, error) + func (j *JWT) KeyFuncRS256(token *gojwt.Token) (interface{}, error) + func (j *JWT) ValidClaims(jwtToken Token, lifespan time.Duration, alg gojwt.Keyfunc) (Principal, error) + func (j *JWT) ValidPrincipal(ctx context.Context, jwtToken Token, lifespan time.Duration) (Principal, error) + type Mux interface + Callback func() http.Handler + Login func() http.Handler + Logout func() http.Handler + type Principal struct + ExpiresAt time.Time + Group string + IssuedAt time.Time + Issuer string + Organization string + Subject string + type Provider interface + Config func() *oauth2.Config + Group func(provider *http.Client) (string, error) + ID func() string + Name func() string + PrincipalID func(provider *http.Client) (string, error) + Scopes func() []string + Secret func() string + type Token string + type Tokenizer interface + Create func(context.Context, Principal) (Token, error) + ExtendedPrincipal func(ctx context.Context, principal Principal, extension time.Duration) (Principal, error) + GetClaims func(tokenString string) (gojwt.MapClaims, error) + ValidPrincipal func(ctx context.Context, token Token, lifespan time.Duration) (Principal, error) + type UserEmail struct + Email *string + IsConfirmed *bool + IsPrimary *bool + Primary *bool + Verified *bool + type WrappedUserEmails struct + Emails []*UserEmail