iamserver

package
v0.0.0-...-2754675 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 12, 2021 License: MIT Imports: 42 Imported by: 0

Documentation

Overview

Package iamserver is the implementation of iam domain logic.

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrPasswordHashFormatInvalid       = errors.New("hash format invalid")
	ErrPasswordHashVersionIncompatible = errors.New("hash version incompatible")
)

Functions

This section is empty.

Types

type Core

type Core struct {
	iam.ServiceClient //TODO: not specifically client
	// contains filtered or unexported fields
}

func NewCoreByConfig

func NewCoreByConfig(coreCfg CoreConfig, appApp app.App) (*Core, error)

NewCoreByConfig creates an instance of Core designed for use in identity provider services.

func (*Core) AuthenticateTerminal

func (core *Core) AuthenticateTerminal(
	terminalID iam.TerminalID,
	terminalSecret string,
) (authOK bool, ownerUserID iam.UserID, err error)

func (*Core) ClientByID

func (core *Core) ClientByID(id iam.ClientID) (*iam.Client, error)

func (*Core) ConfirmTerminalAuthorization

func (core *Core) ConfirmTerminalAuthorization(
	callCtx iam.CallContext,
	terminalID iam.TerminalID,
	verificationCode string,
) (secret string, userID iam.UserID, err error)

ConfirmTerminalAuthorization confirms authorization for a terminal by providing the verificationCode which was delivered through selected channel when the authorization was created.

func (*Core) ConfirmUserEmailAddressVerification

func (core *Core) ConfirmUserEmailAddressVerification(
	callCtx iam.CallContext,
	verificationID int64,
	code string,
) (updated bool, err error)

func (*Core) ConfirmUserPhoneNumberVerification

func (core *Core) ConfirmUserPhoneNumberVerification(
	callCtx iam.CallContext,
	verificationID int64,
	code string,
) (updated bool, err error)

func (*Core) CreateUserAccount

func (core *Core) CreateUserAccount(
	creationUserID iam.UserID,
	creationTerminalID iam.TerminalID,
	timestamp time.Time,
) (iam.UserID, error)

func (*Core) DeleteUserAccount

func (core *Core) DeleteUserAccount(
	callCtx iam.CallContext,
	userID iam.UserID,
	input iam.UserAccountDeleteInput,
) (deleted bool, err error)

func (*Core) DeleteUserTerminalFCMRegistrationToken

func (core *Core) DeleteUserTerminalFCMRegistrationToken(
	authCtx *iam.Authorization,
	userID iam.UserID, terminalID iam.TerminalID, token string,
) error

func (*Core) GenerateAccessTokenJWT

func (core *Core) GenerateAccessTokenJWT(
	callCtx iam.CallContext,
	terminalID iam.TerminalID,
	userID iam.UserID,
) (tokenString string, err error)

func (*Core) GenerateRefreshTokenJWT

func (core *Core) GenerateRefreshTokenJWT(
	terminalID iam.TerminalID,
	terminalSecret string,
) (tokenString string, err error)

func (*Core) GetTerminalInfo

func (core *Core) GetTerminalInfo(
	callCtx iam.CallContext,
	terminalID iam.TerminalID,
) (*iam.TerminalInfo, error)

func (*Core) GetUserAccountState

func (core *Core) GetUserAccountState(
	id iam.UserID,
) (*iam.UserAccountState, error)

GetUserAccountState retrieves the state of an user account. It includes the existence of the ID, and wether the account has been deleted.

If it's required only to determine the existence of the ID, IsUserIDRegistered is generally more efficient.

func (*Core) GetUserBaseProfile

func (core *Core) GetUserBaseProfile(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iam.UserBaseProfile, error)

func (*Core) GetUserContactInformation

func (core *Core) GetUserContactInformation(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iampb.UserContactInfoData, error)

func (*Core) GetUserContactUserIDs

func (core *Core) GetUserContactUserIDs(
	callCtx iam.CallContext,
	userID iam.UserID,
) ([]iam.UserID, error)

func (*Core) GetUserInfoV1

func (core *Core) GetUserInfoV1(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iampb.UserInfoData, error)

func (*Core) GetUserPrimaryEmailAddress

func (core *Core) GetUserPrimaryEmailAddress(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iam.EmailAddress, error)

TODO(exa): there should be getters for different purpose (e.g., for login / primary, for display / contact, for actual mailing, for recovery, etc)

func (*Core) GetUserPrimaryPhoneNumber

func (core *Core) GetUserPrimaryPhoneNumber(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iam.PhoneNumber, error)

TODO: allow non-verified (let the caller decide with the status) there should be getters for different purpose (e.g., for login, for display, for notification, for recovery, etc)

func (*Core) IsUserIDRegistered

func (core *Core) IsUserIDRegistered(id iam.UserID) bool

IsUserIDRegistered is used to determine that a user ID has been registered. It's not checking if the account is active or not.

This function is generally cheap if the user ID has been registered.

func (*Core) ListUserTerminalIDFirebaseInstanceTokens

func (core *Core) ListUserTerminalIDFirebaseInstanceTokens(
	ownerUserID iam.UserID,
) ([]iam.TerminalIDFirebaseInstanceToken, error)

func (*Core) ListUsersByPhoneNumber

func (core *Core) ListUsersByPhoneNumber(
	callCtx iam.CallContext,
	phoneNumbers []iam.PhoneNumber,
) ([]iam.UserPhoneNumber, error)

func (*Core) MatchUserPassword

func (core *Core) MatchUserPassword(
	userID iam.UserID,
	plainTextPassword string,
) (ok bool, err error)

func (Core) RealmName

func (core Core) RealmName() string

func (*Core) RegisterTerminal

func (core *Core) RegisterTerminal(input TerminalRegistrationInput) (id iam.TerminalID, secret string, err error)

RegisterTerminal registers a terminal. This function returns terminal's secret if the verification type is set to 'implicit'.

func (*Core) SetUserPassword

func (core *Core) SetUserPassword(
	callCtx iam.CallContext,
	userID iam.UserID,
	plainTextPassword string,
) error

func (*Core) SetUserPrimaryEmailAddress

func (core *Core) SetUserPrimaryEmailAddress(
	callCtx iam.CallContext,
	userID iam.UserID,
	emailAddress iam.EmailAddress,
	verificationMethods []eav10n.VerificationMethod,
) (verificationID int64, codeExpiry *time.Time, err error)

func (*Core) SetUserPrimaryPhoneNumber

func (core *Core) SetUserPrimaryPhoneNumber(
	callCtx iam.CallContext,
	userID iam.UserID,
	phoneNumber iam.PhoneNumber,
	verificationMethods []pnv10n.VerificationMethod,
) (verificationID int64, codeExpiry *time.Time, err error)

func (*Core) SetUserProfileImageByFile

func (core *Core) SetUserProfileImageByFile(
	callCtx iam.CallContext,
	userID iam.UserID,
	imageFile ProfileImageFile,
) (imageURL string, err error)

func (*Core) SetUserProfileImageURL

func (core *Core) SetUserProfileImageURL(
	callCtx iam.CallContext,
	userID iam.UserID,
	profileImageURL string,
) error

func (*Core) SetUserTerminalFCMRegistrationToken

func (core *Core) SetUserTerminalFCMRegistrationToken(
	callCtx iam.CallContext,
	userID iam.UserID, terminalID iam.TerminalID, token string,
) error

func (*Core) StartTerminalAuthorizationByEmailAddress

func (core *Core) StartTerminalAuthorizationByEmailAddress(
	callCtx iam.CallContext,
	clientID iam.ClientID,
	emailAddress iam.EmailAddress,
	displayName string,
	userAgentString string,
	userPreferredLanguages []language.Tag,
	verificationMethods []eav10n.VerificationMethod,
) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, err error)

func (*Core) StartTerminalAuthorizationByPhoneNumber

func (core *Core) StartTerminalAuthorizationByPhoneNumber(
	callCtx iam.CallContext,
	clientID iam.ClientID,
	phoneNumber iam.PhoneNumber,
	displayName string,
	userAgentString string,
	userPreferredLanguages []language.Tag,
	verificationMethods []pnv10n.VerificationMethod,
) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, err error)

type CoreConfig

type CoreConfig struct {
	RealmName string            `env:"REALM_NAME"`
	DBURL     string            `env:"DB_URL,required"`
	Media     mediastore.Config `env:"MEDIA"`
	EAV       eav10n.Config     `env:"EAV"`
	PNV       pnv10n.Config     `env:"PNV"`
}

func CoreConfigSkeleton

func CoreConfigSkeleton() CoreConfig

CoreConfigSkeleton returns an instance of CoreConfig which has been configured to load config based on the internal system configuration. One kind of usages for a skeleton is to generate a template or documentations.

func CoreConfigSkeletonPtr

func CoreConfigSkeletonPtr() *CoreConfig

type ProfileImageFile

type ProfileImageFile interface {
	io.Reader
	io.Seeker
}

type RESTServiceServerBase

type RESTServiceServerBase struct {
	*Core
}

func RESTServiceServerWith

func RESTServiceServerWith(iamServerCore *Core) *RESTServiceServerBase

func (*RESTServiceServerBase) RequestClient

func (svcBase *RESTServiceServerBase) RequestClient(
	req *http.Request,
) (client *iam.Client, err error)

RequestClient returns a Client info which identified by Basic authorization header.

If the authorization is not provided, the returned client will be nil, and the err value will be nil.

If the authorization is provided and it's invalid, the returned client will be nil and err value will contain the information about why it failed.

If the authorization is provided and it's valid, the returned client will be a valid client and err will be nil.

func (*RESTServiceServerBase) RequestHasNoAuthorization

func (svcBase *RESTServiceServerBase) RequestHasNoAuthorization(req *http.Request) bool

RequestHasNoAuthorization checks if the request header with key Authorization has non empty value. This DOES NOT check if it's valid or not.

type TerminalRegistrationInput

type TerminalRegistrationInput struct {
	ClientID iam.ClientID
	UserID   iam.UserID

	DisplayName    string
	AcceptLanguage string

	CreationTime       time.Time
	CreationUserID     *iam.UserID
	CreationTerminalID *iam.TerminalID
	CreationIPAddress  string
	CreationUserAgent  string

	VerificationType string
	VerificationID   int64
	VerificationTime *time.Time
}

Directories

Path Synopsis
Package eav10n provides utilities for verifying email addresses.
Package eav10n provides utilities for verifying email addresses.
Package grpc provides implementation of gRPC API server for IAM service.
Package grpc provides implementation of gRPC API server for IAM service.
Package pnv10n provides utility for verifying phone numbers.
Package pnv10n provides utility for verifying phone numbers.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL