iamserver

package

v0.0.0-...-2754675 Latest Latest Go to latest Published: Feb 12, 2021 License: MIT Imports: 42 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kadisoka/iam

Links

Open Source Insights

Documentation ¶

Overview ¶

Package iamserver is the implementation of iam domain logic.

Index ¶

Variables
type Core
- func NewCoreByConfig(coreCfg CoreConfig, appApp app.App) (*Core, error)
type CoreConfig
- func CoreConfigSkeleton() CoreConfig
- func CoreConfigSkeletonPtr() *CoreConfig
type ProfileImageFile
type RESTServiceServerBase
- func RESTServiceServerWith(iamServerCore *Core) *RESTServiceServerBase
- func (svcBase *RESTServiceServerBase) RequestClient(req *http.Request) (client *iam.Client, err error)
- func (svcBase *RESTServiceServerBase) RequestHasNoAuthorization(req *http.Request) bool
type TerminalRegistrationInput

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrPasswordHashFormatInvalid       = errors.New("hash format invalid")
	ErrPasswordHashVersionIncompatible = errors.New("hash version incompatible")
)

Functions ¶

This section is empty.

Types ¶

type Core ¶

type Core struct {
	iam.ServiceClient //TODO: not specifically client
	// contains filtered or unexported fields
}

func NewCoreByConfig ¶

func NewCoreByConfig(coreCfg CoreConfig, appApp app.App) (*Core, error)

NewCoreByConfig creates an instance of Core designed for use in identity provider services.

func (*Core) AuthenticateTerminal ¶

func (core *Core) AuthenticateTerminal(
	terminalID iam.TerminalID,
	terminalSecret string,
) (authOK bool, ownerUserID iam.UserID, err error)

func (*Core) ClientByID ¶

func (core *Core) ClientByID(id iam.ClientID) (*iam.Client, error)

func (*Core) ConfirmTerminalAuthorization ¶

func (core *Core) ConfirmTerminalAuthorization(
	callCtx iam.CallContext,
	terminalID iam.TerminalID,
	verificationCode string,
) (secret string, userID iam.UserID, err error)

ConfirmTerminalAuthorization confirms authorization for a terminal by providing the verificationCode which was delivered through selected channel when the authorization was created.

func (*Core) ConfirmUserEmailAddressVerification ¶

func (core *Core) ConfirmUserEmailAddressVerification(
	callCtx iam.CallContext,
	verificationID int64,
	code string,
) (updated bool, err error)

func (*Core) ConfirmUserPhoneNumberVerification ¶

func (core *Core) ConfirmUserPhoneNumberVerification(
	callCtx iam.CallContext,
	verificationID int64,
	code string,
) (updated bool, err error)

func (*Core) CreateUserAccount ¶

func (core *Core) CreateUserAccount(
	creationUserID iam.UserID,
	creationTerminalID iam.TerminalID,
	timestamp time.Time,
) (iam.UserID, error)

func (*Core) DeleteUserAccount ¶

func (core *Core) DeleteUserAccount(
	callCtx iam.CallContext,
	userID iam.UserID,
	input iam.UserAccountDeleteInput,
) (deleted bool, err error)

func (*Core) DeleteUserTerminalFCMRegistrationToken ¶

func (core *Core) DeleteUserTerminalFCMRegistrationToken(
	authCtx *iam.Authorization,
	userID iam.UserID, terminalID iam.TerminalID, token string,
) error

func (*Core) GenerateAccessTokenJWT ¶

func (core *Core) GenerateAccessTokenJWT(
	callCtx iam.CallContext,
	terminalID iam.TerminalID,
	userID iam.UserID,
) (tokenString string, err error)

func (*Core) GenerateRefreshTokenJWT ¶

func (core *Core) GenerateRefreshTokenJWT(
	terminalID iam.TerminalID,
	terminalSecret string,
) (tokenString string, err error)

func (*Core) GetTerminalInfo ¶

func (core *Core) GetTerminalInfo(
	callCtx iam.CallContext,
	terminalID iam.TerminalID,
) (*iam.TerminalInfo, error)

func (*Core) GetUserAccountState ¶

func (core *Core) GetUserAccountState(
	id iam.UserID,
) (*iam.UserAccountState, error)

GetUserAccountState retrieves the state of an user account. It includes the existence of the ID, and wether the account has been deleted.

If it's required only to determine the existence of the ID, IsUserIDRegistered is generally more efficient.

func (*Core) GetUserBaseProfile ¶

func (core *Core) GetUserBaseProfile(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iam.UserBaseProfile, error)

func (*Core) GetUserContactInformation ¶

func (core *Core) GetUserContactInformation(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iampb.UserContactInfoData, error)

func (*Core) GetUserContactUserIDs ¶

func (core *Core) GetUserContactUserIDs(
	callCtx iam.CallContext,
	userID iam.UserID,
) ([]iam.UserID, error)

func (*Core) GetUserInfoV1 ¶

func (core *Core) GetUserInfoV1(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iampb.UserInfoData, error)

func (*Core) GetUserPrimaryEmailAddress ¶

func (core *Core) GetUserPrimaryEmailAddress(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iam.EmailAddress, error)

TODO(exa): there should be getters for different purpose (e.g., for login / primary, for display / contact, for actual mailing, for recovery, etc)

func (*Core) GetUserPrimaryPhoneNumber ¶

func (core *Core) GetUserPrimaryPhoneNumber(
	callCtx iam.CallContext,
	userID iam.UserID,
) (*iam.PhoneNumber, error)

TODO: allow non-verified (let the caller decide with the status) there should be getters for different purpose (e.g., for login, for display, for notification, for recovery, etc)

func (*Core) IsUserIDRegistered ¶

func (core *Core) IsUserIDRegistered(id iam.UserID) bool

IsUserIDRegistered is used to determine that a user ID has been registered. It's not checking if the account is active or not.

This function is generally cheap if the user ID has been registered.

func (*Core) ListUserTerminalIDFirebaseInstanceTokens ¶

func (core *Core) ListUserTerminalIDFirebaseInstanceTokens(
	ownerUserID iam.UserID,
) ([]iam.TerminalIDFirebaseInstanceToken, error)

func (*Core) ListUsersByPhoneNumber ¶

func (core *Core) ListUsersByPhoneNumber(
	callCtx iam.CallContext,
	phoneNumbers []iam.PhoneNumber,
) ([]iam.UserPhoneNumber, error)

func (*Core) MatchUserPassword ¶

func (core *Core) MatchUserPassword(
	userID iam.UserID,
	plainTextPassword string,
) (ok bool, err error)

func (Core) RealmName ¶

func (core Core) RealmName() string

func (*Core) RegisterTerminal ¶

func (core *Core) RegisterTerminal(input TerminalRegistrationInput) (id iam.TerminalID, secret string, err error)

RegisterTerminal registers a terminal. This function returns terminal's secret if the verification type is set to 'implicit'.

func (*Core) SetUserPassword ¶

func (core *Core) SetUserPassword(
	callCtx iam.CallContext,
	userID iam.UserID,
	plainTextPassword string,
) error

func (*Core) SetUserPrimaryEmailAddress ¶

func (core *Core) SetUserPrimaryEmailAddress(
	callCtx iam.CallContext,
	userID iam.UserID,
	emailAddress iam.EmailAddress,
	verificationMethods []eav10n.VerificationMethod,
) (verificationID int64, codeExpiry *time.Time, err error)

func (*Core) SetUserPrimaryPhoneNumber ¶

func (core *Core) SetUserPrimaryPhoneNumber(
	callCtx iam.CallContext,
	userID iam.UserID,
	phoneNumber iam.PhoneNumber,
	verificationMethods []pnv10n.VerificationMethod,
) (verificationID int64, codeExpiry *time.Time, err error)

func (*Core) SetUserProfileImageByFile ¶

func (core *Core) SetUserProfileImageByFile(
	callCtx iam.CallContext,
	userID iam.UserID,
	imageFile ProfileImageFile,
) (imageURL string, err error)

func (*Core) SetUserProfileImageURL ¶

func (core *Core) SetUserProfileImageURL(
	callCtx iam.CallContext,
	userID iam.UserID,
	profileImageURL string,
) error

func (*Core) SetUserTerminalFCMRegistrationToken ¶

func (core *Core) SetUserTerminalFCMRegistrationToken(
	callCtx iam.CallContext,
	userID iam.UserID, terminalID iam.TerminalID, token string,
) error

func (*Core) StartTerminalAuthorizationByEmailAddress ¶

func (core *Core) StartTerminalAuthorizationByEmailAddress(
	callCtx iam.CallContext,
	clientID iam.ClientID,
	emailAddress iam.EmailAddress,
	displayName string,
	userAgentString string,
	userPreferredLanguages []language.Tag,
	verificationMethods []eav10n.VerificationMethod,
) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, err error)

func (*Core) StartTerminalAuthorizationByPhoneNumber ¶

func (core *Core) StartTerminalAuthorizationByPhoneNumber(
	callCtx iam.CallContext,
	clientID iam.ClientID,
	phoneNumber iam.PhoneNumber,
	displayName string,
	userAgentString string,
	userPreferredLanguages []language.Tag,
	verificationMethods []pnv10n.VerificationMethod,
) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, err error)

type CoreConfig ¶

type CoreConfig struct {
	RealmName string            `env:"REALM_NAME"`
	DBURL     string            `env:"DB_URL,required"`
	Media     mediastore.Config `env:"MEDIA"`
	EAV       eav10n.Config     `env:"EAV"`
	PNV       pnv10n.Config     `env:"PNV"`
}

func CoreConfigSkeleton ¶

func CoreConfigSkeleton() CoreConfig

CoreConfigSkeleton returns an instance of CoreConfig which has been configured to load config based on the internal system configuration. One kind of usages for a skeleton is to generate a template or documentations.

func CoreConfigSkeletonPtr ¶

func CoreConfigSkeletonPtr() *CoreConfig

type ProfileImageFile ¶

type ProfileImageFile interface {
	io.Reader
	io.Seeker
}

type RESTServiceServerBase ¶

type RESTServiceServerBase struct {
	*Core
}

func RESTServiceServerWith ¶

func RESTServiceServerWith(iamServerCore *Core) *RESTServiceServerBase

func (*RESTServiceServerBase) RequestClient ¶

func (svcBase *RESTServiceServerBase) RequestClient(
	req *http.Request,
) (client *iam.Client, err error)

RequestClient returns a Client info which identified by Basic authorization header.

If the authorization is not provided, the returned client will be nil, and the err value will be nil.

If the authorization is provided and it's invalid, the returned client will be nil and err value will contain the information about why it failed.

If the authorization is provided and it's valid, the returned client will be a valid client and err will be nil.

func (*RESTServiceServerBase) RequestHasNoAuthorization ¶

func (svcBase *RESTServiceServerBase) RequestHasNoAuthorization(req *http.Request) bool

RequestHasNoAuthorization checks if the request header with key Authorization has non empty value. This DOES NOT check if it's valid or not.

type TerminalRegistrationInput ¶

type TerminalRegistrationInput struct {
	ClientID iam.ClientID
	UserID   iam.UserID

	DisplayName    string
	AcceptLanguage string

	CreationTime       time.Time
	CreationUserID     *iam.UserID
	CreationTerminalID *iam.TerminalID
	CreationIPAddress  string
	CreationUserAgent  string

	VerificationType string
	VerificationID   int64
	VerificationTime *time.Time
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
app
eav10n Package eav10n provides utilities for verifying email addresses.	Package eav10n provides utilities for verifying email addresses.
grpc Package grpc provides implementation of gRPC API server for IAM service.	Package grpc provides implementation of gRPC API server for IAM service.
pnv10n Package pnv10n provides utility for verifying phone numbers.	Package pnv10n provides utility for verifying phone numbers.
nexmo
telesign
twilio
rest
oauth2
terminal
user
webui

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL