Documentation ¶
Overview ¶
Package iamserver is the implementation of iam domain logic.
Index ¶
- Variables
- type Core
- func (core *Core) AuthenticateTerminal(terminalID iam.TerminalID, terminalSecret string) (authOK bool, ownerUserID iam.UserID, err error)
- func (core *Core) ClientByID(id iam.ClientID) (*iam.Client, error)
- func (core *Core) ConfirmTerminalAuthorization(callCtx iam.CallContext, terminalID iam.TerminalID, verificationCode string) (secret string, userID iam.UserID, err error)
- func (core *Core) ConfirmUserEmailAddressVerification(callCtx iam.CallContext, verificationID int64, code string) (updated bool, err error)
- func (core *Core) ConfirmUserPhoneNumberVerification(callCtx iam.CallContext, verificationID int64, code string) (updated bool, err error)
- func (core *Core) CreateUserAccount(creationUserID iam.UserID, creationTerminalID iam.TerminalID, ...) (iam.UserID, error)
- func (core *Core) DeleteUserAccount(callCtx iam.CallContext, userID iam.UserID, input iam.UserAccountDeleteInput) (deleted bool, err error)
- func (core *Core) DeleteUserTerminalFCMRegistrationToken(authCtx *iam.Authorization, userID iam.UserID, terminalID iam.TerminalID, ...) error
- func (core *Core) GenerateAccessTokenJWT(callCtx iam.CallContext, terminalID iam.TerminalID, userID iam.UserID) (tokenString string, err error)
- func (core *Core) GenerateRefreshTokenJWT(terminalID iam.TerminalID, terminalSecret string) (tokenString string, err error)
- func (core *Core) GetTerminalInfo(callCtx iam.CallContext, terminalID iam.TerminalID) (*iam.TerminalInfo, error)
- func (core *Core) GetUserAccountState(id iam.UserID) (*iam.UserAccountState, error)
- func (core *Core) GetUserBaseProfile(callCtx iam.CallContext, userID iam.UserID) (*iam.UserBaseProfile, error)
- func (core *Core) GetUserContactInformation(callCtx iam.CallContext, userID iam.UserID) (*iampb.UserContactInfoData, error)
- func (core *Core) GetUserContactUserIDs(callCtx iam.CallContext, userID iam.UserID) ([]iam.UserID, error)
- func (core *Core) GetUserInfoV1(callCtx iam.CallContext, userID iam.UserID) (*iampb.UserInfoData, error)
- func (core *Core) GetUserPrimaryEmailAddress(callCtx iam.CallContext, userID iam.UserID) (*iam.EmailAddress, error)
- func (core *Core) GetUserPrimaryPhoneNumber(callCtx iam.CallContext, userID iam.UserID) (*iam.PhoneNumber, error)
- func (core *Core) IsUserIDRegistered(id iam.UserID) bool
- func (core *Core) ListUserTerminalIDFirebaseInstanceTokens(ownerUserID iam.UserID) ([]iam.TerminalIDFirebaseInstanceToken, error)
- func (core *Core) ListUsersByPhoneNumber(callCtx iam.CallContext, phoneNumbers []iam.PhoneNumber) ([]iam.UserPhoneNumber, error)
- func (core *Core) MatchUserPassword(userID iam.UserID, plainTextPassword string) (ok bool, err error)
- func (core Core) RealmName() string
- func (core *Core) RegisterTerminal(input TerminalRegistrationInput) (id iam.TerminalID, secret string, err error)
- func (core *Core) SetUserPassword(callCtx iam.CallContext, userID iam.UserID, plainTextPassword string) error
- func (core *Core) SetUserPrimaryEmailAddress(callCtx iam.CallContext, userID iam.UserID, emailAddress iam.EmailAddress, ...) (verificationID int64, codeExpiry *time.Time, err error)
- func (core *Core) SetUserPrimaryPhoneNumber(callCtx iam.CallContext, userID iam.UserID, phoneNumber iam.PhoneNumber, ...) (verificationID int64, codeExpiry *time.Time, err error)
- func (core *Core) SetUserProfileImageByFile(callCtx iam.CallContext, userID iam.UserID, imageFile ProfileImageFile) (imageURL string, err error)
- func (core *Core) SetUserProfileImageURL(callCtx iam.CallContext, userID iam.UserID, profileImageURL string) error
- func (core *Core) SetUserTerminalFCMRegistrationToken(callCtx iam.CallContext, userID iam.UserID, terminalID iam.TerminalID, ...) error
- func (core *Core) StartTerminalAuthorizationByEmailAddress(callCtx iam.CallContext, clientID iam.ClientID, emailAddress iam.EmailAddress, ...) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, ...)
- func (core *Core) StartTerminalAuthorizationByPhoneNumber(callCtx iam.CallContext, clientID iam.ClientID, phoneNumber iam.PhoneNumber, ...) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, ...)
- type CoreConfig
- type ProfileImageFile
- type RESTServiceServerBase
- type TerminalRegistrationInput
Constants ¶
This section is empty.
Variables ¶
var ( ErrPasswordHashFormatInvalid = errors.New("hash format invalid") ErrPasswordHashVersionIncompatible = errors.New("hash version incompatible") )
Functions ¶
This section is empty.
Types ¶
type Core ¶
type Core struct { iam.ServiceClient //TODO: not specifically client // contains filtered or unexported fields }
func NewCoreByConfig ¶
func NewCoreByConfig(coreCfg CoreConfig, appApp app.App) (*Core, error)
NewCoreByConfig creates an instance of Core designed for use in identity provider services.
func (*Core) AuthenticateTerminal ¶
func (*Core) ConfirmTerminalAuthorization ¶
func (core *Core) ConfirmTerminalAuthorization( callCtx iam.CallContext, terminalID iam.TerminalID, verificationCode string, ) (secret string, userID iam.UserID, err error)
ConfirmTerminalAuthorization confirms authorization for a terminal by providing the verificationCode which was delivered through selected channel when the authorization was created.
func (*Core) ConfirmUserEmailAddressVerification ¶
func (*Core) ConfirmUserPhoneNumberVerification ¶
func (*Core) CreateUserAccount ¶
func (*Core) DeleteUserAccount ¶
func (core *Core) DeleteUserAccount( callCtx iam.CallContext, userID iam.UserID, input iam.UserAccountDeleteInput, ) (deleted bool, err error)
func (*Core) DeleteUserTerminalFCMRegistrationToken ¶
func (core *Core) DeleteUserTerminalFCMRegistrationToken( authCtx *iam.Authorization, userID iam.UserID, terminalID iam.TerminalID, token string, ) error
func (*Core) GenerateAccessTokenJWT ¶
func (core *Core) GenerateAccessTokenJWT( callCtx iam.CallContext, terminalID iam.TerminalID, userID iam.UserID, ) (tokenString string, err error)
func (*Core) GenerateRefreshTokenJWT ¶
func (*Core) GetTerminalInfo ¶
func (core *Core) GetTerminalInfo( callCtx iam.CallContext, terminalID iam.TerminalID, ) (*iam.TerminalInfo, error)
func (*Core) GetUserAccountState ¶
GetUserAccountState retrieves the state of an user account. It includes the existence of the ID, and wether the account has been deleted.
If it's required only to determine the existence of the ID, IsUserIDRegistered is generally more efficient.
func (*Core) GetUserBaseProfile ¶
func (core *Core) GetUserBaseProfile( callCtx iam.CallContext, userID iam.UserID, ) (*iam.UserBaseProfile, error)
func (*Core) GetUserContactInformation ¶
func (core *Core) GetUserContactInformation( callCtx iam.CallContext, userID iam.UserID, ) (*iampb.UserContactInfoData, error)
func (*Core) GetUserContactUserIDs ¶
func (*Core) GetUserInfoV1 ¶
func (core *Core) GetUserInfoV1( callCtx iam.CallContext, userID iam.UserID, ) (*iampb.UserInfoData, error)
func (*Core) GetUserPrimaryEmailAddress ¶
func (core *Core) GetUserPrimaryEmailAddress( callCtx iam.CallContext, userID iam.UserID, ) (*iam.EmailAddress, error)
TODO(exa): there should be getters for different purpose (e.g., for login / primary, for display / contact, for actual mailing, for recovery, etc)
func (*Core) GetUserPrimaryPhoneNumber ¶
func (core *Core) GetUserPrimaryPhoneNumber( callCtx iam.CallContext, userID iam.UserID, ) (*iam.PhoneNumber, error)
TODO: allow non-verified (let the caller decide with the status) there should be getters for different purpose (e.g., for login, for display, for notification, for recovery, etc)
func (*Core) IsUserIDRegistered ¶
IsUserIDRegistered is used to determine that a user ID has been registered. It's not checking if the account is active or not.
This function is generally cheap if the user ID has been registered.
func (*Core) ListUserTerminalIDFirebaseInstanceTokens ¶
func (*Core) ListUsersByPhoneNumber ¶
func (core *Core) ListUsersByPhoneNumber( callCtx iam.CallContext, phoneNumbers []iam.PhoneNumber, ) ([]iam.UserPhoneNumber, error)
func (*Core) MatchUserPassword ¶
func (*Core) RegisterTerminal ¶
func (core *Core) RegisterTerminal(input TerminalRegistrationInput) (id iam.TerminalID, secret string, err error)
RegisterTerminal registers a terminal. This function returns terminal's secret if the verification type is set to 'implicit'.
func (*Core) SetUserPassword ¶
func (*Core) SetUserPrimaryEmailAddress ¶
func (core *Core) SetUserPrimaryEmailAddress( callCtx iam.CallContext, userID iam.UserID, emailAddress iam.EmailAddress, verificationMethods []eav10n.VerificationMethod, ) (verificationID int64, codeExpiry *time.Time, err error)
func (*Core) SetUserPrimaryPhoneNumber ¶
func (core *Core) SetUserPrimaryPhoneNumber( callCtx iam.CallContext, userID iam.UserID, phoneNumber iam.PhoneNumber, verificationMethods []pnv10n.VerificationMethod, ) (verificationID int64, codeExpiry *time.Time, err error)
func (*Core) SetUserProfileImageByFile ¶
func (core *Core) SetUserProfileImageByFile( callCtx iam.CallContext, userID iam.UserID, imageFile ProfileImageFile, ) (imageURL string, err error)
func (*Core) SetUserProfileImageURL ¶
func (*Core) SetUserTerminalFCMRegistrationToken ¶
func (core *Core) SetUserTerminalFCMRegistrationToken( callCtx iam.CallContext, userID iam.UserID, terminalID iam.TerminalID, token string, ) error
func (*Core) StartTerminalAuthorizationByEmailAddress ¶
func (core *Core) StartTerminalAuthorizationByEmailAddress( callCtx iam.CallContext, clientID iam.ClientID, emailAddress iam.EmailAddress, displayName string, userAgentString string, userPreferredLanguages []language.Tag, verificationMethods []eav10n.VerificationMethod, ) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, err error)
func (*Core) StartTerminalAuthorizationByPhoneNumber ¶
func (core *Core) StartTerminalAuthorizationByPhoneNumber( callCtx iam.CallContext, clientID iam.ClientID, phoneNumber iam.PhoneNumber, displayName string, userAgentString string, userPreferredLanguages []language.Tag, verificationMethods []pnv10n.VerificationMethod, ) (terminalID iam.TerminalID, verificationID int64, codeExpiry *time.Time, err error)
type CoreConfig ¶
type CoreConfig struct { RealmName string `env:"REALM_NAME"` DBURL string `env:"DB_URL,required"` Media mediastore.Config `env:"MEDIA"` EAV eav10n.Config `env:"EAV"` PNV pnv10n.Config `env:"PNV"` }
func CoreConfigSkeleton ¶
func CoreConfigSkeleton() CoreConfig
CoreConfigSkeleton returns an instance of CoreConfig which has been configured to load config based on the internal system configuration. One kind of usages for a skeleton is to generate a template or documentations.
func CoreConfigSkeletonPtr ¶
func CoreConfigSkeletonPtr() *CoreConfig
type RESTServiceServerBase ¶
type RESTServiceServerBase struct {
*Core
}
func RESTServiceServerWith ¶
func RESTServiceServerWith(iamServerCore *Core) *RESTServiceServerBase
func (*RESTServiceServerBase) RequestClient ¶
func (svcBase *RESTServiceServerBase) RequestClient( req *http.Request, ) (client *iam.Client, err error)
RequestClient returns a Client info which identified by Basic authorization header.
If the authorization is not provided, the returned client will be nil, and the err value will be nil.
If the authorization is provided and it's invalid, the returned client will be nil and err value will contain the information about why it failed.
If the authorization is provided and it's valid, the returned client will be a valid client and err will be nil.
func (*RESTServiceServerBase) RequestHasNoAuthorization ¶
func (svcBase *RESTServiceServerBase) RequestHasNoAuthorization(req *http.Request) bool
RequestHasNoAuthorization checks if the request header with key Authorization has non empty value. This DOES NOT check if it's valid or not.
type TerminalRegistrationInput ¶
type TerminalRegistrationInput struct { ClientID iam.ClientID UserID iam.UserID DisplayName string AcceptLanguage string CreationTime time.Time CreationUserID *iam.UserID CreationTerminalID *iam.TerminalID CreationIPAddress string CreationUserAgent string VerificationType string VerificationID int64 VerificationTime *time.Time }
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package eav10n provides utilities for verifying email addresses.
|
Package eav10n provides utilities for verifying email addresses. |
Package grpc provides implementation of gRPC API server for IAM service.
|
Package grpc provides implementation of gRPC API server for IAM service. |
Package pnv10n provides utility for verifying phone numbers.
|
Package pnv10n provides utility for verifying phone numbers. |