auth

Documentation

Index

• func AdminRole(role string) func(*KBaseProvider) error
• type InvalidTokenError
  • func NewInvalidTokenError(err string) *InvalidTokenError
  • func (e *InvalidTokenError) Error() string
• type InvalidUserError
  • func (iue *InvalidUserError) Error() string
• type KBaseProvider
  • func NewKBaseProvider(kbaseurl url.URL, options ...func(*KBaseProvider) error) (*KBaseProvider, error)
  • func (kb *KBaseProvider) GetURL() url.URL
  • func (kb *KBaseProvider) GetUser(le *logrus.Entry, token string) (*User, int64, int, error)
  • func (kb *KBaseProvider) ValidateUserNames(le *logrus.Entry, userNames *[]string, token string) (int, error)
• type Provider
• type User
  • func NewUser(userName string, isAdmin bool) (*User, error)
  • func (u *User) GetUserName() string
  • func (u *User) IsAdmin() bool

Functions

func AdminRole

func AdminRole(role string) func(*KBaseProvider) error

AdminRole is an option for NewKBaseProvider that designates that users with the specified KBase auth service role are blobstore admins.

Types

type InvalidTokenError

type InvalidTokenError string

InvalidTokenError occurs when the user's token is invalid.

func NewInvalidTokenError

func NewInvalidTokenError(err string) *InvalidTokenError

NewInvalidTokenError creates a new invalid token error.

func (*InvalidTokenError) Error

func (e *InvalidTokenError) Error() string

type InvalidUserError

type InvalidUserError struct {
	InvalidUsers *[]string
}

InvalidUserError occurs when invalid user names are submitted to ValidateUserNames.

func (*InvalidUserError) Error

func (iue *InvalidUserError) Error() string

type KBaseProvider

type KBaseProvider struct {
	// contains filtered or unexported fields
}

KBaseProvider provides authentication based on the KBase auth server. Implements auth.Provider. (https://github.com/kbase/auth2)

func NewKBaseProvider

func NewKBaseProvider(kbaseurl url.URL, options ...func(*KBaseProvider) error,
) (*KBaseProvider, error)

NewKBaseProvider creates a new auth provider targeting the KBase auth server.

func (*KBaseProvider) GetURL

func (kb *KBaseProvider) GetURL() url.URL

GetURL returns the url used to contact the auth server.

func (*KBaseProvider) GetUser

func (kb *KBaseProvider) GetUser(le *logrus.Entry, token string) (*User, int64, int, error)

GetUser gets a user given a token. Returns InvalidToken error.

func (*KBaseProvider) ValidateUserNames

func (kb *KBaseProvider) ValidateUserNames(le *logrus.Entry, userNames *[]string, token string,
) (int, error)

ValidateUserNames validates that user names exist in the auth system. token can be any valid token - it's used only to look up the userNames. Returns InvalidToken error and InvalidUserError.

type Provider

type Provider interface {
	// GetUser gets a user given a token.
	// Returns InvalidToken error.
	GetUser(le *logrus.Entry, token string,
	) (user *User, expiresMS int64, cachetimeMS int, err error)
	// ValidateUserNames validates that user names exist in the auth system.
	// token can be any valid token - it's used only to look up the userNames.
	// Returns InvalidToken error and InvalidUserError.
	ValidateUserNames(le *logrus.Entry, userNames *[]string, token string,
	) (cachetimeMS int, err error)
}

Provider provides authentication for a user given the user's token.

type User

type User struct {
	// contains filtered or unexported fields
}

User is a user of an authentication system. The user account name (which is expected to be a unique, permanent identifier for the user) and whether the user is an administrator of the blob store is provided.

func NewUser

func NewUser(userName string, isAdmin bool) (*User, error)

NewUser creates a new user.

func (*User) GetUserName

func (u *User) GetUserName() string

GetUserName returns the user's user name.

func (*User) IsAdmin

func (u *User) IsAdmin() bool

IsAdmin returns whether the user is a blob store administrator.