Documentation
¶
Overview ¶
Copyright 2018 Keydap. All rights reserved. Licensed under the Apache License, Version 2.0, see LICENSE.
Copyright 2018 Keydap. All rights reserved. Licensed under the Apache License, Version 2.0, see LICENSE.
Index ¶
- Constants
- type ApplicationInterceptor
- func (ai *ApplicationInterceptor) PostCreate(crCtx *base.CreateContext)
- func (ai *ApplicationInterceptor) PostDelete(delCtx *base.DeleteContext)
- func (ai *ApplicationInterceptor) PostPatch(patchCtx *base.PatchContext)
- func (ai *ApplicationInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
- func (ai *ApplicationInterceptor) PreCreate(crCtx *base.CreateContext) error
- func (ai *ApplicationInterceptor) PreDelete(delCtx *base.DeleteContext) error
- func (ai *ApplicationInterceptor) PrePatch(patchCtx *base.PatchContext) error
- func (ai *ApplicationInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
- type AuditLogger
- func (al *AuditLogger) Close()
- func (al *AuditLogger) Log(ctx interface{}, res *base.Resource, err error)
- func (al *AuditLogger) LogAuth(rid string, username string, ip string, status base.LoginStatus)
- func (al *AuditLogger) LogChangePasswd(rid string, clientIP string, user *base.Resource)
- func (al *AuditLogger) LogDelSession(opCtx *base.OpContext, deleted bool)
- func (al *AuditLogger) LogEvent(ae base.AuditEvent)
- func (al *AuditLogger) LogOtp(rid string, clientIP string, user *base.Resource, status base.LoginStatus)
- func (al *AuditLogger) LogStoreTotp(rid string, clientIP string, err error)
- type Layout
- type PpolicyInterceptor
- func (pi *PpolicyInterceptor) PostCreate(crCtx *base.CreateContext)
- func (pi *PpolicyInterceptor) PostDelete(delCtx *base.DeleteContext)
- func (pi *PpolicyInterceptor) PostPatch(patchCtx *base.PatchContext)
- func (pi *PpolicyInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
- func (pi *PpolicyInterceptor) PreCreate(crCtx *base.CreateContext) (err error)
- func (pi *PpolicyInterceptor) PreDelete(delCtx *base.DeleteContext) error
- func (pi *PpolicyInterceptor) PrePatch(patchCtx *base.PatchContext) error
- func (pi *PpolicyInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
- type Provider
- func (prv *Provider) AddAppToSsoSession(jti string, spIssuer string, sas base.SamlAppSession)
- func (prv *Provider) Authenticate(ar base.AuthRequest) (lr base.LoginResult)
- func (prv *Provider) ChangePassword(cpContext *base.ChangePasswordContext) (err error)
- func (pr *Provider) Close()
- func (prv *Provider) CreateResource(crCtx *base.CreateContext) (err error)
- func (pr *Provider) DeleteOauthSession(opCtx *base.OpContext) bool
- func (pr *Provider) DeleteReplSsoSessionById(jti string, sso bool, repl bool) bool
- func (prv *Provider) DeleteResource(delCtx *base.DeleteContext) (err error)
- func (prv *Provider) DeleteSecurityKey(userId string, credentialId string) error
- func (pr *Provider) DeleteSsoSession(opCtx *base.OpContext) bool
- func (prv *Provider) DomainCode() string
- func (prv *Provider) GenSessionForUser(user *base.Resource) *base.RbacSession
- func (prv *Provider) GenSessionForUserId(rid string) (session *base.RbacSession, err error)
- func (prv *Provider) GenWebauthnIdFor(userId string) (string, error)
- func (pr *Provider) GetAllClients() (clients []*oauth.Client)
- func (pr *Provider) GetClientById(id string) (cl *oauth.Client)
- func (pr *Provider) GetClientByIssuer(issuer string) (cl *oauth.Client)
- func (prv *Provider) GetConfigJson() (data []byte, err error)
- func (prv *Provider) GetKeyPair() (privateKey *rsa.PrivateKey, cert []byte, err error)
- func (pr *Provider) GetOauthSession(jti string) *base.RbacSession
- func (prv *Provider) GetResTypeJsonArray() string
- func (prv *Provider) GetResource(getCtx *base.GetContext) (res *base.Resource, err error)
- func (prv *Provider) GetResourceInternal(rid string, rt *schema.ResourceType) (*base.Resource, error)
- func (prv *Provider) GetResourceType(name string) (string, error)
- func (prv *Provider) GetSchema(id string) (string, error)
- func (prv *Provider) GetSchemaJsonArray() string
- func (pr *Provider) GetSsoSession(jti string) *base.RbacSession
- func (prv *Provider) GetUserById(rid string) (user *base.Resource, err error)
- func (prv *Provider) GetUserByName(username string) (res *base.Resource)
- func (prv *Provider) GetUserByWebauthnId(webauthnId string) (*base.Resource, error)
- func (pr *Provider) HasGrantCodeId(creationTime int64, gcIvAsId []byte) bool
- func (pr *Provider) IsRevokedSession(ctx *base.OpContext, jti string) bool
- func (prv *Provider) ModifyGroupsOfUser(autg base.ModifyGroupsOfUserRequest) (user *base.Resource, err error)
- func (prv *Provider) Patch(patchCtx *base.PatchContext) (err error)
- func (prv *Provider) ReadAllInternal(rt *schema.ResourceType, outPipe chan *base.Resource) error
- func (prv *Provider) ReadTemplate(name string) (data []byte, err error)
- func (prv *Provider) Replace(replaceCtx *base.ReplaceContext) (err error)
- func (pr *Provider) RevokeOauthSession(ctx *base.OpContext, jti string)
- func (pr *Provider) RevokeReplSession(jti string, sso bool)
- func (prv *Provider) SaveConf() error
- func (prv *Provider) Search(sc *base.SearchContext, outPipe chan *base.Resource) (err error)
- func (prv *Provider) SendCreateDomainEvent(name string, ctx *base.OpContext) error
- func (pr *Provider) StoreGrantCodeId(creationTime int64, gcIvAsId []byte) (err error)
- func (pr *Provider) StoreOauthSession(session *base.RbacSession)
- func (pr *Provider) StoreReplSession(session *base.RbacSession, sso bool)
- func (prv *Provider) StoreSecurityKey(rid string, secKey *base.SecurityKey) error
- func (pr *Provider) StoreSsoSession(session *base.RbacSession)
- func (prv *Provider) StoreTotpSecret(rid string, totpSecret string, clientIP string) (err error)
- func (prv *Provider) UpdateAuthData(rid string, version string, ad base.AuthData) error
- func (prv *Provider) UpdateTemplate(name string, data []byte) (t *template.Template, err error)
- func (prv *Provider) VerifyOtp(rid string, totpCode string, clientIP string) (lr base.LoginResult)
- func (prv *Provider) WriteBacklogEvents(lastVersion string, peer *repl.ReplicationPeer, w http.ResponseWriter)
- type RemoveNeverAttrInterceptor
- func (ri *RemoveNeverAttrInterceptor) PostCreate(crCtx *base.CreateContext)
- func (ri *RemoveNeverAttrInterceptor) PostDelete(delCtx *base.DeleteContext)
- func (ri *RemoveNeverAttrInterceptor) PostPatch(patchCtx *base.PatchContext)
- func (ri *RemoveNeverAttrInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
- func (ri *RemoveNeverAttrInterceptor) PreCreate(crCtx *base.CreateContext) error
- func (ri *RemoveNeverAttrInterceptor) PreDelete(delCtx *base.DeleteContext) error
- func (ri *RemoveNeverAttrInterceptor) PrePatch(patchCtx *base.PatchContext) error
- func (ri *RemoveNeverAttrInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
- type ReplInterceptor
- func (ri *ReplInterceptor) PostAuthDataUpdate(user *base.Resource)
- func (ri *ReplInterceptor) PostChangePassword(cpContext *base.ChangePasswordContext)
- func (ri *ReplInterceptor) PostCreate(crCtx *base.CreateContext)
- func (ri *ReplInterceptor) PostCreateDomain(name string, version string) error
- func (ri *ReplInterceptor) PostDelete(delCtx *base.DeleteContext)
- func (ri *ReplInterceptor) PostDeleteSession(jti string, ssoSession bool, version string)
- func (ri *ReplInterceptor) PostPatch(patchCtx *base.PatchContext)
- func (ri *ReplInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
- func (ri *ReplInterceptor) PostRevokeSession(jti string, version string)
- func (ri *ReplInterceptor) PostStoreSession(session *base.RbacSession, ssoSession bool, version string)
- func (ri *ReplInterceptor) PreCreate(crCtx *base.CreateContext) error
- func (ri *ReplInterceptor) PreDelete(delCtx *base.DeleteContext) error
- func (ri *ReplInterceptor) PrePatch(patchCtx *base.PatchContext) error
- func (ri *ReplInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
- type Rfc2307BisAttrInterceptor
- func (ri *Rfc2307BisAttrInterceptor) PostCreate(crCtx *base.CreateContext)
- func (ri *Rfc2307BisAttrInterceptor) PostDelete(delCtx *base.DeleteContext)
- func (ri *Rfc2307BisAttrInterceptor) PostPatch(patchCtx *base.PatchContext)
- func (ri *Rfc2307BisAttrInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
- func (ri *Rfc2307BisAttrInterceptor) PreCreate(crCtx *base.CreateContext) error
- func (ri *Rfc2307BisAttrInterceptor) PreDelete(delCtx *base.DeleteContext) error
- func (ri *Rfc2307BisAttrInterceptor) PrePatch(patchCtx *base.PatchContext) error
- func (ri *Rfc2307BisAttrInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
Constants ¶
View Source
const AdminGroupId = "01000000-0000-4000-4000-000000000000"
View Source
const AdminUserId = "00000000-0000-4000-4000-000000000000"
View Source
const SystemGroupId = "01100000-0000-4000-4000-000000000000"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ApplicationInterceptor ¶
type ApplicationInterceptor struct {
}
func (*ApplicationInterceptor) PostCreate ¶
func (ai *ApplicationInterceptor) PostCreate(crCtx *base.CreateContext)
func (*ApplicationInterceptor) PostDelete ¶
func (ai *ApplicationInterceptor) PostDelete(delCtx *base.DeleteContext)
func (*ApplicationInterceptor) PostPatch ¶
func (ai *ApplicationInterceptor) PostPatch(patchCtx *base.PatchContext)
func (*ApplicationInterceptor) PostReplace ¶
func (ai *ApplicationInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
func (*ApplicationInterceptor) PreCreate ¶
func (ai *ApplicationInterceptor) PreCreate(crCtx *base.CreateContext) error
func (*ApplicationInterceptor) PreDelete ¶
func (ai *ApplicationInterceptor) PreDelete(delCtx *base.DeleteContext) error
func (*ApplicationInterceptor) PrePatch ¶
func (ai *ApplicationInterceptor) PrePatch(patchCtx *base.PatchContext) error
func (*ApplicationInterceptor) PreReplace ¶
func (ai *ApplicationInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
type AuditLogger ¶
type AuditLogger struct {
// contains filtered or unexported fields
}
func NewLocalAuditLogger ¶
func NewLocalAuditLogger(prv *Provider) *AuditLogger
func (*AuditLogger) Close ¶
func (al *AuditLogger) Close()
func (*AuditLogger) Log ¶
func (al *AuditLogger) Log(ctx interface{}, res *base.Resource, err error)
func (*AuditLogger) LogAuth ¶
func (al *AuditLogger) LogAuth(rid string, username string, ip string, status base.LoginStatus)
func (*AuditLogger) LogChangePasswd ¶
func (al *AuditLogger) LogChangePasswd(rid string, clientIP string, user *base.Resource)
func (*AuditLogger) LogDelSession ¶
func (al *AuditLogger) LogDelSession(opCtx *base.OpContext, deleted bool)
func (*AuditLogger) LogEvent ¶
func (al *AuditLogger) LogEvent(ae base.AuditEvent)
func (*AuditLogger) LogOtp ¶
func (al *AuditLogger) LogOtp(rid string, clientIP string, user *base.Resource, status base.LoginStatus)
func (*AuditLogger) LogStoreTotp ¶
func (al *AuditLogger) LogStoreTotp(rid string, clientIP string, err error)
type Layout ¶
type PpolicyInterceptor ¶
type PpolicyInterceptor struct {
Config *conf.PpolicyConfig
}
func (*PpolicyInterceptor) PostCreate ¶
func (pi *PpolicyInterceptor) PostCreate(crCtx *base.CreateContext)
func (*PpolicyInterceptor) PostDelete ¶
func (pi *PpolicyInterceptor) PostDelete(delCtx *base.DeleteContext)
func (*PpolicyInterceptor) PostPatch ¶
func (pi *PpolicyInterceptor) PostPatch(patchCtx *base.PatchContext)
func (*PpolicyInterceptor) PostReplace ¶
func (pi *PpolicyInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
func (*PpolicyInterceptor) PreCreate ¶
func (pi *PpolicyInterceptor) PreCreate(crCtx *base.CreateContext) (err error)
func (*PpolicyInterceptor) PreDelete ¶
func (pi *PpolicyInterceptor) PreDelete(delCtx *base.DeleteContext) error
func (*PpolicyInterceptor) PrePatch ¶
func (pi *PpolicyInterceptor) PrePatch(patchCtx *base.PatchContext) error
func (*PpolicyInterceptor) PreReplace ¶
func (pi *PpolicyInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
type Provider ¶
type Provider struct {
ServerId uint16
Schemas map[string]*schema.Schema // a map of Schema ID to Schema
RsTypes map[string]*schema.ResourceType // a map of Name to ResourceTye
RtPathMap map[string]*schema.ResourceType // a map of EndPoint to ResourceTye
LdapTemplates map[string]*schema.LdapEntryTemplate
Config *conf.DomainConfig
Name string // the domain name
Cert *x509.Certificate
PrivKey crypto.PrivateKey
Al *AuditLogger
SamlMdCache map[string]*samlTypes.SPSSODescriptor
// contains filtered or unexported fields
}
func NewProvider ¶
func NewProvider(layout *Layout, sc *conf.ServerConf, peers map[uint16]*repl.ReplicationPeer) (prv *Provider, err error)
func (*Provider) AddAppToSsoSession ¶
func (prv *Provider) AddAppToSsoSession(jti string, spIssuer string, sas base.SamlAppSession)
func (*Provider) Authenticate ¶
func (prv *Provider) Authenticate(ar base.AuthRequest) (lr base.LoginResult)
func (*Provider) ChangePassword ¶
func (prv *Provider) ChangePassword(cpContext *base.ChangePasswordContext) (err error)
func (*Provider) CreateResource ¶
func (prv *Provider) CreateResource(crCtx *base.CreateContext) (err error)
func (*Provider) DeleteOauthSession ¶
func (*Provider) DeleteReplSsoSessionById ¶
only intended to be called directly by the replication event handler all other calls should be from DeleteOauthSession or DeleteSsoSession
func (*Provider) DeleteResource ¶
func (prv *Provider) DeleteResource(delCtx *base.DeleteContext) (err error)
func (*Provider) DeleteSecurityKey ¶
func (*Provider) DeleteSsoSession ¶
func (*Provider) DomainCode ¶
func (*Provider) GenSessionForUser ¶
func (prv *Provider) GenSessionForUser(user *base.Resource) *base.RbacSession
func (*Provider) GenSessionForUserId ¶
func (prv *Provider) GenSessionForUserId(rid string) (session *base.RbacSession, err error)
func (*Provider) GenWebauthnIdFor ¶
func (*Provider) GetAllClients ¶
func (*Provider) GetClientByIssuer ¶
func (*Provider) GetConfigJson ¶
func (*Provider) GetKeyPair ¶
func (prv *Provider) GetKeyPair() (privateKey *rsa.PrivateKey, cert []byte, err error)
make provider a dsig.X509KeyStore
func (*Provider) GetOauthSession ¶
func (pr *Provider) GetOauthSession(jti string) *base.RbacSession
func (*Provider) GetResTypeJsonArray ¶
func (*Provider) GetResource ¶
func (*Provider) GetResourceInternal ¶
func (*Provider) GetResourceType ¶
func (*Provider) GetSchemaJsonArray ¶
func (*Provider) GetSsoSession ¶
func (pr *Provider) GetSsoSession(jti string) *base.RbacSession
func (*Provider) GetUserById ¶
func (*Provider) GetUserByName ¶
func (*Provider) GetUserByWebauthnId ¶
func (*Provider) HasGrantCodeId ¶
func (*Provider) IsRevokedSession ¶
func (*Provider) ModifyGroupsOfUser ¶
func (*Provider) ReadAllInternal ¶
func (*Provider) ReadTemplate ¶
func (*Provider) Replace ¶
func (prv *Provider) Replace(replaceCtx *base.ReplaceContext) (err error)
func (*Provider) RevokeOauthSession ¶
func (*Provider) RevokeReplSession ¶
func (*Provider) SendCreateDomainEvent ¶
func (*Provider) StoreGrantCodeId ¶
func (*Provider) StoreOauthSession ¶
func (pr *Provider) StoreOauthSession(session *base.RbacSession)
func (*Provider) StoreReplSession ¶
func (pr *Provider) StoreReplSession(session *base.RbacSession, sso bool)
intended for use by the replication-event-handler only
func (*Provider) StoreSecurityKey ¶
func (prv *Provider) StoreSecurityKey(rid string, secKey *base.SecurityKey) error
func (*Provider) StoreSsoSession ¶
func (pr *Provider) StoreSsoSession(session *base.RbacSession)
func (*Provider) StoreTotpSecret ¶
func (*Provider) UpdateAuthData ¶
Note: this method MUST be used only for replication purpose
func (*Provider) UpdateTemplate ¶
func (*Provider) WriteBacklogEvents ¶
func (prv *Provider) WriteBacklogEvents(lastVersion string, peer *repl.ReplicationPeer, w http.ResponseWriter)
type RemoveNeverAttrInterceptor ¶
type RemoveNeverAttrInterceptor struct {
}
Removes the attibutes that should never be returned after creating a resource
func (*RemoveNeverAttrInterceptor) PostCreate ¶
func (ri *RemoveNeverAttrInterceptor) PostCreate(crCtx *base.CreateContext)
func (*RemoveNeverAttrInterceptor) PostDelete ¶
func (ri *RemoveNeverAttrInterceptor) PostDelete(delCtx *base.DeleteContext)
func (*RemoveNeverAttrInterceptor) PostPatch ¶
func (ri *RemoveNeverAttrInterceptor) PostPatch(patchCtx *base.PatchContext)
func (*RemoveNeverAttrInterceptor) PostReplace ¶
func (ri *RemoveNeverAttrInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
func (*RemoveNeverAttrInterceptor) PreCreate ¶
func (ri *RemoveNeverAttrInterceptor) PreCreate(crCtx *base.CreateContext) error
func (*RemoveNeverAttrInterceptor) PreDelete ¶
func (ri *RemoveNeverAttrInterceptor) PreDelete(delCtx *base.DeleteContext) error
func (*RemoveNeverAttrInterceptor) PrePatch ¶
func (ri *RemoveNeverAttrInterceptor) PrePatch(patchCtx *base.PatchContext) error
func (*RemoveNeverAttrInterceptor) PreReplace ¶
func (ri *RemoveNeverAttrInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
type ReplInterceptor ¶
type ReplInterceptor struct {
// contains filtered or unexported fields
}
func (*ReplInterceptor) PostAuthDataUpdate ¶
func (ri *ReplInterceptor) PostAuthDataUpdate(user *base.Resource)
func (*ReplInterceptor) PostChangePassword ¶
func (ri *ReplInterceptor) PostChangePassword(cpContext *base.ChangePasswordContext)
func (*ReplInterceptor) PostCreate ¶
func (ri *ReplInterceptor) PostCreate(crCtx *base.CreateContext)
func (*ReplInterceptor) PostCreateDomain ¶
func (ri *ReplInterceptor) PostCreateDomain(name string, version string) error
func (*ReplInterceptor) PostDelete ¶
func (ri *ReplInterceptor) PostDelete(delCtx *base.DeleteContext)
func (*ReplInterceptor) PostDeleteSession ¶
func (ri *ReplInterceptor) PostDeleteSession(jti string, ssoSession bool, version string)
func (*ReplInterceptor) PostPatch ¶
func (ri *ReplInterceptor) PostPatch(patchCtx *base.PatchContext)
func (*ReplInterceptor) PostReplace ¶
func (ri *ReplInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
func (*ReplInterceptor) PostRevokeSession ¶
func (ri *ReplInterceptor) PostRevokeSession(jti string, version string)
func (*ReplInterceptor) PostStoreSession ¶
func (ri *ReplInterceptor) PostStoreSession(session *base.RbacSession, ssoSession bool, version string)
func (*ReplInterceptor) PreCreate ¶
func (ri *ReplInterceptor) PreCreate(crCtx *base.CreateContext) error
func (*ReplInterceptor) PreDelete ¶
func (ri *ReplInterceptor) PreDelete(delCtx *base.DeleteContext) error
func (*ReplInterceptor) PrePatch ¶
func (ri *ReplInterceptor) PrePatch(patchCtx *base.PatchContext) error
func (*ReplInterceptor) PreReplace ¶
func (ri *ReplInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
type Rfc2307BisAttrInterceptor ¶
type Rfc2307BisAttrInterceptor struct {
Conf *conf.Rfc2307bis
// contains filtered or unexported fields
}
Adds the uidnumber, gidnumber, loginshell and homeDirectory attibutes if they are not already present
func (*Rfc2307BisAttrInterceptor) PostCreate ¶
func (ri *Rfc2307BisAttrInterceptor) PostCreate(crCtx *base.CreateContext)
func (*Rfc2307BisAttrInterceptor) PostDelete ¶
func (ri *Rfc2307BisAttrInterceptor) PostDelete(delCtx *base.DeleteContext)
func (*Rfc2307BisAttrInterceptor) PostPatch ¶
func (ri *Rfc2307BisAttrInterceptor) PostPatch(patchCtx *base.PatchContext)
func (*Rfc2307BisAttrInterceptor) PostReplace ¶
func (ri *Rfc2307BisAttrInterceptor) PostReplace(replaceCtx *base.ReplaceContext)
func (*Rfc2307BisAttrInterceptor) PreCreate ¶
func (ri *Rfc2307BisAttrInterceptor) PreCreate(crCtx *base.CreateContext) error
func (*Rfc2307BisAttrInterceptor) PreDelete ¶
func (ri *Rfc2307BisAttrInterceptor) PreDelete(delCtx *base.DeleteContext) error
func (*Rfc2307BisAttrInterceptor) PrePatch ¶
func (ri *Rfc2307BisAttrInterceptor) PrePatch(patchCtx *base.PatchContext) error
func (*Rfc2307BisAttrInterceptor) PreReplace ¶
func (ri *Rfc2307BisAttrInterceptor) PreReplace(replaceCtx *base.ReplaceContext) error
Source Files
Click to show internal directories.
Click to hide internal directories.