Documentation ¶
Index ¶
- Constants
- Variables
- func DecodeJWT(jwt string) (header string, payload string, err error)
- func DecodeToken(token string, jwks map[string]jose.JSONWebKey) ([]byte, error)
- func GetAccesTokenFromAuthzHeader(r *http.Request) (string, error)
- func GetAllJWKs(jwkURL string) (map[string]jose.JSONWebKey, error)
- func GetPermissionTicket(permEndpoint string, reqPerms []types.PermRequest, serverPAT string) (types.PermTicket, error)
- func GetTimestamp() (string, int64, error)
- func GetTokenUsingClientCreds(tokenEndpoint, clientId, clientSecret string) (types.Tokens, error)
- func GetTokenUsingRefreshToken(tokenEndpoint, refreshToken, basicAuth string) (types.Tokens, error)
- func GetUserRPT(permTicket string, userAccessToken string, resPath string) (types.Tokens, error)
- func IsRemoteSource(remoteSource string) bool
- func IsStringPresent(list []string, value string) bool
- func IsValidId(id string) bool
- func NormalizeName(name string) (string, error)
Constants ¶
const ( // APP_NAME stores the application name APP_NAME = "move2kube" // APP_NAME_SHORT stores the application shortname APP_NAME_SHORT = "m2k" // SESSIONS_DIR is the name of the directory where the sessions are stored SESSIONS_DIR = "sessions" // LOGIN_PATH is the URL endpoint to start the login flow LOGIN_PATH = "/auth/login" // LOGIN_CALLBACK_PATH is the URL endpoint to finish the login flow LOGIN_CALLBACK_PATH = LOGIN_PATH + "/callback" // CONTENT_TYPE_JSON is the MIME type for json body CONTENT_TYPE_JSON = "application/json" // CONTENT_TYPE_FORM_URL_ENCODED is the MIME type for URL encoded request bodies CONTENT_TYPE_FORM_URL_ENCODED = "application/x-www-form-urlencoded" // CONTENT_TYPE_BINARY is the MIME type for binary body CONTENT_TYPE_BINARY = "application/octet-stream" // CONTENT_TYPE_CLOUD_EVENT is the MIME type for CloudEvents spec json body CONTENT_TYPE_CLOUD_EVENT = "application/cloudevents+json" // AUTHENTICATE_HEADER_MSG is the message returned in the authentication header AUTHENTICATE_HEADER_MSG = `Bearer realm="Access to the Move2Kube API."` // OIDC_DISCOVERY_ENDPOINT_PATH is the OIDC discovery endpoint OIDC_DISCOVERY_ENDPOINT_PATH = "/realms/%s/.well-known/openid-configuration" // UMA_CONFIGURATION_ENDPOINT_PATH is the well known UMA endpoint UMA_CONFIGURATION_ENDPOINT_PATH = "/realms/%s/.well-known/uma2-configuration" // IDP_ID_ROUTE_VAR is the route variable for the identity provider id IDP_ID_ROUTE_VAR = "idp-id" // DELIM is the route variable for separating the identity provider id and the user id DELIM = "# $ #" // DEFAULT_FILE_PERMISSIONS is the default permissions used when creating new files DEFAULT_FILE_PERMISSIONS os.FileMode = 0660 )
Variables ¶
var ( // Config contains the entire configuration for the API server Config types.ConfigT // AuthServerClient is the client used to interface with the Authorization server AuthServerClient gocloak.GoCloak // ID_REGEXP is the regexp used to check if a Id is valid ID_REGEXP = regexp.MustCompile("^[a-zA-Z0-9-_]+$") // REMOTE_SOURCE_REGEXP is the regexp used to check if a remote source is valid REMOTE_SOURCE_REGEXP = regexp.MustCompile(`^git\+(https|ssh)://[a-zA-Z0-9]+([\-\.]{1}[a-zA-Z0-9]+)*\.[a-zA-Z]{2,5}(:[0-9]{1,5})?(\/.*)?$`) // INVALID_NAME_CHARS_REGEXP is the regexp used to replace invalid name characters with hyphen INVALID_NAME_CHARS_REGEXP = regexp.MustCompile("[^a-z0-9-]") // AUTHZ_HEADER is the authorization header AUTHZ_HEADER = http.CanonicalHeaderKey("Authorization") // AUTHENTICATE_HEADER is the authentication header AUTHENTICATE_HEADER = http.CanonicalHeaderKey("WWW-Authenticate") // CONTENT_TYPE_HEADER is the content type header CONTENT_TYPE_HEADER = http.CanonicalHeaderKey("Content-Type") // KNOWN_API_VERSIONS is the list of known Move2Kube apiVersions KNOWN_API_VERSIONS = []string{"move2kube.konveyor.io/v1alpha1"} )
Functions ¶
func DecodeToken ¶
DecodeToken verifies the signatures on a JWS access token and also decodes and returns the payload. It will return an error if the signature verification fails or if the token has expired.
func GetAccesTokenFromAuthzHeader ¶
GetAccesTokenFromAuthzHeader returns the access token from the authorization bearer HTTP header
func GetAllJWKs ¶
GetAllJWKs returns all the JSON web keys that the server uses
func GetPermissionTicket ¶
func GetPermissionTicket(permEndpoint string, reqPerms []types.PermRequest, serverPAT string) (types.PermTicket, error)
GetPermissionTicket gets a new permission ticket for use with the UMA grant flow
func GetTimestamp ¶
GetTimestamp returns the current time in RFC 3339 (ISO 8601) standard format
func GetTokenUsingClientCreds ¶
GetTokenUsingClientCreds gets a new access token using the client credentials
func GetTokenUsingRefreshToken ¶
GetTokenUsingRefreshToken gets a new access token using the refresh token
func GetUserRPT ¶
GetUserRPT tries to get a Relying Party Token (RPT) fromt the authorization server using the UMA grant flow
func IsRemoteSource ¶ added in v0.3.12
IsRemoteSource returns true if the provided remoteSource is valid
func IsStringPresent ¶
IsStringPresent checks if a value is present in a slice
func NormalizeName ¶
NormalizeName normalizes the name
Types ¶
This section is empty.