auth

package

v0.1.2 Latest Latest Go to latest Published: Oct 12, 2023 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/korylprince/dep-webview-oidc

Links

Open Source Insights

Documentation ¶

Index ¶

type AuthorizationError
- func (e *AuthorizationError) Error() string
- func (e *AuthorizationError) Unwrap() error
type Authorizer
type CacheAuthorizer
- func NewCacheAuthorizer(authorizer Authorizer, opts ...CacheOption) *CacheAuthorizer
- func (a CacheAuthorizer) AuthorizeSession(ctx context.Context, info *header.MachineInfo, oauth2Token *oauth2.Token, ...) (enrollprofile.Context, error)
type CacheOption
type NopAuthorizer
- func (a NopAuthorizer) AuthorizeSession(_ context.Context, _ *header.MachineInfo, _ *oauth2.Token, _ *oidc.IDToken) (enrollprofile.Context, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthorizationError ¶

type AuthorizationError struct {
	Err error
}

func (*AuthorizationError) Error ¶

func (e *AuthorizationError) Error() string

func (*AuthorizationError) Unwrap ¶

func (e *AuthorizationError) Unwrap() error

type Authorizer ¶ added in v0.1.1

type Authorizer interface {
	// AuthorizeSession authorizes the user/device session and returns an EnrollContext that can be passed to an EnrollmentGenerator.
	// If the request is not authorized, an error of type AuthorizationError is returned.
	AuthorizeSession(ctx context.Context, info *header.MachineInfo, oauth2Token *oauth2.Token, idToken *oidc.IDToken) (enrollprofile.Context, error)
}

type CacheAuthorizer ¶

type CacheAuthorizer struct {
	// contains filtered or unexported fields
}

CacheAuthorizer wraps an Authorizer and caches results for configurable durations. The cache uses the OIDC id_token subject as the cache key. Note: only errors that are AuthorizationError (when checked with errors.As) are cached.

func NewCacheAuthorizer ¶

func NewCacheAuthorizer(authorizer Authorizer, opts ...CacheOption) *CacheAuthorizer

func (CacheAuthorizer) AuthorizeSession ¶

func (a CacheAuthorizer) AuthorizeSession(ctx context.Context, info *header.MachineInfo, oauth2Token *oauth2.Token, idToken *oidc.IDToken) (enrollprofile.Context, error)

type CacheOption ¶

type CacheOption func(a *CacheAuthorizer)

func WithFailureCacheTTL ¶

func WithFailureCacheTTL(ttl time.Duration) CacheOption

WithFailureCacheTTL configures the cache to cache failed authorizations for the given duration. If left unconfigured, a default of 1 minute will be used.

func WithLogger ¶

func WithLogger(logger *slog.Logger) CacheOption

WithLogger configures the authorizer with the given logger If left unconfigured, logging will be disabled

func WithSuccessCacheTTL ¶

func WithSuccessCacheTTL(ttl time.Duration) CacheOption

WithSuccessCacheTTL configures the cache to cache successful authorizations for the given duration. If left unconfigured, a default of 10 minutes will be used

type NopAuthorizer ¶

type NopAuthorizer struct{}

NopAuthorizer authorizes every session

func (NopAuthorizer) AuthorizeSession ¶

func (a NopAuthorizer) AuthorizeSession(_ context.Context, _ *header.MachineInfo, _ *oauth2.Token, _ *oidc.IDToken) (enrollprofile.Context, error)

Source Files ¶

View all Source files

auth.go

Directories ¶

Path	Synopsis
google

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL