auth

package
v0.0.0-...-2c9ee18 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2017 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	OAuthBegin    = "OAuthBegin"
	OAuthCallback = "OAuthCallback"
	LogOut        = "LogOut"
)
View Source 
const BuildKey = "build"
View Source 
const CookieName = "ATC-Authorization"
View Source 
const OAuthStateCookie = "_concourse_oauth_state"
View Source 
const PipelineDBKey = "pipelineDB"
View Source 
const TokenTypeBearer = "Bearer"

Variables

View Source 
var ErrUnparsableHeader = errors.New("cannot parse 'Authorization' header")
View Source 
var OAuthRoutes = rata.Routes{
	{Path: "/auth/logout", Method: "GET", Name: LogOut},
	{Path: "/auth/:provider", Method: "GET", Name: OAuthBegin},
	{Path: "/auth/:provider/callback", Method: "GET", Name: OAuthCallback},
}
View Source 
var SigningMethod = jwt.SigningMethodRS256

Functions

func CheckAdminHandler 

func CheckAdminHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func CheckAuthenticationHandler 

func CheckAuthenticationHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func CheckAuthorizationHandler 

func CheckAuthorizationHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func IsAdmin 

func IsAdmin(r *http.Request) bool

func IsAuthenticated 

func IsAuthenticated(r *http.Request) bool

func IsAuthorized 

func IsAuthorized(r *http.Request) bool

func IsSystem 

func IsSystem(r *http.Request) bool

func NewCheckBuildReadAccessHandlerFactory 

func NewCheckBuildReadAccessHandlerFactory(
	buildsDB BuildsDB,
) *checkBuildReadAccessHandlerFactory

func NewCheckBuildWriteAccessHandlerFactory 

func NewCheckBuildWriteAccessHandlerFactory(
	buildsDB BuildsDB,
) *checkBuildWriteAccessHandlerFactory

func NewCheckPipelineAccessHandlerFactory 

func NewCheckPipelineAccessHandlerFactory(
	pipelineDBFactory db.PipelineDBFactory,
	teamDBFactory db.TeamDBFactory,
) *checkPipelineAccessHandlerFactory

func NewLogOutHandler 

func NewLogOutHandler(logger lager.Logger) http.Handler

func NewOAuthBeginHandler 

func NewOAuthBeginHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	privateKey *rsa.PrivateKey,
	teamDBFactory db.TeamDBFactory,
	expire time.Duration,
) http.Handler

func NewOAuthCallbackHandler 

func NewOAuthCallbackHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	privateKey *rsa.PrivateKey,
	teamDBFactory db.TeamDBFactory,
	expire time.Duration,
) http.Handler

func NewOAuthHandler 

func NewOAuthHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	teamDBFactory db.TeamDBFactory,
	signingKey *rsa.PrivateKey,
	expire time.Duration,
) (http.Handler, error)

func WrapHandler 

func WrapHandler(
	handler http.Handler,
	validator Validator,
	userContextReader UserContextReader,
) http.Handler

Types

type AuthDB 

type AuthDB interface {
	GetTeam() (db.SavedTeam, bool, error)
}

type BuildsDB 

type BuildsDB interface {
	GetBuildByID(buildID int) (db.Build, bool, error)
}

type CheckBuildReadAccessHandlerFactory 

type CheckBuildReadAccessHandlerFactory interface {
	AnyJobHandler(delegateHandler http.Handler, rejector Rejector) http.Handler
	CheckIfPrivateJobHandler(delegateHandler http.Handler, rejector Rejector) http.Handler
}

type CheckBuildWriteAccessHandlerFactory 

type CheckBuildWriteAccessHandlerFactory interface {
	HandlerFor(delegateHandler http.Handler, rejector Rejector) http.Handler
}

type CheckPipelineAccessHandlerFactory 

type CheckPipelineAccessHandlerFactory interface {
	HandlerFor(pipelineScopedHandler http.Handler, rejector Rejector) http.Handler
}

type CheckWorkerTeamAccessHandlerFactory 

type CheckWorkerTeamAccessHandlerFactory interface {
	HandlerFor(pipelineScopedHandler http.Handler, rejector Rejector) http.Handler
}

func NewCheckWorkerTeamAccessHandlerFactory 

func NewCheckWorkerTeamAccessHandlerFactory(
	workerFactory dbng.WorkerFactory,
) CheckWorkerTeamAccessHandlerFactory

type CookieSetHandler 

type CookieSetHandler struct {
	Handler http.Handler
}

func (CookieSetHandler) ServeHTTP 

func (handler CookieSetHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type JWTReader 

type JWTReader struct {
	PublicKey *rsa.PublicKey
}

func (JWTReader) GetSystem 

func (jr JWTReader) GetSystem(r *http.Request) (bool, bool)

func (JWTReader) GetTeam 

func (jr JWTReader) GetTeam(r *http.Request) (string, bool, bool)

type JWTValidator 

type JWTValidator struct {
	PublicKey *rsa.PublicKey
}

func (JWTValidator) IsAuthenticated 

func (validator JWTValidator) IsAuthenticated(r *http.Request) bool

type LogOutHandler 

type LogOutHandler struct {
	// contains filtered or unexported fields
}

func (*LogOutHandler) ServeHTTP 

func (handler *LogOutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthBeginHandler 

type OAuthBeginHandler struct {
	// contains filtered or unexported fields
}

func (*OAuthBeginHandler) ServeHTTP 

func (handler *OAuthBeginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthCallbackHandler 

type OAuthCallbackHandler struct {
	// contains filtered or unexported fields
}

func (*OAuthCallbackHandler) ServeHTTP 

func (handler *OAuthCallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthState 

type OAuthState struct {
	Redirect     string `json:"redirect"`
	TeamName     string `json:"team_name"`
	FlyLocalPort string `json:"fly_local_port"`
}

type ProviderFactory 

type ProviderFactory interface {
	GetProvider(db.SavedTeam, string) (provider.Provider, bool, error)
}

type Rejector 

type Rejector interface {
	Unauthorized(http.ResponseWriter, *http.Request)
	Forbidden(http.ResponseWriter, *http.Request)
}

type Team 

type Team interface {
	Name() string
	IsAdmin() bool
	IsAuthorized(teamName string) bool
}

func GetTeam 

func GetTeam(r *http.Request) (Team, bool)

type TokenGenerator 

type TokenGenerator interface {
	GenerateToken(expiration time.Time, teamName string, isAdmin bool) (TokenType, TokenValue, error)
}

func NewTokenGenerator 

func NewTokenGenerator(privateKey *rsa.PrivateKey) TokenGenerator

type TokenType 

type TokenType string

type TokenValue 

type TokenValue string

type UnauthorizedRejector 

type UnauthorizedRejector struct{}

func (UnauthorizedRejector) Forbidden 

func (UnauthorizedRejector) Forbidden(w http.ResponseWriter, r *http.Request)

func (UnauthorizedRejector) Unauthorized 

func (UnauthorizedRejector) Unauthorized(w http.ResponseWriter, r *http.Request)

type UserContextReader 

type UserContextReader interface {
	GetTeam(r *http.Request) (string, bool, bool)
	GetSystem(r *http.Request) (bool, bool)
}

type Validator 

type Validator interface {
	IsAuthenticated(*http.Request) bool
}

func NewBasicAuthValidator 

func NewBasicAuthValidator(team db.SavedTeam) Validator

func NewTeamAuthValidator 

func NewTeamAuthValidator(
	teamDBFactory db.TeamDBFactory,
	jwtValidator Validator,
) Validator

Source Files

View all Source files

Directories

Path Synopsis
This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
 This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter This file was generated by counterfeiter
githubfakes
This file was generated by counterfeiter
 This file was generated by counterfeiter
providerfakes
This file was generated by counterfeiter This file was generated by counterfeiter
 This file was generated by counterfeiter This file was generated by counterfeiter

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.