oathkeeper

package
v0.0.0-...-47d5d90 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 14, 2024 License: Apache-2.0 Imports: 14 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	// CertificateFlow missing godoc
	CertificateFlow AuthFlow = "Certificate"
	// OneTimeTokenFlow missing godoc
	OneTimeTokenFlow AuthFlow = "OneTimeToken"
	// OAuth2Flow missing godoc
	OAuth2Flow AuthFlow = "OAuth2"
	// JWTAuthFlow missing godoc
	JWTAuthFlow AuthFlow = "JWT"
	// ConsumerProviderFlow is using when we have consumer-provider and subscription relationship between them
	ConsumerProviderFlow AuthFlow = "Consumer-Provider"

	// ClientIDKey missing godoc
	ClientIDKey = "client_id"
	// EmailKey missing godoc
	EmailKey = "email"
	// UsernameKey missing godoc
	UsernameKey = "name"
	// GroupsKey missing godoc
	GroupsKey = "groups"
	// ClientIDCertKey missing godoc
	ClientIDCertKey = "client-id-from-certificate"
	// ClientIDCertIssuer missing godoc
	ClientIDCertIssuer = "client-certificate-issuer"
	// ClientIDTokenKey missing godoc
	ClientIDTokenKey = "client-id-from-token"
	// ExternalTenantKey missing godoc
	ExternalTenantKey = "tenant"
	// UserContextKey is a header key containing consumer data
	UserContextKey = "User_context"
	// ScopesKey missing godoc
	ScopesKey = "scope"
	// CertificateSubjectHeader represents a header key for cert subject
	CertificateSubjectHeader = "subject-from-certificate"
	// ConnectorIssuer missing godoc
	ConnectorIssuer = "connector"
	// ExternalIssuer missing godoc
	ExternalIssuer = "certificate-service"
)

Variables

This section is empty.

Functions

func NewReqDataParser 

func NewReqDataParser() *reqDataParser

NewReqDataParser missing godoc

Types

type AuthDetails 

type AuthDetails struct {
	AuthID        string
	AuthFlow      AuthFlow
	CertIssuer    string
	Authenticator *authenticator.Config
	ScopePrefixes []string
	Subject       string
	Region        string
}

AuthDetails contains information about the currently authenticated client - AuthID, AuthFlow and Authenticator to use for further processing

type AuthFlow 

type AuthFlow string

AuthFlow wraps possible flows of auth like OAuth2, JWT and certificate

func (AuthFlow) IsCertFlow 

func (f AuthFlow) IsCertFlow() bool

IsCertFlow missing godoc

func (AuthFlow) IsJWTFlow 

func (f AuthFlow) IsJWTFlow() bool

IsJWTFlow missing godoc

func (AuthFlow) IsOAuth2Flow 

func (f AuthFlow) IsOAuth2Flow() bool

IsOAuth2Flow missing godoc

func (AuthFlow) IsOneTimeTokenFlow 

func (f AuthFlow) IsOneTimeTokenFlow() bool

IsOneTimeTokenFlow missing godoc

type ExtraData 

type ExtraData struct {
	InternalConsumerID string
	ConsumerType       model.SystemAuthReferenceObjectType
	AccessLevels       []string
}

ExtraData represents the extra fields that might be provided in the incoming request

type ReqBody 

type ReqBody struct {
	Subject string                 `json:"subject"`
	Extra   map[string]interface{} `json:"extra"`
	Header  http.Header            `json:"header"`
}

ReqBody represents parsed request input to the handler

type ReqData 

type ReqData struct {
	Body   ReqBody
	Header http.Header
	// contains filtered or unexported fields
}

ReqData represents incoming request with parsed body and its header

func NewReqData 

func NewReqData(ctx context.Context, reqBody ReqBody, reqHeader http.Header) ReqData

NewReqData missing godoc

func (*ReqData) ConsumerType 

func (d *ReqData) ConsumerType() model.SystemAuthReferenceObjectType

ConsumerType gets consumer type from body extra if it exists.

func (*ReqData) ExtractCoordinates 

func (d *ReqData) ExtractCoordinates() (authenticator.Coordinates, bool, error)

ExtractCoordinates extracts the authenticator coordinates from ReqData. The coordinates are stored in Body.Extra and the key for them is "authenticator_coordinates".

func (*ReqData) GetExternalTenantID 

func (d *ReqData) GetExternalTenantID() (string, error)

GetExternalTenantID returns external tenant ID from the parsed request input if it is defined

func (*ReqData) GetExtraDataWithDefaults 

func (d *ReqData) GetExtraDataWithDefaults() ExtraData

GetExtraDataWithDefaults gets body extra.

func (*ReqData) GetScopes 

func (d *ReqData) GetScopes() (string, error)

GetScopes returns scopes from the parsed request input if defined

func (*ReqData) GetUserGroups 

func (d *ReqData) GetUserGroups() []string

GetUserGroups returns group name or empty string if there's no group

func (*ReqData) GetUserScopes 

func (d *ReqData) GetUserScopes(scopePrefixes []string) ([]string, error)

GetUserScopes returns scopes as string array from the parsed request input if defined; also it strips the scopes from any potential authenticator prefixes

func (*ReqData) InternalConsumerID 

func (d *ReqData) InternalConsumerID() string

InternalConsumerID gets internal consumer id from body extra if it exists.

func (*ReqData) IsIntegrationSystemFlow 

func (d *ReqData) IsIntegrationSystemFlow() bool

IsIntegrationSystemFlow returns true if a tenant header is missing or is provided, but it differs from the client ID found in the certificate

func (*ReqData) MarshalExtra 

func (d *ReqData) MarshalExtra() (string, error)

MarshalExtra marshals the request data extra content

func (*ReqData) SetExternalTenantID 

func (d *ReqData) SetExternalTenantID(id string)

SetExternalTenantID sets the external tenant ID in the Header collection

func (*ReqData) SetExtraFromClaims 

func (d *ReqData) SetExtraFromClaims(claims jwt.MapClaims)

SetExtraFromClaims sets the data based on the JWT claims

func (*ReqData) TenantAccessLevels 

func (d *ReqData) TenantAccessLevels() []string

TenantAccessLevels gets the granted tenant access levels from body extra if they exist.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.