tokens

package
v0.0.47 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 25, 2023 License: MPL-2.0 Imports: 34 Imported by: 0

Documentation

Overview

Package tokens manages token authentication

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewService 

func NewService(opts Options) (*service, error)

func NewSessionToken 

func NewSessionToken(key jwk.Key, username string, expiry time.Time) (string, error)

func NewTestJWT 

func NewTestJWT(t *testing.T, secret []byte, kind Kind, lifetime time.Duration, claims ...string) string

func NewTestSessionJWT 

func NewTestSessionJWT(t *testing.T, username string, secret []byte, lifetime time.Duration) string

func NewToken 

func NewToken(opts NewTokenOptions) ([]byte, error)

Types

type AgentToken 

type AgentToken struct {
	ID           string
	CreatedAt    time.Time
	Description  string
	Organization string
}

AgentToken represents the authentication token for an external agent. NOTE: the cryptographic token itself is not retained.

func AgentFromContext 

func AgentFromContext(ctx context.Context) (*AgentToken, error)

AgentFromContext retrieves an agent token from a context

func NewAgentToken 

func NewAgentToken(opts NewAgentTokenOptions) (*AgentToken, []byte, error)

NewAgentToken constructs a token for an external agent, returning both the representation of the token, and the cryptographic token itself.

TODO(@leg100): Unit test this.

func NewTestAgentToken 

func NewTestAgentToken(t *testing.T, org string) *AgentToken

func (*AgentToken) CanAccessOrganization 

func (t *AgentToken) CanAccessOrganization(action rbac.Action, name string) bool

func (*AgentToken) CanAccessSite 

func (*AgentToken) CanAccessSite(action rbac.Action) bool

func (*AgentToken) CanAccessWorkspace 

func (t *AgentToken) CanAccessWorkspace(action rbac.Action, policy internal.WorkspacePolicy) bool

func (*AgentToken) IsOwner 

func (t *AgentToken) IsOwner(string) bool

func (*AgentToken) IsSiteAdmin 

func (t *AgentToken) IsSiteAdmin() bool

func (*AgentToken) Organizations 

func (t *AgentToken) Organizations() []string

func (*AgentToken) String 

func (t *AgentToken) String() string

type Client 

type Client struct {
	internal.JSONAPIClient
}

func (*Client) CreateAgentToken 

func (c *Client) CreateAgentToken(ctx context.Context, options CreateAgentTokenOptions) ([]byte, error)

func (*Client) CreateRunToken 

func (c *Client) CreateRunToken(ctx context.Context, opts CreateRunTokenOptions) ([]byte, error)

CreateRunToken creates a run token via HTTP/JSONAPI

func (*Client) GetAgentToken 

func (c *Client) GetAgentToken(ctx context.Context, token string) (*AgentToken, error)

type CreateAgentTokenOptions 

type CreateAgentTokenOptions struct {
	Organization string `schema:"organization_name,required"`
	Description  string `schema:"description,required"`
}

type CreateRunTokenOptions 

type CreateRunTokenOptions struct {
	Organization *string    // Organization of run. Required.
	RunID        *string    // ID of run. Required.
	Expiry       *time.Time // Override expiry. Optional.
}

type CreateUserTokenOptions 

type CreateUserTokenOptions struct {
	Description string
}

CreateUserTokenOptions are options for creating a user token via the service endpoint

type GoogleIAPConfig 

type GoogleIAPConfig struct {
	Audience string
}

type Kind 

type Kind string

the Kind of authentication token: user session, user token, agent token, etc

type NewAgentTokenOptions 

type NewAgentTokenOptions struct {
	CreateAgentTokenOptions
	// contains filtered or unexported fields
}

type NewTokenOptions 

type NewTokenOptions struct {
	Kind    Kind
	Subject string
	Expiry  *time.Time
	Claims  map[string]string
	// contains filtered or unexported fields
}

type NewUserTokenOptions 

type NewUserTokenOptions struct {
	CreateUserTokenOptions
	Username string
	// contains filtered or unexported fields
}

NewUserTokenOptions are options for constructing a user token via the constructor.

type Options 

type Options struct {
	logr.Logger
	internal.DB
	html.Renderer
	auth.AuthService
	GoogleIAPConfig

	SiteToken string
	Secret    []byte
}

type OrganizationService 

type OrganizationService organization.Service

Aliases to disambiguate service names when embedded together.

type RunToken 

type RunToken struct {
	Organization string
}

RunToken is a short-lived token providing a terraform run with access to resources, in particular access to the registry to retrieve modules.

func NewRunTokenFromJWT 

func NewRunTokenFromJWT(token jwt.Token) (*RunToken, error)

func (*RunToken) CanAccessOrganization 

func (t *RunToken) CanAccessOrganization(action rbac.Action, name string) bool

func (*RunToken) CanAccessSite 

func (t *RunToken) CanAccessSite(action rbac.Action) bool

func (*RunToken) CanAccessWorkspace 

func (t *RunToken) CanAccessWorkspace(action rbac.Action, policy internal.WorkspacePolicy) bool

func (*RunToken) ID 

func (t *RunToken) ID() string

func (*RunToken) IsOwner 

func (t *RunToken) IsOwner(string) bool

func (*RunToken) IsSiteAdmin 

func (t *RunToken) IsSiteAdmin() bool

func (*RunToken) Organizations 

func (t *RunToken) Organizations() []string

func (*RunToken) String 

func (t *RunToken) String() string

type RunTokenService 

type RunTokenService interface {
	CreateRunToken(ctx context.Context, opts CreateRunTokenOptions) ([]byte, error)
}

type StartSessionOptions 

type StartSessionOptions struct {
	Username *string
	Expiry   *time.Time
}

type TokensService 

type TokensService interface {
	Middleware() mux.MiddlewareFunc

	RunTokenService
	// contains filtered or unexported methods
}

type UserToken 

type UserToken struct {
	ID          string
	CreatedAt   time.Time
	Description string
	Username    string // Token belongs to a user
}

UserToken provides information about an API token for a user.

func NewTestToken 

func NewTestToken(t *testing.T, org string) *UserToken

func NewUserToken 

func NewUserToken(opts NewUserTokenOptions) (*UserToken, []byte, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.