tokens

package

v0.3.6 Latest Latest Go to latest Published: Nov 22, 2024 License: MPL-2.0 Imports: 29 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Package tokens manages token authentication

View Source

const (
	// session cookie stores the session token
	SessionCookie = "session"
)

View Source

var AuthenticatedPrefixes = []string{
	tfeapi.APIPrefixV2,
	tfeapi.ModuleV1Prefix,
	otfapi.DefaultBasePath,
	paths.UIPrefix,
}

AuthenticatedPrefixes are those URL path prefixes requiring authentication.

func TokenFlashMessage(renderer html.Renderer, w http.ResponseWriter, token []byte) error

TokenFlashMessage is a helper for rendering a flash message with an authentication token.

type GetOrCreateUser func(ctx context.Context, username string) (authz.Subject, error)

GetOrCreateUser retrieves the user with the given username. If the user does not exist it is created.

type GoogleIAPConfig struct {
	Audience string
}

type NewTokenOption func(*jwt.Builder) *jwt.Builder

func WithExpiry(exp time.Time) NewTokenOption

type Options struct {
	logr.Logger
	GoogleIAPConfig

	Secret []byte
}

type Service struct {
	logr.Logger
	// contains filtered or unexported fields
}

func NewService(opts Options) (*Service, error)

func (r Service) GetSubject(ctx context.Context, jwtSubject resource.ID) (authz.Subject, error)

func (a *Service) Middleware() mux.MiddlewareFunc

Middleware returns middleware for authenticating tokens

func (f Service) NewToken(subjectID resource.ID, opts ...NewTokenOption) ([]byte, error)

func (r Service) RegisterKind(k resource.Kind, fn SubjectGetter)

RegisterKind registers a kind of authentication token, providing a func that can retrieve the OTF subject indicated in the token.

func (r Service) RegisterSiteToken(token string, siteAdmin authz.Subject)

RegisterSiteToken registers a site token which the middleware, and the subject to return as the site admin upon successful authentication.

func (a *Service) StartSession(w http.ResponseWriter, r *http.Request, userID resource.ID) error

type SubjectGetter func(ctx context.Context, jwtSubject resource.ID) (authz.Subject, error)

SubjectGetter retrieves an OTF subject given the jwtSubject string, which is the value of the 'subject' field parsed from a JWT.