Documentation ¶
Index ¶
- func NewAuthRecord(sub string, authorizedScopes map[string]bool, claims map[string]jwt.Claims) identity.AuthRecord
- type CookieIdentityManager
- func (im *CookieIdentityManager) AddRoutes(ctx context.Context, router *mux.Router)
- func (im *CookieIdentityManager) ApproveScopes(ctx context.Context, userid string, audience string, ...) (string, error)
- func (im *CookieIdentityManager) ApprovedScopes(ctx context.Context, userid string, audience string, ref string) (map[string]bool, error)
- func (im *CookieIdentityManager) Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ...) (identity.AuthRecord, error)
- func (im *CookieIdentityManager) Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ...) (identity.AuthRecord, error)
- func (im *CookieIdentityManager) ClaimsSupported() []string
- func (im *CookieIdentityManager) Fetch(ctx context.Context, sub string, scopes map[string]bool) (identity.AuthRecord, bool, error)
- func (im *CookieIdentityManager) ScopesSupported() []string
- type DummyIdentityManager
- func (im *DummyIdentityManager) AddRoutes(ctx context.Context, router *mux.Router)
- func (im *DummyIdentityManager) ApproveScopes(ctx context.Context, userid string, audience string, ...) (string, error)
- func (im *DummyIdentityManager) ApprovedScopes(ctx context.Context, userid string, audience string, ref string) (map[string]bool, error)
- func (im *DummyIdentityManager) Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ...) (identity.AuthRecord, error)
- func (im *DummyIdentityManager) Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ...) (identity.AuthRecord, error)
- func (im *DummyIdentityManager) ClaimsSupported() []string
- func (im *DummyIdentityManager) Fetch(ctx context.Context, sub string, scopes map[string]bool) (identity.AuthRecord, bool, error)
- func (im *DummyIdentityManager) ScopesSupported() []string
- type EncryptionManager
- func (em *EncryptionManager) Decrypt(ciphertext []byte) ([]byte, error)
- func (em *EncryptionManager) DecryptHexToString(ciphertextHex string) (string, error)
- func (em *EncryptionManager) Encrypt(plaintext []byte) ([]byte, error)
- func (em *EncryptionManager) EncryptStringToHexString(plaintext string) (string, error)
- func (em *EncryptionManager) GetKeySize() int
- func (em *EncryptionManager) SetKey(key []byte) error
- type IdentifierIdentityManager
- func (im *IdentifierIdentityManager) AddRoutes(ctx context.Context, router *mux.Router)
- func (im *IdentifierIdentityManager) ApproveScopes(ctx context.Context, userid string, audience string, ...) (string, error)
- func (im *IdentifierIdentityManager) ApprovedScopes(ctx context.Context, userid string, audience string, ref string) (map[string]bool, error)
- func (im *IdentifierIdentityManager) Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ...) (identity.AuthRecord, error)
- func (im *IdentifierIdentityManager) Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ...) (identity.AuthRecord, error)
- func (im *IdentifierIdentityManager) ClaimsSupported() []string
- func (im *IdentifierIdentityManager) Fetch(ctx context.Context, sub string, scopes map[string]bool) (identity.AuthRecord, bool, error)
- func (im *IdentifierIdentityManager) ScopesSupported() []string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewAuthRecord ¶
func NewAuthRecord(sub string, authorizedScopes map[string]bool, claims map[string]jwt.Claims) identity.AuthRecord
NewAuthRecord returns a implementation of identity.AuthRecord holding the provided data in memory.
Types ¶
type CookieIdentityManager ¶
type CookieIdentityManager struct { *EncryptionManager // contains filtered or unexported fields }
CookieIdentityManager implements an identity manager which passes through received HTTP cookies to a HTTP backend..
func NewCookieIdentityManager ¶
func NewCookieIdentityManager(c *identity.Config, em *EncryptionManager, backendURI *url.URL, cookieNames []string, timeout time.Duration, transport http.RoundTripper) *CookieIdentityManager
NewCookieIdentityManager creates a new CookieIdentityManager from the provided parameters.
func (*CookieIdentityManager) AddRoutes ¶
func (im *CookieIdentityManager) AddRoutes(ctx context.Context, router *mux.Router)
AddRoutes implements the identity.Manager interface.
func (*CookieIdentityManager) ApproveScopes ¶
func (im *CookieIdentityManager) ApproveScopes(ctx context.Context, userid string, audience string, approvedScopes map[string]bool) (string, error)
ApproveScopes implements the Backend interface.
func (*CookieIdentityManager) ApprovedScopes ¶
func (im *CookieIdentityManager) ApprovedScopes(ctx context.Context, userid string, audience string, ref string) (map[string]bool, error)
ApprovedScopes implements the Backend interface.
func (*CookieIdentityManager) Authenticate ¶
func (im *CookieIdentityManager) Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest) (identity.AuthRecord, error)
Authenticate implements the identity.Manager interface.
func (*CookieIdentityManager) Authorize ¶
func (im *CookieIdentityManager) Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth identity.AuthRecord) (identity.AuthRecord, error)
Authorize implements the identity.Manager interface.
func (*CookieIdentityManager) ClaimsSupported ¶
func (im *CookieIdentityManager) ClaimsSupported() []string
ClaimsSupported implements the identity.Manager interface.
func (*CookieIdentityManager) Fetch ¶
func (im *CookieIdentityManager) Fetch(ctx context.Context, sub string, scopes map[string]bool) (identity.AuthRecord, bool, error)
Fetch implements the identity.Manager interface.
func (*CookieIdentityManager) ScopesSupported ¶
func (im *CookieIdentityManager) ScopesSupported() []string
ScopesSupported implements the identity.Manager interface.
type DummyIdentityManager ¶
type DummyIdentityManager struct {
Sub string
}
DummyIdentityManager implements an identity manager which always grants access to a fixed user id.
func (*DummyIdentityManager) AddRoutes ¶
func (im *DummyIdentityManager) AddRoutes(ctx context.Context, router *mux.Router)
AddRoutes implements the identity.Manager interface.
func (*DummyIdentityManager) ApproveScopes ¶
func (im *DummyIdentityManager) ApproveScopes(ctx context.Context, userid string, audience string, approvedScopes map[string]bool) (string, error)
ApproveScopes implements the Backend interface.
func (*DummyIdentityManager) ApprovedScopes ¶
func (im *DummyIdentityManager) ApprovedScopes(ctx context.Context, userid string, audience string, ref string) (map[string]bool, error)
ApprovedScopes implements the Backend interface.
func (*DummyIdentityManager) Authenticate ¶
func (im *DummyIdentityManager) Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest) (identity.AuthRecord, error)
Authenticate implements the identity.Manager interface.
func (*DummyIdentityManager) Authorize ¶
func (im *DummyIdentityManager) Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth identity.AuthRecord) (identity.AuthRecord, error)
Authorize implements the identity.Manager interface.
func (*DummyIdentityManager) ClaimsSupported ¶
func (im *DummyIdentityManager) ClaimsSupported() []string
ClaimsSupported implements the identity.Manager interface.
func (*DummyIdentityManager) Fetch ¶
func (im *DummyIdentityManager) Fetch(ctx context.Context, sub string, scopes map[string]bool) (identity.AuthRecord, bool, error)
Fetch implements the identity.Manager interface.
func (*DummyIdentityManager) ScopesSupported ¶
func (im *DummyIdentityManager) ScopesSupported() []string
ScopesSupported implements the identity.Manager interface.
type EncryptionManager ¶
type EncryptionManager struct {
// contains filtered or unexported fields
}
EncryptionManager implements string encryption functions with a key.
func NewEncryptionManager ¶
func NewEncryptionManager(key *[encryption.KeySize]byte) (*EncryptionManager, error)
NewEncryptionManager creates a new EncryptionManager with the provided key.
func (*EncryptionManager) Decrypt ¶
func (em *EncryptionManager) Decrypt(ciphertext []byte) ([]byte, error)
Decrypt decrypts ciphertext []byte with the accociated key and returns plaintext []byte.
func (*EncryptionManager) DecryptHexToString ¶
func (em *EncryptionManager) DecryptHexToString(ciphertextHex string) (string, error)
DecryptHexToString decrypts a hex encoded string with the accociated key and returns the plain text as string.
func (*EncryptionManager) Encrypt ¶
func (em *EncryptionManager) Encrypt(plaintext []byte) ([]byte, error)
Encrypt encrypts plaintext []byte with the accociated key and returns ciphertext []byte.
func (*EncryptionManager) EncryptStringToHexString ¶
func (em *EncryptionManager) EncryptStringToHexString(plaintext string) (string, error)
EncryptStringToHexString encrypts a plaintext string with the accociated key and returns the hex encoded ciphertext as string.
func (*EncryptionManager) GetKeySize ¶
func (em *EncryptionManager) GetKeySize() int
GetKeySize returns the size of the accociated manager's key.
func (*EncryptionManager) SetKey ¶
func (em *EncryptionManager) SetKey(key []byte) error
SetKey sets the provided key for the accociated manager.
type IdentifierIdentityManager ¶
type IdentifierIdentityManager struct {
// contains filtered or unexported fields
}
IdentifierIdentityManager implements an identity manager which relies on Konnect its identifier to provide identity.
func NewIdentifierIdentityManager ¶
func NewIdentifierIdentityManager(c *identity.Config, i *identifier.Identifier, clients *clients.Registry) *IdentifierIdentityManager
NewIdentifierIdentityManager creates a new IdentifierIdentityManager from the provided parameters.
func (*IdentifierIdentityManager) AddRoutes ¶
func (im *IdentifierIdentityManager) AddRoutes(ctx context.Context, router *mux.Router)
AddRoutes implements the identity.Manager interface.
func (*IdentifierIdentityManager) ApproveScopes ¶
func (im *IdentifierIdentityManager) ApproveScopes(ctx context.Context, userid string, audience string, approvedScopes map[string]bool) (string, error)
ApproveScopes implements the Backend interface.
func (*IdentifierIdentityManager) ApprovedScopes ¶
func (im *IdentifierIdentityManager) ApprovedScopes(ctx context.Context, userid string, audience string, ref string) (map[string]bool, error)
ApprovedScopes implements the Backend interface.
func (*IdentifierIdentityManager) Authenticate ¶
func (im *IdentifierIdentityManager) Authenticate(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest) (identity.AuthRecord, error)
Authenticate implements the identity.Manager interface.
func (*IdentifierIdentityManager) Authorize ¶
func (im *IdentifierIdentityManager) Authorize(ctx context.Context, rw http.ResponseWriter, req *http.Request, ar *payload.AuthenticationRequest, auth identity.AuthRecord) (identity.AuthRecord, error)
Authorize implements the identity.Manager interface.
func (*IdentifierIdentityManager) ClaimsSupported ¶
func (im *IdentifierIdentityManager) ClaimsSupported() []string
ClaimsSupported implements the identity.Manager interface.
func (*IdentifierIdentityManager) Fetch ¶
func (im *IdentifierIdentityManager) Fetch(ctx context.Context, sub string, scopes map[string]bool) (identity.AuthRecord, bool, error)
Fetch implements the identity.Manager interface.
func (*IdentifierIdentityManager) ScopesSupported ¶
func (im *IdentifierIdentityManager) ScopesSupported() []string
ScopesSupported implements the identity.Manager interface.