Documentation ¶
Index ¶
- Constants
- Variables
- func CSRFValidationHandler(handler http.Handler, rejector Rejector, userContextReader UserContextReader) http.Handler
- func CheckAdminHandler(handler http.Handler, rejector Rejector) http.Handler
- func CheckAuthenticationHandler(handler http.Handler, rejector Rejector) http.Handler
- func CheckAuthorizationHandler(handler http.Handler, rejector Rejector) http.Handler
- func IsAdmin(r *http.Request) bool
- func IsAuthenticated(r *http.Request) bool
- func IsAuthorized(r *http.Request) bool
- func IsSystem(r *http.Request) bool
- func NewCheckBuildReadAccessHandlerFactory(buildFactory dbng.BuildFactory) *checkBuildReadAccessHandlerFactory
- func NewCheckBuildWriteAccessHandlerFactory(buildFactory dbng.BuildFactory) *checkBuildWriteAccessHandlerFactory
- func NewCheckPipelineAccessHandlerFactory(teamFactory dbng.TeamFactory) *checkPipelineAccessHandlerFactory
- func NewLogOutHandler(logger lager.Logger) http.Handler
- func NewOAuthBeginHandler(logger lager.Logger, providerFactory ProviderFactory, ...) http.Handler
- func NewOAuthCallbackHandler(logger lager.Logger, providerFactory ProviderFactory, ...) http.Handler
- func NewOAuthHandler(logger lager.Logger, providerFactory ProviderFactory, ...) (http.Handler, error)
- func WrapHandler(handler http.Handler, validator Validator, userContextReader UserContextReader) http.Handler
- type AuthDB
- type AuthTokenGenerator
- type CSRFTokenGenerator
- type CheckBuildReadAccessHandlerFactory
- type CheckBuildWriteAccessHandlerFactory
- type CheckPipelineAccessHandlerFactory
- type CheckWorkerTeamAccessHandlerFactory
- type CookieSetHandler
- type JWTReader
- type JWTValidator
- type LogOutHandler
- type OAuthBeginHandler
- type OAuthCallbackHandler
- type OAuthFactory
- type OAuthState
- type ProviderFactory
- type Rejector
- type Team
- type TokenType
- type TokenValue
- type UnauthorizedRejector
- type UserContextReader
- type Validator
Constants ¶
View Source
const AuthCookieName = "ATC-Authorization"
View Source
const BuildContextKey = "build"
View Source
const CSRFHeaderName = "X-Csrf-Token"
View Source
const CSRFRequiredKey = "CSRFRequired"
View Source
const OAuthStateCookie = "_concourse_oauth_state"
View Source
const PipelineContextKey = "pipeline"
View Source
const TokenTypeBearer = "Bearer"
Variables ¶
View Source
var ErrUnparsableHeader = errors.New("cannot parse 'Authorization' header")
View Source
var SigningMethod = jwt.SigningMethodRS256
Functions ¶
func CSRFValidationHandler ¶
func CheckAdminHandler ¶
func IsAuthenticated ¶
func IsAuthorized ¶
func NewCheckBuildReadAccessHandlerFactory ¶
func NewCheckBuildReadAccessHandlerFactory( buildFactory dbng.BuildFactory, ) *checkBuildReadAccessHandlerFactory
func NewCheckBuildWriteAccessHandlerFactory ¶
func NewCheckBuildWriteAccessHandlerFactory( buildFactory dbng.BuildFactory, ) *checkBuildWriteAccessHandlerFactory
func NewCheckPipelineAccessHandlerFactory ¶
func NewCheckPipelineAccessHandlerFactory( teamFactory dbng.TeamFactory, ) *checkPipelineAccessHandlerFactory
func NewOAuthBeginHandler ¶
func NewOAuthBeginHandler( logger lager.Logger, providerFactory ProviderFactory, privateKey *rsa.PrivateKey, teamFactory dbng.TeamFactory, expire time.Duration, isTLSEnabled bool, ) http.Handler
func NewOAuthCallbackHandler ¶
func NewOAuthCallbackHandler( logger lager.Logger, providerFactory ProviderFactory, privateKey *rsa.PrivateKey, teamFactory dbng.TeamFactory, expire time.Duration, isTLSEnabled bool, ) http.Handler
func NewOAuthHandler ¶
func NewOAuthHandler( logger lager.Logger, providerFactory ProviderFactory, teamFactory dbng.TeamFactory, signingKey *rsa.PrivateKey, expire time.Duration, isTLSEnabled bool, ) (http.Handler, error)
func WrapHandler ¶
Types ¶
type AuthTokenGenerator ¶
type AuthTokenGenerator interface {
GenerateToken(expiration time.Time, teamName string, isAdmin bool, csrfToken string) (TokenType, TokenValue, error)
}
func NewAuthTokenGenerator ¶
func NewAuthTokenGenerator(privateKey *rsa.PrivateKey) AuthTokenGenerator
type CSRFTokenGenerator ¶
func NewCSRFTokenGenerator ¶
func NewCSRFTokenGenerator() CSRFTokenGenerator
type CheckWorkerTeamAccessHandlerFactory ¶
type CheckWorkerTeamAccessHandlerFactory interface {
HandlerFor(pipelineScopedHandler http.Handler, rejector Rejector) http.Handler
}
func NewCheckWorkerTeamAccessHandlerFactory ¶
func NewCheckWorkerTeamAccessHandlerFactory( workerFactory dbng.WorkerFactory, ) CheckWorkerTeamAccessHandlerFactory
type CookieSetHandler ¶
func (CookieSetHandler) ServeHTTP ¶
func (handler CookieSetHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type JWTValidator ¶
func (JWTValidator) IsAuthenticated ¶
func (validator JWTValidator) IsAuthenticated(r *http.Request) bool
type LogOutHandler ¶
type LogOutHandler struct {
// contains filtered or unexported fields
}
func (*LogOutHandler) ServeHTTP ¶
func (handler *LogOutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthBeginHandler ¶
type OAuthBeginHandler struct {
// contains filtered or unexported fields
}
func (*OAuthBeginHandler) ServeHTTP ¶
func (handler *OAuthBeginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthCallbackHandler ¶
type OAuthCallbackHandler struct {
// contains filtered or unexported fields
}
func (*OAuthCallbackHandler) ServeHTTP ¶
func (handler *OAuthCallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthFactory ¶
type OAuthFactory struct {
// contains filtered or unexported fields
}
func NewOAuthFactory ¶
func (OAuthFactory) GetProvider ¶
type OAuthState ¶
type ProviderFactory ¶
type TokenValue ¶
type TokenValue string
type UnauthorizedRejector ¶
type UnauthorizedRejector struct{}
func (UnauthorizedRejector) Forbidden ¶
func (UnauthorizedRejector) Forbidden(w http.ResponseWriter, r *http.Request)
func (UnauthorizedRejector) Unauthorized ¶
func (UnauthorizedRejector) Unauthorized(w http.ResponseWriter, r *http.Request)
type UserContextReader ¶
Source Files ¶
- auth_db.go
- auth_token_generator.go
- basic_auth_validator.go
- check_admin_handler.go
- check_auth_handler.go
- check_authorization_handler.go
- check_build_read_access_handler.go
- check_build_write_access_handler.go
- check_pipeline_access_handler.go
- check_worker_team_access_handler.go
- context_keys.go
- cookie_set_handler.go
- csrf_token_generator.go
- csrf_validation_handler.go
- extract_username_and_password.go
- get_jwt.go
- get_team.go
- is_admin.go
- is_authenticated.go
- is_authorized.go
- is_system.go
- jwt_reader.go
- jwt_validator.go
- logout_handler.go
- oauth_begin_handler.go
- oauth_callback_handler.go
- oauth_factory.go
- oauth_handler.go
- rejector.go
- team_auth_validator.go
- unauthorized_rejector.go
- user_context_reader.go
- validator.go
- wrap_handler.go
Directories ¶
Path | Synopsis |
---|---|
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
githubfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
providerfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
Click to show internal directories.
Click to hide internal directories.