client

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 31, 2018 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrClientExists = errors.New("client already exists")
)

Functions

This section is empty.

Types

type ByName added in v0.7.1 

type ByName []Client

ByName enables sorting Client applications by the client application Name A-Z

func (ByName) Len added in v0.7.1 

func (c ByName) Len() int

func (ByName) Less added in v0.7.1 

func (c ByName) Less(i, j int) bool

func (ByName) Swap added in v0.7.1 

func (c ByName) Swap(i, j int)

type ByOwner added in v0.7.1 

type ByOwner []Client

ByOwner enables sorting Client applications by the client application Owner A-Z

func (ByOwner) Len added in v0.7.1 

func (c ByOwner) Len() int

func (ByOwner) Less added in v0.7.1 

func (c ByOwner) Less(i, j int) bool

func (ByOwner) Swap added in v0.7.1 

func (c ByOwner) Swap(i, j int)

type Client 

type Client struct {
	// ID is the id for this client.
	ID string `bson:"_id" json:"id" xml:"id"`

	// AllowedTenantAccess contains the Tenant IDs that the client has been given rights to access
	AllowedTenantAccess []string `bson:"allowedTenantAccess" json:"allowedTenantAccess" xml:"allowedTenantAccess"`

	// Name is the human-readable string name of the client to be presented to the
	// end-user during authorization.
	Name string `bson:"clientName" json:"clientName" xml:"clientName"`

	// Secret is the client's secret. The secret will be included in the create request as cleartext, and then
	// never again. The secret is stored using BCrypt so it is impossible to recover it. Tell your users
	// that they need to write the secret down as it will not be made available again.
	Secret []byte `bson:"clientSecret,omitempty" json:"clientSecret,omitempty" xml:"clientSecret,omitempty"`

	// RedirectURIs is an array of allowed redirect urls for the client, for example:
	// http://mydomain/oauth/callback.
	RedirectURIs []string `bson:"redirectUris" json:"redirectUris" xml:"redirectUris"`

	// GrantTypes is an array of grant types the client is allowed to use.
	//
	// Pattern: client_credentials|authorize_code|implicit|refresh_token
	GrantTypes []string `bson:"grantTypes" json:"grantTypes" xml:"grantTypes"`

	// ResponseTypes is an array of the OAuth 2.0 response type strings that the client can
	// use at the authorization endpoint.
	//
	// Pattern: id_token|code|token
	ResponseTypes []string `bson:"responseTypes" json:"responseTypes" xml:"responseTypes"`

	// Scope is a string containing a space-separated list of scope values (as
	// described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client
	// can use when requesting access tokens.
	//
	// Pattern: ([a-zA-Z0-9\.]+\s)+
	Scopes []string `bson:"scopes" json:"scopes" xml:"scopes"`

	// Owner is a string identifying the owner of the OAuth 2.0 Client.
	Owner string `bson:"owner" json:"owner" xml:"owner"`

	// PolicyURI is a URL string that points to a human-readable privacy policy document
	// that describes how the deployment organization collects, uses,
	// retains, and discloses personal data.
	PolicyURI string `bson:"policyUri" json:"policyUri" xml:"policyUri"`

	// TermsOfServiceURI is a URL string that points to a human-readable terms of service
	// document for the client that describes a contractual relationship
	// between the end-user and the client that the end-user accepts when
	// authorizing the client.
	TermsOfServiceURI string `bson:"termsOfServiceUri" json:"termsOfServiceUri" xml:"termsOfServiceUri"`

	// ClientURI is an URL string of a web page providing information about the client.
	// If present, the server SHOULD display this URL to the end-user in
	// a clickable fashion.
	ClientURI string `bson:"clientUri" json:"clientUri" xml:"clientUri"`

	// LogoURI is an URL string that references a logo for the client.
	LogoURI string `bson:"logoUri" json:"logoUri" xml:"logoUri"`

	// Contacts is a array of strings representing ways to contact people responsible
	// for this client, typically email addresses.
	Contacts []string `bson:"contacts" json:"contacts" xml:"contacts"`

	// Public is a boolean that identifies this client as public, meaning that it
	// does not have a secret. It will disable the client_credentials grant type for this client if set.
	Public bool `bson:"public" json:"public" xml:"public"`

	// Disabled is a boolean that identifies whether the client has had it's access disabled.
	Disabled bool `bson:"disabled" json:"disabled" xml:"disabled"`
}

Client provides the underlying structured make up of an OAuth2.0 Client. In order to update mongo records efficiently omitempty is used for all bson casting, with exception to ID, as this should always be provided in queries and updates.

func (*Client) DisableScopeAccess added in v0.9.0 

func (c *Client) DisableScopeAccess(scopes ...string)

DisableScopeAccess disables client scope access.

func (*Client) DisableTenantAccess added in v0.9.0 

func (c *Client) DisableTenantAccess(tenantIDs ...string)

RemoveTenants removes a single or multiple tenantIDs from the given client

func (*Client) EnableScopeAccess added in v0.9.0 

func (c *Client) EnableScopeAccess(scopes ...string)

EnableScopeAccess enables client scope access

func (*Client) EnableTenantAccess added in v0.9.0 

func (c *Client) EnableTenantAccess(tenantIDs ...string)

EnableTenantAccess adds a single or multiple tenantIDs to the given client

func (Client) Equal added in v0.7.4 

func (c Client) Equal(x Client) bool

Equal enables checking equality as having a byte array in a struct stops allowing equality checks.

func (*Client) GetGrantTypes 

func (c *Client) GetGrantTypes() fosite.Arguments

GetGrantTypes returns an array of strings, wrapped as `fosite.Arguments` to provide functions that allow verifying the Client's Grant Types against incoming requests.

func (*Client) GetHashedSecret 

func (c *Client) GetHashedSecret() []byte

GetHashedSecret returns the Client's Hashed Secret for authenticating with the Identity Provider.

func (*Client) GetID 

func (c *Client) GetID() string

GetID returns the client's Client ID.

func (*Client) GetOwner 

func (c *Client) GetOwner() string

GetOwner returns a string which contains the OAuth Client owner's name.Generally speaking, this will be a developer or an organisation.

func (*Client) GetRedirectURIs 

func (c *Client) GetRedirectURIs() []string

GetRedirectURIs returns the OAuth2.0 authorized Client redirect URIs.

func (*Client) GetResponseTypes 

func (c *Client) GetResponseTypes() fosite.Arguments

GetResponseTypes returns an array of strings, wrapped as `fosite.Arguments` to provide functions that allow verifying the Client's Response Types against incoming requests.

func (*Client) GetScopes 

func (c *Client) GetScopes() fosite.Arguments

GetScopes returns an array of strings, wrapped as `fosite.Arguments` to provide functions that allow verifying the Client's scopes against incoming requests.

func (*Client) IsDisabled added in v0.7.2 

func (c *Client) IsDisabled() bool

Disabled returns a boolean as to whether the Client itself has had it's access disabled.

func (Client) IsEmpty added in v0.7.4 

func (c Client) IsEmpty() bool

func (*Client) IsPublic 

func (c *Client) IsPublic() bool

IsPublic returns a boolean as to whether the Client itself is either private or public. If public, only trusted OAuth grant types should be used as client secrets shouldn't be exposed to a public client.

type Manager 

type Manager interface {
	Storer

	Authenticate(id string, secret []byte) (*Client, error)
}

Manager provides a generic interface to clients in order to build a DataStore

type MongoManager 

type MongoManager struct {
	DB     *mgo.Database
	Hasher fosite.Hasher
}

MongoManager cares for the managing of the Mongo Session instance of a Client.

func (MongoManager) Authenticate 

func (m MongoManager) Authenticate(id string, secret []byte) (*Client, error)

Authenticate compares a client secret with the client's stored hashed secret

func (*MongoManager) CreateClient 

func (m *MongoManager) CreateClient(c *Client) error

CreateClient adds a new OAuth2.0 Client to the client store.

func (*MongoManager) DeleteClient 

func (m *MongoManager) DeleteClient(id string) error

DeleteClient removes an OAuth 2.0 Client from the client store

func (MongoManager) GetClient 

func (m MongoManager) GetClient(ctx context.Context, id string) (fosite.Client, error)

GetClient returns a Client if found by an ID lookup.

func (MongoManager) GetClients 

func (m MongoManager) GetClients() (clients map[string]Client, err error)

GetClients returns a map of clients mapped by client ID

func (MongoManager) GetConcreteClient 

func (m MongoManager) GetConcreteClient(id string) (*Client, error)

GetConcreteClient finds a Client based on ID and returns it, if found in Mongo.

func (*MongoManager) UpdateClient 

func (m *MongoManager) UpdateClient(client *Client) error

UpdateClient updates an OAuth 2.0 Client record. This is done using the equivalent of an object replace.

type Storer 

type Storer interface {
	fosite.Storage

	GetConcreteClient(id string) (*Client, error)
	GetClients() (map[string]Client, error)
	CreateClient(c *Client) error
	UpdateClient(c *Client) error
	DeleteClient(id string) error
}

Storer conforms to fosite.Storage and provides methods

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.