Documentation ¶
Index ¶
- Constants
- func Connect(cfg *Config) (*mgo.Database, error)
- func ConnectionInfo(cfg *Config) *mgo.DialInfo
- func ContextToMgoSession(ctx context.Context) (sess *mgo.Session, ok bool)
- func MgoSessionToContext(ctx context.Context, session *mgo.Session) context.Context
- func SetDebug(isDebug bool)
- func SetLogger(log *logrus.Logger)
- type CacheManager
- func (c *CacheManager) Configure(ctx context.Context) error
- func (c *CacheManager) Create(ctx context.Context, entityName string, cacheObject storage.SessionCache) (result storage.SessionCache, err error)
- func (c *CacheManager) Delete(ctx context.Context, entityName string, key string) error
- func (c *CacheManager) DeleteByValue(ctx context.Context, entityName string, value string) error
- func (c *CacheManager) Get(ctx context.Context, entityName string, key string) (result storage.SessionCache, err error)
- func (c *CacheManager) Update(ctx context.Context, entityName string, ...) (result storage.SessionCache, err error)
- type ClientManager
- func (c *ClientManager) Authenticate(ctx context.Context, clientID string, secret string) (result storage.Client, err error)
- func (c *ClientManager) AuthenticateMigration(ctx context.Context, currentAuth storage.AuthClientFunc, clientID string, ...) (result storage.Client, err error)
- func (c *ClientManager) Configure(ctx context.Context) error
- func (c *ClientManager) Create(ctx context.Context, client storage.Client) (result storage.Client, err error)
- func (c *ClientManager) Delete(ctx context.Context, clientID string) error
- func (c *ClientManager) Get(ctx context.Context, clientID string) (result storage.Client, err error)
- func (c *ClientManager) GetClient(ctx context.Context, clientID string) (fosite.Client, error)
- func (c *ClientManager) GrantScopes(ctx context.Context, clientID string, scopes []string) (result storage.Client, err error)
- func (c *ClientManager) List(ctx context.Context, filter storage.ListClientsRequest) (results []storage.Client, err error)
- func (c *ClientManager) Migrate(ctx context.Context, migratedClient storage.Client) (result storage.Client, err error)
- func (c *ClientManager) RemoveScopes(ctx context.Context, clientID string, scopes []string) (result storage.Client, err error)
- func (c *ClientManager) Update(ctx context.Context, clientID string, updatedClient storage.Client) (result storage.Client, err error)
- type Config
- type RequestManager
- func (r *RequestManager) Authenticate(ctx context.Context, username string, secret string) error
- func (r *RequestManager) Configure(ctx context.Context) error
- func (r *RequestManager) Create(ctx context.Context, entityName string, request storage.Request) (result storage.Request, err error)
- func (r *RequestManager) CreateAccessTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)
- func (r *RequestManager) CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)
- func (r *RequestManager) CreateOpenIDConnectSession(ctx context.Context, authorizeCode string, request fosite.Requester) error
- func (r *RequestManager) CreatePKCERequestSession(ctx context.Context, signature string, request fosite.Requester) error
- func (r *RequestManager) CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)
- func (r *RequestManager) Delete(ctx context.Context, entityName string, requestID string) error
- func (r *RequestManager) DeleteAccessTokenSession(ctx context.Context, signature string) (err error)
- func (r *RequestManager) DeleteBySignature(ctx context.Context, entityName string, signature string) error
- func (r *RequestManager) DeleteOpenIDConnectSession(ctx context.Context, authorizeCode string) error
- func (r *RequestManager) DeletePKCERequestSession(ctx context.Context, signature string) error
- func (r *RequestManager) DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)
- func (r *RequestManager) Get(ctx context.Context, entityName string, requestID string) (result storage.Request, err error)
- func (r *RequestManager) GetAccessTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (r *RequestManager) GetAuthorizeCodeSession(ctx context.Context, code string, session fosite.Session) (request fosite.Requester, err error)
- func (r *RequestManager) GetBySignature(ctx context.Context, entityName string, signature string) (result storage.Request, err error)
- func (r *RequestManager) GetOpenIDConnectSession(ctx context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)
- func (r *RequestManager) GetPKCERequestSession(ctx context.Context, signature string, session fosite.Session) (fosite.Requester, error)
- func (r *RequestManager) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
- func (r *RequestManager) InvalidateAuthorizeCodeSession(ctx context.Context, code string) (err error)
- func (r *RequestManager) List(ctx context.Context, entityName string, filter storage.ListRequestsRequest) (results []storage.Request, err error)
- func (r *RequestManager) RevokeAccessToken(ctx context.Context, requestID string) error
- func (r *RequestManager) RevokeRefreshToken(ctx context.Context, requestID string) error
- func (r *RequestManager) Update(ctx context.Context, entityName string, requestID string, ...) (result storage.Request, err error)
- type Store
- type UserManager
- func (u *UserManager) Authenticate(ctx context.Context, username string, password string) (result storage.User, err error)
- func (u *UserManager) AuthenticateByID(ctx context.Context, userID string, password string) (result storage.User, err error)
- func (u *UserManager) AuthenticateByUsername(ctx context.Context, username string, password string) (result storage.User, err error)
- func (u *UserManager) AuthenticateMigration(ctx context.Context, currentAuth storage.AuthUserFunc, userID string, ...) (result storage.User, err error)
- func (u *UserManager) Configure(ctx context.Context) error
- func (u *UserManager) Create(ctx context.Context, user storage.User) (result storage.User, err error)
- func (u *UserManager) Delete(ctx context.Context, userID string) error
- func (u *UserManager) Get(ctx context.Context, userID string) (result storage.User, err error)
- func (u *UserManager) GetByUsername(ctx context.Context, username string) (result storage.User, err error)
- func (u *UserManager) GrantScopes(ctx context.Context, userID string, scopes []string) (result storage.User, err error)
- func (u *UserManager) List(ctx context.Context, filter storage.ListUsersRequest) (results []storage.User, err error)
- func (u *UserManager) Migrate(ctx context.Context, migratedUser storage.User) (result storage.User, err error)
- func (u *UserManager) RemoveScopes(ctx context.Context, userID string, scopes []string) (result storage.User, err error)
- func (u *UserManager) Update(ctx context.Context, userID string, updatedUser storage.User) (result storage.User, err error)
Constants ¶
const ( // IdxCacheRequestID provides a mongo index based on request id. IdxCacheRequestID = "idxRequestId" // IdxCacheRequestSignature provides a mongo index based on token // signature. IdxCacheRequestSignature = "idxSignature" // IdxClientID provides a mongo index based on clientId IdxClientID = "idxClientId" // IdxUserID provides a mongo index based on userId IdxUserID = "idxUserId" // IdxUsername provides a mongo index based on username IdxUsername = "idxUsername" // IdxSessionID provides a mongo index based on Session IdxSessionID = "idxSessionId" // IdxSignatureID provides a mongo index based on Signature IdxSignatureID = "idxSignatureId" // IdxCompoundRequester provides a mongo compound index based on Client ID // and User ID for when filtering request records. IdxCompoundRequester = "idxCompoundRequester" )
Variables ¶
This section is empty.
Functions ¶
func ConnectionInfo ¶ added in v0.14.0
ConnectionInfo configures options for establishing a session with a MongoDB cluster.
func ContextToMgoSession ¶ added in v0.14.0
ContextToMgoSession provides a way to obtain a mgo session, if contained within the presented context.
func MgoSessionToContext ¶ added in v0.14.0
MgoSessionToContext provides a way to push a Mgo datastore session into the current session, which can then be passed on to other routes or functions.
Types ¶
type CacheManager ¶ added in v0.14.0
CacheManager provides a cache implementation in MongoDB for auth sessions.
func (*CacheManager) Configure ¶ added in v0.14.0
func (c *CacheManager) Configure(ctx context.Context) error
Configure sets up the Mongo collection for cache resources.
func (*CacheManager) Create ¶ added in v0.14.0
func (c *CacheManager) Create(ctx context.Context, entityName string, cacheObject storage.SessionCache) (result storage.SessionCache, err error)
Create creates a new Cache resource and returns the newly created Cache resource.
func (*CacheManager) DeleteByValue ¶ added in v0.14.0
DeleteByValue deletes a Cache resource by matching on value.
func (*CacheManager) Get ¶ added in v0.14.0
func (c *CacheManager) Get(ctx context.Context, entityName string, key string) (result storage.SessionCache, err error)
Get returns the specified Cache resource.
func (*CacheManager) Update ¶ added in v0.14.0
func (c *CacheManager) Update(ctx context.Context, entityName string, updatedCacheObject storage.SessionCache) (result storage.SessionCache, err error)
Update updates the Cache resource and attributes and returns the updated Cache resource.
type ClientManager ¶ added in v0.14.0
ClientManager provides a fosite storage implementation for Clients.
Implements: - fosite.Storage - fosite.ClientManager - storage.AuthClientMigrator - storage.ClientManager - storage.ClientStorer
func (*ClientManager) Authenticate ¶ added in v0.14.0
func (c *ClientManager) Authenticate(ctx context.Context, clientID string, secret string) (result storage.Client, err error)
Authenticate verifies the identity of a client resource.
func (*ClientManager) AuthenticateMigration ¶ added in v0.14.0
func (c *ClientManager) AuthenticateMigration(ctx context.Context, currentAuth storage.AuthClientFunc, clientID string, secret string) (result storage.Client, err error)
AuthenticateMigration is provided to authenticate clients that have been migrated from an another system that may use a different underlying hashing mechanism. It authenticates a Client first by using the provided AuthClientFunc which, if fails, will otherwise try to authenticate using the configured fosite.hasher.
func (*ClientManager) Configure ¶ added in v0.14.0
func (c *ClientManager) Configure(ctx context.Context) error
Configure sets up the Mongo collection for OAuth 2.0 client resources.
func (*ClientManager) Create ¶ added in v0.14.0
func (c *ClientManager) Create(ctx context.Context, client storage.Client) (result storage.Client, err error)
Create stores a new OAuth2.0 Client resource.
func (*ClientManager) Delete ¶ added in v0.14.0
func (c *ClientManager) Delete(ctx context.Context, clientID string) error
Delete removes an OAuth 2.0 Client resource.
func (*ClientManager) Get ¶ added in v0.14.0
func (c *ClientManager) Get(ctx context.Context, clientID string) (result storage.Client, err error)
Get finds and returns an OAuth 2.0 client resource.
func (*ClientManager) GetClient ¶ added in v0.14.0
GetClient finds and returns an OAuth 2.0 client resource.
GetClient implements: - fosite.Storage - fosite.ClientManager
func (*ClientManager) GrantScopes ¶ added in v0.14.0
func (c *ClientManager) GrantScopes(ctx context.Context, clientID string, scopes []string) (result storage.Client, err error)
GrantScopes grants the provided scopes to the specified Client resource.
func (*ClientManager) List ¶ added in v0.14.0
func (c *ClientManager) List(ctx context.Context, filter storage.ListClientsRequest) (results []storage.Client, err error)
List filters resources to return a list of OAuth 2.0 client resources.
func (*ClientManager) Migrate ¶ added in v0.14.0
func (c *ClientManager) Migrate(ctx context.Context, migratedClient storage.Client) (result storage.Client, err error)
Migrate is provided solely for the case where you want to migrate clients and upgrade their password using the AuthClientMigrator interface. This performs an upsert, either creating or overwriting the record with the newly provided full record. Use with caution, be secure, don't be dumb.
func (*ClientManager) RemoveScopes ¶ added in v0.14.0
func (c *ClientManager) RemoveScopes(ctx context.Context, clientID string, scopes []string) (result storage.Client, err error)
RemoveScopes revokes the provided scopes from the specified Client resource.
type Config ¶ added in v0.14.0
type Config struct { Hostnames []string `default:"localhost" envconfig:"CONNECTIONS_MONGO_HOSTNAMES"` Port uint16 `default:"27017" envconfig:"CONNECTIONS_MONGO_PORT"` AuthDB string `default:"admin" envconfig:"CONNECTIONS_MONGO_AUTHDB"` Username string `default:"" envconfig:"CONNECTIONS_MONGO_USERNAME"` Password string `default:"" envconfig:"CONNECTIONS_MONGO_PASSWORD"` DatabaseName string `default:"" envconfig:"CONNECTIONS_MONGO_NAME"` Replset string `default:"" envconfig:"CONNECTIONS_MONGO_REPLSET"` Timeout uint `default:"10" envconfig:"CONNECTIONS_MONGO_TIMEOUT"` SSL bool `default:"false" envconfig:"CONNECTIONS_MONGO_SSL"` TLSConfig *tls.Config `ignored:"true"` }
Config defines the configuration parameters which are used by GetMongoSession.
func DefaultConfig ¶ added in v0.14.0
func DefaultConfig() *Config
DefaultConfig returns a configuration for a locally hosted, unauthenticated mongo
type RequestManager ¶ added in v0.14.0
type RequestManager struct { // DB contains the Mongo connection that holds the base session that can be // copied and closed. DB *mgo.Database // Cache provides access to Cache entities in order to create, read, // update and delete resources from the caching collection. Cache storage.CacheStorer // Clients provides access to Client entities in order to create, read, // update and delete resources from the clients collection. // A client is required when cross referencing scope access rights. Clients storage.ClientStorer // Users provides access to User entities in order to create, read, update // and delete resources from the user collection. // Users are required when the Password Credentials Grant, is implemented // in order to find and authenticate users. Users storage.UserStorer }
RequestManager manages the main Mongo Session for a Request.
func (*RequestManager) Authenticate ¶ added in v0.14.0
Authenticate confirms whether the specified password matches the stored hashed password within a User resource, found by username.
func (*RequestManager) Configure ¶ added in v0.14.0
func (r *RequestManager) Configure(ctx context.Context) error
Configure implements storage.Configurer.
func (*RequestManager) Create ¶ added in v0.14.0
func (r *RequestManager) Create(ctx context.Context, entityName string, request storage.Request) (result storage.Request, err error)
Create creates the new Request resource and returns the newly created Request resource.
func (*RequestManager) CreateAccessTokenSession ¶ added in v0.14.0
func (r *RequestManager) CreateAccessTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)
CreateAccessTokenSession creates a new session for an Access Token
func (*RequestManager) CreateAuthorizeCodeSession ¶ added in v0.14.0
func (r *RequestManager) CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)
CreateAuthorizeCodeSession stores the authorization request for a given authorization code.
func (*RequestManager) CreateOpenIDConnectSession ¶ added in v0.14.0
func (r *RequestManager) CreateOpenIDConnectSession(ctx context.Context, authorizeCode string, request fosite.Requester) error
CreateOpenIDConnectSession creates an open id connect session resource for a given authorize code. This is relevant for explicit open id connect flow.
func (*RequestManager) CreatePKCERequestSession ¶ added in v0.14.0
func (r *RequestManager) CreatePKCERequestSession(ctx context.Context, signature string, request fosite.Requester) error
CreatePKCERequestSession implements fosite.PKCERequestStorage.
func (*RequestManager) CreateRefreshTokenSession ¶ added in v0.14.0
func (r *RequestManager) CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)
CreateRefreshTokenSession implements fosite.RefreshTokenStorage.
func (*RequestManager) DeleteAccessTokenSession ¶ added in v0.14.0
func (r *RequestManager) DeleteAccessTokenSession(ctx context.Context, signature string) (err error)
DeleteAccessTokenSession removes an Access Token's session
func (*RequestManager) DeleteBySignature ¶ added in v0.14.0
func (r *RequestManager) DeleteBySignature(ctx context.Context, entityName string, signature string) error
DeleteBySignature deletes the specified Cache resource, if the presented signature returns a match.
func (*RequestManager) DeleteOpenIDConnectSession ¶ added in v0.14.0
func (r *RequestManager) DeleteOpenIDConnectSession(ctx context.Context, authorizeCode string) error
DeleteOpenIDConnectSession removes an open id connect session from mongo.
func (*RequestManager) DeletePKCERequestSession ¶ added in v0.14.0
func (r *RequestManager) DeletePKCERequestSession(ctx context.Context, signature string) error
DeletePKCERequestSession implements fosite.PKCERequestStorage.
func (*RequestManager) DeleteRefreshTokenSession ¶ added in v0.14.0
func (r *RequestManager) DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)
DeleteRefreshTokenSession implements fosite.RefreshTokenStorage.
func (*RequestManager) Get ¶ added in v0.14.0
func (r *RequestManager) Get(ctx context.Context, entityName string, requestID string) (result storage.Request, err error)
Get returns the specified Request resource.
func (*RequestManager) GetAccessTokenSession ¶ added in v0.14.0
func (r *RequestManager) GetAccessTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
GetAccessTokenSession returns a session if it can be found by signature
func (*RequestManager) GetAuthorizeCodeSession ¶ added in v0.14.0
func (r *RequestManager) GetAuthorizeCodeSession(ctx context.Context, code string, session fosite.Session) (request fosite.Requester, err error)
GetAuthorizeCodeSession hydrates the session based on the given code and returns the authorization request.
func (*RequestManager) GetBySignature ¶ added in v0.14.0
func (r *RequestManager) GetBySignature(ctx context.Context, entityName string, signature string) (result storage.Request, err error)
GetBySignature returns a Request resource, if the presented signature returns a match.
func (*RequestManager) GetOpenIDConnectSession ¶ added in v0.14.0
func (r *RequestManager) GetOpenIDConnectSession(ctx context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)
GetOpenIDConnectSession gets a session resource based off the Authorize Code and returns a fosite.Requester, or an error.
func (*RequestManager) GetPKCERequestSession ¶ added in v0.14.0
func (r *RequestManager) GetPKCERequestSession(ctx context.Context, signature string, session fosite.Session) (fosite.Requester, error)
GetPKCERequestSession implements fosite.PKCERequestStorage.
func (*RequestManager) GetRefreshTokenSession ¶ added in v0.14.0
func (r *RequestManager) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)
GetRefreshTokenSession implements fosite.RefreshTokenStorage.
func (*RequestManager) InvalidateAuthorizeCodeSession ¶ added in v0.14.0
func (r *RequestManager) InvalidateAuthorizeCodeSession(ctx context.Context, code string) (err error)
InvalidateAuthorizeCodeSession is called when an authorize code is being used. The state of the authorization code should be set to invalid and consecutive requests to GetAuthorizeCodeSession should return the ErrInvalidatedAuthorizeCode error.
func (*RequestManager) List ¶ added in v0.14.0
func (r *RequestManager) List(ctx context.Context, entityName string, filter storage.ListRequestsRequest) (results []storage.Request, err error)
List returns a list of Request resources that match the provided inputs.
func (*RequestManager) RevokeAccessToken ¶ added in v0.14.0
func (r *RequestManager) RevokeAccessToken(ctx context.Context, requestID string) error
RevokeAccessToken finds a token stored in cache based on request ID and deletes the session by signature.
func (*RequestManager) RevokeRefreshToken ¶ added in v0.14.0
func (r *RequestManager) RevokeRefreshToken(ctx context.Context, requestID string) error
RevokeRefreshToken finds a token stored in cache based on request ID and deletes the session by signature.
type Store ¶ added in v0.14.0
type Store struct { // Internals DB *mgo.Database // Public API Hasher fosite.Hasher storage.Store }
Store provides a MongoDB storage driver compatible with fosite's required storage interfaces.
func NewDefaultStore ¶ added in v0.14.0
NewDefaultStore returns a Store configured with the default mongo configuration and default Hasher.
func (*Store) NewSession ¶ added in v0.14.0
NewSession returns a mongo session. Note: The session requires closing manually so no memory leaks occur. This is best achieved by calling `defer session.Close()` straight after obtaining the returned session object.
type UserManager ¶ added in v0.14.0
UserManager provides a mongo backed implementation for user resources.
Implements: - storage.Configurer - storage.AuthUserMigrator - storage.UserStorer - storage.UserManager
func (*UserManager) Authenticate ¶ added in v0.14.0
func (u *UserManager) Authenticate(ctx context.Context, username string, password string) (result storage.User, err error)
Authenticate confirms whether the specified password matches the stored hashed password within the User resource. The User resource returned is matched by username.
func (*UserManager) AuthenticateByID ¶ added in v0.14.0
func (u *UserManager) AuthenticateByID(ctx context.Context, userID string, password string) (result storage.User, err error)
AuthenticateByID confirms whether the specified password matches the stored hashed password within the User resource. The User resource returned is matched by User ID.
func (*UserManager) AuthenticateByUsername ¶ added in v0.14.0
func (u *UserManager) AuthenticateByUsername(ctx context.Context, username string, password string) (result storage.User, err error)
AuthenticateByUsername confirms whether the specified password matches the stored hashed password within the User resource. The User resource returned is matched by username.
func (*UserManager) AuthenticateMigration ¶ added in v0.14.0
func (u *UserManager) AuthenticateMigration(ctx context.Context, currentAuth storage.AuthUserFunc, userID string, password string) (result storage.User, err error)
AuthenticateMigration enables developers to supply your own authentication function, which in turn, if true, will migrate the secret to the Hasher implemented within fosite.
func (*UserManager) Configure ¶ added in v0.14.0
func (u *UserManager) Configure(ctx context.Context) error
Configure implements storage.Configurer.
func (*UserManager) Create ¶ added in v0.14.0
func (u *UserManager) Create(ctx context.Context, user storage.User) (result storage.User, err error)
Create creates a new User resource and returns the newly created User resource.
func (*UserManager) Delete ¶ added in v0.14.0
func (u *UserManager) Delete(ctx context.Context, userID string) error
Delete deletes the specified User resource.
func (*UserManager) GetByUsername ¶ added in v0.14.0
func (u *UserManager) GetByUsername(ctx context.Context, username string) (result storage.User, err error)
GetByUsername returns a user resource if found by username.
func (*UserManager) GrantScopes ¶ added in v0.14.0
func (u *UserManager) GrantScopes(ctx context.Context, userID string, scopes []string) (result storage.User, err error)
GrantScopes grants the provided scopes to the specified User resource.
func (*UserManager) List ¶ added in v0.14.0
func (u *UserManager) List(ctx context.Context, filter storage.ListUsersRequest) (results []storage.User, err error)
List returns a list of User resources that match the provided inputs.
func (*UserManager) Migrate ¶ added in v0.14.0
func (u *UserManager) Migrate(ctx context.Context, migratedUser storage.User) (result storage.User, err error)
Migrate is provided solely for the case where you want to migrate users and upgrade their password using the AuthUserMigrator interface. This performs an upsert, either creating or overwriting the record with the newly provided full record. Use with caution, be secure, don't be dumb.
func (*UserManager) RemoveScopes ¶ added in v0.14.0
func (u *UserManager) RemoveScopes(ctx context.Context, userID string, scopes []string) (result storage.User, err error)
RemoveScopes revokes the provided scopes from the specified User Resource.
Source Files ¶
- cache_manager.go
- client_manager.go
- logging.go
- mongo.go
- mongo_meta.go
- mongo_tracing.go
- request_manager.go
- request_oauth2_access_token_storage.go
- request_oauth2_authorize_code_storage.go
- request_oauth2_client_credentials_grant_storage.go
- request_oauth2_refresh_token_storage.go
- request_oauth2_resource_owner_password_credentials_grant_storage.go
- request_openid_connect_storage.go
- request_pkce_request_session.go
- user_manager.go