auth

package
v1.10.57 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2024 License: AGPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var GetPermissions = func(visas Visas) []string {
	log.Debug("parsing permissions from visas")
	datasets := []string{}

	log.Debugf("number of visas to check: %d", len(visas.Visa))

	for _, v := range visas.Visa {

		if checkVisaType(v, "ControlledAccessGrants") {

			verifiedVisa, valid := validateVisa(v)
			if valid {

				datasets = getDatasets(verifiedVisa, datasets)
			}
		}

	}

	log.Debugf("matched datasets: %s", datasets)

	return datasets
}

GetPermissions parses visas and finds matching dataset names from the database, returning a list of matches

View Source 
var GetToken = func(headers http.Header) (string, int, error) {
	log.Debug("parsing access token from header")

	header := headers.Get("X-Amz-Security-Token")
	if len(header) != 0 {
		return header, 0, nil
	}

	header = headers.Get("Authorization")
	if len(header) == 0 {
		log.Debug("authorization check failed")

		return "", 401, errors.New("access token must be provided")
	}

	headerParts := strings.Split(header, " ")
	if headerParts[0] != "Bearer" {
		log.Debug("authorization check failed")

		return "", 400, errors.New("authorization scheme must be bearer")
	}

	// Check that header contains a token string
	var token string
	if len(headerParts) == 2 {
		token = headerParts[1]
	} else {
		log.Debug("authorization check failed")

		return "", 400, errors.New("token string is missing from authorization header")
	}
	log.Debug("access token found")

	return token, 0, nil
}

GetToken parses the token string from a `http.Header`. The token string can come with either the S3 "X-Amz-Security-Token" header or the "Authorization" header. The "X-Amz-Security-Token" header is checked first, since it requires less formatting.

View Source 
var GetVisas = func(o OIDCDetails, token string) (*Visas, error) {
	log.Debugf("requesting visas from %s", o.Userinfo)

	headers := map[string]string{}
	headers["Authorization"] = "Bearer " + token

	response, err := request.MakeRequest("GET", o.Userinfo, headers, nil)
	if err != nil {
		log.Errorf("request failed, %s", err)

		return nil, err
	}
	// Parse response
	var v Visas
	err = json.NewDecoder(response.Body).Decode(&v)
	if err != nil {
		log.Errorf("failed to parse JSON response, %s", err)

		return nil, err
	}
	log.Debug("visas received")

	return &v, nil
}

GetVisas requests the list of visas from userinfo endpoint

Functions

func VerifyJWT 

func VerifyJWT(o OIDCDetails, token string) (jwt.Token, error)

VerifyJWT verifies the token signature

Types

type JKU 

type JKU struct {
	URL string `json:"jku"`
}

type OIDCDetails 

type OIDCDetails struct {
	Userinfo string `json:"userinfo_endpoint"`
	JWK      string `json:"jwks_uri"`
}

OIDCDetails is used to draw the response bytes to a struct 

var Details OIDCDetails

Details stores an OIDCDetails struct

func GetOIDCDetails 

func GetOIDCDetails(url string) (OIDCDetails, error)

GetOIDCDetails requests OIDC configuration information

type Visa 

type Visa struct {
	Type    string `json:"type"`
	Dataset string `json:"value"`
}

Visa is used to draw the dataset name out of the visa

type Visas 

type Visas struct {
	Visa []string `json:"ga4gh_passport_v1"`
}

Visas is used to draw the response bytes to a struct

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.