auth

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 22, 2021 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var GetPermissions = func(visas Visas) []string {
	log.Debug("parsing permissions from visas")
	var datasets []string

	log.Debugf("number of visas to check: %d", len(visas.Visa))

	for _, v := range visas.Visa {

		if checkVisaType(v, "ControlledAccessGrants") {

			verifiedVisa, valid := validateVisa(v)
			if valid {

				datasets = getDatasets(verifiedVisa, datasets)
			}
		}

	}

	log.Debugf("matched datasets: %s", datasets)
	return datasets
}

GetPermissions parses visas and finds matching dataset names from the database, returning a list of matches

View Source 
var GetToken = func(header string) (string, int, error) {
	log.Debug("parsing access token from header")
	if len(header) == 0 {
		log.Debug("authorization check failed")
		return "", 401, errors.New("access token must be provided")
	}

	headerParts := strings.Split(header, " ")
	if headerParts[0] != "Bearer" {
		log.Debug("authorization check failed")
		return "", 400, errors.New("authorization scheme must be bearer")
	}

	// Check that header contains a token string
	var token string
	if len(headerParts) == 2 {
		token = headerParts[1]
	} else {
		log.Debug("authorization check failed")
		return "", 400, errors.New("token string is missing from authorization header")
	}
	log.Debug("access token found")
	return token, 0, nil
}

GetToken parses the token string from header

View Source 
var GetVisas = func(o OIDCDetails, token string) (*Visas, error) {
	log.Debugf("requesting visas from %s", o.Userinfo)

	headers := map[string]string{}
	headers["Authorization"] = "Bearer " + token

	response, err := request.MakeRequest("GET", o.Userinfo, headers, nil)
	if err != nil {
		log.Errorf("request failed, %s", err)
		return nil, err
	}
	// Parse response
	var v Visas
	err = json.NewDecoder(response.Body).Decode(&v)
	if err != nil {
		log.Errorf("failed to parse JSON response, %s", err)
		return nil, err
	}
	log.Debug("visas received")
	return &v, nil
}

GetVisas requests the list of visas from userinfo endpoint

Functions

func ValidateTrustedIss added in v1.5.0 

func ValidateTrustedIss(iss string, jku string) bool

ValidateTrustedIss opens the file for the iss, jku combination and searches for that combination, only if the file is set. If the file is not set it passes silently

func VerifyJWT 

func VerifyJWT(o OIDCDetails, token string) (jwt.Token, error)

VerifyJWT verifies the token signature

Types

type JKU 

type JKU struct {
	URL string `json:"jku"`
}

type OIDCDetails 

type OIDCDetails struct {
	Userinfo string `json:"userinfo_endpoint"`
	JWK      string `json:"jwks_uri"`
}

OIDCDetails is used to draw the response bytes to a struct 

var Details OIDCDetails

Details stores an OIDCDetails struct

func GetOIDCDetails 

func GetOIDCDetails(url string) (OIDCDetails, error)

GetOIDCDetails requests OIDC configuration information

type Visa 

type Visa struct {
	Type    string `json:"type"`
	Dataset string `json:"value"`
}

Visa is used to draw the dataset name out of the visa

type Visas 

type Visas struct {
	Visa []string `json:"ga4gh_passport_v1"`
}

Visas is used to draw the response bytes to a struct

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.