authn

package

v1.4.2 Latest Latest Go to latest Published: Dec 12, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/numaproj/numaflow

Links

Open Source Insights

Documentation ¶

Index ¶

func GetAccounts(ctx context.Context, kubeClient kubernetes.Interface) (map[string]Account, error)
func VerifyInitialPassword(password, hashedPassword string) error
func VerifyPassword(password, hashedPassword string) error
type Account
- func GetAccount(ctx context.Context, name string, kubeClient kubernetes.Interface) (*Account, error)
type Authenticator
type IDTokenClaims
type LoginCredentials
type UserInfo
- func NewUserInfo(itc *IDTokenClaims, idToken string, refreshToken string) UserInfo

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetAccounts ¶ added in v1.1.0

func GetAccounts(ctx context.Context, kubeClient kubernetes.Interface) (map[string]Account, error)

GetAccounts returns list of configured accounts

func VerifyInitialPassword ¶ added in v1.1.0

func VerifyInitialPassword(password, hashedPassword string) error

VerifyInitialPassword verifies the initial password for the admin user from the Accounts object

func VerifyPassword ¶ added in v1.1.0

func VerifyPassword(password, hashedPassword string) error

VerifyPassword verifies the password(hashed) for the users from its respective Accounts object

Types ¶

type Account ¶ added in v1.1.0

type Account struct {
	InitialPasswordHash string
	PasswordHash        string
	Enabled             bool
}

Account holds local account information

func GetAccount ¶ added in v1.1.0

func GetAccount(ctx context.Context, name string, kubeClient kubernetes.Interface) (*Account, error)

GetAccount return an account info by the specified name.

type Authenticator ¶

type Authenticator interface {
	// Authenticate is used to validate the user's identity.
	// If the user is authenticated, the function returns user information.
	// Otherwise, empty information with the corresponding error.
	Authenticate(c *gin.Context) (*UserInfo, error)
}

type IDTokenClaims ¶

type IDTokenClaims struct {
	Iss               string   `json:"iss"`
	Sub               string   `json:"sub"`
	Aud               string   `json:"aud"`
	Exp               int      `json:"exp"`
	Iat               int      `json:"iat"`
	AtHash            string   `json:"at_hash"`
	CHash             string   `json:"c_hash"`
	Email             string   `json:"email"`
	EmailVerified     bool     `json:"email_verified"`
	Groups            []string `json:"groups"`
	Name              string   `json:"name"`
	PreferredUsername string   `json:"preferred_username"`
}

IDTokenClaims is the claims extract from the IDToken.

type LoginCredentials ¶ added in v1.1.0

type LoginCredentials struct {
	Username string `json:"username"`
	Password string `json:"password"`
}

LoginCredentials includes the user information It holds the username and password for the user used for local user authentication

type UserInfo ¶

type UserInfo struct {
	IDTokenClaims *IDTokenClaims `json:"id_token_claims,omitempty"`
	IDToken       string         `json:"id_token"`
	RefreshToken  string         `json:"refresh_token"`
}

UserInfo includes information about the user identity It holds the IDTokenClaims, IDToken and RefreshToken for the user

func NewUserInfo ¶

func NewUserInfo(itc *IDTokenClaims, idToken string, refreshToken string) UserInfo

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL