auth

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 23, 2022 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckCapabilityAndRestriction 

func CheckCapabilityAndRestriction(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
	capability api.Capability,
) (*restrictions.Restriction, *model.Response)

CheckCapabilityAndRestriction checks the mytoken.Mytoken's capability and restrictions

func RequireCapability 

func RequireCapability(rlog log.Ext1FieldLogger, capability api.Capability, mt *mytoken.Mytoken) *model.Response

RequireCapability checks that the passed mytoken.Mytoken has the required api.Capability and returns an error model.Response if not

func RequireGrantType 

func RequireGrantType(rlog log.Ext1FieldLogger, want, got model2.GrantType) *model.Response

RequireGrantType checks that the passed model.GrantType are the same, and returns an error model.Response if not

func RequireMatchingIssuer 

func RequireMatchingIssuer(rlog log.Ext1FieldLogger, mtOIDCIssuer string, requestIssuer *string) (
	*config.ProviderConf, *model.Response,
)

RequireMatchingIssuer checks that the OIDC issuer from a mytoken is the same as the issuer string in a request (if given). RequireMatchingIssuer also checks that the issuer is valid for this mytoken instance.

func RequireMytoken 

func RequireMytoken(rlog log.Ext1FieldLogger, reqToken *universalmytoken.UniversalMytoken, ctx *fiber.Ctx) (
	*mytoken.Mytoken, *model.Response,
)

RequireMytoken checks the passed universalmytoken.UniversalMytoken and if needed other request parameters like authorization header and cookie value for a mytoken string. The mytoken string is parsed and if not valid an error model.Response is returned.

func RequireMytokenNotRevoked 

func RequireMytokenNotRevoked(rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken) *model.Response

RequireMytokenNotRevoked checks that the passed mytoken.Mytoken was not revoked, if it was an error model.Response is returned.

func RequireUsableRestriction 

func RequireUsableRestriction(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
	capability api.Capability,
) (*restrictions.Restriction, *model.Response)

RequireUsableRestriction checks that the mytoken.Mytoken's restrictions allow the usage

func RequireUsableRestrictionAT 

func RequireUsableRestrictionAT(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
) (*restrictions.Restriction, *model.Response)

RequireUsableRestrictionAT checks that the mytoken.Mytoken's restrictions allow the AT usage

func RequireUsableRestrictionOther 

func RequireUsableRestrictionOther(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
) (*restrictions.Restriction, *model.Response)

RequireUsableRestrictionOther checks that the mytoken.Mytoken's restrictions allow the non-AT usage

func RequireValidMytoken 

func RequireValidMytoken(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, reqToken *universalmytoken.UniversalMytoken, ctx *fiber.Ctx,
) (
	*mytoken.Mytoken, *model.Response,
)

RequireValidMytoken checks the passed universalmytoken.UniversalMytoken and if needed other request parameters like authorization header and cookie value for a mytoken string. The mytoken string is parsed and if not valid an error model.Response is returned. RequireValidMytoken also asserts that the mytoken.Mytoken was not revoked.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.