auth

package
v0.5.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 29, 2022 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckCapabilityAndRestriction

func CheckCapabilityAndRestriction(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
	capability api.Capability,
) (*restrictions.Restriction, *model.Response)

CheckCapabilityAndRestriction checks the mytoken.Mytoken's capability and restrictions

func RequireCapability

func RequireCapability(rlog log.Ext1FieldLogger, capability api.Capability, mt *mytoken.Mytoken) *model.Response

RequireCapability checks that the passed mytoken.Mytoken has the required api.Capability and returns an error model.Response if not

func RequireGrantType

func RequireGrantType(rlog log.Ext1FieldLogger, want, got model2.GrantType) *model.Response

RequireGrantType checks that the passed model.GrantType are the same, and returns an error model.Response if not

func RequireMatchingIssuer

func RequireMatchingIssuer(rlog log.Ext1FieldLogger, mtOIDCIssuer string, requestIssuer *string) (
	*config.ProviderConf, *model.Response,
)

RequireMatchingIssuer checks that the OIDC issuer from a mytoken is the same as the issuer string in a request (if given). RequireMatchingIssuer also checks that the issuer is valid for this mytoken instance.

func RequireMytoken

func RequireMytoken(rlog log.Ext1FieldLogger, reqToken *universalmytoken.UniversalMytoken, ctx *fiber.Ctx) (
	*mytoken.Mytoken, *model.Response,
)

RequireMytoken checks the passed universalmytoken.UniversalMytoken and if needed other request parameters like authorization header and cookie value for a mytoken string. The mytoken string is parsed and if not valid an error model.Response is returned.

func RequireMytokenNotRevoked

func RequireMytokenNotRevoked(rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken) *model.Response

RequireMytokenNotRevoked checks that the passed mytoken.Mytoken was not revoked, if it was an error model.Response is returned.

func RequireUsableRestriction

func RequireUsableRestriction(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
	capability api.Capability,
) (*restrictions.Restriction, *model.Response)

RequireUsableRestriction checks that the mytoken.Mytoken's restrictions allow the usage

func RequireUsableRestrictionAT

func RequireUsableRestrictionAT(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
) (*restrictions.Restriction, *model.Response)

RequireUsableRestrictionAT checks that the mytoken.Mytoken's restrictions allow the AT usage

func RequireUsableRestrictionOther

func RequireUsableRestrictionOther(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, mt *mytoken.Mytoken, ip string, scopes, auds []string,
) (*restrictions.Restriction, *model.Response)

RequireUsableRestrictionOther checks that the mytoken.Mytoken's restrictions allow the non-AT usage

func RequireValidMytoken

func RequireValidMytoken(
	rlog log.Ext1FieldLogger, tx *sqlx.Tx, reqToken *universalmytoken.UniversalMytoken, ctx *fiber.Ctx,
) (
	*mytoken.Mytoken, *model.Response,
)

RequireValidMytoken checks the passed universalmytoken.UniversalMytoken and if needed other request parameters like authorization header and cookie value for a mytoken string. The mytoken string is parsed and if not valid an error model.Response is returned. RequireValidMytoken also asserts that the mytoken.Mytoken was not revoked.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL