GO-2022-0786: Authentication Bypass in hydra in github.com/ory/hydra

The highest tagged major version is v2.

internal

package

v0.4.2-alpha.2 Latest Latest Go to latest Published: Sep 1, 2016 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ory/hydra

Documentation ¶

Index ¶

func NewFirewall(issuer string, subject string, scopes fosite.Arguments, p ...ladon.Policy) (firewall.Firewall, *http.Client)
type FositeMemoryStore
type FositeRehinkDBStore
type RDBItems
type RdbSchema

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewFirewall ¶ added in v0.2.0

func NewFirewall(issuer string, subject string, scopes fosite.Arguments, p ...ladon.Policy) (firewall.Firewall, *http.Client)

Types ¶

type FositeMemoryStore ¶ added in v0.2.0

type FositeMemoryStore struct {
	client.Manager

	AuthorizeCodes map[string]fosite.Requester
	IDSessions     map[string]fosite.Requester
	AccessTokens   map[string]fosite.Requester
	Implicit       map[string]fosite.Requester
	RefreshTokens  map[string]fosite.Requester

	sync.RWMutex
}

func (*FositeMemoryStore) CreateAccessTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) CreateAccessTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*FositeMemoryStore) CreateAuthorizeCodeSession ¶ added in v0.2.0

func (s *FositeMemoryStore) CreateAuthorizeCodeSession(_ context.Context, code string, req fosite.Requester) error

func (*FositeMemoryStore) CreateImplicitAccessTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) CreateImplicitAccessTokenSession(_ context.Context, code string, req fosite.Requester) error

func (*FositeMemoryStore) CreateOpenIDConnectSession ¶ added in v0.2.0

func (s *FositeMemoryStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error

func (*FositeMemoryStore) CreateRefreshTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) CreateRefreshTokenSession(_ context.Context, signature string, req fosite.Requester) error

func (*FositeMemoryStore) DeleteAccessTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*FositeMemoryStore) DeleteAuthorizeCodeSession ¶ added in v0.2.0

func (s *FositeMemoryStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error

func (*FositeMemoryStore) DeleteOpenIDConnectSession ¶ added in v0.2.0

func (s *FositeMemoryStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

func (*FositeMemoryStore) DeleteRefreshTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*FositeMemoryStore) GetAccessTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) GetAccessTokenSession(_ context.Context, signature string, _ interface{}) (fosite.Requester, error)

func (*FositeMemoryStore) GetAuthorizeCodeSession ¶ added in v0.2.0

func (s *FositeMemoryStore) GetAuthorizeCodeSession(_ context.Context, code string, _ interface{}) (fosite.Requester, error)

func (*FositeMemoryStore) GetOpenIDConnectSession ¶ added in v0.2.0

func (s *FositeMemoryStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)

func (*FositeMemoryStore) GetRefreshTokenSession ¶ added in v0.2.0

func (s *FositeMemoryStore) GetRefreshTokenSession(_ context.Context, signature string, _ interface{}) (fosite.Requester, error)

func (*FositeMemoryStore) PersistAuthorizeCodeGrantSession ¶ added in v0.2.0

func (s *FositeMemoryStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeMemoryStore) PersistRefreshTokenGrantSession ¶ added in v0.2.0

func (s *FositeMemoryStore) PersistRefreshTokenGrantSession(ctx context.Context, originalRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error

type FositeRehinkDBStore ¶ added in v0.2.0

type FositeRehinkDBStore struct {
	Session *r.Session
	sync.RWMutex

	AuthorizeCodesTable r.Term
	IDSessionsTable     r.Term
	AccessTokensTable   r.Term
	ImplicitTable       r.Term
	RefreshTokensTable  r.Term
	ClientsTable        r.Term

	client.Manager

	AuthorizeCodes RDBItems
	IDSessions     RDBItems
	AccessTokens   RDBItems
	Implicit       RDBItems
	RefreshTokens  RDBItems
}

func (*FositeRehinkDBStore) ColdStart ¶ added in v0.2.0

func (m *FositeRehinkDBStore) ColdStart() error

func (*FositeRehinkDBStore) CreateAccessTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) CreateAccessTokenSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeRehinkDBStore) CreateAuthorizeCodeSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) CreateAuthorizeCodeSession(_ context.Context, code string, requester fosite.Requester) error

func (*FositeRehinkDBStore) CreateImplicitAccessTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) CreateImplicitAccessTokenSession(_ context.Context, code string, req fosite.Requester) error

func (*FositeRehinkDBStore) CreateOpenIDConnectSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) CreateOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) error

func (*FositeRehinkDBStore) CreateRefreshTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) CreateRefreshTokenSession(_ context.Context, signature string, requester fosite.Requester) error

func (*FositeRehinkDBStore) DeleteAccessTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) DeleteAccessTokenSession(_ context.Context, signature string) error

func (*FositeRehinkDBStore) DeleteAuthorizeCodeSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) DeleteAuthorizeCodeSession(_ context.Context, code string) error

func (*FositeRehinkDBStore) DeleteOpenIDConnectSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) DeleteOpenIDConnectSession(_ context.Context, authorizeCode string) error

func (*FositeRehinkDBStore) DeleteRefreshTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) DeleteRefreshTokenSession(_ context.Context, signature string) error

func (*FositeRehinkDBStore) GetAccessTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) GetAccessTokenSession(_ context.Context, signature string, sess interface{}) (fosite.Requester, error)

func (*FositeRehinkDBStore) GetAuthorizeCodeSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) GetAuthorizeCodeSession(_ context.Context, code string, sess interface{}) (fosite.Requester, error)

func (*FositeRehinkDBStore) GetOpenIDConnectSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) GetOpenIDConnectSession(_ context.Context, authorizeCode string, requester fosite.Requester) (fosite.Requester, error)

func (*FositeRehinkDBStore) GetRefreshTokenSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) GetRefreshTokenSession(_ context.Context, signature string, sess interface{}) (fosite.Requester, error)

func (*FositeRehinkDBStore) PersistAuthorizeCodeGrantSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) PersistAuthorizeCodeGrantSession(ctx context.Context, authorizeCode, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeRehinkDBStore) PersistRefreshTokenGrantSession ¶ added in v0.2.0

func (s *FositeRehinkDBStore) PersistRefreshTokenGrantSession(ctx context.Context, originalRefreshSignature, accessSignature, refreshSignature string, request fosite.Requester) error

func (*FositeRehinkDBStore) Watch ¶ added in v0.2.0

func (m *FositeRehinkDBStore) Watch(ctx context.Context)

type RDBItems ¶ added in v0.2.0

type RDBItems map[string]*RdbSchema

type RdbSchema ¶ added in v0.2.0

type RdbSchema struct {
	ID            string           `json:"id" gorethink:"id"`
	RequestedAt   time.Time        `json:"requestedAt" gorethink:"requestedAt"`
	Client        *client.Client   `json:"client" gorethink:"client"`
	Scopes        fosite.Arguments `json:"scopes" gorethink:"scopes"`
	GrantedScopes fosite.Arguments `json:"grantedScopes" gorethink:"grantedScopes"`
	Form          url.Values       `json:"form" gorethink:"form"`
	Session       json.RawMessage  `json:"session" gorethink:"session"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL