Documentation ¶
Index ¶
- Variables
- func AppendFlowTo(src *url.URL, id uuid.UUID) *url.URL
- func EnsureCSRF(reg interface{ ... }, r *http.Request, flowType Type, ...) error
- func GetCSRFToken(reg interface{ ... }, w http.ResponseWriter, r *http.Request, p Type) string
- func GetFlowExpiredRedirectURL(config *config.Config, route, returnTo string) *url.URL
- func GetFlowID(r *http.Request) (uuid.UUID, error)
- func MethodEnabledAndAllowed(ctx context.Context, expected, actual string, d interface{ ... }) error
- func MethodEnabledAndAllowedFromRequest(r *http.Request, expected string, d interface{ ... }) error
- func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string
- type BrowserLocationChangeRequiredError
- type ExpiredError
- type Flow
- type MethodConfigurator
- type Type
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrStrategyNotResponsible = errors.New("strategy is not responsible for this request") ErrCompletedByStrategy = errors.New("flow response completed by strategy") ErrStrategyAsksToReturnToUI = errors.New("flow strategy is redirecting to the ui") )
View Source
var ErrCookieHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
WithReasonf(`The HTTP Request Header included the "Cookie" key, indicating that this request was made by a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
View Source
var ErrOriginHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
WithReasonf(`The HTTP Request Header included the "Origin" key, indicating that this request was made as part of an AJAX request in a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
Functions ¶
func EnsureCSRF ¶
func GetCSRFToken ¶
func GetCSRFToken(reg interface { x.CSRFProvider x.CSRFTokenGeneratorProvider }, w http.ResponseWriter, r *http.Request, p Type) string
func MethodEnabledAndAllowed ¶
func PrefixInternalContextKey ¶
func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string
Types ¶
type BrowserLocationChangeRequiredError ¶
type BrowserLocationChangeRequiredError struct { *herodot.DefaultError `json:"error"` // Since when the flow has expired RedirectBrowserTo string `json:"redirect_browser_to"` }
Is sent when a flow requires a browser to change its location.
swagger:model selfServiceBrowserLocationChangeRequiredError
func NewBrowserLocationChangeRequiredError ¶
func NewBrowserLocationChangeRequiredError(redirectTo string) *BrowserLocationChangeRequiredError
func (*BrowserLocationChangeRequiredError) EnhanceJSONError ¶
func (e *BrowserLocationChangeRequiredError) EnhanceJSONError() interface{}
type ExpiredError ¶
type ExpiredError struct { *herodot.DefaultError `json:"error"` // Since when the flow has expired Ago time.Duration `json:"since"` // The flow ID that should be used for the new flow as it contains the correct messages. FlowID uuid.UUID `json:"use_flow_id"` // contains filtered or unexported fields }
Is sent when a flow is expired
swagger:model selfServiceFlowExpiredError
func NewFlowExpiredError ¶
func NewFlowExpiredError(at time.Time) *ExpiredError
func (*ExpiredError) EnhanceJSONError ¶
func (e *ExpiredError) EnhanceJSONError() interface{}
func (*ExpiredError) GetFlow ¶
func (e *ExpiredError) GetFlow() Flow
func (*ExpiredError) WithFlow ¶
func (e *ExpiredError) WithFlow(flow Flow) *ExpiredError
type MethodConfigurator ¶
type MethodConfigurator interface { container.NodeGetter container.ErrorParser // form.NodeSetter // form.NodeUnsetter container.ValueSetter container.Resetter container.MessageResetter container.CSRFSetter container.FieldSorter }
swagger:ignore
Source Files ¶
Click to show internal directories.
Click to hide internal directories.