Documentation
¶
Index ¶
- Variables
- func AppendFlowTo(src *url.URL, id uuid.UUID) *url.URL
- func EnsureCSRF(reg interface{ ... }, r *http.Request, flowType Type, ...) error
- func GetCSRFToken(reg interface{ ... }, w http.ResponseWriter, r *http.Request, p Type) string
- func GetFlowID(r *http.Request) (uuid.UUID, error)
- func MethodEnabledAndAllowed(ctx context.Context, expected, actual string, d interface{ ... }) error
- func MethodEnabledAndAllowedFromRequest(r *http.Request, expected string, d interface{ ... }) error
- func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string
- type BrowserLocationChangeRequiredError
- type ExpiredError
- type Flow
- type MethodConfigurator
- type Type
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrStrategyNotResponsible = errors.New("strategy is not responsible for this request") ErrCompletedByStrategy = errors.New("flow response completed by strategy") ErrStrategyAsksToReturnToUI = errors.New("flow strategy is redirecting to the ui") )
View Source
var ErrCookieHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
WithReasonf(`The HTTP Request Header included the "Cookie" key, indicating that this request was made by a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
View Source
var ErrOriginHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
WithReasonf(`The HTTP Request Header included the "Origin" key, indicating that this request was made as part of an AJAX request in a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
Functions ¶
func EnsureCSRF ¶
func GetCSRFToken ¶
func GetCSRFToken(reg interface {
x.CSRFProvider
x.CSRFTokenGeneratorProvider
}, w http.ResponseWriter, r *http.Request, p Type) string
func MethodEnabledAndAllowed ¶
func PrefixInternalContextKey ¶
func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string
Types ¶
type BrowserLocationChangeRequiredError ¶
type BrowserLocationChangeRequiredError struct {
*herodot.DefaultError `json:"error"`
// Since when the flow has expired
RedirectBrowserTo string `json:"redirect_browser_to"`
}
Is sent when a flow requires a browser to change its location.
swagger:model selfServiceBrowserLocationChangeRequiredError
func NewBrowserLocationChangeRequiredError ¶
func NewBrowserLocationChangeRequiredError(redirectTo string) *BrowserLocationChangeRequiredError
func (*BrowserLocationChangeRequiredError) EnhanceJSONError ¶
func (e *BrowserLocationChangeRequiredError) EnhanceJSONError() interface{}
type ExpiredError ¶
type ExpiredError struct {
*herodot.DefaultError `json:"error"`
// Since when the flow has expired
Ago time.Duration `json:"since"`
// The flow ID that should be used for the new flow as it contains the correct messages.
FlowID uuid.UUID `json:"use_flow_id"`
// contains filtered or unexported fields
}
Is sent when a flow is expired
swagger:model selfServiceFlowExpiredError
func NewFlowExpiredError ¶
func NewFlowExpiredError(at time.Time) *ExpiredError
func (*ExpiredError) EnhanceJSONError ¶
func (e *ExpiredError) EnhanceJSONError() interface{}
func (*ExpiredError) GetFlow ¶
func (e *ExpiredError) GetFlow() Flow
func (*ExpiredError) WithFlow ¶
func (e *ExpiredError) WithFlow(flow Flow) *ExpiredError
type MethodConfigurator ¶
type MethodConfigurator interface {
container.NodeGetter
container.ErrorParser
// form.NodeSetter
// form.NodeUnsetter
container.ValueSetter
container.Resetter
container.MessageResetter
container.CSRFSetter
container.FieldSorter
}
swagger:ignore
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.