identity

package
v0.1.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 3, 2020 License: Apache-2.0 Imports: 27 Imported by: 1

Documentation

Index

Constants

View Source
const IdentitiesPath = "/identities"

Variables

This section is empty.

Functions

func TestPool

func TestPool(p Pool) func(t *testing.T)

Types

type Configuration

type Configuration interface {
	SelfAdminURL() *url.URL
	DefaultIdentityTraitsSchemaURL() *url.URL
}

type CredentialIdentifier

type CredentialIdentifier struct {
	ID         uuid.UUID `db:"id"`
	Identifier string    `db:"identifier"`
	// IdentityCredentialsID is a helper struct field for gobuffalo.pop.
	IdentityCredentialsID uuid.UUID `json:"-" db:"identity_credential_id"`
	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" db:"updated_at"`
}

swagger:ignore

func (CredentialIdentifier) TableName

func (c CredentialIdentifier) TableName() string

type CredentialIdentifierCollection

type CredentialIdentifierCollection []CredentialIdentifier

swagger:ignore

func (CredentialIdentifierCollection) TableName

func (c CredentialIdentifierCollection) TableName() string

type Credentials

type Credentials struct {
	ID uuid.UUID `json:"-" db:"id"`

	CredentialTypeID uuid.UUID `json:"-" db:"identity_credential_type_id"`

	// Type discriminates between different types of credentials.
	Type CredentialsType `json:"type" db:"-"`

	// Identifiers represents a list of unique identifiers this credential type matches.
	Identifiers []string `json:"identifiers" db:"-"`

	// Config contains the concrete credential payload. This might contain the bcrypt-hashed password, or the email
	// for passwordless authentication.
	Config json.RawMessage `json:"config" db:"config"`

	IdentityID                     uuid.UUID                      `json:"-" faker:"-" db:"identity_id"`
	CredentialIdentifierCollection CredentialIdentifierCollection `json:"-" faker:"-" has_many:"identity_credential_identifiers" fk_id:"identity_credential_id"`
	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" db:"updated_at"`
}

Credentials represents a specific credential type

swagger:model identityCredentials

func (Credentials) TableName

func (c Credentials) TableName() string

type CredentialsCollection

type CredentialsCollection []Credentials

swagger:ignore

func (CredentialsCollection) TableName

func (c CredentialsCollection) TableName() string

type CredentialsType

type CredentialsType string

CredentialsType represents several different credential types, like password credentials, passwordless credentials, and so on.

const (
	CredentialsTypePassword CredentialsType = "password"
	CredentialsTypeOIDC     CredentialsType = "oidc"
)

type CredentialsTypeTable

type CredentialsTypeTable struct {
	ID   uuid.UUID       `json:"-" db:"id"`
	Name CredentialsType `json:"-" db:"name"`
}

swagger:ignore

func (CredentialsTypeTable) TableName

func (c CredentialsTypeTable) TableName() string

type Handler

type Handler struct {
	// contains filtered or unexported fields
}

func NewHandler

func NewHandler(
	c Configuration,
	r handlerDependencies,
) *Handler

func (*Handler) RegisterAdminRoutes

func (h *Handler) RegisterAdminRoutes(admin *x.RouterAdmin)

type HandlerProvider

type HandlerProvider interface {
	IdentityHandler() *Handler
}

type Identity

type Identity struct {

	// ID is a unique identifier chosen by you. It can be a URN (e.g. "arn:aws:iam::123456789012"),
	// a stringified integer (e.g. "123456789012"), a uuid (e.g. "9f425a8d-7efc-4768-8f23-7647a74fdf13"). It is up to you
	// to pick a format you'd like. It is discouraged to use a personally identifiable value here, like the username
	// or the email, as this field is immutable.
	//
	// required: true
	ID uuid.UUID `json:"id" faker:"uuid" db:"id" rw:"r"`

	// Credentials represents all credentials that can be used for authenticating this identity.
	Credentials map[CredentialsType]Credentials `json:"-" faker:"-" db:"-"`

	// TraitsSchemaID is the ID of the JSON Schema to be used for validating the identity's traits.
	TraitsSchemaID string `json:"traits_schema_id" faker:"-" db:"traits_schema_id"`

	// TraitsSchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.
	//
	// format: url
	TraitsSchemaURL string `json:"traits_schema_url" faker:"-" db:"-"`

	// Traits represent an identity's traits. The identity is able to create, modify, and delete traits
	// in a self-service manner. The input will always be validated against the JSON Schema defined
	// in `traits_schema_url`.
	//
	// required: true
	Traits Traits `json:"traits" form:"traits" faker:"-" db:"traits"`

	// CredentialsCollection is a helper struct field for gobuffalo.pop.
	CredentialsCollection CredentialsCollection `json:"-" faker:"-" has_many:"identity_credentials" fk_id:"identity_id"`
	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" db:"updated_at"`
	// contains filtered or unexported fields
}

Identity represents an ORY Kratos identity

An identity can be a real human, a service, an IoT device - everything that can be described as an "actor" in a system.

swagger:model identity

func NewIdentity

func NewIdentity(traitsSchemaID string) *Identity

func (*Identity) CopyCredentials

func (i *Identity) CopyCredentials() map[CredentialsType]Credentials

func (*Identity) CopyWithoutCredentials

func (i *Identity) CopyWithoutCredentials() *Identity

func (*Identity) CredentialsEqual

func (i *Identity) CredentialsEqual(c map[CredentialsType]Credentials) bool

func (*Identity) GetCredentials

func (i *Identity) GetCredentials(t CredentialsType) (*Credentials, bool)

func (*Identity) SetCredentials

func (i *Identity) SetCredentials(t CredentialsType, c Credentials)

func (Identity) TableName

func (i Identity) TableName() string

type Pool

type Pool interface {
	// FindByCredentialsIdentifier returns an identity by querying for it's credential identifiers.
	FindByCredentialsIdentifier(ctx context.Context, ct CredentialsType, match string) (*Identity, *Credentials, error)

	// Create creates an identity. It is capable of setting credentials without encoding. Will return an error
	// if identity exists, backend connectivity is broken, or trait validation fails.
	CreateIdentity(context.Context, *Identity) error

	ListIdentities(ctx context.Context, limit, offset int) ([]Identity, error)

	// UpdateIdentityConfidential updates an identities confidential data. It is capable of setting credentials without encoding. Will return an error
	// if identity exists, backend connectivity is broken, or trait validation fails.
	//
	// Because this will overwrite credentials you always need to update the identity using `GetClassified`.
	UpdateIdentityConfidential(context.Context, *Identity) error

	// Update updates an identity excluding its confidential data. It is capable of setting credentials without encoding. Will return an error
	// if identity exists, backend connectivity is broken, or trait validation fails.
	//
	// This update procedure works well with `Get`.
	UpdateIdentity(context.Context, *Identity) error

	// Delete removes an identity by its id. Will return an error
	// if identity exists, backend connectivity is broken, or trait validation fails.
	DeleteIdentity(context.Context, uuid.UUID) error

	// Get returns an identity by its id. Will return an error if the identity does not exist or backend
	// connectivity is broken.
	GetIdentity(context.Context, uuid.UUID) (*Identity, error)

	// GetClassified returns the identity including it's raw credentials. This should only be used internally.
	GetIdentityConfidential(context.Context, uuid.UUID) (*Identity, error)
}

type PoolProvider

type PoolProvider interface {
	IdentityPool() Pool
}

type Registry

type Registry interface {
	IdentityPool() Pool
}

type Traits

type Traits json.RawMessage

func (Traits) MarshalJSON

func (t Traits) MarshalJSON() ([]byte, error)

MarshalJSON returns m as the JSON encoding of m.

func (*Traits) Scan

func (t *Traits) Scan(value interface{}) error

func (*Traits) UnmarshalJSON

func (t *Traits) UnmarshalJSON(data []byte) error

UnmarshalJSON sets *m to a copy of data.

func (*Traits) Value

func (t *Traits) Value() (driver.Value, error)

type ValidationExtender

type ValidationExtender interface {
	WithIdentity(*Identity) ValidationExtender
	schema.ValidationExtender
}

type ValidationExtensionIdentifier

type ValidationExtensionIdentifier struct {
	// contains filtered or unexported fields
}

func NewValidationExtensionIdentifier

func NewValidationExtensionIdentifier() *ValidationExtensionIdentifier

func (*ValidationExtensionIdentifier) Call

func (e *ValidationExtensionIdentifier) Call(value interface{}, config *schema.Extension, context *gojsonschema.JsonContext) error

func (*ValidationExtensionIdentifier) WithIdentity

type ValidationProvider

type ValidationProvider interface {
	IdentityValidator() *Validator
}

type Validator

type Validator struct {
	// contains filtered or unexported fields
}

func NewValidator

func NewValidator(d validatorDependencies) *Validator

func (*Validator) Validate

func (v *Validator) Validate(i *Identity) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL