Documentation ¶
Index ¶
- Constants
- func TestPool(p Pool) func(t *testing.T)
- type Configuration
- type CredentialIdentifier
- type CredentialIdentifierCollection
- type Credentials
- type CredentialsCollection
- type CredentialsType
- type CredentialsTypeTable
- type Handler
- type HandlerProvider
- type Identity
- func (i *Identity) CopyCredentials() map[CredentialsType]Credentials
- func (i *Identity) CopyWithoutCredentials() *Identity
- func (i *Identity) CredentialsEqual(c map[CredentialsType]Credentials) bool
- func (i *Identity) GetCredentials(t CredentialsType) (*Credentials, bool)
- func (i *Identity) SetCredentials(t CredentialsType, c Credentials)
- func (i Identity) TableName() string
- type Pool
- type PoolProvider
- type Registry
- type Traits
- type ValidationExtender
- type ValidationExtensionIdentifier
- type ValidationProvider
- type Validator
Constants ¶
View Source
const IdentitiesPath = "/identities"
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Configuration ¶
type CredentialIdentifier ¶
type CredentialIdentifier struct { ID uuid.UUID `db:"id"` Identifier string `db:"identifier"` // IdentityCredentialsID is a helper struct field for gobuffalo.pop. IdentityCredentialsID uuid.UUID `json:"-" db:"identity_credential_id"` // CreatedAt is a helper struct field for gobuffalo.pop. CreatedAt time.Time `json:"-" db:"created_at"` // UpdatedAt is a helper struct field for gobuffalo.pop. UpdatedAt time.Time `json:"-" db:"updated_at"` }
swagger:ignore
func (CredentialIdentifier) TableName ¶
func (c CredentialIdentifier) TableName() string
type CredentialIdentifierCollection ¶
type CredentialIdentifierCollection []CredentialIdentifier
swagger:ignore
func (CredentialIdentifierCollection) TableName ¶
func (c CredentialIdentifierCollection) TableName() string
type Credentials ¶
type Credentials struct { ID uuid.UUID `json:"-" db:"id"` CredentialTypeID uuid.UUID `json:"-" db:"identity_credential_type_id"` // Type discriminates between different types of credentials. Type CredentialsType `json:"type" db:"-"` // Identifiers represents a list of unique identifiers this credential type matches. Identifiers []string `json:"identifiers" db:"-"` // Config contains the concrete credential payload. This might contain the bcrypt-hashed password, or the email // for passwordless authentication. Config json.RawMessage `json:"config" db:"config"` IdentityID uuid.UUID `json:"-" faker:"-" db:"identity_id"` CredentialIdentifierCollection CredentialIdentifierCollection `json:"-" faker:"-" has_many:"identity_credential_identifiers" fk_id:"identity_credential_id"` // CreatedAt is a helper struct field for gobuffalo.pop. CreatedAt time.Time `json:"-" db:"created_at"` // UpdatedAt is a helper struct field for gobuffalo.pop. UpdatedAt time.Time `json:"-" db:"updated_at"` }
Credentials represents a specific credential type
swagger:model identityCredentials
func (Credentials) TableName ¶
func (c Credentials) TableName() string
type CredentialsCollection ¶
type CredentialsCollection []Credentials
swagger:ignore
func (CredentialsCollection) TableName ¶
func (c CredentialsCollection) TableName() string
type CredentialsType ¶
type CredentialsType string
CredentialsType represents several different credential types, like password credentials, passwordless credentials, and so on.
const ( CredentialsTypePassword CredentialsType = "password" CredentialsTypeOIDC CredentialsType = "oidc" )
type CredentialsTypeTable ¶
type CredentialsTypeTable struct { ID uuid.UUID `json:"-" db:"id"` Name CredentialsType `json:"-" db:"name"` }
swagger:ignore
func (CredentialsTypeTable) TableName ¶
func (c CredentialsTypeTable) TableName() string
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
func NewHandler ¶
func NewHandler( c Configuration, r handlerDependencies, ) *Handler
func (*Handler) RegisterAdminRoutes ¶
func (h *Handler) RegisterAdminRoutes(admin *x.RouterAdmin)
type HandlerProvider ¶
type HandlerProvider interface {
IdentityHandler() *Handler
}
type Identity ¶
type Identity struct { // ID is a unique identifier chosen by you. It can be a URN (e.g. "arn:aws:iam::123456789012"), // a stringified integer (e.g. "123456789012"), a uuid (e.g. "9f425a8d-7efc-4768-8f23-7647a74fdf13"). It is up to you // to pick a format you'd like. It is discouraged to use a personally identifiable value here, like the username // or the email, as this field is immutable. // // required: true ID uuid.UUID `json:"id" faker:"uuid" db:"id" rw:"r"` // Credentials represents all credentials that can be used for authenticating this identity. Credentials map[CredentialsType]Credentials `json:"-" faker:"-" db:"-"` // TraitsSchemaID is the ID of the JSON Schema to be used for validating the identity's traits. TraitsSchemaID string `json:"traits_schema_id" faker:"-" db:"traits_schema_id"` // TraitsSchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from. // // format: url TraitsSchemaURL string `json:"traits_schema_url" faker:"-" db:"-"` // Traits represent an identity's traits. The identity is able to create, modify, and delete traits // in a self-service manner. The input will always be validated against the JSON Schema defined // in `traits_schema_url`. // // required: true Traits Traits `json:"traits" form:"traits" faker:"-" db:"traits"` // CredentialsCollection is a helper struct field for gobuffalo.pop. CredentialsCollection CredentialsCollection `json:"-" faker:"-" has_many:"identity_credentials" fk_id:"identity_id"` // CreatedAt is a helper struct field for gobuffalo.pop. CreatedAt time.Time `json:"-" db:"created_at"` // UpdatedAt is a helper struct field for gobuffalo.pop. UpdatedAt time.Time `json:"-" db:"updated_at"` // contains filtered or unexported fields }
Identity represents an ORY Kratos identity
An identity can be a real human, a service, an IoT device - everything that can be described as an "actor" in a system.
swagger:model identity
func NewIdentity ¶
func (*Identity) CopyCredentials ¶
func (i *Identity) CopyCredentials() map[CredentialsType]Credentials
func (*Identity) CopyWithoutCredentials ¶
func (*Identity) CredentialsEqual ¶
func (i *Identity) CredentialsEqual(c map[CredentialsType]Credentials) bool
func (*Identity) GetCredentials ¶
func (i *Identity) GetCredentials(t CredentialsType) (*Credentials, bool)
func (*Identity) SetCredentials ¶
func (i *Identity) SetCredentials(t CredentialsType, c Credentials)
type Pool ¶
type Pool interface { // FindByCredentialsIdentifier returns an identity by querying for it's credential identifiers. FindByCredentialsIdentifier(ctx context.Context, ct CredentialsType, match string) (*Identity, *Credentials, error) // Create creates an identity. It is capable of setting credentials without encoding. Will return an error // if identity exists, backend connectivity is broken, or trait validation fails. CreateIdentity(context.Context, *Identity) error ListIdentities(ctx context.Context, limit, offset int) ([]Identity, error) // UpdateIdentityConfidential updates an identities confidential data. It is capable of setting credentials without encoding. Will return an error // if identity exists, backend connectivity is broken, or trait validation fails. // // Because this will overwrite credentials you always need to update the identity using `GetClassified`. UpdateIdentityConfidential(context.Context, *Identity) error // Update updates an identity excluding its confidential data. It is capable of setting credentials without encoding. Will return an error // if identity exists, backend connectivity is broken, or trait validation fails. // // This update procedure works well with `Get`. UpdateIdentity(context.Context, *Identity) error // Delete removes an identity by its id. Will return an error // if identity exists, backend connectivity is broken, or trait validation fails. DeleteIdentity(context.Context, uuid.UUID) error // Get returns an identity by its id. Will return an error if the identity does not exist or backend // connectivity is broken. GetIdentity(context.Context, uuid.UUID) (*Identity, error) // GetClassified returns the identity including it's raw credentials. This should only be used internally. GetIdentityConfidential(context.Context, uuid.UUID) (*Identity, error) }
type PoolProvider ¶
type PoolProvider interface {
IdentityPool() Pool
}
type Traits ¶
type Traits json.RawMessage
func (Traits) MarshalJSON ¶
MarshalJSON returns m as the JSON encoding of m.
func (*Traits) UnmarshalJSON ¶
UnmarshalJSON sets *m to a copy of data.
type ValidationExtender ¶
type ValidationExtender interface { WithIdentity(*Identity) ValidationExtender schema.ValidationExtender }
type ValidationExtensionIdentifier ¶
type ValidationExtensionIdentifier struct {
// contains filtered or unexported fields
}
func NewValidationExtensionIdentifier ¶
func NewValidationExtensionIdentifier() *ValidationExtensionIdentifier
func (*ValidationExtensionIdentifier) Call ¶
func (e *ValidationExtensionIdentifier) Call(value interface{}, config *schema.Extension, context *gojsonschema.JsonContext) error
func (*ValidationExtensionIdentifier) WithIdentity ¶
func (e *ValidationExtensionIdentifier) WithIdentity(i *Identity) ValidationExtender
type ValidationProvider ¶
type ValidationProvider interface {
IdentityValidator() *Validator
}
Click to show internal directories.
Click to hide internal directories.