Documentation ¶
Overview ¶
Package x provides various helpers that do not have an obvious home elsewhere.
The contract implied here, is that:
- Package x does not depend on other parts of kratos
- Packages outside kratos do not depend on x.
Index ¶
- Constants
- Variables
- func AcceptToRedirectOrJSON(w http.ResponseWriter, r *http.Request, writer herodot.Writer, out interface{}, ...)
- func AcceptsJSON(r *http.Request) bool
- func AssertEqualTime(t *testing.T, expected, actual time.Time)
- func CSRFCookieName(reg interface{ ... }, r *http.Request) string
- func CSRFErrorReason(r *http.Request, reg interface{ ... }) error
- func CSRFFailureHandler(reg interface{ ... }) http.HandlerFunc
- func CleanUpTestSMTP()
- func ContentNegotiationRedirection(w http.ResponseWriter, r *http.Request, out interface{}, writer herodot.Writer, ...)
- func DefaultCSRFToken(r *http.Request) string
- func DerefUUID(id *uuid.UUID) uuid.UUID
- func EasyCookieJar(t *testing.T, o *cookiejar.Options) *cookiejar.Jar
- func EasyGet(t *testing.T, c *http.Client, url string) (*http.Response, []byte)
- func EasyGetBody(t *testing.T, c *http.Client, url string) []byte
- func EasyGetJSON(t *testing.T, c *http.Client, url string) (*http.Response, []byte)
- func FakeCSRFTokenGenerator(r *http.Request) string
- func FakeCSRFTokenGeneratorWithToken(token string) func(r *http.Request) string
- func HTTPLoaderContextMiddleware(reg interface{ ... }) negroni.HandlerFunc
- func IsBrowserRequest(r *http.Request) bool
- func IsJSONRequest(r *http.Request) bool
- func IsValidNumber(s string) bool
- func IsZeroUUID(id db.UUID) bool
- func MaxItemsPerPage(is int) int
- func MustEncodeJSON(t *testing.T, in interface{}) string
- func MustReadAll(r io.Reader) []byte
- func NewCSRFHandler(router http.Handler, reg interface{ ... }) *nosurf.CSRFHandler
- func NewStubFS(name string, data []byte) fs.FS
- func NewTestCSRFHandler(router http.Handler, reg interface{ ... }) *nosurf.CSRFHandler
- func NewTestHTTPRequest(t *testing.T, method, url string, body io.Reader) *http.Request
- func NewUUID() db.UUID
- func NoCache(w http.ResponseWriter)
- func NoCacheHandle(handle httprouter.Handle) httprouter.Handle
- func NoCacheHandler(handle http.Handler) http.Handler
- func NoCacheHandlerFunc(handle http.HandlerFunc) http.HandlerFunc
- func NosurfBaseCookieHandler(reg interface{ ... }) func(w http.ResponseWriter, r *http.Request) http.Cookie
- func PaginationHeader(w http.ResponseWriter, u *url.URL, total int64, page, itemsPerPage int)
- func ParsePagination(r *http.Request) (page, itemsPerPage int)
- func ParseUUID(in string) db.UUID
- func PointToUUID(id uuid.UUID) *uuid.UUID
- func RandomDelay(base, deviation time.Duration) time.Duration
- func RecoverStatusCode(err error, fallback int) int
- func RedirectAdminMiddleware(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc)
- func RedirectToAdminRoute(reg config.Provider) httprouter.Handle
- func RedirectToPublicRoute(reg config.Provider) httprouter.Handle
- func RequestURL(r *http.Request) *url.URL
- func RequireEqualTime(t *testing.T, expected, actual time.Time)
- func RequireJSONMarshal(t *testing.T, in interface{}) []byte
- func RunTestSMTP() (smtp, api string, err error)
- func SDKError(err error) error
- func SecureContentNegotiationRedirection(w http.ResponseWriter, r *http.Request, out interface{}, requestURL string, ...) error
- func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)
- func SecureRedirectToIsAllowedHost(returnTo *url.URL, allowed url.URL) bool
- func SessionGetString(r *http.Request, s sessions.StoreExact, id string, key interface{}) (string, error)
- func SessionGetStringOr(r *http.Request, s sessions.StoreExact, id, key, fallback string) string
- func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.StoreExact, id string, ...) error
- func SessionUnset(w http.ResponseWriter, r *http.Request, s sessions.StoreExact, id string) error
- func SessionUnsetKey(w http.ResponseWriter, r *http.Request, s sessions.StoreExact, id, key string) error
- func StructToMap(s interface{}) (map[string]interface{}, error)
- func TraceHandler(h http.Handler) http.Handler
- func TypeMap(m map[string]string) (map[string]interface{}, error)
- func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)
- type CSRFProvider
- type CSRFToken
- type CSRFTokenGeneratorProvider
- type ConvertibleBoolean
- type CookieProvider
- type FakeCSRFHandler
- func (f *FakeCSRFHandler) DisableGlob(s string)
- func (f *FakeCSRFHandler) DisableGlobs(s ...string)
- func (f *FakeCSRFHandler) DisablePath(s string)
- func (f *FakeCSRFHandler) ExemptPath(s string)
- func (f *FakeCSRFHandler) IgnoreGlob(s string)
- func (f *FakeCSRFHandler) IgnoreGlobs(s ...string)
- func (f *FakeCSRFHandler) IgnorePath(s string)
- func (f *FakeCSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string
- func (f *FakeCSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
- type HTTPClientProvider
- type Ider
- type LoggingProvider
- type PaginationParams
- type RouterAdmin
- func (r *RouterAdmin) DELETE(publicPath string, handle httprouter.Handle)
- func (r *RouterAdmin) GET(publicPath string, handle httprouter.Handle)
- func (r *RouterAdmin) HEAD(publicPath string, handle httprouter.Handle)
- func (r *RouterAdmin) Handle(method, publicPath string, handle httprouter.Handle)
- func (r *RouterAdmin) Handler(method, publicPath string, handler http.Handler)
- func (r *RouterAdmin) HandlerFunc(method, publicPath string, handler http.HandlerFunc)
- func (r *RouterAdmin) Lookup(method, publicPath string)
- func (r *RouterAdmin) PATCH(publicPath string, handle httprouter.Handle)
- func (r *RouterAdmin) POST(publicPath string, handle httprouter.Handle)
- func (r *RouterAdmin) PUT(publicPath string, handle httprouter.Handle)
- type RouterPublic
- func (r *RouterPublic) DELETE(path string, handle httprouter.Handle)
- func (r *RouterPublic) GET(path string, handle httprouter.Handle)
- func (r *RouterPublic) HEAD(path string, handle httprouter.Handle)
- func (r *RouterPublic) Handle(method, path string, handle httprouter.Handle)
- func (r *RouterPublic) Handler(method, path string, handler http.Handler)
- func (r *RouterPublic) HandlerFunc(method, path string, handler http.HandlerFunc)
- func (r *RouterPublic) PATCH(path string, handle httprouter.Handle)
- func (r *RouterPublic) POST(path string, handle httprouter.Handle)
- func (r *RouterPublic) PUT(path string, handle httprouter.Handle)
- type SecureRedirectOption
- func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption
- func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption
- func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption
- func SecureRedirectUseSourceURL(source string) SecureRedirectOption
- type SimpleLogger
- type StatusCodeCarrier
- type StubFS
- func (stub *StubFS) Close() error
- func (stub *StubFS) IsDir() bool
- func (stub *StubFS) ModTime() time.Time
- func (stub *StubFS) Mode() fs.FileMode
- func (stub *StubFS) Name() string
- func (stub *StubFS) Open(name string) (fs.File, error)
- func (stub *StubFS) Read(bytes []byte) (int, error)
- func (stub *StubFS) Size() int64
- func (stub *StubFS) Stat() (fs.FileInfo, error)
- func (stub *StubFS) Sys() interface{}
- type TracingProvider
- type TransportWithHeader
- type TransportWithHost
- type WriterProvider
Constants ¶
const AdminPrefix = "/admin"
const CSRFTokenName = "csrf_token"
Variables ¶
var ( ErrInvalidCSRFToken = herodot.ErrForbidden. WithID(text.ErrIDCSRF). WithError("the request was rejected to protect you from Cross-Site-Request-Forgery"). WithDetail("docs", "https://www.ory.sh/kratos/docs/debug/csrf"). WithReason("Please retry the flow and optionally clear your cookies. The request was rejected to protect you from Cross-Site-Request-Forgery (CSRF) which could cause account takeover, leaking personal information, and other serious security issues.") ErrGone = herodot.DefaultError{ CodeField: http.StatusGone, StatusField: http.StatusText(http.StatusGone), ReasonField: "", DebugField: "", DetailsField: nil, ErrorField: "The requested resource is no longer available because it has expired or is otherwise invalid.", } )
var ( ErrInvalidCSRFTokenAJAX = ErrInvalidCSRFToken. WithDetail("hint", "We detected an AJAX call, please ensure that CORS is enabled and configured correctly, and that your AJAX code sends cookies and has credentials enabled. For further debugging, check your Browser's Network Tab to see what cookies are included or excluded.") ErrInvalidCSRFTokenAJAXNoCookies = ErrInvalidCSRFTokenAJAX.WithDetail("reject_reason", noCookie) ErrInvalidCSRFTokenAJAXCookieMissing = ErrInvalidCSRFTokenAJAX.WithDetail("reject_reason", cookieMissing) ErrInvalidCSRFTokenAJAXTokenNotSent = ErrInvalidCSRFToken.WithDetail("hint", tokenNotSent) ErrInvalidCSRFTokenAJAXTokenMismatch = ErrInvalidCSRFTokenAJAX.WithDetail("reject_reason", tokenMismatch) )
var ( ErrInvalidCSRFTokenServer = ErrInvalidCSRFToken. WithDetail("hint", "We detected a regular browser or server-side call. To debug browser calls check your Browser's Network Tab to see what cookies are included or excluded. If you are calling from a server ensure that the appropriate cookies are being forwarded and that the SDK method is called correctly.") ErrInvalidCSRFTokenServerNoCookies = ErrInvalidCSRFTokenServer.WithDetail("reject_reason", noCookie) ErrInvalidCSRFTokenServerCookieMissing = ErrInvalidCSRFTokenServer.WithDetail("reject_reason", cookieMissing) ErrInvalidCSRFTokenServerTokenNotSent = ErrInvalidCSRFToken.WithDetail("hint", tokenNotSent) ErrInvalidCSRFTokenServerTokenMismatch = ErrInvalidCSRFTokenAJAX.WithDetail("reject_reason", tokenMismatch) )
var CleanPath negroni.HandlerFunc = func(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc) { r.URL.Path = httprouter.CleanPath(r.URL.Path) next(rw, r) }
var EmptyUUID db.UUID
var FakeCSRFToken = base64.StdEncoding.EncodeToString([]byte(randx.MustString(32, randx.AlphaLowerNum)))
var PseudoPanic = herodot.DefaultError{ StatusField: http.StatusText(http.StatusInternalServerError), ErrorField: "Code Bug Detected", ReasonField: "The code ended up at a place where it should not have. Please report this as an issue at https://github.com/ory/kratos", CodeField: http.StatusConflict, }
Functions ¶
func AcceptToRedirectOrJSON ¶
func AcceptsJSON ¶
func CSRFCookieName ¶
func CSRFErrorReason ¶
func CSRFFailureHandler ¶
func CSRFFailureHandler(reg interface { config.Provider LoggingProvider WriterProvider }) http.HandlerFunc
func CleanUpTestSMTP ¶
func CleanUpTestSMTP()
func DefaultCSRFToken ¶
func EasyGetJSON ¶
func FakeCSRFTokenGenerator ¶
func HTTPLoaderContextMiddleware ¶
func HTTPLoaderContextMiddleware(reg interface { HTTPClientProvider }) negroni.HandlerFunc
func IsBrowserRequest ¶
func IsJSONRequest ¶
func IsValidNumber ¶
IsValidNumber reports whether s is a valid JSON number literal.
Taken from encoding/json
func IsZeroUUID ¶
func MaxItemsPerPage ¶
MaxItemsPerPage is used to prevent DoS attacks against large lists by limiting the items per page to 500.
func MustEncodeJSON ¶
func MustReadAll ¶
func NewCSRFHandler ¶
func NewCSRFHandler( router http.Handler, reg interface { config.Provider LoggingProvider WriterProvider }) *nosurf.CSRFHandler
func NewTestCSRFHandler ¶
func NewTestCSRFHandler(router http.Handler, reg interface { WithCSRFHandler(handler nosurf.Handler) WithCSRFTokenGenerator(CSRFToken) WriterProvider LoggingProvider config.Provider }) *nosurf.CSRFHandler
func NewTestHTTPRequest ¶
func NoCache ¶
func NoCache(w http.ResponseWriter)
NoCache adds `Cache-Control: private, no-cache, no-store, must-revalidate` to the response header.
func NoCacheHandle ¶
func NoCacheHandle(handle httprouter.Handle) httprouter.Handle
NoCacheHandle wraps httprouter.Handle with `Cache-Control: private, no-cache, no-store, must-revalidate` headers.
func NoCacheHandler ¶
NoCacheHandler wraps http.HandlerFunc with `Cache-Control: private, no-cache, no-store, must-revalidate` headers.
func NoCacheHandlerFunc ¶
func NoCacheHandlerFunc(handle http.HandlerFunc) http.HandlerFunc
NoCacheHandlerFunc wraps http.HandlerFunc with `Cache-Control: private, no-cache, no-store, must-revalidate` headers.
func NosurfBaseCookieHandler ¶
func PaginationHeader ¶
func ParsePagination ¶
ParsePagination parses limit and page from *http.Request with given limits and defaults.
func RandomDelay ¶
RandomDelay returns a time randomly chosen from a normal distribution with mean of base and max/min of base +- deviation From the docstring for the rand.NormFloat64(): To produce a different normal distribution, callers can adjust the output using:
sample = NormFloat64() * desiredStdDev + desiredMean
Since 99.73% of values in a normal distribution lie within three standard deviations from the mean (https://en.wikipedia.org/wiki/68%E2%80%9395%E2%80%9399.7_rule), by taking the standard deviation to be deviation/3, we can get a distribution which fits our bounds nicely with minimal clipping when we take max/mins to cut off the tails.
func RecoverStatusCode ¶
func RedirectAdminMiddleware ¶
func RedirectAdminMiddleware(rw http.ResponseWriter, r *http.Request, next http.HandlerFunc)
func RedirectToAdminRoute ¶
func RedirectToAdminRoute(reg config.Provider) httprouter.Handle
func RedirectToPublicRoute ¶
func RedirectToPublicRoute(reg config.Provider) httprouter.Handle
func RequireJSONMarshal ¶
func RunTestSMTP ¶
func SecureRedirectTo ¶
func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)
SecureRedirectTo implements a HTTP redirector who mitigates open redirect vulnerabilities by working with allow lists.
func SecureRedirectToIsAllowedHost ¶
SecureRedirectToIsAllowedHost validates if the redirect_to param is allowed for a given wildcard
func SessionGetString ¶
func SessionGetString(r *http.Request, s sessions.StoreExact, id string, key interface{}) (string, error)
SessionGetString returns a string for the given id and key or an error if the session is invalid, the key does not exist, or the key value is not a string.
func SessionGetStringOr ¶
SessionGetStringOr returns a string for the given id and key or the fallback value if the session is invalid, the key does not exist, or the key value is not a string.
func SessionPersistValues ¶
func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.StoreExact, id string, values map[string]interface{}) error
SessionPersistValues adds values to the session store and persists the changes.
func SessionUnset ¶
func SessionUnset(w http.ResponseWriter, r *http.Request, s sessions.StoreExact, id string) error
func SessionUnsetKey ¶
func SessionUnsetKey(w http.ResponseWriter, r *http.Request, s sessions.StoreExact, id, key string) error
func StructToMap ¶
func TraceHandler ¶
TraceHandler wraps otelx.NewHandler, passing the URL path as the span name.
func UntypedMapToJSON ¶
func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)
Types ¶
type CSRFProvider ¶
type ConvertibleBoolean ¶
type ConvertibleBoolean bool
ConvertibleBoolean can unmarshal both booleans and strings.
func (*ConvertibleBoolean) UnmarshalJSON ¶
func (bit *ConvertibleBoolean) UnmarshalJSON(data []byte) error
type CookieProvider ¶
type CookieProvider interface { CookieManager(ctx context.Context) sessions.StoreExact ContinuityCookieManager(ctx context.Context) sessions.StoreExact }
type FakeCSRFHandler ¶
type FakeCSRFHandler struct {
// contains filtered or unexported fields
}
func NewFakeCSRFHandler ¶
func NewFakeCSRFHandler(name string) *FakeCSRFHandler
func (*FakeCSRFHandler) DisableGlob ¶
func (f *FakeCSRFHandler) DisableGlob(s string)
func (*FakeCSRFHandler) DisableGlobs ¶
func (f *FakeCSRFHandler) DisableGlobs(s ...string)
func (*FakeCSRFHandler) DisablePath ¶
func (f *FakeCSRFHandler) DisablePath(s string)
func (*FakeCSRFHandler) ExemptPath ¶
func (f *FakeCSRFHandler) ExemptPath(s string)
func (*FakeCSRFHandler) IgnoreGlob ¶
func (f *FakeCSRFHandler) IgnoreGlob(s string)
func (*FakeCSRFHandler) IgnoreGlobs ¶
func (f *FakeCSRFHandler) IgnoreGlobs(s ...string)
func (*FakeCSRFHandler) IgnorePath ¶
func (f *FakeCSRFHandler) IgnorePath(s string)
func (*FakeCSRFHandler) RegenerateToken ¶
func (f *FakeCSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string
func (*FakeCSRFHandler) ServeHTTP ¶
func (f *FakeCSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type HTTPClientProvider ¶
type HTTPClientProvider interface {
HTTPClient(ctx context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client
}
type LoggingProvider ¶
type PaginationParams ¶
type PaginationParams struct { // Items per Page // // This is the number of items per page. // // required: false // in: query // default: 250 // min: 1 // max: 1000 PerPage int `json:"per_page"` // Pagination Page // // required: false // in: query // default: 1 // min: 1 Page int `json:"page"` }
swagger:model pagination
type RouterAdmin ¶
type RouterAdmin struct {
*httprouter.Router
}
func NewRouterAdmin ¶
func NewRouterAdmin() *RouterAdmin
func (*RouterAdmin) DELETE ¶
func (r *RouterAdmin) DELETE(publicPath string, handle httprouter.Handle)
func (*RouterAdmin) GET ¶
func (r *RouterAdmin) GET(publicPath string, handle httprouter.Handle)
func (*RouterAdmin) HEAD ¶
func (r *RouterAdmin) HEAD(publicPath string, handle httprouter.Handle)
func (*RouterAdmin) Handle ¶
func (r *RouterAdmin) Handle(method, publicPath string, handle httprouter.Handle)
func (*RouterAdmin) Handler ¶
func (r *RouterAdmin) Handler(method, publicPath string, handler http.Handler)
func (*RouterAdmin) HandlerFunc ¶
func (r *RouterAdmin) HandlerFunc(method, publicPath string, handler http.HandlerFunc)
func (*RouterAdmin) Lookup ¶
func (r *RouterAdmin) Lookup(method, publicPath string)
func (*RouterAdmin) PATCH ¶
func (r *RouterAdmin) PATCH(publicPath string, handle httprouter.Handle)
func (*RouterAdmin) POST ¶
func (r *RouterAdmin) POST(publicPath string, handle httprouter.Handle)
func (*RouterAdmin) PUT ¶
func (r *RouterAdmin) PUT(publicPath string, handle httprouter.Handle)
type RouterPublic ¶
type RouterPublic struct {
*httprouter.Router
}
func NewRouterPublic ¶
func NewRouterPublic() *RouterPublic
func (*RouterPublic) DELETE ¶
func (r *RouterPublic) DELETE(path string, handle httprouter.Handle)
func (*RouterPublic) GET ¶
func (r *RouterPublic) GET(path string, handle httprouter.Handle)
func (*RouterPublic) HEAD ¶
func (r *RouterPublic) HEAD(path string, handle httprouter.Handle)
func (*RouterPublic) Handle ¶
func (r *RouterPublic) Handle(method, path string, handle httprouter.Handle)
func (*RouterPublic) Handler ¶
func (r *RouterPublic) Handler(method, path string, handler http.Handler)
func (*RouterPublic) HandlerFunc ¶
func (r *RouterPublic) HandlerFunc(method, path string, handler http.HandlerFunc)
func (*RouterPublic) PATCH ¶
func (r *RouterPublic) PATCH(path string, handle httprouter.Handle)
func (*RouterPublic) POST ¶
func (r *RouterPublic) POST(path string, handle httprouter.Handle)
func (*RouterPublic) PUT ¶
func (r *RouterPublic) PUT(path string, handle httprouter.Handle)
type SecureRedirectOption ¶
type SecureRedirectOption func(*secureRedirectOptions)
func SecureRedirectAllowSelfServiceURLs ¶
func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption
SecureRedirectAllowSelfServiceURLs allows the caller to define `?return_to=` values which contain the server's URL and `/self-service` path prefix. Useful for redirecting to the login endpoint, for example.
func SecureRedirectAllowURLs ¶
func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption
SecureRedirectAllowURLs allows the given URLs for redirects.
func SecureRedirectOverrideDefaultReturnTo ¶
func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption
SecureRedirectOverrideDefaultReturnTo overrides the defaultReturnTo address specified as the second arg.
func SecureRedirectUseSourceURL ¶
func SecureRedirectUseSourceURL(source string) SecureRedirectOption
SecureRedirectUseSourceURL uses the given source URL (checks the `?return_to` value) instead of r.URL.
type SimpleLogger ¶
func (*SimpleLogger) Audit ¶
func (s *SimpleLogger) Audit() *logrusx.Logger
func (*SimpleLogger) Logger ¶
func (s *SimpleLogger) Logger() *logrusx.Logger
type StatusCodeCarrier ¶
type StatusCodeCarrier interface {
StatusCode() int
}
type TransportWithHeader ¶
type TransportWithHeader struct { http.RoundTripper // contains filtered or unexported fields }
func NewTransportWithHeader ¶
func NewTransportWithHeader(h http.Header) *TransportWithHeader
type TransportWithHost ¶
type TransportWithHost struct { http.RoundTripper // contains filtered or unexported fields }
func NewTransportWithHost ¶
func NewTransportWithHost(host string) *TransportWithHost
type WriterProvider ¶
Source Files ¶
- clean_url.go
- cookie.go
- doc.go
- err.go
- http.go
- http_redirect_admin.go
- http_secure_redirect.go
- httploadermiddleware.go
- ider.go
- isjsonrequest.go
- json_bool.go
- json_number.go
- mailhog.go
- map_json.go
- maxitems.go
- nocache.go
- nosurf.go
- pagination.go
- pointer.go
- provider.go
- readall.go
- redir.go
- require.go
- router.go
- sdkx.go
- stub_fs.go
- tests.go
- time.go
- tracing.go
- uuid.go