flow

package
v0.11.0-alpha.0.pre.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 16, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrStrategyNotResponsible   = errors.New("strategy is not responsible for this request")
	ErrCompletedByStrategy      = errors.New("flow response completed by strategy")
	ErrStrategyAsksToReturnToUI = errors.New("flow strategy is redirecting to the ui")
)
View Source
var ErrCookieHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
	WithReasonf(`The HTTP Request Header included the "Cookie" key, indicating that this request was made by a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
View Source
var ErrOriginHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
	WithReasonf(`The HTTP Request Header included the "Origin" key, indicating that this request was made as part of an AJAX request in a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)

Functions

func AppendFlowTo

func AppendFlowTo(src *url.URL, id uuid.UUID) *url.URL

func EnsureCSRF

func EnsureCSRF(reg interface {
	config.Provider
},
	r *http.Request,
	flowType Type,
	disableAPIFlowEnforcement bool,
	generator func(r *http.Request) string,
	actual string,
) error

func GetCSRFToken

func GetCSRFToken(reg interface {
	x.CSRFProvider
	x.CSRFTokenGeneratorProvider
}, w http.ResponseWriter, r *http.Request, p Type) string

func GetFlowExpiredRedirectURL

func GetFlowExpiredRedirectURL(ctx context.Context, config *config.Config, route, returnTo string) *url.URL

func GetFlowID

func GetFlowID(r *http.Request) (uuid.UUID, error)

func HandleHookError added in v0.11.0

func HandleHookError(_ http.ResponseWriter, r *http.Request, f Flow, traits identity.Traits, group node.UiNodeGroup, flowError error, logger x.LoggingProvider, csrf x.CSRFTokenGeneratorProvider) error

func MethodEnabledAndAllowed

func MethodEnabledAndAllowed(ctx context.Context, expected, actual string, d interface {
	config.Provider
}) error

func MethodEnabledAndAllowedFromRequest

func MethodEnabledAndAllowedFromRequest(r *http.Request, expected string, d interface {
	config.Provider
}) error

func PrefixInternalContextKey

func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string

Types

type BrowserLocationChangeRequiredError

type BrowserLocationChangeRequiredError struct {
	*herodot.DefaultError `json:"error"`

	// Since when the flow has expired
	RedirectBrowserTo string `json:"redirect_browser_to"`
}

Is sent when a flow requires a browser to change its location.

swagger:model selfServiceBrowserLocationChangeRequiredError

func NewBrowserLocationChangeRequiredError

func NewBrowserLocationChangeRequiredError(redirectTo string) *BrowserLocationChangeRequiredError

func (*BrowserLocationChangeRequiredError) EnhanceJSONError

func (e *BrowserLocationChangeRequiredError) EnhanceJSONError() interface{}

type ExpiredError

type ExpiredError struct {
	*herodot.DefaultError `json:"error"`

	// Since when the flow has expired
	Ago time.Duration `json:"since"`

	// The flow ID that should be used for the new flow as it contains the correct messages.
	FlowID uuid.UUID `json:"use_flow_id"`
	// contains filtered or unexported fields
}

Is sent when a flow is expired

swagger:model selfServiceFlowExpiredError

func NewFlowExpiredError

func NewFlowExpiredError(at time.Time) *ExpiredError

func (*ExpiredError) EnhanceJSONError

func (e *ExpiredError) EnhanceJSONError() interface{}

func (*ExpiredError) GetFlow

func (e *ExpiredError) GetFlow() Flow

func (*ExpiredError) WithFlow

func (e *ExpiredError) WithFlow(flow Flow) *ExpiredError

type Flow

type Flow interface {
	GetID() uuid.UUID
	GetType() Type
	GetRequestURL() string
	AppendTo(*url.URL) *url.URL
	GetUI() *container.Container
}

type MethodConfigurator

type MethodConfigurator interface {
	container.NodeGetter

	container.ErrorParser

	// form.NodeSetter
	// form.NodeUnsetter
	container.ValueSetter

	container.Resetter
	container.MessageResetter
	container.CSRFSetter
	container.FieldSorter
}

swagger:ignore

type Type

type Type string

Type is the flow type.

The flow type can either be `api` or `browser`.

swagger:model selfServiceFlowType

const (
	TypeAPI     Type = "api"
	TypeBrowser Type = "browser"
)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL