link

package
v0.6.0-alpha.1.pre.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2021 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	RouteAdminCreateRecoveryLink = "/recovery/link"
)

Variables

View Source 
var ErrUnknownAddress = errors.New("verification requested for unknown address")

Functions

This section is empty.

Types 

type CreateRecoveryLink struct {
	// Identity to Recover
	//
	// The identity's ID you wish to recover.
	//
	// required: true
	IdentityID uuid.UUID `json:"identity_id"`

	// Link Expires In
	//
	// The recovery link will expire at that point in time. Defaults to the configuration value of
	// `selfservice.flows.recovery.request_lifespan`.
	//
	//
	// pattern: ^[0-9]+(ns|us|ms|s|m|h)$
	// example:
	//	- 1h
	//	- 1m
	//	- 1s
	ExpiresIn string `json:"expires_in"`
}

type FlowMethod 

type FlowMethod struct {
	*container.Container
}

FlowMethod contains the configuration for this selfservice strategy.

type RecoveryToken 

type RecoveryToken struct {
	// ID represents the tokens's unique ID.
	//
	// required: true
	// type: string
	// format: uuid
	ID uuid.UUID `json:"id" db:"id" faker:"-"`

	// Token represents the recovery token. It can not be longer than 64 chars!
	Token string `json:"-" db:"token"`

	// RecoveryAddress links this token to a recovery address.
	// required: true
	RecoveryAddress *identity.RecoveryAddress `json:"recovery_address" belongs_to:"identity_recovery_addresses" fk_id:"RecoveryAddressID"`

	// ExpiresAt is the time (UTC) when the token expires.
	// required: true
	ExpiresAt time.Time `json:"expires_at" faker:"time_type" db:"expires_at"`

	// IssuedAt is the time (UTC) when the token was issued.
	// required: true
	IssuedAt time.Time `json:"issued_at" faker:"time_type" db:"issued_at"`

	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" faker:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" faker:"-" db:"updated_at"`
	// RecoveryAddressID is a helper struct field for gobuffalo.pop.
	RecoveryAddressID uuid.UUID `json:"-" faker:"-" db:"identity_recovery_address_id"`
	// FlowID is a helper struct field for gobuffalo.pop.
	FlowID uuid.NullUUID `json:"-" faker:"-" db:"selfservice_recovery_flow_id"`
	NID    uuid.UUID     `json:"-"  faker:"-" db:"nid"`
}

func NewRecoveryToken 

func NewRecoveryToken(address *identity.RecoveryAddress, expiresIn time.Duration) *RecoveryToken

func NewSelfServiceRecoveryToken 

func NewSelfServiceRecoveryToken(address *identity.RecoveryAddress, f *recovery.Flow) *RecoveryToken

func (RecoveryToken) TableName 

func (RecoveryToken) TableName(ctx context.Context) string

func (*RecoveryToken) Valid 

func (f *RecoveryToken) Valid() error

type RecoveryTokenPersistenceProvider 

type RecoveryTokenPersistenceProvider interface {
	RecoveryTokenPersister() RecoveryTokenPersister
}

type RecoveryTokenPersister 

type RecoveryTokenPersister interface {
	CreateRecoveryToken(ctx context.Context, token *RecoveryToken) error
	UseRecoveryToken(ctx context.Context, token string) (*RecoveryToken, error)
	DeleteRecoveryToken(ctx context.Context, token string) error
}

type Sender 

type Sender struct {
	// contains filtered or unexported fields
}

func NewSender 

func NewSender(r senderDependencies) *Sender
func (s *Sender) SendRecoveryLink(ctx context.Context, r *http.Request, f *recovery.Flow, via identity.VerifiableAddressType, to string) error

SendRecoveryLink sends a recovery link to the specified address. If the address does not exist in the store, an email is still being sent to prevent account enumeration attacks. In that case, this function returns the ErrUnknownAddress error.

func (*Sender) SendRecoveryTokenTo 

func (s *Sender) SendRecoveryTokenTo(ctx context.Context, f *recovery.Flow, address *identity.RecoveryAddress, token *RecoveryToken) error
func (s *Sender) SendVerificationLink(ctx context.Context, f *verification.Flow, via identity.VerifiableAddressType, to string) error

SendVerificationLink sends a verification link to the specified address. If the address does not exist in the store, an email is still being sent to prevent account enumeration attacks. In that case, this function returns the ErrUnknownAddress error.

func (*Sender) SendVerificationTokenTo 

func (s *Sender) SendVerificationTokenTo(ctx context.Context, f *verification.Flow, address *identity.VerifiableAddress, token *VerificationToken) error

type SenderProvider 

type SenderProvider interface {
	LinkSender() *Sender
}

type Strategy 

type Strategy struct {
	// contains filtered or unexported fields
}

func NewStrategy 

func NewStrategy(d strategyDependencies) *Strategy

func (*Strategy) PopulateRecoveryMethod 

func (s *Strategy) PopulateRecoveryMethod(r *http.Request, f *recovery.Flow) error

func (*Strategy) PopulateVerificationMethod 

func (s *Strategy) PopulateVerificationMethod(r *http.Request, f *verification.Flow) error

func (*Strategy) Recover 

func (s *Strategy) Recover(w http.ResponseWriter, r *http.Request, f *recovery.Flow) (err error)

swagger:route POST /self-service/recovery/methods/link public submitSelfServiceRecoveryFlowWithLinkMethod

Use this endpoint to complete a recovery flow using the link method. This endpoint behaves differently for API and browser flows and has several states:

  • `choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent and works with API- and Browser-initiated flows.
  • For API clients it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid and a HTTP 302 Found redirect with a fresh recovery flow if the flow was otherwise invalid (e.g. expired).
  • For Browser clients it returns a HTTP 302 Found redirect to the Recovery UI URL with the Recovery Flow ID appended.
  • `sent_email` is the success state after `choose_method` and allows the user to request another recovery email. It works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state.
  • `passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a recovery link") does not have any API capabilities. The server responds with a HTTP 302 Found redirect either to the Settings UI URL (if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with a new Recovery Flow ID which contains an error message that the recovery link was invalid.

More information can be found at [Ory Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx). 

Consumes:
- application/json
- application/x-www-form-urlencoded

Produces:
- application/json

Schemes: http, https

Responses:
  400: recoveryFlow
  302: emptyResponse
  500: genericError

func (*Strategy) RecoveryNodeGroup 

func (s *Strategy) RecoveryNodeGroup() node.Group

func (*Strategy) RecoveryStrategyID 

func (s *Strategy) RecoveryStrategyID() string

func (*Strategy) RegisterAdminRecoveryRoutes 

func (s *Strategy) RegisterAdminRecoveryRoutes(admin *x.RouterAdmin)

func (*Strategy) RegisterAdminVerificationRoutes 

func (s *Strategy) RegisterAdminVerificationRoutes(admin *x.RouterAdmin)

func (*Strategy) RegisterPublicRecoveryRoutes 

func (s *Strategy) RegisterPublicRecoveryRoutes(public *x.RouterPublic)

func (*Strategy) RegisterPublicVerificationRoutes 

func (s *Strategy) RegisterPublicVerificationRoutes(public *x.RouterPublic)

func (*Strategy) VerificationNodeGroup 

func (s *Strategy) VerificationNodeGroup() node.Group

func (*Strategy) VerificationStrategyID 

func (s *Strategy) VerificationStrategyID() string

func (*Strategy) Verify 

func (s *Strategy) Verify(w http.ResponseWriter, r *http.Request, f *verification.Flow) (err error)

type VerificationToken 

type VerificationToken struct {
	// ID represents the tokens's unique ID.
	//
	// required: true
	// type: string
	// format: uuid
	ID uuid.UUID `json:"id" db:"id" faker:"-"`

	// Token represents the verification token. It can not be longer than 64 chars!
	Token string `json:"-" db:"token"`

	// VerifiableAddress links this token to a verification address.
	// required: true
	VerifiableAddress *identity.VerifiableAddress `json:"verification_address" belongs_to:"identity_verifiable_addresses" fk_id:"VerificationAddVerifiableAddressIDressID"`

	// ExpiresAt is the time (UTC) when the token expires.
	// required: true
	ExpiresAt time.Time `json:"expires_at" faker:"time_type" db:"expires_at"`

	// IssuedAt is the time (UTC) when the token was issued.
	// required: true
	IssuedAt time.Time `json:"issued_at" faker:"time_type" db:"issued_at"`

	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" faker:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" faker:"-" db:"updated_at"`
	// VerifiableAddressID is a helper struct field for gobuffalo.pop.
	VerifiableAddressID uuid.UUID `json:"-" faker:"-" db:"identity_verifiable_address_id"`
	// FlowID is a helper struct field for gobuffalo.pop.
	FlowID uuid.NullUUID `json:"-" faker:"-" db:"selfservice_verification_flow_id"`
	NID    uuid.UUID     `json:"-"  faker:"-" db:"nid"`
}

func NewSelfServiceVerificationToken 

func NewSelfServiceVerificationToken(address *identity.VerifiableAddress, f *verification.Flow) *VerificationToken

func (VerificationToken) TableName 

func (VerificationToken) TableName(ctx context.Context) string

func (*VerificationToken) Valid 

func (f *VerificationToken) Valid() error

type VerificationTokenPersistenceProvider 

type VerificationTokenPersistenceProvider interface {
	VerificationTokenPersister() VerificationTokenPersister
}

type VerificationTokenPersister 

type VerificationTokenPersister interface {
	CreateVerificationToken(ctx context.Context, token *VerificationToken) error
	UseVerificationToken(ctx context.Context, token string) (*VerificationToken, error)
	DeleteVerificationToken(ctx context.Context, token string) error
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.