Documentation
¶
Index ¶
- Variables
- func AppendFlowTo(src *url.URL, id uuid.UUID) *url.URL
- func EnsureCSRF(reg interface{ ... }, r *http.Request, flowType Type, ...) error
- func GetCSRFToken(reg interface{ ... }, w http.ResponseWriter, r *http.Request, p Type) string
- func GetFlowExpiredRedirectURL(ctx context.Context, config *config.Config, route, returnTo string) *url.URL
- func GetFlowID(r *http.Request) (uuid.UUID, error)
- func HandleHookError(_ http.ResponseWriter, r *http.Request, f Flow, traits identity.Traits, ...) error
- func MethodEnabledAndAllowed(ctx context.Context, expected, actual string, d interface{ ... }) error
- func MethodEnabledAndAllowedFromRequest(r *http.Request, expected string, d interface{ ... }) error
- func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string
- type BrowserLocationChangeRequiredError
- type ContinueWith
- type ContinueWithAction
- type ContinueWithSetToken
- type ContinueWithVerificationUI
- type ContinueWithVerificationUIFlow
- type ExpiredError
- type Flow
- type FlowWithContinueWith
- type FlowWithRedirect
- type MethodConfigurator
- type ReplacedError
- type Type
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrStrategyNotResponsible = errors.New("strategy is not responsible for this request") ErrCompletedByStrategy = errors.New("flow response completed by strategy") ErrStrategyAsksToReturnToUI = errors.New("flow strategy is redirecting to the ui") )
View Source
var ErrCookieHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
WithReasonf(`The HTTP Request Header included the "Cookie" key, indicating that this request was made by a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
View Source
var ErrOriginHeaderNeedsBrowserFlow = herodot.ErrBadRequest.
WithReasonf(`The HTTP Request Header included the "Origin" key, indicating that this request was made as part of an AJAX request in a Browser. The flow however was initiated as an API request. To prevent potential misuse and mitigate several attack vectors including CSRF, the request has been blocked. Please consult the documentation.`)
Functions ¶
func EnsureCSRF ¶
func GetCSRFToken ¶
func GetCSRFToken(reg interface {
x.CSRFProvider
x.CSRFTokenGeneratorProvider
}, w http.ResponseWriter, r *http.Request, p Type) string
func HandleHookError ¶ added in v0.11.0
func HandleHookError(_ http.ResponseWriter, r *http.Request, f Flow, traits identity.Traits, group node.UiNodeGroup, flowError error, logger x.LoggingProvider, csrf x.CSRFTokenGeneratorProvider) error
func MethodEnabledAndAllowed ¶
func PrefixInternalContextKey ¶
func PrefixInternalContextKey(t identity.CredentialsType, suffix string) string
Types ¶
type BrowserLocationChangeRequiredError ¶
type BrowserLocationChangeRequiredError struct {
*herodot.DefaultError `json:"error"`
// Points to where to redirect the user to next.
RedirectBrowserTo string `json:"redirect_browser_to"`
}
BrowserLocationChangeRequiredError is sent when a flow requires a browser to change its location.
func NewBrowserLocationChangeRequiredError ¶
func NewBrowserLocationChangeRequiredError(redirectTo string) *BrowserLocationChangeRequiredError
func (*BrowserLocationChangeRequiredError) EnhanceJSONError ¶
func (e *BrowserLocationChangeRequiredError) EnhanceJSONError() interface{}
type ContinueWithAction ¶ added in v0.13.0
type ContinueWithAction string
swagger:enum ContinueWithAction
const ( ContinueWithActionSetOrySessionToken ContinueWithAction = "set_ory_session_token" ContinueWithActionShowVerificationUI ContinueWithAction = "show_verification_ui" )
#nosec G101 -- only a key constant
type ContinueWithSetToken ¶ added in v0.13.0
type ContinueWithSetToken struct {
// Action will always be `set_ory_session_token`
//
// required: true
Action ContinueWithAction `json:"action"`
// Token is the token of the session
//
// required: true
OrySessionToken string `json:"ory_session_token"`
}
Indicates that a session was issued, and the application should use this token for authenticated requests swagger:model continueWithSetOrySessionToken
func NewContinueWithSetToken ¶ added in v0.13.0
func NewContinueWithSetToken(t string) *ContinueWithSetToken
type ContinueWithVerificationUI ¶ added in v0.13.0
type ContinueWithVerificationUI struct {
// Action will always be `show_verification_ui`
//
// required: true
Action ContinueWithAction `json:"action"`
// Flow contains the ID of the verification flow
//
// required: true
Flow ContinueWithVerificationUIFlow `json:"flow"`
}
Indicates, that the UI flow could be continued by showing a verification ui
swagger:model continueWithVerificationUi
func NewContinueWithVerificationUI ¶ added in v0.13.0
func NewContinueWithVerificationUI(f Flow, address, url string) *ContinueWithVerificationUI
type ContinueWithVerificationUIFlow ¶ added in v0.13.0
type ContinueWithVerificationUIFlow struct {
// The ID of the verification flow
//
// required: true
ID uuid.UUID `json:"id"`
// The address that should be verified in this flow
//
// required: true
VerifiableAddress string `json:"verifiable_address"`
// The URL of the verification flow
//
// required: false
URL string `json:"url,omitempty"`
}
swagger:model continueWithVerificationUiFlow
type ExpiredError ¶
type ExpiredError struct {
*herodot.DefaultError `json:"error"`
// When the flow has expired
ExpiredAt time.Time `json:"expired_at"`
// DEPRECATED: Please use the "expired_at" field instead to have a more accurate result.
Since time.Duration `json:"since"`
// The flow ID that should be used for the new flow as it contains the correct messages.
FlowID uuid.UUID `json:"use_flow_id"`
// contains filtered or unexported fields
}
ExpiredError is sent when a flow is expired
func NewFlowExpiredError ¶
func NewFlowExpiredError(at time.Time) *ExpiredError
func (*ExpiredError) EnhanceJSONError ¶
func (e *ExpiredError) EnhanceJSONError() interface{}
func (*ExpiredError) GetFlow ¶
func (e *ExpiredError) GetFlow() Flow
func (*ExpiredError) WithFlow ¶
func (e *ExpiredError) WithFlow(flow Flow) *ExpiredError
type FlowWithContinueWith ¶ added in v0.13.0
type FlowWithContinueWith interface {
Flow
AddContinueWith(ContinueWith)
ContinueWith() []ContinueWith
}
type FlowWithRedirect ¶ added in v1.0.0
type MethodConfigurator ¶
type MethodConfigurator interface {
container.NodeGetter
container.ErrorParser
// form.NodeSetter
// form.NodeUnsetter
container.ValueSetter
container.Resetter
container.MessageResetter
container.CSRFSetter
container.FieldSorter
}
swagger:ignore
type ReplacedError ¶ added in v0.11.0
type ReplacedError struct {
*herodot.DefaultError `json:"error"`
// The flow ID that should be used for the new flow as it contains the correct messages.
FlowID uuid.UUID `json:"use_flow_id"`
// contains filtered or unexported fields
}
ReplacedError is sent when a flow is replaced by a different flow of the same class
func NewFlowReplacedError ¶ added in v0.11.0
func NewFlowReplacedError(message *text.Message) *ReplacedError
func (*ReplacedError) EnhanceJSONError ¶ added in v0.11.0
func (e *ReplacedError) EnhanceJSONError() interface{}
func (*ReplacedError) GetFlow ¶ added in v0.11.0
func (e *ReplacedError) GetFlow() Flow
func (*ReplacedError) WithFlow ¶ added in v0.11.0
func (e *ReplacedError) WithFlow(flow Flow) *ReplacedError
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.