code

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 12, 2023 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source 
const CodeLength = 6
View Source 
const (
	RouteAdminCreateRecoveryCode = "/recovery/code"
)

Variables

View Source 
var (
	ErrCodeNotFound          = herodot.ErrNotFound.WithReasonf("unknown code")
	ErrCodeAlreadyUsed       = herodot.ErrBadRequest.WithReasonf("The code was already used. Please request another code.")
	ErrCodeSubmittedTooOften = herodot.ErrBadRequest.WithReasonf("The request was submitted too often. Please request another code.")
)
View Source 
var ErrUnknownAddress = herodot.ErrNotFound.WithReason("recovery requested for unknown address")

Functions

func GenerateCode 

func GenerateCode() string

Types

type CreateRecoveryCodeParams 

type CreateRecoveryCodeParams struct {
	// Code represents the recovery code
	RawCode string

	// CodeType is the type of the code - either "admin" or "selfservice"
	CodeType RecoveryCodeType

	// ExpiresAt is the time (UTC) when the code expires.
	// required: true
	ExpiresIn time.Duration

	// RecoveryAddressID is a helper struct field for gobuffalo.pop.
	RecoveryAddress *identity.RecoveryAddress

	// FlowID is a helper struct field for gobuffalo.pop.
	FlowID uuid.UUID

	IdentityID uuid.UUID
}

type CreateVerificationCodeParams 

type CreateVerificationCodeParams struct {
	// Code represents the recovery code
	RawCode string

	// ExpiresIn is the lifetime of the code
	ExpiresIn time.Duration

	// VerifiableAddress is the address to be verified
	VerifiableAddress *identity.VerifiableAddress

	// FlowID is the id of the current verification flow
	FlowID uuid.UUID
}

type FlowMethod 

type FlowMethod struct {
	*container.Container
}

FlowMethod contains the configuration for this selfservice strategy.

type RecoveryCode 

type RecoveryCode struct {
	// ID represents the code's unique ID.
	//
	// required: true
	// type: string
	// format: uuid
	ID uuid.UUID `json:"id" db:"id" faker:"-"`

	// CodeHMAC represents the HMACed value of the recovery code
	CodeHMAC string `json:"-" db:"code"`

	// UsedAt is the timestamp of when the code was used or null if it wasn't yet
	UsedAt sql.NullTime `json:"-" db:"used_at"`

	// RecoveryAddress links this code to a recovery address.
	// required: true
	RecoveryAddress *identity.RecoveryAddress `json:"recovery_address" belongs_to:"identity_recovery_addresses" fk_id:"RecoveryAddressID"`

	// CodeType is the type of the code - either "admin" or "selfservice"
	CodeType RecoveryCodeType `json:"-" faker:"-" db:"code_type"`

	// ExpiresAt is the time (UTC) when the code expires.
	// required: true
	ExpiresAt time.Time `json:"expires_at" faker:"time_type" db:"expires_at"`

	// IssuedAt is the time (UTC) when the code was issued.
	// required: true
	IssuedAt time.Time `json:"issued_at" faker:"time_type" db:"issued_at"`

	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" faker:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" faker:"-" db:"updated_at"`
	// RecoveryAddressID is a helper struct field for gobuffalo.pop.
	RecoveryAddressID uuid.NullUUID `json:"-" faker:"-" db:"identity_recovery_address_id"`
	// FlowID is a helper struct field for gobuffalo.pop.
	FlowID     uuid.UUID `json:"-" faker:"-" db:"selfservice_recovery_flow_id"`
	NID        uuid.UUID `json:"-" faker:"-" db:"nid"`
	IdentityID uuid.UUID `json:"identity_id" faker:"-" db:"identity_id"`
}

func (RecoveryCode) IsExpired 

func (f RecoveryCode) IsExpired() bool

func (RecoveryCode) IsValid 

func (f RecoveryCode) IsValid() bool

func (RecoveryCode) TableName 

func (RecoveryCode) TableName(ctx context.Context) string

func (RecoveryCode) WasUsed 

func (r RecoveryCode) WasUsed() bool

type RecoveryCodePersistenceProvider 

type RecoveryCodePersistenceProvider interface {
	RecoveryCodePersister() RecoveryCodePersister
}

type RecoveryCodePersister 

type RecoveryCodePersister interface {
	CreateRecoveryCode(ctx context.Context, dto *CreateRecoveryCodeParams) (*RecoveryCode, error)
	UseRecoveryCode(ctx context.Context, fID uuid.UUID, code string) (*RecoveryCode, error)
	DeleteRecoveryCodesOfFlow(ctx context.Context, fID uuid.UUID) error
}

type RecoveryCodeType 

type RecoveryCodeType int
const (
	RecoveryCodeTypeAdmin RecoveryCodeType = iota + 1
	RecoveryCodeTypeSelfService
)

type Sender 

type Sender struct {
	// contains filtered or unexported fields
}

func NewSender 

func NewSender(deps senderDependencies) *Sender

func (*Sender) SendRecoveryCode 

func (s *Sender) SendRecoveryCode(ctx context.Context, f *recovery.Flow, via identity.VerifiableAddressType, to string) error

SendRecoveryCode sends a recovery code to the specified address

If the address does not exist in the store and dispatching invalid emails is enabled (CourierEnableInvalidDispatch is true), an email is still being sent to prevent account enumeration attacks. In that case, this function returns the ErrUnknownAddress error.

func (*Sender) SendRecoveryCodeTo 

func (s *Sender) SendRecoveryCodeTo(ctx context.Context, i *identity.Identity, codeString string, code *RecoveryCode) error

func (*Sender) SendVerificationCode 

func (s *Sender) SendVerificationCode(ctx context.Context, f *verification.Flow, via identity.VerifiableAddressType, to string) error

SendVerificationCode sends a verification code & link to the specified address

If the address does not exist in the store and dispatching invalid emails is enabled (CourierEnableInvalidDispatch is true), an email is still being sent to prevent account enumeration attacks. In that case, this function returns the ErrUnknownAddress error.

func (*Sender) SendVerificationCodeTo 

func (s *Sender) SendVerificationCodeTo(ctx context.Context, f *verification.Flow, i *identity.Identity, codeString string, code *VerificationCode) error

type SenderProvider 

type SenderProvider interface {
	CodeSender() *Sender
}

type Strategy 

type Strategy struct {
	// contains filtered or unexported fields
}

func NewStrategy 

func NewStrategy(deps strategyDependencies) *Strategy

func (*Strategy) HandleRecoveryError 

func (s *Strategy) HandleRecoveryError(w http.ResponseWriter, r *http.Request, flow *recovery.Flow, body *recoverySubmitPayload, err error) error

func (*Strategy) PopulateRecoveryMethod 

func (s *Strategy) PopulateRecoveryMethod(r *http.Request, f *recovery.Flow) error

func (*Strategy) PopulateVerificationMethod 

func (s *Strategy) PopulateVerificationMethod(r *http.Request, f *verification.Flow) error

PopulateVerificationMethod set's the appropriate UI nodes on this flow

If the flow's state is `sent_email`, the `code` input and the success notification is set Otherwise, the default email input is added. If the flow is a browser flow, the CSRF token is added to the UI.

func (*Strategy) Recover 

func (s *Strategy) Recover(w http.ResponseWriter, r *http.Request, f *recovery.Flow) (err error)

func (*Strategy) RecoveryNodeGroup 

func (s *Strategy) RecoveryNodeGroup() node.UiNodeGroup

func (*Strategy) RecoveryStrategyID 

func (s *Strategy) RecoveryStrategyID() string

func (*Strategy) RegisterAdminRecoveryRoutes 

func (s *Strategy) RegisterAdminRecoveryRoutes(admin *x.RouterAdmin)

func (*Strategy) RegisterAdminVerificationRoutes 

func (s *Strategy) RegisterAdminVerificationRoutes(admin *x.RouterAdmin)

func (*Strategy) RegisterPublicRecoveryRoutes 

func (s *Strategy) RegisterPublicRecoveryRoutes(public *x.RouterPublic)

func (*Strategy) RegisterPublicVerificationRoutes 

func (s *Strategy) RegisterPublicVerificationRoutes(public *x.RouterPublic)

func (*Strategy) SendVerificationEmail 

func (s *Strategy) SendVerificationEmail(ctx context.Context, f *verification.Flow, i *identity.Identity, a *identity.VerifiableAddress) (err error)

func (*Strategy) VerificationNodeGroup 

func (s *Strategy) VerificationNodeGroup() node.UiNodeGroup

func (*Strategy) VerificationStrategyID 

func (s *Strategy) VerificationStrategyID() string

func (*Strategy) Verify 

func (s *Strategy) Verify(w http.ResponseWriter, r *http.Request, f *verification.Flow) (err error)

type VerificationCode 

type VerificationCode struct {
	// ID represents the code's unique ID.
	//
	// required: true
	// type: string
	// format: uuid
	ID uuid.UUID `json:"id" db:"id" faker:"-"`

	// CodeHMAC represents the HMACed value of the verification code
	CodeHMAC string `json:"-" db:"code_hmac"`

	// UsedAt is the timestamp of when the code was used or null if it wasn't yet
	UsedAt sql.NullTime `json:"-" db:"used_at"`

	// VerifiableAddress links this code to a verification address.
	// required: true
	VerifiableAddress *identity.VerifiableAddress `json:"verification_address" belongs_to:"identity_verifiable_addresses"`

	// ExpiresAt is the time (UTC) when the code expires.
	// required: true
	ExpiresAt time.Time `json:"expires_at" faker:"time_type" db:"expires_at"`

	// IssuedAt is the time (UTC) when the code was issued.
	// required: true
	IssuedAt time.Time `json:"issued_at" faker:"time_type" db:"issued_at"`

	// CreatedAt is a helper struct field for gobuffalo.pop.
	CreatedAt time.Time `json:"-" faker:"-" db:"created_at"`
	// UpdatedAt is a helper struct field for gobuffalo.pop.
	UpdatedAt time.Time `json:"-" faker:"-" db:"updated_at"`
	// VerifiableAddressID is a helper struct field for gobuffalo.pop.
	VerifiableAddressID uuid.NullUUID `json:"-" faker:"-" db:"identity_verifiable_address_id"`
	// FlowID is a helper struct field for gobuffalo.pop.
	FlowID uuid.UUID `json:"-" faker:"-" db:"selfservice_verification_flow_id"`
	NID    uuid.UUID `json:"-" faker:"-" db:"nid"`
}

func (VerificationCode) TableName 

func (VerificationCode) TableName(context.Context) string

func (*VerificationCode) Validate 

func (f *VerificationCode) Validate() error

Validate validates the state of the verification code

- If the code is expired, `flow.ExpiredError` is returned - If the code was already used `ErrCodeAlreadyUsed` is returnd - Otherwise, `nil` is returned

type VerificationCodePersistenceProvider 

type VerificationCodePersistenceProvider interface {
	VerificationCodePersister() VerificationCodePersister
}

type VerificationCodePersister 

type VerificationCodePersister interface {
	CreateVerificationCode(context.Context, *CreateVerificationCodeParams) (*VerificationCode, error)
	UseVerificationCode(context.Context, uuid.UUID, string) (*VerificationCode, error)
	DeleteVerificationCodesOfFlow(context.Context, uuid.UUID) error
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.