Documentation
¶
Index ¶
- Variables
- type Auth0Provider
- func (a *Auth0Provider) AssignRoles(ctx context.Context, auth0UserID string, roles []RoleID) ([]RoleID, error)
- func (a *Auth0Provider) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)
- func (a *Auth0Provider) GetUserByEmail(ctx context.Context, email string) (*User, error)
- func (a *Auth0Provider) GetUserByID(ctx context.Context, userID string) (*User, error)
- func (a *Auth0Provider) IssueToken(_ context.Context, _ string, _ Roles) (token string, err error)
- func (a *Auth0Provider) ListUsers(ctx context.Context) ([]*User, int, error)
- func (a *Auth0Provider) ProviderName() string
- func (a *Auth0Provider) ValidateToken(ctx context.Context, token string) (string, error)
- type CtxKey
- type JwtClaims
- type LocalProvider
- func (p *LocalProvider) AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)
- func (p *LocalProvider) CheckPassword(_ context.Context, usr *User, pass string) error
- func (p *LocalProvider) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)
- func (p *LocalProvider) GetUserByEmail(ctx context.Context, email string) (*User, error)
- func (p *LocalProvider) GetUserByID(ctx context.Context, userID string) (*User, error)
- func (p *LocalProvider) IssueToken(ctx context.Context, email string, scope Roles) (string, error)
- func (p *LocalProvider) ListUsers(ctx context.Context) ([]*User, int, error)
- func (p *LocalProvider) ProviderName() string
- func (p *LocalProvider) SetPassword(ctx context.Context, usr *User, pass string) error
- func (p *LocalProvider) ValidateToken(ctx context.Context, tokenString string) (userID string, err error)
- type MockProvider
- func (m *MockProvider) AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)
- func (m *MockProvider) CheckPassword(_ context.Context, usr *User, pass string) error
- func (m *MockProvider) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)
- func (m *MockProvider) GetUserByEmail(_ context.Context, email string) (*User, error)
- func (m *MockProvider) GetUserByID(_ context.Context, userID string) (*User, error)
- func (m *MockProvider) IssueToken(_ context.Context, email string, _ Roles) (token string, err error)
- func (m *MockProvider) ListUsers(_ context.Context) ([]*User, int, error)
- func (m *MockProvider) ProviderName() string
- func (m *MockProvider) SetPassword(_ context.Context, usr *User, pass string) error
- func (m *MockProvider) ValidateToken(ctx context.Context, token string) (userID string, err error)
- type Provider
- type RoleID
- type Roles
- type Service
- func (s *Service) AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)
- func (s *Service) CheckPassword(ctx context.Context, usr *User, pass string) error
- func (s *Service) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)
- func (s *Service) GetUser(ctx context.Context, userEmail string) (*User, error)
- func (s *Service) GetUserByID(ctx context.Context, userID string) (*User, error)
- func (s *Service) GetUserRoles(ctx context.Context, id string) ([]RoleID, error)
- func (s *Service) GetUsers(ctx context.Context) ([]*User, error)
- func (s *Service) HasRole(ctx context.Context, _ interface{}, next graphql.Resolver, role RoleID) (res interface{}, err error)
- func (s *Service) IssueToken(ctx context.Context, usr *User) (string, error)
- func (s *Service) Middleware(next http.Handler) http.Handler
- func (s *Service) SetPassword(ctx context.Context, usr *User, pass string) error
- type User
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrInvalidPassword = fmt.Errorf("invalid password")
View Source
var ErrNotAuthorized = fmt.Errorf("not authorized")
View Source
var (
ErrUserNotFound = fmt.Errorf("user not found")
)
Functions ¶
This section is empty.
Types ¶
type Auth0Provider ¶
type Auth0Provider struct {
// contains filtered or unexported fields
}
func NewAuth0Provider ¶
func (*Auth0Provider) AssignRoles ¶
func (*Auth0Provider) CreateUser ¶
func (*Auth0Provider) GetUserByEmail ¶
func (*Auth0Provider) GetUserByID ¶
func (*Auth0Provider) IssueToken ¶
func (*Auth0Provider) ProviderName ¶
func (a *Auth0Provider) ProviderName() string
func (*Auth0Provider) ValidateToken ¶
type JwtClaims ¶
type JwtClaims struct {
jwt.RegisteredClaims
// Scope holds the issuers roles. Should not be empty.
Scope string `json:"scope"`
}
type LocalProvider ¶
type LocalProvider struct {
// contains filtered or unexported fields
}
func NewLocalProvider ¶
func NewLocalProvider(log logz.Logger, dao dao.DBInterface, conf *conf.Auth0) *LocalProvider
func (*LocalProvider) AssignRoles ¶
func (*LocalProvider) CheckPassword ¶
CheckPassword compares pass to pwdhash stored in db. Used only in LocalProvider.
func (*LocalProvider) CreateUser ¶
func (*LocalProvider) GetUserByEmail ¶
func (*LocalProvider) GetUserByID ¶
func (*LocalProvider) IssueToken ¶
func (*LocalProvider) ProviderName ¶
func (p *LocalProvider) ProviderName() string
func (*LocalProvider) SetPassword ¶
SetPassword sets a users stored in db. Used only in LocalProvider. Use empty pass to prevent login.
func (*LocalProvider) ValidateToken ¶
type MockProvider ¶
type MockProvider struct {
Users []*User
}
MockProvider is only for test use.
func NewMockProvider ¶
func NewMockProvider() (*MockProvider, error)
func (*MockProvider) AssignRoles ¶
func (*MockProvider) CheckPassword ¶
func (*MockProvider) CreateUser ¶
func (*MockProvider) GetUserByEmail ¶
func (*MockProvider) GetUserByID ¶
func (*MockProvider) IssueToken ¶
func (*MockProvider) ProviderName ¶
func (m *MockProvider) ProviderName() string
func (*MockProvider) SetPassword ¶
func (*MockProvider) ValidateToken ¶
ValidateToken expects token to be in format "mocktoken:<user@email.com>".
type Provider ¶
type Provider interface {
ProviderName() string
GetUserByID(ctx context.Context, userID string) (*User, error)
GetUserByEmail(ctx context.Context, email string) (*User, error)
ListUsers(ctx context.Context) ([]*User, int, error)
CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)
AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)
ValidateToken(ctx context.Context, token string) (userID string, err error)
IssueToken(ctx context.Context, email string, scope Roles) (token string, err error)
}
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func NewFromConfig ¶
func NewFromConfig(ctx context.Context, log *logz.Log, c *conf.Config, dbQuerier *dao.DAO) (*Service, error)
NewFromConfig initializes a provider based on config and returns an auth.Service.
func (*Service) AssignRoles ¶
func (*Service) CheckPassword ¶
CheckPassword compares pass to pwdhash stored in db. Used only with LocalProvider.
func (*Service) CreateUser ¶
func (*Service) GetUserByID ¶
func (*Service) GetUserRoles ¶
func (*Service) IssueToken ¶
type User ¶
type User struct {
// Basic data kept and fetched from auth provider
ID string `json:"id"`
DisplayName string `json:"display_name"`
Email string `json:"email"`
Roles Roles `json:"roles"`
CreatedAt time.Time `json:"created_at"`
// Extra data to support LE cert, stored in local db.
Registration *registration.Resource
// contains filtered or unexported fields
}
User model abstracts database, gql and auth data.
func GetCtxUser ¶
GetCtxUser returns the auth.User instance from context. Available only in routes wrapped in Service.Middleware.
func (*User) GetPrivateKey ¶
func (u *User) GetPrivateKey() crypto.PrivateKey
func (*User) GetRegistration ¶
func (u *User) GetRegistration() *registration.Resource
Source Files
Click to show internal directories.
Click to hide internal directories.