authenticate

package
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 5, 2019 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var CSPHeaders = map[string]string{
	"Content-Security-Policy": "default-src 'none'; style-src 'self'" +
		" 'sha256-z9MsgkMbQjRSLxzAfN55jB3a9pP0PQ4OHFH8b4iDP6s=' " +
		" 'sha256-qnVkQSG7pWu17hBhIw0kCpfEB3XGvt0mNRa6+uM6OUU=' " +
		" 'sha256-qOdRsNZhtR+htazbcy7guQl3Cn1cqOw1FcE4d3llae0='; " +
		"img-src 'self';",
	"Referrer-Policy": "Same-origin",
}

CSPHeaders are the content security headers added to the service's handlers

Functions

func ValidateOptions added in v0.0.5 

func ValidateOptions(o *config.Options) error

ValidateOptions checks to see if configuration values are valid for the authenticate service. The checks do not modify the internal state of the Option structure. Returns on first error found.

Types

type Authenticate added in v0.0.2 

type Authenticate struct {
	SharedKey   string
	RedirectURL *url.URL
	// contains filtered or unexported fields
}

Authenticate validates a user's identity

func New added in v0.0.2 

func New(opts *config.Options) (*Authenticate, error)

New validates and creates a new authenticate service from a set of Options

func (*Authenticate) Authenticate added in v0.0.2 

func (p *Authenticate) Authenticate(ctx context.Context, in *pb.AuthenticateRequest) (*pb.Session, error)

Authenticate takes an encrypted code, and returns the authentication result.

func (*Authenticate) Handler added in v0.0.2 

func (a *Authenticate) Handler() http.Handler

Handler returns the authenticate service's HTTP request multiplexer, and routes.

func (*Authenticate) OAuthCallback added in v0.0.2 

func (a *Authenticate) OAuthCallback(w http.ResponseWriter, r *http.Request)

OAuthCallback handles the callback from the identity provider. Displays an error page if there was an error. If successful, the user is redirected back to the proxy-service.

func (*Authenticate) OAuthStart added in v0.0.2 

func (a *Authenticate) OAuthStart(w http.ResponseWriter, r *http.Request)

OAuthStart starts the authenticate process by redirecting to the identity provider. https://tools.ietf.org/html/rfc6749#section-4.2.1

func (*Authenticate) Refresh added in v0.0.2 

func (p *Authenticate) Refresh(ctx context.Context, in *pb.Session) (*pb.Session, error)

Refresh renews a user's session checks if the session has been revoked using an access token without reprompting the user.

func (*Authenticate) RobotsTxt added in v0.0.2 

func (a *Authenticate) RobotsTxt(w http.ResponseWriter, r *http.Request)

RobotsTxt handles the /robots.txt route.

func (*Authenticate) SignIn added in v0.0.2 

func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request)

SignIn handles the sign_in endpoint. It attempts to authenticate the user, and if the user is not authenticated, it renders a sign in page.

func (*Authenticate) SignOut added in v0.0.2 

func (a *Authenticate) SignOut(w http.ResponseWriter, r *http.Request)

SignOut signs the user out by trying to revoke the user's remote identity session along with the associated local session state. Handles both GET and POST.

func (*Authenticate) Validate added in v0.0.2 

func (p *Authenticate) Validate(ctx context.Context, in *pb.ValidateRequest) (*pb.ValidateReply, error)

Validate locally validates a JWT id_token; does NOT do nonce or revokation validation. https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.