Affected by 
Documentation
¶
Overview ¶
Package authenticate is a pomerium service that handles user authentication and refersh (AuthN).
Index ¶
- func ValidateOptions(o config.Options) error
- type Authenticate
- func (a *Authenticate) Dashboard(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) Handler() http.Handler
- func (a *Authenticate) Impersonate(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) Mount(r *mux.Router)
- func (a *Authenticate) OAuthCallback(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) RobotsTxt(w http.ResponseWriter, r *http.Request)
- func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) SignOut(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) UpdateOptions(opts config.Options) error
- func (a *Authenticate) VerifySession(next http.Handler) http.Handler
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ValidateOptions ¶ added in v0.0.5
ValidateOptions checks that configuration are complete and valid. Returns on first error found.
Types ¶
type Authenticate ¶ added in v0.0.2
type Authenticate struct {
// RedirectURL is the authenticate service's externally accessible
// url that the identity provider (IdP) will callback to following
// authentication flow
RedirectURL *url.URL
// contains filtered or unexported fields
}
Authenticate contains data required to run the authenticate service.
func New ¶ added in v0.0.2
func New(opts config.Options) (*Authenticate, error)
New validates and creates a new authenticate service from a set of Options.
func (*Authenticate) Dashboard ¶ added in v0.10.0
func (a *Authenticate) Dashboard(w http.ResponseWriter, r *http.Request) error
Dashboard renders the /.pomerium/ user dashboard.
func (*Authenticate) Handler ¶ added in v0.0.2
func (a *Authenticate) Handler() http.Handler
Handler returns the authenticate service's handler chain.
func (*Authenticate) Impersonate ¶ added in v0.10.0
func (a *Authenticate) Impersonate(w http.ResponseWriter, r *http.Request) error
Impersonate takes the result of a form and adds user impersonation details to the user's current user sessions state if the user is currently an administrative user. Requests are redirected back to the user dashboard.
func (*Authenticate) Mount ¶ added in v0.9.0
func (a *Authenticate) Mount(r *mux.Router)
Mount mounts the authenticate routes to the given router.
func (*Authenticate) OAuthCallback ¶ added in v0.0.2
func (a *Authenticate) OAuthCallback(w http.ResponseWriter, r *http.Request) error
OAuthCallback handles the callback from the identity provider.
https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowSteps https://openid.net/specs/openid-connect-core-1_0.html#AuthResponse
func (*Authenticate) RobotsTxt ¶ added in v0.0.2
func (a *Authenticate) RobotsTxt(w http.ResponseWriter, r *http.Request)
RobotsTxt handles the /robots.txt route.
func (*Authenticate) SignIn ¶ added in v0.0.2
func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request) error
SignIn handles authenticating a user.
func (*Authenticate) SignOut ¶ added in v0.0.2
func (a *Authenticate) SignOut(w http.ResponseWriter, r *http.Request) error
SignOut signs the user out and attempts to revoke the user's identity session Handles both GET and POST.
func (*Authenticate) UpdateOptions ¶
func (a *Authenticate) UpdateOptions(opts config.Options) error
UpdateOptions implements the OptionsUpdater interface and updates internal structures based on config.Options
func (*Authenticate) VerifySession ¶ added in v0.4.0
func (a *Authenticate) VerifySession(next http.Handler) http.Handler
VerifySession is the middleware used to enforce a valid authentication session state is attached to the users's request context.
Source Files