Documentation
¶
Overview ¶
Package authenticate is a pomerium service that handles user authentication and refersh (AuthN).
Index ¶
- func ValidateOptions(o *config.Options) error
- type Authenticate
- func (a *Authenticate) Callback(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) Handler() http.Handler
- func (a *Authenticate) Mount(r *mux.Router)
- func (a *Authenticate) OAuthCallback(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) OnConfigChange(ctx context.Context, cfg *config.Config)
- func (a *Authenticate) RetrieveSession(next http.Handler) http.Handler
- func (a *Authenticate) RobotsTxt(w http.ResponseWriter, _ *http.Request)
- func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) SignOut(w http.ResponseWriter, r *http.Request) error
- func (a *Authenticate) VerifySession(next http.Handler) http.Handler
- type Option
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ValidateOptions ¶ added in v0.0.5
ValidateOptions checks that configuration are complete and valid. Returns on first error found.
Types ¶
type Authenticate ¶ added in v0.0.2
type Authenticate struct {
// contains filtered or unexported fields
}
Authenticate contains data required to run the authenticate service.
func New ¶ added in v0.0.2
func New(cfg *config.Config, options ...Option) (*Authenticate, error)
New validates and creates a new authenticate service from a set of Options.
func (*Authenticate) Callback ¶ added in v0.17.0
func (a *Authenticate) Callback(w http.ResponseWriter, r *http.Request) error
Callback handles the result of a successful call to the authenticate service and is responsible setting per-route sessions.
func (*Authenticate) Handler ¶ added in v0.0.2
func (a *Authenticate) Handler() http.Handler
Handler returns the authenticate service's handler chain.
func (*Authenticate) Mount ¶ added in v0.9.0
func (a *Authenticate) Mount(r *mux.Router)
Mount mounts the authenticate routes to the given router.
func (*Authenticate) OAuthCallback ¶ added in v0.0.2
func (a *Authenticate) OAuthCallback(w http.ResponseWriter, r *http.Request) error
OAuthCallback handles the callback from the identity provider.
https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowSteps https://openid.net/specs/openid-connect-core-1_0.html#AuthResponse
func (*Authenticate) OnConfigChange ¶ added in v0.10.0
func (a *Authenticate) OnConfigChange(ctx context.Context, cfg *config.Config)
OnConfigChange updates internal structures based on config.Options
func (*Authenticate) RetrieveSession ¶ added in v0.12.0
func (a *Authenticate) RetrieveSession(next http.Handler) http.Handler
RetrieveSession is the middleware used retrieve session by the sessionLoader
func (*Authenticate) RobotsTxt ¶ added in v0.0.2
func (a *Authenticate) RobotsTxt(w http.ResponseWriter, _ *http.Request)
RobotsTxt handles the /robots.txt route.
func (*Authenticate) SignIn ¶ added in v0.0.2
func (a *Authenticate) SignIn(w http.ResponseWriter, r *http.Request) error
SignIn handles authenticating a user.
func (*Authenticate) SignOut ¶ added in v0.0.2
func (a *Authenticate) SignOut(w http.ResponseWriter, r *http.Request) error
SignOut signs the user out and attempts to revoke the user's identity session Handles both GET and POST.
func (*Authenticate) VerifySession ¶ added in v0.4.0
func (a *Authenticate) VerifySession(next http.Handler) http.Handler
VerifySession is the middleware used to enforce a valid authentication session state is attached to the users's request context.
type Option ¶ added in v0.17.0
type Option func(*authenticateConfig)
An Option customizes the Authenticate config.
func WithGetIdentityProvider ¶ added in v0.17.0
func WithGetIdentityProvider(getIdentityProvider func(options *config.Options, idpID string) (identity.Authenticator, error)) Option
WithGetIdentityProvider sets the getIdentityProvider function in the config.
func WithOnAuthenticationEventHook ¶ added in v0.22.0
func WithOnAuthenticationEventHook(fn events.AuthEventFn) Option
WithOnAuthenticationEventHook sets the authEventFn function in the config
func WithProfileTrimFn ¶ added in v0.22.0
func WithProfileTrimFn(profileTrimFn func(*identitypb.Profile)) Option
WithProfileTrimFn sets the profileTrimFn function in the config
Source Files
Directories