Documentation ¶
Overview ¶
Package auth provides tools related to authentication of pydio services
Index ¶
- func SubjectsForResourcePolicyQuery(ctx context.Context, q *rest.ResourcePolicyQuery) (subjects []string, err error)
- func WithImpersonate(ctx context.Context, user *idm.User) context.Context
- type BasicAuthenticator
- type JWTVerifier
- type MappingRule
- func (m MappingRule) AddPrefix(prefix string, strs []string) []string
- func (m MappingRule) ConvertDNtoName(strs []string) []string
- func (m MappingRule) FilterList(list []string, strs []string) []string
- func (m MappingRule) FilterPreg(preg string, strs []string) []string
- func (m MappingRule) IsDnFormat(str string) bool
- func (m MappingRule) RemoveLdapEscape(strs []string) []string
- func (m MappingRule) SanitizeValues(strs []string) []string
- type PydioPW
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func SubjectsForResourcePolicyQuery ¶
func SubjectsForResourcePolicyQuery(ctx context.Context, q *rest.ResourcePolicyQuery) (subjects []string, err error)
SubjectsForResourcePolicyQuery prepares a slice of strings that will be used to check for resource ownership. Can be extracted either from context or by loading a given user ID from database.
Types ¶
type BasicAuthenticator ¶
type BasicAuthenticator struct { TTL time.Duration Realm string // contains filtered or unexported fields }
func NewBasicAuthenticator ¶
func NewBasicAuthenticator(realm string, ttl time.Duration) *BasicAuthenticator
func (*BasicAuthenticator) Wrap ¶
func (b *BasicAuthenticator) Wrap(handler http.Handler) http.HandlerFunc
type JWTVerifier ¶
func DefaultJWTVerifier ¶
func DefaultJWTVerifier() *JWTVerifier
func (*JWTVerifier) PasswordCredentialsToken ¶
func (j *JWTVerifier) PasswordCredentialsToken(ctx context.Context, userName string, password string) (context.Context, claim.Claims, error)
PasswordCredentialsToken will perform a call to the OIDC service with grantType "password" to get a valid token from a given user/pass credentials
type MappingRule ¶
type MappingRule struct { RuleName string // Left Attribute is attribute of external user (ldap, mysql, api ...) // For example: displayName, mail, memberOf LeftAttribute string // Right Attribute is attribute of standard user // For example: displayName, email // Two reserved attributes: Roles, GroupPath RightAttribute string // Rule string define an acceptable list of right value // It can be: // * Empty // * A list of accepted values separated by comma , . For example: teacher,researcher,employee // * preg string RuleString string // RolePrefix // AuthSourceName_Prefix_RoleID RolePrefix string }
func (MappingRule) AddPrefix ¶
func (m MappingRule) AddPrefix(prefix string, strs []string) []string
func (MappingRule) ConvertDNtoName ¶
func (m MappingRule) ConvertDNtoName(strs []string) []string
ConvertDNtoName tries to extract value from distinguishedName For example: member: uid=user01,dc=com,dc=fr member: uid=user02,dc=com,dc=fr member: uid=user03,dc=com,dc=fr return an array like:
user01 user02 user03
func (MappingRule) FilterList ¶
func (m MappingRule) FilterList(list []string, strs []string) []string
func (MappingRule) FilterPreg ¶
func (m MappingRule) FilterPreg(preg string, strs []string) []string
func (MappingRule) IsDnFormat ¶
func (m MappingRule) IsDnFormat(str string) bool
IsDnFormat simply checks if the passed string is valid. See: https://www.ietf.org/rfc/rfc2253.txt
func (MappingRule) RemoveLdapEscape ¶
func (m MappingRule) RemoveLdapEscape(strs []string) []string
RemoveLdapEscape remove LDAP escape characters but except '\,'.
func (MappingRule) SanitizeValues ¶
func (m MappingRule) SanitizeValues(strs []string) []string
type PydioPW ¶
type PydioPW struct { PBKDF2_HASH_ALGORITHM string PBKDF2_ITERATIONS int PBKDF2_SALT_BYTE_SIZE int PBKDF2_HASH_BYTE_SIZE int HASH_SECTIONS int HASH_ALGORITHM_INDEX int HASH_ITERATION_INDEX int HASH_SALT_INDEX int HASH_PBKDF2_INDEX int }
func (PydioPW) CheckDBKDF2PydioPwd ¶
func (PydioPW) CreateHash ¶
Directories ¶
Path | Synopsis |
---|---|
Package claim wraps the JWT claims with util functions
|
Package claim wraps the JWT claims with util functions |
Package dex provides specific connectors for the CoreOS/Dex implementation of OpenID Connect protocol
|
Package dex provides specific connectors for the CoreOS/Dex implementation of OpenID Connect protocol |