Affected by GO-2023-1808 and 2 other vulnerabilities

GO-2023-1808: Go package pydio/cells vulnerable to authorization bypass in github.com/pydio/cells

GO-2023-1809: go package pydio cells vulnerable to cross-site scripting in github.com/pydio/cells

GO-2023-2344: Abstrium Pydio Cells Resource Injection vulnerability in github.com/pydio/cells

The highest tagged major version is v4.

hydra

package

v2.1.0-rc1+incompatible Latest Latest Go to latest Published: Jun 22, 2020 License: AGPL-3.0 Imports: 10 Imported by: 16

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pydio/cells

Documentation ¶

Index ¶

func AcceptLogout(challenge string, accessToken string, refreshToken string) error
func CreateAuthCode(consent *auth.ID, clientID, redirectURI string) (string, error)
func CreateConsent(loginChallenge string) (*auth.ID, error)
func CreateLogin(clientID string, scopes, audiences []string) (*auth.ID, error)
func CreateLogout(url, subject, sessionID string) (*auth.ID, error)
func Exchange(code string) (*oauth2.Token, error)
func GetConsent(challenge string) (*auth.GetConsentResponse, error)
func GetLogin(challenge string) (*auth.GetLoginResponse, error)
type ConsentResponse
type LogoutResponse
type RedirectResponse
type TokenResponse
- func Refresh(refreshToken string) (*TokenResponse, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AcceptLogout ¶

func AcceptLogout(challenge string, accessToken string, refreshToken string) error

func CreateAuthCode ¶

func CreateAuthCode(consent *auth.ID, clientID, redirectURI string) (string, error)

func CreateConsent ¶

func CreateConsent(loginChallenge string) (*auth.ID, error)

func CreateLogin ¶

func CreateLogin(clientID string, scopes, audiences []string) (*auth.ID, error)

func CreateLogout ¶

func CreateLogout(url, subject, sessionID string) (*auth.ID, error)

func Exchange ¶

func Exchange(code string) (*oauth2.Token, error)

func GetConsent ¶

func GetConsent(challenge string) (*auth.GetConsentResponse, error)

func GetLogin ¶

func GetLogin(challenge string) (*auth.GetLoginResponse, error)

Types ¶

type ConsentResponse ¶

type ConsentResponse struct {
	Challenge                    string   `json:"challenge"`
	Skip                         bool     `json:"skip"`
	Subject                      string   `json:"subject"`
	RequestedScope               []string `json:"requested_scope"`
	RequestedAccessTokenAudience []string `json:"requested_access_token_audience"`
}

type LogoutResponse ¶

type LogoutResponse struct {
	RequestURL  string `json:"request_url"`
	RPInitiated bool   `json:"rp_initiated"`
	SID         string `json:"sid"`
	Subject     string `json:"subject"`
}

type RedirectResponse ¶

type RedirectResponse struct {
	RedirectTo string `json:"redirect_to"`
}

func AcceptConsent ¶

func AcceptConsent(challenge string, scopes, audiences []string, accessToken, idToken map[string]string) (*RedirectResponse, error)

func AcceptLogin ¶

func AcceptLogin(challenge string, subject string) (*RedirectResponse, error)

func RejectConsent ¶

func RejectConsent(challenge string, body interface{}) (*RedirectResponse, error)

func RejectLogin ¶

func RejectLogin(challenge string, body interface{}) (*RedirectResponse, error)

type TokenResponse ¶

type TokenResponse struct {
	IDToken      string `json:"id_token"`
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int64  `json:"expires_in"`
}

func Refresh ¶

func Refresh(refreshToken string) (*TokenResponse, error)

Source Files ¶

View all Source files

hydra.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL