auth

package

v0.4.1 Latest Latest Go to latest Published: Jan 21, 2021 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/redsailtechnologies/boatswain

Links

Open Source Insights

Documentation ¶

Index ¶

type Agent
type Config
- func Flags() *Config
type NotAuthorizedError
- func (e NotAuthorizedError) Error() string
type OIDCAgent
- func NewOIDCAgent(config *Config) *OIDCAgent
type Role
type User

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Agent ¶

type Agent interface {
	Authenticate(context.Context) (context.Context, error)
	Authorize(context.Context, Role) error
	User(context.Context) User
	Wrap(http.Handler) http.Handler
}

Agent is the interface through which most of the auth package is utilized

type Config ¶

type Config struct {
	OIDC      string
	Endpoints *oidcConfig

	Scope      string
	AdminRole  string
	EditorRole string
	ReaderRole string
}

Config is the configuration needed to run an auth service

func Flags ¶

func Flags() *Config

Flags initializes the agent's configuration

type NotAuthorizedError ¶

type NotAuthorizedError struct{}

NotAuthorizedError represents an erorr in the authorization process

func (NotAuthorizedError) Error ¶

func (e NotAuthorizedError) Error() string

type OIDCAgent ¶

type OIDCAgent struct {
	// contains filtered or unexported fields
}

OIDCAgent is an auth agent implementation using oidc

func NewOIDCAgent ¶

func NewOIDCAgent(config *Config) *OIDCAgent

NewOIDCAgent builds a new agent from the configuration

func (*OIDCAgent) Authenticate ¶

func (o *OIDCAgent) Authenticate(ctx context.Context) (context.Context, error)

Authenticate handles validation of auth tokens stored in the context

func (*OIDCAgent) Authorize ¶

func (o *OIDCAgent) Authorize(ctx context.Context, role Role) error

Authorize verifies a context's user has the given access level

func (*OIDCAgent) User ¶ added in v0.4.0

func (o *OIDCAgent) User(ctx context.Context) User

User gets the user from the context

func (*OIDCAgent) Wrap ¶

func (o *OIDCAgent) Wrap(base http.Handler) http.Handler

Wrap wraps an existing http hander to store the auth JWT

type Role ¶

type Role int

Role is the type representing a user's authorization level

const (
	// Admin role, can do anything
	Admin Role = 0

	// Editor role, edit most objects
	Editor Role = 1

	// Reader role, readonly
	Reader Role = 2
)

type User ¶

type User struct {
	Name         string   `json:"name"`
	Email        string   `json:"email"`
	Subject      string   `json:"sub"`
	NotBefore    int64    `json:"nbf"`
	NotOnOrAfter int64    `json:"exp"`
	IssuedAt     int64    `json:"iat"`
	Scope        string   `json:"scp"`
	Roles        []string `json:"roles"`
	// contains filtered or unexported fields
}

User represents our representation of an oidc user

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL