idp

package

v0.0.0-...-947ae47 Latest Latest Go to latest Published: Apr 4, 2018 License: AGPL-3.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/rogpeppe/candid

Links

Open Source Insights

Documentation ¶

Overview ¶

Package idp defines the API provided by all identity providers.

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type DischargeTokenCreator ¶

type DischargeTokenCreator interface {
	// DischargeToken creates a new httpbakery.DischargeToken for the
	// given identity.
	DischargeToken(ctx context.Context, dischargeID string, id *store.Identity) (*httpbakery.DischargeToken, error)
}

A DischargeTokenCreator is used by the identity providers to create a new httpbakery.DischargeToken for authenticated identity.

type IdentityProvider ¶

type IdentityProvider interface {
	// Name is the short name for the identity provider, this will
	// appear in urls.
	Name() string

	// Domain is the domain in which this identity provider will
	// create users.
	Domain() string

	// Description is a name for the identity provider used to show
	// end users.
	Description() string

	// Interactive indicates whether login is provided by the end
	// user interacting directly with the identity provider (usually
	// through a web browser).
	Interactive() bool

	// Init is used to perform any one time initialization tasks that
	// are needed for the identity provider. Init is called once by
	// the identity manager once it has determined the identity
	// providers final location, any initialization tasks that depend
	// on having access to the final URL, or the per identity
	// provider database should be performed here.
	Init(ctx context.Context, params InitParams) error

	// URL returns the URL to use to attempt a login with this
	// identity provider. If the identity provider is interactive
	// then the user will be automatically redirected to the URL.
	// Otherwise the URL is returned in the response to a
	// request for login methods.
	URL(dischargeID string) string

	// SetInteraction adds interaction information for this identity
	// provider to the given interaction required error.
	SetInteraction(ierr *httpbakery.Error, dischargeID string)

	// Handle handles any requests sent to the identity provider's
	// endpoints. The URL.Path in the request will contain only the
	// handler local path, that is the part after URLPrefix above.
	// The given request will have had ParseForm called.
	Handle(ctx context.Context, w http.ResponseWriter, req *http.Request)

	// GetGroups retrieves additional group information that is
	// stored in the identity provider for the given identity.
	// TODO define what happens when the identity doesn't exist.
	GetGroups(ctx context.Context, id *store.Identity) (groups []string, err error)
}

IdentityProvider is the interface that is satisfied by all identity providers.

type InitParams ¶

type InitParams struct {
	// Store contains the identity store being used in the identity
	// server.
	Store store.Store

	// KeyValueStore contains a store that the provider may use to
	// store additional data that is not related to identities.
	KeyValueStore store.KeyValueStore

	// Oven contains an oven that may be used in the identity
	// provider to mint new macaroons.
	Oven *bakery.Oven

	// Key contains the identity server's public/private key pair.
	Key *bakery.KeyPair

	// URLPrefix contains the prefix of all requests to the Handle
	// method. The URL.Path parameter in the request passed to handle
	// will contain only the part after this prefix.
	URLPrefix string

	// DischargeTokener is the DischargeTokener that the identity
	// provider should use to create discharge tokens.
	DischargeTokenCreator DischargeTokenCreator

	// VisitCompleter is the LoginCompleter that the identity
	// provider should use to complete visit requests.
	VisitCompleter VisitCompleter

	// Template contains the templates loaded in the identity server.
	Template *template.Template
}

InitParams are passed to the identity provider to initialise it.

type VisitCompleter ¶

type VisitCompleter interface {
	// Success is used by an identity provider to indicate that a
	// successful login has been completed for the given identity.
	Success(ctx context.Context, w http.ResponseWriter, req *http.Request, dischargeID string, id *store.Identity)

	// Failure is used by an identity provider to indicate that a
	// login attempt has failed with the specified error.
	Failure(ctx context.Context, w http.ResponseWriter, req *http.Request, dischargeID string, err error)
}

A VisitCompleter is used by the identity providers to finish login visit attempts.

Source Files ¶

View all Source files

idp.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
agent Package agent is an identity provider that uses the agent authentication scheme.	Package agent is an identity provider that uses the agent authentication scheme.
azure Package azure is an identity provider that authenticates with azure.	Package azure is an identity provider that authenticates with azure.
google Package google is an identity provider that authenticates with google.	Package google is an identity provider that authenticates with google.
idptest
idputil Package idputil contains utility routines common to many identity providers.	Package idputil contains utility routines common to many identity providers.
secret
keystone Package keystone contains identity providers that validate against keystone servers.	Package keystone contains identity providers that validate against keystone servers.
internal/keystone Package keystone implements a keystone client.	Package keystone implements a keystone client.
internal/mockkeystone
ldap Package ldap contains identity providers that validate against ldap servers.	Package ldap contains identity providers that validate against ldap servers.
openid Package openid provides identity providers that use OpenID to determine the identity.	Package openid provides identity providers that use OpenID to determine the identity.
test Package test contains an identity provider useful for testing other parts of the system.	Package test contains an identity provider useful for testing other parts of the system.
usso Pacakge usso is an identity provider that authenticates against Ubuntu SSO using OpenID.	Pacakge usso is an identity provider that authenticates against Ubuntu SSO using OpenID.
internal/kvnoncestore Package kvnoncestore is an openid.NonceStore that is backed by a store.KeyValueStore.	Package kvnoncestore is an openid.NonceStore that is backed by a store.KeyValueStore.
internal/mockusso
ussodischarge Pacakge ussodischarge is an identity provider that authenticates against Ubuntu SSO using Ubuntu SSO's macaroon protocol.	Pacakge ussodischarge is an identity provider that authenticates against Ubuntu SSO using Ubuntu SSO's macaroon protocol.
ussodischarge/cmd/login login is a simple tool that can be used to test the Ubuntu SSO discharge login protocol.	login is a simple tool that can be used to test the Ubuntu SSO discharge login protocol.
ussooauth Pacakge ussooauth is an identity provider that authenticates against Ubuntu SSO using OAuth.	Pacakge ussooauth is an identity provider that authenticates against Ubuntu SSO using OAuth.