auth

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 14, 2024 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessToken 

type AccessToken struct {
	Token     string `json:"access_token"`
	TokenType string `json:"token_type"`
}

AccessToken represents an access token granted by a remote auth service

func (AccessToken) String 

func (t AccessToken) String() string

String returns the access token as a string

type AppOrgPair 

type AppOrgPair struct {
	AppID string
	OrgID string
}

AppOrgPair represents application organization pair access granted by a remote auth service

func GetAccessPairs 

func GetAccessPairs(appID string, orgID string) []AppOrgPair

GetAccessPairs returns a list of appIDs and a list of orgIDs representing AppOrgPairs giving potential access to the given appID, orgID pair

func (AppOrgPair) CanAccess 

func (ao AppOrgPair) CanAccess(want AppOrgPair) bool

CanAccess returns true if the AppOrgPair grants access to the provided "want" AppOrgPair

func (AppOrgPair) CanAccessAppOrg 

func (ao AppOrgPair) CanAccessAppOrg(appID string, orgID string) bool

CanAccessAppOrg returns true if the AppOrgPair grants access to the provided "appID" and "orgID"

func (AppOrgPair) Equals 

func (ao AppOrgPair) Equals(other AppOrgPair) bool

Equals checks if two AppOrgPairs are equivalent

func (AppOrgPair) String 

func (ao AppOrgPair) String() string

String returns the app org pair as a string

type RemoteServiceAccountLoaderImpl 

type RemoteServiceAccountLoaderImpl struct {
	// contains filtered or unexported fields
}

RemoteServiceAccountLoaderImpl provides a ServiceAccountLoader implementation for a remote auth service

func NewRemoteServiceAccountLoader 

func NewRemoteServiceAccountLoader(authService *Service, accountID string, serviceAuthType ServiceAuthType) (*RemoteServiceAccountLoaderImpl, error)

NewRemoteServiceAccountLoader creates and configures a new RemoteServiceAccountLoaderImpl instance

func (*RemoteServiceAccountLoaderImpl) LoadAccessToken 

func (r *RemoteServiceAccountLoaderImpl) LoadAccessToken(appID string, orgID string) (*AccessToken, error)

LoadAccessToken implements ServiceAccountLoader interface

func (*RemoteServiceAccountLoaderImpl) LoadAccessTokens 

func (r *RemoteServiceAccountLoaderImpl) LoadAccessTokens() (map[AppOrgPair]AccessToken, error)

LoadAccessTokens implements ServiceAccountLoader interface

type RemoteServiceRegLoaderImpl 

type RemoteServiceRegLoaderImpl struct {
	*ServiceRegSubscriptions
	// contains filtered or unexported fields
}

RemoteServiceRegLoaderImpl provides a ServiceRegLoader implementation for a remote auth service

func NewRemoteServiceRegLoader 

func NewRemoteServiceRegLoader(authService *Service, subscribedServices []string) (*RemoteServiceRegLoaderImpl, error)

NewRemoteServiceRegLoader creates and configures a new RemoteServiceRegLoaderImpl instance

func (*RemoteServiceRegLoaderImpl) LoadServices 

func (r *RemoteServiceRegLoaderImpl) LoadServices() ([]ServiceReg, error)

LoadServices implements ServiceRegLoader interface

type RequestResponse 

type RequestResponse struct {
	Pairs     []AppOrgPair
	TokenPair AppOrgPair
	Response  *http.Response
	Error     error
}

RequestResponse represents a response to a unique MakeRequest call

func (RequestResponse) IsZero 

func (rr RequestResponse) IsZero() bool

IsZero determines if the RequestResponse object has its zero value

type Service 

type Service struct {
	ServiceID   string // ID of implementing service
	ServiceHost string // Host of the implementing service
	FirstParty  bool   // Whether the implementing service is a first party member of the ROKWIRE platform
	AuthBaseURL string // Base URL where auth service resources are located
}

Service contains the configurations needed to interface with the auth service

type ServiceAccountLoader 

type ServiceAccountLoader interface {
	// LoadAccessToken gets an access token for appID, orgID if the implementing service is granted access
	LoadAccessToken(appID string, orgID string) (*AccessToken, error)
	// LoadAccessToken gets an access token for each app org pair the implementing service is granted access
	LoadAccessTokens() (map[AppOrgPair]AccessToken, error)
}

ServiceAccountLoader declares an interface to load service account-related data from an auth service

type ServiceAccountManager 

type ServiceAccountManager struct {
	AuthService *Service
	// contains filtered or unexported fields
}

ServiceAccountManager declares a type used to manage service account data

func NewServiceAccountManager 

func NewServiceAccountManager(authService *Service, serviceAccountLoader ServiceAccountLoader) (*ServiceAccountManager, error)

NewServiceAccountManager creates and configures a new ServiceAccountManager instance

func NewTestServiceAccountManager 

func NewTestServiceAccountManager(authService *Service, serviceAccountLoader ServiceAccountLoader, loadTokens bool) (*ServiceAccountManager, error)

NewTestServiceAccountManager creates and configures a test ServiceAccountManager instance

func (*ServiceAccountManager) AccessTokens 

func (s *ServiceAccountManager) AccessTokens() map[AppOrgPair]AccessToken

AccessTokens returns a map containing all cached access tokens

func (*ServiceAccountManager) AppOrgPairs 

func (s *ServiceAccountManager) AppOrgPairs() []AppOrgPair

AppOrgPairs returns the list of cached app org pairs

func (*ServiceAccountManager) GetAccessToken 

func (s *ServiceAccountManager) GetAccessToken(appID string, orgID string) (*AccessToken, error)

GetAccessToken attempts to load an access token for appID and orgID, then caches it if successful

func (*ServiceAccountManager) GetAccessTokens 

func (s *ServiceAccountManager) GetAccessTokens() (map[AppOrgPair]AccessToken, []AppOrgPair, error)

GetAccessTokens attempts to get all allowed access tokens for the implementing service, then caches them if successful

func (*ServiceAccountManager) GetCachedAccessToken 

func (s *ServiceAccountManager) GetCachedAccessToken(appID string, orgID string) (*AccessToken, *AppOrgPair)

GetCachedAccessToken returns the most restrictive cached token (with corresponding pair) granting access to appID and orgID, if it exists

func (*ServiceAccountManager) MakeRequest 

func (s *ServiceAccountManager) MakeRequest(req *http.Request, appID string, orgID string) (*http.Response, error)

MakeRequest makes the provided http.Request with the token granting appropriate access to appID and orgID

func (*ServiceAccountManager) MakeRequests 

func (s *ServiceAccountManager) MakeRequests(req *http.Request, pairs []AppOrgPair) map[AppOrgPair]RequestResponse

MakeRequests makes the provided http.Request using tokens granting access to each AppOrgPair

func (*ServiceAccountManager) SetMaxRefreshCacheFreq 

func (s *ServiceAccountManager) SetMaxRefreshCacheFreq(freq uint)

SetMaxRefreshCacheFreq sets the maximum frequency at which cached access tokens are refreshed in minutes 

The default value is 30

type ServiceAuthType 

type ServiceAuthType interface {
	// Construct auth fields for service account request bodies
	BuildRequestAuthBody() map[string]interface{}
	// Performs any auth type specific modifications to the request and returns any errors that occur
	ModifyRequest(req *http.Request) error
}

ServiceAuthType declares an interface for setting up HTTP requests to APIs requiring certain types of authentication

type ServiceReg 

type ServiceReg struct {
	ServiceID        string       `json:"service_id" bson:"service_id" validate:"required"`
	ServiceAccountID string       `json:"service_account_id" bson:"service_account_id"`
	Host             string       `json:"host" bson:"host" validate:"required"`
	PubKey           *keys.PubKey `json:"pub_key" bson:"pub_key"`
}

ServiceReg represents a service registration record

type ServiceRegLoader 

type ServiceRegLoader interface {
	// LoadServices loads the service registration records for all subscribed services
	LoadServices() ([]ServiceReg, error)
	//GetSubscribedServices returns the list of currently subscribed services
	GetSubscribedServices() []string
	// SubscribeService subscribes the manager to the given service
	// 	Returns true if the specified service was added or false if it was already found
	SubscribeService(serviceID string) bool
	// UnsubscribeService unsubscribes the manager from the given service
	// 	Returns true if the specified service was removed or false if it was not found
	UnsubscribeService(serviceID string) bool
}

ServiceRegLoader declares an interface to load the service registrations for specified services

type ServiceRegManager 

type ServiceRegManager struct {
	AuthService *Service
	// contains filtered or unexported fields
}

ServiceRegManager declares a type used to manage service registrations

func NewServiceRegManager 

func NewServiceRegManager(authService *Service, serviceRegLoader ServiceRegLoader, validate bool) (*ServiceRegManager, error)

NewServiceRegManager creates and configures a new ServiceRegManager instance

func NewTestServiceRegManager 

func NewTestServiceRegManager(authService *Service, serviceRegLoader ServiceRegLoader, allowImmediateRefresh bool) (*ServiceRegManager, error)

NewTestServiceRegManager creates and configures a test ServiceRegManager instance

func (*ServiceRegManager) CheckForRefresh 

func (s *ServiceRegManager) CheckForRefresh() (bool, error)

CheckForRefresh checks if the list of stored service registrations needs updating

func (*ServiceRegManager) GetServiceReg 

func (s *ServiceRegManager) GetServiceReg(id string) (*ServiceReg, error)

GetServiceReg returns the service registration record for the given ID if found

func (*ServiceRegManager) GetServiceRegWithPubKey 

func (s *ServiceRegManager) GetServiceRegWithPubKey(id string) (*ServiceReg, error)

GetServiceRegWithPubKey returns the service registration record for the given ID if found and validates the PubKey

func (*ServiceRegManager) LoadServices 

func (s *ServiceRegManager) LoadServices() error

LoadServices loads the subscribed service registration records and caches them 

This function will be called periodically after refreshCacheFreq, but can be called directly to force a cache refresh

func (*ServiceRegManager) SetMaxRefreshCacheFreq 

func (s *ServiceRegManager) SetMaxRefreshCacheFreq(freq uint)

SetMaxRefreshCacheFreq sets the maximum frequency at which cached service registration records are refreshed in minutes 

The default value is 60

func (*ServiceRegManager) SetMinRefreshCacheFreq 

func (s *ServiceRegManager) SetMinRefreshCacheFreq(freq uint)

SetMinRefreshCacheFreq sets the minimum frequency at which cached service registration records are refreshed in minutes 

The default value is 1

func (*ServiceRegManager) SubscribeServices 

func (s *ServiceRegManager) SubscribeServices(serviceIDs []string, reload bool) error

SubscribeServices subscribes to the provided services 

If reload is true and one of the services is not already subscribed, the service registrations will be reloaded immediately

func (*ServiceRegManager) SubscribedServices 

func (s *ServiceRegManager) SubscribedServices() []string

SubscribedServices returns the list of currently subscribed services

func (*ServiceRegManager) UnsubscribeServices 

func (s *ServiceRegManager) UnsubscribeServices(serviceIDs []string)

UnsubscribeServices unsubscribes from the provided services

func (*ServiceRegManager) ValidateServiceRegistration 

func (s *ServiceRegManager) ValidateServiceRegistration() error

ValidateServiceRegistration validates that the implementing service has a valid registration for the provided hostname

func (*ServiceRegManager) ValidateServiceRegistrationKey 

func (s *ServiceRegManager) ValidateServiceRegistrationKey(privKey *keys.PrivKey) error

ValidateServiceRegistrationKey validates that the implementing service has a valid registration for the provided keypair

type ServiceRegSubscriptions 

type ServiceRegSubscriptions struct {
	// contains filtered or unexported fields
}

ServiceRegSubscriptions defined a struct to hold service registration subscriptions 

This struct implements the subcription part of the ServiceRegManager interface
If you subscribe to the reserved "all" service ID, all registered services
will be loaded

func NewServiceRegSubscriptions 

func NewServiceRegSubscriptions(subscribedServices []string) *ServiceRegSubscriptions

NewServiceRegSubscriptions creates and configures a new ServiceRegSubscriptions instance

func (*ServiceRegSubscriptions) GetSubscribedServices 

func (r *ServiceRegSubscriptions) GetSubscribedServices() []string

GetSubscribedServices returns the list of subscribed services

func (*ServiceRegSubscriptions) SubscribeService 

func (r *ServiceRegSubscriptions) SubscribeService(serviceID string) bool

SubscribeService adds the given service ID to the list of subscribed services if not already present 

Returns true if the specified service was added or false if it was already found

func (*ServiceRegSubscriptions) UnsubscribeService 

func (r *ServiceRegSubscriptions) UnsubscribeService(serviceID string) bool

UnsubscribeService removed the given service ID from the list of subscribed services if presents 

Returns true if the specified service was removed or false if it was not found

type StaticTokenServiceAuth 

type StaticTokenServiceAuth struct {
	ServiceToken string // Static token issued by the auth service, used to get access tokens from the auth service
}

StaticTokenServiceAuth provides a ServiceAuthRequests implementation for static token-based auth

func (StaticTokenServiceAuth) BuildRequestAuthBody 

func (s StaticTokenServiceAuth) BuildRequestAuthBody() map[string]interface{}

BuildRequestAuthBody returns a map containing the auth fields for static token auth request bodies

func (StaticTokenServiceAuth) ModifyRequest 

func (s StaticTokenServiceAuth) ModifyRequest(req *http.Request) error

ModifyRequest leaves the passed request unmodified for static token auth

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.