access

package
v0.4.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 1, 2022 License: AGPL-3.0 Imports: 23 Imported by: 1

Documentation

Index

Constants

View Source
const (
	AccountServer         = "https://api.account.safing.io"
	LoginPath             = "/api/v1/authenticate"
	UserProfilePath       = "/api/v1/user/profile"
	TokenRequestSetupPath = "/api/v1/token/request/setup" //nolint:gosec
	TokenRequestIssuePath = "/api/v1/token/request/issue" //nolint:gosec
	HealthCheckPath       = "/api/v1/health"
)

Client URLs.

View Source
const OpTypeAccessCodeAuth = "auth"

OpTypeAccessCodeAuth is the type ID of the auth operation.

Variables

View Source
var (
	ErrDeviceIsLocked       = errors.New("device is locked")
	ErrDeviceLimitReached   = errors.New("device limit reached")
	ErrFallbackNotAvailable = errors.New("fallback tokens not available, token issuer is online")
	ErrInvalidCredentials   = errors.New("invalid credentials")
	ErrMayNotUseSPN         = errors.New("may not use SPN")
	ErrNotLoggedIn          = errors.New("not logged in")
)

Errors.

View Source
var (
	// ExpandAndConnectZones are the zones that grant access to the expand and
	// connect operations.
	ExpandAndConnectZones = []string{"pblind1", "alpha2", "fallback1"}
)

Functions

func EnableTestMode added in v0.3.0

func EnableTestMode()

EnableTestMode enables the test mode, leading the access module to only register a test zone. This should not be used to test the access module itself.

func GetToken added in v0.3.8

func GetToken(zones []string) (t *token.Token, err error)

GetToken returns a token of one of the given zones.

func GetTokenAmount added in v0.3.8

func GetTokenAmount(zones []string) (regular, fallback int)

GetTokenAmount returns the amount of tokens for the given zones.

func Logout added in v0.4.4

func Logout(shallow, purge bool) error

Logout logs the user out of the SPN account. Specify "shallow" to keep user data in order to display data in the UI - preferably when logged out be the server. Specify "purge" in order to fully delete all user account data, even the device ID so that logging in again will create a new device.

func SaveNewAuthToken added in v0.3.8

func SaveNewAuthToken(deviceID string, resp *http.Response) error

SaveNewAuthToken saves a new auth token to the database.

func ShouldRequest added in v0.4.4

func ShouldRequest(zones []string) (shouldRequest bool)

ShouldRequest returns whether tokens should be requested for the given zones.

func TokenIssuerIsFailing added in v0.3.8

func TokenIssuerIsFailing() bool

TokenIssuerIsFailing returns whether token issuing is currently failing.

func UpdateAccount added in v0.3.8

func UpdateAccount(_ context.Context, task *modules.Task) error

UpdateAccount updates the user account and fetches new tokens, if needed.

func UpdateTokens added in v0.4.4

func UpdateTokens() error

UpdateTokens fetches more tokens for handlers that need it.

func VerifyRawToken added in v0.3.8

func VerifyRawToken(data []byte) (granted terminal.Permission, err error)

VerifyRawToken verifies a raw token.

func VerifyToken added in v0.3.8

func VerifyToken(t *token.Token) (granted terminal.Permission, err error)

VerifyToken verifies a token.

Types

type AuthTokenRecord added in v0.3.8

type AuthTokenRecord struct {
	record.Base
	sync.Mutex

	Token *account.AuthToken
}

AuthTokenRecord holds an authentication token.

func GetAuthToken added in v0.3.8

func GetAuthToken() (*AuthTokenRecord, error)

GetAuthToken returns the current auth token.

func (*AuthTokenRecord) GetToken added in v0.3.8

func (authToken *AuthTokenRecord) GetToken() *account.AuthToken

GetToken returns the token from the record.

func (*AuthTokenRecord) Save added in v0.3.8

func (authToken *AuthTokenRecord) Save() error

Save saves the auth token to the database.

func (*AuthTokenRecord) Update added in v0.3.8

func (authToken *AuthTokenRecord) Update(resp *http.Response) error

Update updates an existing auth token with the next token from a response.

type AuthorizeOp added in v0.3.0

type AuthorizeOp struct {
	terminal.OpBaseRequest
}

AuthorizeOp is used to authorize a session.

func AuthorizeToTerminal added in v0.3.0

func AuthorizeToTerminal(t terminal.OpTerminal) (*AuthorizeOp, *terminal.Error)

AuthorizeToTerminal starts an authorization operation.

func (*AuthorizeOp) Type added in v0.3.0

func (op *AuthorizeOp) Type() string

Type returns the type ID.

type UserRecord added in v0.3.8

type UserRecord struct {
	record.Base
	sync.Mutex

	*account.User

	LoggedInAt *time.Time
}

UserRecord holds a SPN user account.

func GetUser added in v0.3.8

func GetUser() (*UserRecord, error)

GetUser returns the current user account.

func Login added in v0.4.4

func Login(username, password string) (user *UserRecord, code int, err error)

Login logs the user into the SPN account with the given username and password.

func UpdateUser added in v0.4.4

func UpdateUser() (user *UserRecord, statusCode int, err error)

UpdateUser fetches the current user information from the server.

func (*UserRecord) IsLoggedIn added in v0.3.8

func (user *UserRecord) IsLoggedIn() bool

IsLoggedIn returns whether a User is currently logged in.

func (*UserRecord) MayUseTheSPN added in v0.3.8

func (user *UserRecord) MayUseTheSPN() bool

MayUseTheSPN returns whether the currently logged in User may use the SPN.

func (*UserRecord) Save added in v0.3.8

func (user *UserRecord) Save() error

Save saves the User.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL