auth

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 31, 2020 License: MIT Imports: 5 Imported by: 5

Documentation

Index

Examples

Constants

This section is empty.

Variables

View Source 
var (
	// ErrNoMatch is returned by Authenticator when request not authenticated,
	// and all registered Strategies returned errors.
	ErrNoMatch = errors.New("authenticator: No authentication strategy matched")

	// ErrDisabledPath is a soft error similar to EOF.
	// returned by Authenticator when a attempting to authenticate request have a disabled path.
	// Authenticator return DisabledPath only to signal the caller.
	// The caller should continue the request flow, and never return the error to the end users.
	ErrDisabledPath = errors.New("authenticator: Disabled Path")

	// ErrNOOP is a soft error similar to EOF,
	// returned by strategies that have NoOpAuthenticate function to indicate there no op,
	// and signal authenticator to unauthenticate the request.
	ErrNOOP = errors.New("NOOP")
)
View Source 
var ErrInvalidStrategy = errors.New("Invalid strategy")

ErrInvalidStrategy is returned by Append/Revoke functions, when passed strategy does not implement Append/Revoke.

Functions

func Append 

func Append(s Strategy, key string, info Info, r *http.Request) error

Append new Info to a strategy store. if passed strategy does not implement Append type ErrInvalidStrategy returned, Otherwise, nil.

WARNING: Append function does not guarantee safe concurrency, It's natively depends on strategy store.

Example 
strategy := &mockStrategy{}
info := NewDefaultUser("1", "2", nil, nil)
token := "90d64460d14870c08c81352a05dedd3465940a7"
r, _ := http.NewRequest("POST", "/login", nil)
// append new token to cached bearer strategy
err := Append(strategy, token, info, r)
fmt.Println(err)

Output:

<nil>

func RequestWithUser added in v1.0.0 

func RequestWithUser(info Info, r *http.Request) *http.Request

RequestWithUser Save user information in request context.

func Revoke 

func Revoke(s Strategy, key string, r *http.Request) error

Revoke delete Info from strategy store. if passed strategy does not implement Revoke type ErrInvalidStrategy returned, Otherwise, nil.

WARNING: Revoke function does not guarantee safe concurrency, It's natively depends on strategy store.

Example 
strategy := &mockStrategy{}
r, _ := http.NewRequest("GET", "/logout", nil)
// assume token extracted from header
token := "90d64460d14870c08c81352a05dedd3465940a7"
err := Revoke(strategy, token, r)
fmt.Println(err)

Output:

<nil>

Types

type Authenticator 

type Authenticator interface {
	// Authenticate dispatch the request to the registered authentication strategies,
	// and return user information from the first strategy that successfully authenticates the request.
	// Otherwise, an aggregated error returned.
	// if request attempt to visit a disabled path, ErrDisabledPath returned to signal the caller,
	// Otherwise, start the authentication process.
	// See ErrDisabledPath documentation for more info.
	//
	// NOTICE: Authenticate does not guarantee the order strategies run in.
	Authenticate(r *http.Request) (Info, error)
	// EnableStrategy register a new strategy to the authenticator.
	EnableStrategy(key StrategyKey, strategy Strategy)
	// DisableStrategy unregister a strategy from the authenticator.
	DisableStrategy(key StrategyKey)
	// Strategy return a registered strategy, Otherwise, nil.
	Strategy(key StrategyKey) Strategy
	// DisabledPaths return a map[string]struct{} represents a paths disabled from authentication.
	// Typically the paths are given during authenticator initialization.
	DisabledPaths() map[string]struct{}
}

Authenticator carry the registered authentication strategies, and represents the first API to authenticate received requests.

func New 

func New(paths ...string) Authenticator

New return new Authenticator and disables authentication process at a given paths. The returned authenticator not safe for concurrent access.

type DefaultUser 

type DefaultUser struct {
	// contains filtered or unexported fields
}

DefaultUser implement Info interface and provides a simple user information.

func NewDefaultUser 

func NewDefaultUser(name, id string, groups []string, extensions map[string][]string) *DefaultUser

NewDefaultUser return new default user

func (*DefaultUser) Extensions 

func (d *DefaultUser) Extensions() map[string][]string

Extensions return additional information.

func (*DefaultUser) Groups 

func (d *DefaultUser) Groups() []string

Groups returns the names of the groups the user is a member of

func (*DefaultUser) ID 

func (d *DefaultUser) ID() string

ID returns a unique value identify a particular user

func (*DefaultUser) SetExtensions 

func (d *DefaultUser) SetExtensions(exts map[string][]string)

SetExtensions to contain additional information.

func (*DefaultUser) SetGroups 

func (d *DefaultUser) SetGroups(groups []string)

SetGroups set the names of the groups the user is a member of.

func (*DefaultUser) UserName 

func (d *DefaultUser) UserName() string

UserName returns the name that uniquely identifies this user among all other active users.

type Info 

type Info interface {
	// UserName returns the name that uniquely identifies this user among all
	// other active users.
	UserName() string
	// ID returns a unique value identify a particular user
	ID() string
	// Groups returns the names of the groups the user is a member of
	Groups() []string
	// Extensions can contain any additional information.
	Extensions() map[string][]string
	// SetGroups set the names of the groups the user is a member of.
	SetGroups(groups []string)
	// SetExtensions to contain additional information.
	SetExtensions(exts map[string][]string)
}

Info describes a user that has been authenticated to the system.

func User added in v1.0.0 

func User(r *http.Request) Info

User return user information from request context.

type Strategy 

type Strategy interface {
	// Authenticate users requests and return user information or error.
	Authenticate(ctx context.Context, r *http.Request) (Info, error)
}

Strategy represents an authentication mechanism or method to authenticate users requests.

type StrategyKey 

type StrategyKey string

StrategyKey define a custom type to expose a strategy identifier.

Source Files

View all Source files

Directories

Path Synopsis
strategies
basic
Package basic provides authentication strategy, to authenticate HTTP requests using the standard basic and digest schemes.
 Package basic provides authentication strategy, to authenticate HTTP requests using the standard basic and digest schemes.
bearer
Package bearer provides authentication strategy, to authenticate HTTP requests based on the bearer token.
 Package bearer provides authentication strategy, to authenticate HTTP requests based on the bearer token.
ldap
Package ldap provides authentication strategy, to authenticate HTTP requests and builds, extracts user informations from LDAP Server.
 Package ldap provides authentication strategy, to authenticate HTTP requests and builds, extracts user informations from LDAP Server.
x509
Package x509 provides authentication strategy, to authenticate HTTPS requests and builds, extracts user informations from client certificates.
 Package x509 provides authentication strategy, to authenticate HTTPS requests and builds, extracts user informations from client certificates.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.