ldapauthprovider

Documentation

Overview

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

• Constants
• Variables
• func Authenticate(directory models.Directory, url string, user string, passwd string) error
• func GetUrl(ldapserver string, port uint) string
• func LdapAuth(a Authorizer, user, passwd string) bool
• type Authorizer
  • func NewAuthorizer(userDao dao.UserInterface, ldapDao models.Directory) (Authorizer, error)
  • func NewLdapAuthProvider(config io.Reader) (*Authorizer, error)
  • func (a Authorizer) AddUser(user models.User, password string) error
  • func (a Authorizer) Authorize(rw http.ResponseWriter, req *http.Request) error
  • func (a Authorizer) AuthorizeRole(rw http.ResponseWriter, req *http.Request, role string) error
  • func (a Authorizer) DeleteUser(username string) error
  • func (a Authorizer) GetDirectory() (directory models.Directory, err error)
  • func (a Authorizer) GetUser(u string, req *http.Request) (user models.User, e error)
  • func (a Authorizer) ListExternalUsers(search string, page, count int) (externalUsers models.ExternalUsers, err error)
  • func (a Authorizer) ListUsers() (users []models.User, err error)
  • func (a Authorizer) Login(rw http.ResponseWriter, req *http.Request, u string, p string) error
  • func (a Authorizer) Logout(rw http.ResponseWriter, req *http.Request) error
  • func (a Authorizer) ProviderName() string
  • func (a Authorizer) SetDirectory(directory models.Directory) error
  • func (a Authorizer) UpdateUser(username string, m map[string]interface{}, currUserName string) error
• type Role

Constants

const CipherKey = "Skyring - RedHat"

const ProviderName = "ldapauthprovider"

Variables

var (
	ErrDeleteNull  = mkerror("deleting non-existant user")
	ErrMissingUser = mkerror("can't find user")
)

ErrDeleteNull is returned by DeleteUser when that user didn't exist at the time of call. ErrMissingUser is returned by Users when a user is not found.

Functions

func Authenticate

func Authenticate(directory models.Directory, url string, user string, passwd string) error

func GetUrl

func GetUrl(ldapserver string, port uint) string

func LdapAuth

func LdapAuth(a Authorizer, user, passwd string) bool

Types

type Authorizer

type Authorizer struct {
	// contains filtered or unexported fields
}

Authorizer structures contain the store of user session cookies a reference to a backend storage system.

func NewAuthorizer

func NewAuthorizer(userDao dao.UserInterface, ldapDao models.Directory) (Authorizer, error)

func NewLdapAuthProvider

func NewLdapAuthProvider(config io.Reader) (*Authorizer, error)

func (Authorizer) AddUser

func (a Authorizer) AddUser(user models.User, password string) error

func (Authorizer) Authorize

func (a Authorizer) Authorize(rw http.ResponseWriter, req *http.Request) error

Authorize checks if a user is logged in and returns an error on failed authentication. If redirectWithMessage is set, the page being authorized will be saved and a "Login to do that." message will be saved to the messages list. The next time the user logs in, they will be redirected back to the saved page.

func (Authorizer) AuthorizeRole

func (a Authorizer) AuthorizeRole(rw http.ResponseWriter, req *http.Request, role string) error

AuthorizeRole runs Authorize on a user, then makes sure their role is at least as high as the specified one, failing if not.

func (Authorizer) DeleteUser

func (a Authorizer) DeleteUser(username string) error

DeleteUser removes a user from the Authorize. ErrMissingUser is returned if the user to be deleted isn't found. This will delete the ldap user name from the db so that he will be no longer available for login to use skyring

func (Authorizer) GetDirectory

func (a Authorizer) GetDirectory() (directory models.Directory, err error)

func (Authorizer) GetUser

func (a Authorizer) GetUser(u string, req *http.Request) (user models.User, e error)

CurrentUser returns the currently logged in user and a boolean validating the information.

func (Authorizer) ListExternalUsers

func (a Authorizer) ListExternalUsers(search string, page, count int) (externalUsers models.ExternalUsers, err error)

List the LDAP users

func (Authorizer) ListUsers

func (a Authorizer) ListUsers() (users []models.User, err error)

List the users in DB

func (Authorizer) Login

func (a Authorizer) Login(rw http.ResponseWriter, req *http.Request, u string, p string) error

func (Authorizer) Logout

func (a Authorizer) Logout(rw http.ResponseWriter, req *http.Request) error

Logout clears an authentication session and add a logged out message.

func (Authorizer) ProviderName

func (a Authorizer) ProviderName() string

ProviderName returns the auth provider ID.

func (Authorizer) SetDirectory

func (a Authorizer) SetDirectory(directory models.Directory) error

func (Authorizer) UpdateUser

func (a Authorizer) UpdateUser(username string, m map[string]interface{}, currUserName string) error

Update changes data for an existing user. Needs thought... Just added for completeness. Will revisit later

type Role

type Role int

Role represents an interal role. Roles are essentially a string mapped to an integer. Roles must be greater than zero.