auth

package

v2.13.0-rc0 Latest Latest Go to latest Published: Jun 24, 2024 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/smartcontractkit/chainlink

Documentation ¶

Index ¶

Constants
func Authenticate(store Authenticator, methods ...authMethod) gin.HandlerFunc
func AuthenticateBySession(c *gin.Context, authr Authenticator) error
func AuthenticateByToken(c *gin.Context, authr Authenticator) error
func AuthenticateExternalInitiator(c *gin.Context, store Authenticator) error
func AuthenticateGQL(authenticator Authenticator, lggr logger.Logger) gin.HandlerFunc
func GetAuthenticatedExternalInitiator(c *gin.Context) (*bridges.ExternalInitiator, bool)
func GetAuthenticatedUser(c *gin.Context) (*clsessions.User, bool)
func RequiresAdminRole(handler func(*gin.Context)) func(*gin.Context)
func RequiresEditRole(handler func(*gin.Context)) func(*gin.Context)
func RequiresRunRole(handler func(*gin.Context)) func(*gin.Context)
func WithGQLAuthenticatedSession(ctx context.Context, user clsessions.User, sessionID string) context.Context
type Authenticator
type GQLSession
- func GetGQLAuthenticatedSession(ctx context.Context) (*GQLSession, bool)

Constants ¶

View Source

const (
	// APIKey is the header name for the API token identifier for user authentication.
	APIKey = "X-API-KEY"

	// APISecret is the header name for the API token secret for user authentication.
	APISecret = "X-API-SECRET"

	// SessionName is the session name
	SessionName = "clsession"

	// SessionIDKey is the session ID key in the session map
	SessionIDKey = "clsession_id"

	// SessionUserKey is the User key in the session map
	SessionUserKey = "user"

	// SessionExternalInitiatorKey is the External Initiator key in the session map
	SessionExternalInitiatorKey = "external_initiator"
)

Variables ¶

This section is empty.

Functions ¶

func Authenticate ¶

func Authenticate(store Authenticator, methods ...authMethod) gin.HandlerFunc

Authenticate is middleware which authenticates the request by attempting to authenticate using all the provided methods.

func AuthenticateBySession ¶

func AuthenticateBySession(c *gin.Context, authr Authenticator) error

AuthenticateBySession authenticates the request by the session cookie.

Implements authMethod

func AuthenticateByToken ¶

func AuthenticateByToken(c *gin.Context, authr Authenticator) error

AuthenticateByToken authenticates a User by their API token.

Implements authMethod

func AuthenticateExternalInitiator ¶

func AuthenticateExternalInitiator(c *gin.Context, store Authenticator) error

AuthenticateExternalInitiator authenticates an external initiator request.

Implements authMethod

func AuthenticateGQL ¶

func AuthenticateGQL(authenticator Authenticator, lggr logger.Logger) gin.HandlerFunc

AuthenticateGQL middleware checks the session cookie for a user and sets it on the request context if it exists. It is the responsibility of each resolver to validate whether it requires an authenticated user.

We currently only support GQL authentication by session cookie.

func GetAuthenticatedExternalInitiator ¶

func GetAuthenticatedExternalInitiator(c *gin.Context) (*bridges.ExternalInitiator, bool)

GetAuthenticatedExternalInitiator extracts the external initiator from the context.

func GetAuthenticatedUser ¶

func GetAuthenticatedUser(c *gin.Context) (*clsessions.User, bool)

GetAuthenticatedUser extracts the authentication user from the context.

func RequiresAdminRole ¶

func RequiresAdminRole(handler func(*gin.Context)) func(*gin.Context)

RequiresAdminRole extracts the user object from the context, and asserts the user's role is 'admin'

func RequiresEditRole ¶

func RequiresEditRole(handler func(*gin.Context)) func(*gin.Context)

RequiresEditRole extracts the user object from the context, and asserts the user's role is at least 'edit'

func RequiresRunRole ¶

func RequiresRunRole(handler func(*gin.Context)) func(*gin.Context)

RequiresRunRole extracts the user object from the context, and asserts the user's role is at least 'run'

func WithGQLAuthenticatedSession ¶ added in v2.12.0

func WithGQLAuthenticatedSession(ctx context.Context, user clsessions.User, sessionID string) context.Context

WithGQLAuthenticatedSession sets the authenticated session in the context

There shouldn't be a need to do this outside of testing

Types ¶

type Authenticator ¶

type Authenticator interface {
	AuthorizedUserWithSession(ctx context.Context, sessionID string) (clsessions.User, error)
	FindExternalInitiator(ctx context.Context, eia *auth.Token) (*bridges.ExternalInitiator, error)
	FindUser(ctx context.Context, email string) (clsessions.User, error)
	FindUserByAPIToken(ctx context.Context, apiToken string) (clsessions.User, error)
}

Authenticator defines the interface to authenticate requests against a datastore.

type GQLSession ¶

type GQLSession struct {
	SessionID string
	User      *clsessions.User
}

func GetGQLAuthenticatedSession ¶

func GetGQLAuthenticatedSession(ctx context.Context) (*GQLSession, bool)

GetGQLAuthenticatedSession extracts the authentication session from a context.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL