Documentation ¶
Index ¶
- Variables
- func EnsureContextTODO() context.Context
- func IsEnsureContext(ctx context.Context) bool
- func MacaroonDeserialize(serializedMacaroon string) (*macaroon.Macaroon, error)
- func MacaroonSerialize(m *macaroon.Macaroon) (string, error)
- func UpdateUser(st *state.State, user *UserState) error
- type AuthState
- type CloudInfo
- type DeviceState
- type NewUserParams
- type UserState
- func CheckMacaroon(st *state.State, macaroon string, discharges []string) (*UserState, error)
- func NewUser(st *state.State, userParams NewUserParams) (*UserState, error)
- func RemoveUser(st *state.State, userID int) (removed *UserState, err error)
- func RemoveUserByUsername(st *state.State, username string) (removed *UserState, err error)
- func User(st *state.State, id int) (*UserState, error)
- func UserByUsername(st *state.State, username string) (*UserState, error)
- func Users(st *state.State) ([]*UserState, error)
Constants ¶
This section is empty.
Variables ¶
var ErrInvalidAuth = fmt.Errorf("invalid authentication")
var ErrInvalidUser = errors.New("invalid user")
Functions ¶
func EnsureContextTODO ¶
EnsureContextTODO returns a provisional context marked as pertaining to an Ensure loop. TODO: see Overlord.Loop to replace it with a proper context passed to all Ensures.
func IsEnsureContext ¶
IsEnsureContext returns whether context was marked as pertaining to an Ensure loop.
func MacaroonDeserialize ¶
MacaroonDeserialize returns a deserialized macaroon from a given store-compatible serialization
func MacaroonSerialize ¶
MacaroonSerialize returns a store-compatible serialized representation of the given macaroon
Types ¶
type AuthState ¶
type AuthState struct { LastID int `json:"last-id"` Users []UserState `json:"users"` Device *DeviceState `json:"device,omitempty"` MacaroonKey []byte `json:"macaroon-key,omitempty"` }
AuthState represents current authenticated users as tracked in state
type CloudInfo ¶
type CloudInfo struct { Name string `json:"name"` Region string `json:"region,omitempty"` AvailabilityZone string `json:"availability-zone,omitempty"` }
CloudInfo reflects cloud information for the system (as captured in the core configuration).
type DeviceState ¶
type DeviceState struct { // Brand refers to the brand-id Brand string `json:"brand,omitempty"` Model string `json:"model,omitempty"` Serial string `json:"serial,omitempty"` KeyID string `json:"key-id,omitempty"` SessionMacaroon string `json:"session-macaroon,omitempty"` }
DeviceState represents the device's identity and store credentials
type NewUserParams ¶
type NewUserParams struct { // Username is the name of the user on the system Username string // Email is the email associated with the user Email string // Macaroon is the store-associated authentication macaroon Macaroon string // Discharges contains discharged store auth caveats. Discharges []string // Expiration informs the devicestate that the user should be removed // when passing the expiration time. This is an optional setting. Expiration time.Time }
type UserState ¶
type UserState struct { ID int `json:"id"` Username string `json:"username,omitempty"` Email string `json:"email,omitempty"` Macaroon string `json:"macaroon,omitempty"` Discharges []string `json:"discharges,omitempty"` StoreMacaroon string `json:"store-macaroon,omitempty"` StoreDischarges []string `json:"store-discharges,omitempty"` Expiration time.Time `json:"expiration,omitempty"` }
UserState represents an authenticated user
func CheckMacaroon ¶
CheckMacaroon returns the UserState for the given macaroon/discharges credentials
func NewUser ¶
func NewUser(st *state.State, userParams NewUserParams) (*UserState, error)
NewUser tracks a new authenticated user and saves its details in the state
func RemoveUser ¶
RemoveUser removes a user from the state given its ID.
func RemoveUserByUsername ¶
RemoveUserByUsername removes a user from the state given its username. Returns a *UserState with the identification information for them.
func UserByUsername ¶
UserByUsername returns a user from the state given its username.
func (*UserState) HasExpired ¶
HasExpired returns true if the user has an expiration set and current time is past the expiration date.
func (*UserState) HasStoreAuth ¶
HasStoreAuth returns true if the user has store authorization.