Documentation
¶
Index ¶
- func NewForwardAuthHandler(providers *app.Providers) http.Handler
- type AuthService
- func (svc *AuthService) CreateUser(ctx context.Context, tx *sql.Tx, params repo.CreateUserParams, token string, ...) (*repo.User, error)
- func (svc *AuthService) GenerateRegistrationToken(ctx context.Context, ...) (*connect.Response[idmv1.GenerateRegistrationTokenResponse], error)
- func (svc *AuthService) Introspect(ctx context.Context, req *connect.Request[idmv1.IntrospectRequest]) (*connect.Response[idmv1.IntrospectResponse], error)
- func (svc *AuthService) Login(ctx context.Context, req *connect.Request[idmv1.LoginRequest]) (*connect.Response[idmv1.LoginResponse], error)
- func (svc *AuthService) Logout(ctx context.Context, req *connect.Request[idmv1.LogoutRequest]) (*connect.Response[idmv1.LogoutResponse], error)
- func (svc *AuthService) RefreshToken(ctx context.Context, req *connect.Request[idmv1.RefreshTokenRequest]) (*connect.Response[idmv1.RefreshTokenResponse], error)
- func (svc *AuthService) RegisterUser(ctx context.Context, req *connect.Request[idmv1.RegisterUserRequest]) (*connect.Response[idmv1.RegisterUserResponse], error)
- func (svc *AuthService) RequestPasswordReset(ctx context.Context, req *connect.Request[idmv1.RequestPasswordResetRequest]) (*connect.Response[idmv1.RequestPasswordResetResponse], error)
- func (svc *AuthService) ValidateRegistrationToken(ctx context.Context, ...) (*connect.Response[idmv1.ValidateRegistrationTokenResponse], error)
- type ForwardAuthInput
- type ForwardAuthPolicyResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AuthService ¶
type AuthService struct {
idmv1connect.UnimplementedAuthServiceHandler
*app.Providers
}
func NewService ¶
func NewService(providers *app.Providers) *AuthService
NewService returns a new authentication service that verifies users using repo.
func (*AuthService) CreateUser ¶
func (*AuthService) GenerateRegistrationToken ¶
func (svc *AuthService) GenerateRegistrationToken(ctx context.Context, req *connect.Request[idmv1.GenerateRegistrationTokenRequest]) (*connect.Response[idmv1.GenerateRegistrationTokenResponse], error)
func (*AuthService) Introspect ¶
func (svc *AuthService) Introspect(ctx context.Context, req *connect.Request[idmv1.IntrospectRequest]) (*connect.Response[idmv1.IntrospectResponse], error)
func (*AuthService) Login ¶
func (svc *AuthService) Login(ctx context.Context, req *connect.Request[idmv1.LoginRequest]) (*connect.Response[idmv1.LoginResponse], error)
func (*AuthService) Logout ¶
func (svc *AuthService) Logout(ctx context.Context, req *connect.Request[idmv1.LogoutRequest]) (*connect.Response[idmv1.LogoutResponse], error)
func (*AuthService) RefreshToken ¶
func (svc *AuthService) RefreshToken(ctx context.Context, req *connect.Request[idmv1.RefreshTokenRequest]) (*connect.Response[idmv1.RefreshTokenResponse], error)
func (*AuthService) RegisterUser ¶
func (svc *AuthService) RegisterUser(ctx context.Context, req *connect.Request[idmv1.RegisterUserRequest]) (*connect.Response[idmv1.RegisterUserResponse], error)
func (*AuthService) RequestPasswordReset ¶
func (svc *AuthService) RequestPasswordReset(ctx context.Context, req *connect.Request[idmv1.RequestPasswordResetRequest]) (*connect.Response[idmv1.RequestPasswordResetResponse], error)
func (*AuthService) ValidateRegistrationToken ¶
func (svc *AuthService) ValidateRegistrationToken(ctx context.Context, req *connect.Request[idmv1.ValidateRegistrationTokenRequest]) (*connect.Response[idmv1.ValidateRegistrationTokenResponse], error)
type ForwardAuthInput ¶ added in v0.9.0
type ForwardAuthInput struct {
// Subject holds the authenticated user that is performing the request, if any.
Subject *policy.SubjectInput `json:"subject,omitempty"`
// Method is the HTTP method used.
Method string `json:"method,omitempty"`
// Path is the path of the HTTP request.
Path string `json:"path,omitempty"`
// Host is the requested hostname.
Host string `json:"host,omitempty"`
// Headers holds all request headers.
Headers http.Header `json:"headers,omitempty"`
// Query holds all query values.
Query url.Values `json:"query,omitempty"`
// ClientIP holds the IP of the client in it's string form.
ClientIP string `json:"client_ip,omitempty"`
}
type ForwardAuthPolicyResult ¶ added in v0.9.0
type ForwardAuthPolicyResult struct {
// Allow should be set to true if the request should be allowed.
// This is queried when forward_auth_default is set to "deny".
Allow bool `mapstructure:"allow"`
// Deny should be set to true if the request should be denied.
// This is queried when forward_auth_default is set to "allow"
Deny bool `mapstructure:"deny"`
// StatusCode may be set to the status code to return to the client.
// This is only used when the request is denied.
StatusCode int `mapstructure:"status_code"`
// Headers holds additional headers that are added to the response to
// the reverse proxy.
//
// If the request is denied (Allow = false) then the headers are directly
// returned to the client making the request.
//
// If the request is allowed (Allow = true) then those headers are sent
// to the reverse proxy which might decide to forward those headers to
// the upstream server. Note that forwarding of headers might require
// configuration on the reverse proxy side.
Headers map[string][]string `mapstructure:"headers"`
// ResponseBody is the HTTP response body in case the initial request
// is not allowed.
// Note that response_body is only sent if status_code is a non-zero value.
ResponseBody string `mapstructure:"response_body"`
// AssignSubject may be used to assign a different user to the request.
// This field is only evaluated if the request is allowed.
AssignSubject string `mapstructure:"assign_subject"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.