auth

Documentation

Index

• Constants
• Variables
• func GetCurrentSub(ctx context.Context) (string, error)
• type CreateInvitationPayload
• type CreateUserPayload
• type DefaultUsersManager
  • func NewDefaultUsersManager(tm *metadata.TenantManager) *DefaultUsersManager
  • func (um *DefaultUsersManager) CreateInvitations(ctx context.Context, req *api.CreateInvitationsRequest) (*api.CreateInvitationsResponse, error)
  • func (*DefaultUsersManager) DeleteInvitations(ctx context.Context, req *api.DeleteInvitationsRequest) (*api.DeleteInvitationsResponse, error)
  • func (*DefaultUsersManager) ListInvitations(ctx context.Context, req *api.ListInvitationsRequest) (*api.ListInvitationsResponse, error)
  • func (um *DefaultUsersManager) ListUsers(ctx context.Context, _ *api.ListUsersRequest) (*api.ListUsersResponse, error)
  • func (*DefaultUsersManager) VerifyInvitation(ctx context.Context, req *api.VerifyInvitationRequest) (*api.VerifyInvitationResponse, error)
• type DeleteInvitationsPayload
• type GetUserResp
• type Provider
  • func NewGotrueProvider() Provider
  • func NewProvider(userstore *metadata.UserSubspace, txMgr *transaction.Manager) Provider
• type UserAppData
• type UsersManager
• type VerifyInvitationPayload

Constants

const (
	GotrueAudHeaderKey       = "X-JWT-AUD"
	ClientIdPrefix           = "tid_"
	ClientSecretPrefix       = "tsec_"
	GlobalClientIdPrefix     = "tgid_"
	GlobalClientSecretPrefix = "tgsec_"
	ApiKeyPrefix             = "tkey_"
	Component                = "component"
	AppKey                   = "app_key"
	AppKeyUser               = "app key"

	InvitationStatusPending  = "PENDING"
	InvitationStatusAccepted = "ACCEPTED"
	InvitationStatusExpired  = "EXPIRED"

	AppKeyTypeCredentials = "credentials"
	AppKeyTypeApiKey      = "api_key"

	ClusterAdminRoleName = "cluster_admin"
	ReadOnlyRoleName     = "ro"
	EditorRoleName       = "e"
	OwnerRoleName        = "o"
)

const (
	CreatedStatus = "created"
	DeletedStatus = "deleted"
)

Variables

var InvalidInvitationCodeErr = errors.Unauthenticated("Failed to verify invitation code")

Functions

func GetCurrentSub

func GetCurrentSub(ctx context.Context) (string, error)

Types

type CreateInvitationPayload

type CreateInvitationPayload struct {
	Email string `json:"email"`
	Role  string `json:"role"`

	TigrisNamespace     string `json:"tigris_namespace"`
	TigrisNamespaceName string `json:"tigris_namespace_name"`

	CreatedBy      string `json:"created_by"`
	CreatedByName  string `json:"created_by_name"`
	ExpirationTime int64  `json:"expiration_time"`
}

type CreateUserPayload

type CreateUserPayload struct {
	Email    string      `json:"email"`
	Password string      `json:"password"`
	AppData  UserAppData `json:"app_data"`
}

type DefaultUsersManager

type DefaultUsersManager struct {
	Management    *management.Management
	TenantManager *metadata.TenantManager
}

func NewDefaultUsersManager

func NewDefaultUsersManager(tm *metadata.TenantManager) *DefaultUsersManager

func (*DefaultUsersManager) CreateInvitations

func (um *DefaultUsersManager) CreateInvitations(ctx context.Context, req *api.CreateInvitationsRequest) (*api.CreateInvitationsResponse, error)

func (*DefaultUsersManager) DeleteInvitations

func (*DefaultUsersManager) DeleteInvitations(ctx context.Context, req *api.DeleteInvitationsRequest) (*api.DeleteInvitationsResponse, error)

func (*DefaultUsersManager) ListInvitations

func (*DefaultUsersManager) ListInvitations(ctx context.Context, req *api.ListInvitationsRequest) (*api.ListInvitationsResponse, error)

func (*DefaultUsersManager) ListUsers

func (um *DefaultUsersManager) ListUsers(ctx context.Context, _ *api.ListUsersRequest) (*api.ListUsersResponse, error)

func (*DefaultUsersManager) VerifyInvitation

func (*DefaultUsersManager) VerifyInvitation(ctx context.Context, req *api.VerifyInvitationRequest) (*api.VerifyInvitationResponse, error)

type DeleteInvitationsPayload

type DeleteInvitationsPayload struct {
	Email           string `json:"email"`
	CreatedBy       string `json:"created_by"`
	TigrisNamespace string `json:"tigris_namespace"`
	Status          string `json:"status"`
}

type GetUserResp

type GetUserResp struct {
	InstanceID        uuid.UUID `json:"instance_id"`
	ID                uuid.UUID `json:"id"`
	Aud               string    `json:"aud"`
	Role              string    `json:"role"`
	Email             string    `json:"email"`
	EncryptedPassword string    `json:"encrypted_password"`

	AppMetaData *UserAppData `db:"app_metadata" json:"app_metadata"`
}

type Provider

type Provider interface {
	GetAccessToken(ctx context.Context, req *api.GetAccessTokenRequest) (*api.GetAccessTokenResponse, error)
	CreateAppKey(ctx context.Context, req *api.CreateAppKeyRequest) (*api.CreateAppKeyResponse, error)
	UpdateAppKey(ctx context.Context, req *api.UpdateAppKeyRequest) (*api.UpdateAppKeyResponse, error)
	RotateAppKey(ctx context.Context, req *api.RotateAppKeyRequest) (*api.RotateAppKeyResponse, error)
	DeleteAppKey(ctx context.Context, req *api.DeleteAppKeyRequest) (*api.DeleteAppKeyResponse, error)
	ListAppKeys(ctx context.Context, req *api.ListAppKeysRequest) (*api.ListAppKeysResponse, error)
	DeleteAppKeys(ctx context.Context, project string) error
	ValidateApiKey(ctx context.Context, apiKey string, auds []string) (*types.AccessToken, error)

	CreateGlobalAppKey(ctx context.Context, req *api.CreateGlobalAppKeyRequest) (*api.CreateGlobalAppKeyResponse, error)
	UpdateGlobalAppKey(ctx context.Context, req *api.UpdateGlobalAppKeyRequest) (*api.UpdateGlobalAppKeyResponse, error)
	RotateGlobalAppKeySecret(ctx context.Context, req *api.RotateGlobalAppKeySecretRequest) (*api.RotateGlobalAppKeySecretResponse, error)
	DeleteGlobalAppKey(ctx context.Context, req *api.DeleteGlobalAppKeyRequest) (*api.DeleteGlobalAppKeyResponse, error)
	ListGlobalAppKeys(ctx context.Context, req *api.ListGlobalAppKeysRequest) (*api.ListGlobalAppKeysResponse, error)
}

func NewGotrueProvider

func NewGotrueProvider() Provider

func NewProvider

func NewProvider(userstore *metadata.UserSubspace, txMgr *transaction.Manager) Provider

type UserAppData

type UserAppData struct {
	CreatedAt       int64  `json:"created_at"`
	CreatedBy       string `json:"created_by"`
	UpdatedAt       int64  `json:"updated_at"`
	UpdatedBy       string `json:"updated_by"`
	TigrisNamespace string `json:"tigris_namespace"`
	Name            string `json:"name"`
	Description     string `json:"description"`
	Project         string `json:"tigris_project"`
	// Gotrue has multiple roles in user. We use it as an array but app key has single role (first and only element of array)
	Roles   []string `json:"roles"`
	KeyType string   `json:"key_type"`
}

type UsersManager

type UsersManager interface {
	CreateInvitations(ctx context.Context, req *api.CreateInvitationsRequest) (*api.CreateInvitationsResponse, error)
	DeleteInvitations(ctx context.Context, req *api.DeleteInvitationsRequest) (*api.DeleteInvitationsResponse, error)
	ListInvitations(ctx context.Context, req *api.ListInvitationsRequest) (*api.ListInvitationsResponse, error)
	VerifyInvitation(ctx context.Context, req *api.VerifyInvitationRequest) (*api.VerifyInvitationResponse, error)
	ListUsers(ctx context.Context, req *api.ListUsersRequest) (*api.ListUsersResponse, error)
}

type VerifyInvitationPayload

type VerifyInvitationPayload struct {
	Email string `json:"email"`
	Code  string `json:"code"`
	Dry   bool   `json:"dry"`
}