auth

package
v0.0.0-...-ee3d319 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 16, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsSuperUser

func IsSuperUser(superUsers []string, u User) bool

IsSuperUser verifies that a given user has super user permissions. A user has these permission if they are in the super users list or if the list is empty, in which case all users are super users.

Types

type APIUser

type APIUser interface {
	User
	GetAPIKey() string
}

User describes an Evergreen user that is going through the API.

type CrowdUserManager

type CrowdUserManager struct {
	*crowd.Client
}

CrowdUserManager handles authentication with Atlassian Crowd.

func NewCrowdUserManager

func NewCrowdUserManager(conf *evergreen.CrowdConfig) (*CrowdUserManager, error)

NewCrowdUserManager creates a manager for the user and password combination that connects to the crowd service at the given URL.

func (*CrowdUserManager) CreateUserToken

func (c *CrowdUserManager) CreateUserToken(username, password string) (string, error)

CreateUserToken creates a user session in crowd. This session token is returned.

func (*CrowdUserManager) GetLoginCallbackHandler

func (*CrowdUserManager) GetLoginCallbackHandler() func(http.ResponseWriter, *http.Request)

func (*CrowdUserManager) GetLoginHandler

func (*CrowdUserManager) GetLoginHandler(string) func(http.ResponseWriter, *http.Request)

func (*CrowdUserManager) GetUserByToken

func (c *CrowdUserManager) GetUserByToken(_ context.Context, token string) (User, error)

GetUserByToken returns the user for the supplied token, or an error if the user is not found.

func (*CrowdUserManager) IsRedirect

func (*CrowdUserManager) IsRedirect() bool

type GithubUserManager

type GithubUserManager struct {
	ClientId               string
	ClientSecret           string
	AuthorizedUsers        []string
	AuthorizedOrganization string
	Salt                   string
}

func NewGithubUserManager

func NewGithubUserManager(g *evergreen.GithubAuthConfig) (*GithubUserManager, error)

NewGithubUserManager initializes a GithubUserManager with a Salt as randomly generated string used in Github authentication

func (*GithubUserManager) CreateUserToken

func (*GithubUserManager) CreateUserToken(string, string) (string, error)

CreateUserToken is not implemented in GithubUserManager

func (*GithubUserManager) GetLoginCallbackHandler

func (gum *GithubUserManager) GetLoginCallbackHandler() func(w http.ResponseWriter, r *http.Request)

GetLoginCallbackHandler returns the function that is called when GitHub redirects the user back to Evergreen.

func (*GithubUserManager) GetLoginHandler

func (gum *GithubUserManager) GetLoginHandler(callbackUri string) func(w http.ResponseWriter, r *http.Request)

GetLoginHandler returns the function that starts oauth by redirecting the user to authenticate with Github

func (*GithubUserManager) GetUserByToken

func (gum *GithubUserManager) GetUserByToken(ctx context.Context, token string) (User, error)

GetUserByToken sends the token to Github and gets back a user and optionally an organization. If there are Authorized Users, it checks the authorized usernames against the GitHub user's login If there is no match and there is an organization it checks the user's organizations against the UserManager's Authorized organization string.

func (*GithubUserManager) IsRedirect

func (*GithubUserManager) IsRedirect() bool

type NaiveUserManager

type NaiveUserManager struct {
	// contains filtered or unexported fields
}

NaiveUserManager implements the UserManager interface and has a list of AuthUsers{UserName, DisplayName, Password, Email string} which is stored in the settings configuration file. Note: This use of the UserManager is recommended for dev/test purposes only and users who need high security authentication mechanisms should rely on a different authentication mechanism.

func NewNaiveUserManager

func NewNaiveUserManager(naiveAuthConfig *evergreen.NaiveAuthConfig) (*NaiveUserManager, error)

func (*NaiveUserManager) CreateUserToken

func (b *NaiveUserManager) CreateUserToken(username, password string) (string, error)

CreateUserToken finds the user with the same username and password in its list of users and creates a token that is a combination of the index of the list the user is at, the email address and a hash of the username and password and returns that token.

func (*NaiveUserManager) GetLoginCallbackHandler

func (*NaiveUserManager) GetLoginCallbackHandler() func(http.ResponseWriter, *http.Request)

func (*NaiveUserManager) GetLoginHandler

func (*NaiveUserManager) GetLoginHandler(string) func(http.ResponseWriter, *http.Request)

func (*NaiveUserManager) GetUserByToken

func (b *NaiveUserManager) GetUserByToken(_ context.Context, token string) (User, error)

GetUserByToken does a find by creating a temporary token from the index of the user on the list, the email of the user and a hash of the username and password, checking it against the token string and returning a User if there is a match.

func (*NaiveUserManager) IsRedirect

func (*NaiveUserManager) IsRedirect() bool

type User

type User interface {
	DisplayName() string
	Email() string
	Username() string

	// IsNil checks if the interface's data is nil. i.e. if the interface
	// is instantiated with a typed nil, e.g. (*simpleUser)(nil)
	IsNil() bool
}

User describes an Evergreen user and is returned by a UserManager.

type UserManager

type UserManager interface {
	GetUserByToken(context.Context, string) (User, error)
	CreateUserToken(username, password string) (string, error)
	// GetLoginHandler returns the function that starts the login process for auth mechanisms
	// that redirect to a thirdparty site for authentication
	GetLoginHandler(url string) func(http.ResponseWriter, *http.Request)
	// GetLoginRedirectHandler returns the function that does login for the
	// user once it has been redirected from a thirdparty site.
	GetLoginCallbackHandler() func(http.ResponseWriter, *http.Request)
	// IsRedirect returns true if the user must be redirected to a thirdparty site to authenticate
	IsRedirect() bool
}

UserManager sets and gets user tokens for implemented authentication mechanisms, and provides the data that is sent by the api and ui server after authenticating

func LoadUserManager

func LoadUserManager(authConfig evergreen.AuthConfig) (UserManager, error)

LoadUserManager is used to check the configuration for authentication and create a UserManager depending on what type of authentication (Crowd or Naive) is used.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL