Documentation ¶
Index ¶
Constants ¶
const ExpirationTime = time.Minute * 15
ExpirationTime jwt token expiration time
const GithubOAuthScope = "repo"
It appears we need `repo` scope, which is VERY permissive. We need to be able to push a deploy key and merge commits. No other scopes matched. Available scopes: https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps
const WeGOGithubClientID = "edcb13588d46f254052c"
Uniquely identifies us as a GitHub app. This does not need to be obfuscated because it is publicly available to anyone who does an OAuth request via wego. See the auth ADR for more details: https://github.com/weaveworks/weave-gitops/blob/main/doc/adr/0005-wego-core-auth-strategy.md#design
Variables ¶
var ErrAuthPending = errors.New("auth pending")
var ErrSlowDown = errors.New("slow down")
ErrUnauthorizedToken unauthorized token error
Functions ¶
func ParseGitHubError ¶ added in v0.8.0
Types ¶
type AuthService ¶
type AuthService interface { CreateGitClient(ctx context.Context, repoURL gitproviders.RepoURL, namespace string, dryRun bool) (git.Git, error) GetGitProvider() gitproviders.GitProvider SetupDeployKey(ctx context.Context, namespace string, repo gitproviders.RepoURL) (*ssh.PublicKeys, error) }
func NewAuthService ¶
func NewAuthService(fluxClient flux.Flux, k8sClient client.Client, provider gitproviders.GitProvider, log logr.Logger) AuthService
NewAuthService constructs an auth service for doing git operations with an authenticated client.
type Claims ¶
type Claims struct { jwt.RegisteredClaims Provider gitproviders.GitProviderName `json:"provider"` ProviderToken string `json:"provider_token"` }
Claims is a custom JWT claims that contains some token information
type GitHubError ¶ added in v0.7.0
type GitHubError struct { Type string `json:"error"` Description string `json:"error_description"` URI string `json:"error_uri"` StatusCode int }
GitHubError indicates a failure response from GitHub.
func (GitHubError) Error ¶ added in v0.7.0
func (e GitHubError) Error() string
type GithubAuthClient ¶ added in v0.3.0
type GithubAuthClient interface { GetDeviceCode() (*GithubDeviceCodeResponse, error) GetDeviceCodeAuthStatus(deviceCode string) (string, error) ValidateToken(ctx context.Context, token string) error }
func NewGithubAuthClient ¶ added in v0.5.0
func NewGithubAuthClient(client *http.Client) GithubAuthClient
type GithubDeviceCodeResponse ¶ added in v0.3.0
type GithubDeviceCodeResponse struct { DeviceCode string `json:"device_code"` UserCode string `json:"user_code"` VerificationURI string `json:"verification_uri"` Interval int `json:"interval"` }
GithubDeviceCodeResponse represents response body from the Github API
type GitlabAuthClient ¶ added in v0.5.0
type GitlabAuthClient interface { AuthURL(ctx context.Context, redirectURI string) (url.URL, error) ExchangeCode(ctx context.Context, redirectURI, code string) (*types.TokenResponseState, error) ValidateToken(ctx context.Context, token string) error }
func NewGitlabAuthClient ¶ added in v0.5.0
func NewGitlabAuthClient(client *http.Client) GitlabAuthClient
type JWTClient ¶
type JWTClient interface { GenerateJWT(expirationTime time.Duration, providerName gitproviders.GitProviderName, providerToken string) (string, error) VerifyJWT(accessToken string) (*Claims, error) }
JWTClient represents a type that has methods to generate and verify JWT tokens.
func NewJwtClient ¶
NewJwtClient initialize JWTClient instance
type ProviderTokenValidator ¶ added in v0.6.1
type SecretName ¶
type SecretName struct { Name names.GeneratedSecretName Namespace string }
func (SecretName) NamespacedName ¶
func (sn SecretName) NamespacedName() types.NamespacedName
func (SecretName) String ¶
func (sn SecretName) String() string
Directories ¶
Path | Synopsis |
---|---|
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
typesfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |