auth

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 2, 2021 License: MPL-2.0 Imports: 27 Imported by: 1

Documentation

Index

Constants

View Source
const ExpirationTime = time.Minute * 15

ExpirationTime jwt token expiration time

View Source
const GithubOAuthScope = "repo"

It appears we need `repo` scope, which is VERY permissive. We need to be able to push a deploy key and merge commits. No other scopes matched. Available scopes: https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps

View Source
const WeGOGithubClientID = "edcb13588d46f254052c"

Uniquely identifies us as a GitHub app. This does not need to be obfuscated because it is publicly available to anyone who does an OAuth request via wego. See the auth ADR for more details: https://github.com/weaveworks/weave-gitops/blob/main/doc/adr/0005-wego-core-auth-strategy.md#design

Variables

View Source
var ErrAuthPending = errors.New("auth pending")
View Source
var ErrSlowDown = errors.New("slow down")
View Source
var ErrUnauthorizedToken = errors.New("unauthorized token")

ErrUnauthorizedToken unauthorized token error

Functions

func NewGitlabAuthFlow added in v0.3.0

func NewGitlabAuthFlow(redirectUri string, client *http.Client) (types.AuthFlow, error)

Types

type AuthService

type AuthService interface {
	CreateGitClient(ctx context.Context, repoUrl gitproviders.RepoURL, targetName string, namespace string, dryRun bool) (git.Git, error)
	GetGitProvider() gitproviders.GitProvider
}

func NewAuthService

func NewAuthService(fluxClient flux.Flux, k8sClient client.Client, provider gitproviders.GitProvider, l logger.Logger) (AuthService, error)

NewAuthService constructs an auth service for doing git operations with an authenticated client.

type BlockingCLIAuthHandler

type BlockingCLIAuthHandler func(context.Context, io.Writer) (string, error)

BlockingCLIAuthHandler takes over the terminal experience and returns a token when the user completes the flow.

func NewGithubDeviceFlowHandler

func NewGithubDeviceFlowHandler(client *http.Client) BlockingCLIAuthHandler

NewGithubDeviceFlowHandler returns a function which will initiate the Github Device Flow for the CLI.

func NewGitlabAuthFlowHandler added in v0.3.0

func NewGitlabAuthFlowHandler(client *http.Client, flow types.AuthFlow) BlockingCLIAuthHandler

NewGitlabAuthFlowHandler returns a BlockingCLIAuthHandler for the Gitlab OAuth flow in a CLI. It will set up a temporary server as a callback mechanism. Once the user runs through the flow the server will be shutdown, and we will exit the function.

type Claims

type Claims struct {
	jwt.StandardClaims
	Provider      gitproviders.GitProviderName `json:"provider"`
	ProviderToken string                       `json:"provider_token"`
}

Claims is a custom JWT claims that contains some token information

type GithubAuthClient added in v0.3.0

type GithubAuthClient interface {
	GetDeviceCode() (*GithubDeviceCodeResponse, error)
	GetDeviceCodeAuthStatus(deviceCode string) (string, error)
}

func NewGithubAuthClient added in v0.5.0

func NewGithubAuthClient(client *http.Client) GithubAuthClient

type GithubDeviceCodeResponse added in v0.3.0

type GithubDeviceCodeResponse struct {
	DeviceCode      string `json:"device_code"`
	UserCode        string `json:"user_code"`
	VerificationURI string `json:"verification_uri"`
	Interval        int    `json:"interval"`
}

GithubDeviceCodeResponse represents response body from the Github API

type GitlabAuthClient added in v0.5.0

type GitlabAuthClient interface {
	AuthURL(ctx context.Context, redirectUri string) (url.URL, error)
	ExchangeCode(ctx context.Context, redirectUri, code string) (*types.TokenResponseState, error)
}

func NewGitlabAuthClient added in v0.5.0

func NewGitlabAuthClient(client *http.Client) GitlabAuthClient

type JWTClient

type JWTClient interface {
	GenerateJWT(expirationTime time.Duration, providerName gitproviders.GitProviderName, providerToken string) (string, error)
	VerifyJWT(accessToken string) (*Claims, error)
}

JWTClient represents a type that has methods to generate and verify JWT tokens.

func NewJwtClient

func NewJwtClient(secretKey string) JWTClient

NewJwtClient initialize JWTClient instance

type SecretName

type SecretName struct {
	Name      automation.GeneratedSecretName
	Namespace string
}

func (SecretName) NamespacedName

func (sn SecretName) NamespacedName() types.NamespacedName

func (SecretName) String

func (sn SecretName) String() string

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.
typesfakes
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL