Affected by 
Documentation
¶
Index ¶
Constants ¶
const ExpirationTime = time.Minute * 15
ExpirationTime jwt token expiration time
const GithubOAuthScope = "repo"
It appears we need `repo` scope, which is VERY permissive. We need to be able to push a deploy key and merge commits. No other scopes matched. Available scopes: https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps
const WeGOGithubClientID = "edcb13588d46f254052c"
Uniquely identifies us as a GitHub app. This does not need to be obfuscated because it is publicly available to anyone who does an OAuth request via wego. See the auth ADR for more details: https://github.com/weaveworks/weave-gitops/blob/main/doc/adr/0005-wego-core-auth-strategy.md#design
Variables ¶
var ErrAuthPending = errors.New("auth pending")
var ErrSlowDown = errors.New("slow down")
ErrUnauthorizedToken unauthorized token error
Functions ¶
func ParseGitHubError ¶ added in v0.8.0
Types ¶
type AuthService ¶
type AuthService interface {
CreateGitClient(ctx context.Context, repoUrl gitproviders.RepoURL, namespace string, dryRun bool) (git.Git, error)
GetGitProvider() gitproviders.GitProvider
SetupDeployKey(ctx context.Context, namespace string, repo gitproviders.RepoURL) (*ssh.PublicKeys, error)
}
func NewAuthService ¶
func NewAuthService(fluxClient flux.Flux, k8sClient client.Client, provider gitproviders.GitProvider, log logr.Logger) AuthService
NewAuthService constructs an auth service for doing git operations with an authenticated client.
type Claims ¶
type Claims struct {
jwt.StandardClaims
Provider gitproviders.GitProviderName `json:"provider"`
ProviderToken string `json:"provider_token"`
}
Claims is a custom JWT claims that contains some token information
type GitHubError ¶ added in v0.7.0
type GitHubError struct {
Type string `json:"error"`
Description string `json:"error_description"`
URI string `json:"error_uri"`
StatusCode int
}
GitHubError indicates a failure response from GitHub.
func (GitHubError) Error ¶ added in v0.7.0
func (e GitHubError) Error() string
type GithubAuthClient ¶ added in v0.3.0
type GithubAuthClient interface {
GetDeviceCode() (*GithubDeviceCodeResponse, error)
GetDeviceCodeAuthStatus(deviceCode string) (string, error)
ValidateToken(ctx context.Context, token string) error
}
func NewGithubAuthClient ¶ added in v0.5.0
func NewGithubAuthClient(client *http.Client) GithubAuthClient
type GithubDeviceCodeResponse ¶ added in v0.3.0
type GithubDeviceCodeResponse struct {
DeviceCode string `json:"device_code"`
UserCode string `json:"user_code"`
VerificationURI string `json:"verification_uri"`
Interval int `json:"interval"`
}
GithubDeviceCodeResponse represents response body from the Github API
type GitlabAuthClient ¶ added in v0.5.0
type GitlabAuthClient interface {
AuthURL(ctx context.Context, redirectUri string) (url.URL, error)
ExchangeCode(ctx context.Context, redirectUri, code string) (*types.TokenResponseState, error)
ValidateToken(ctx context.Context, token string) error
}
func NewGitlabAuthClient ¶ added in v0.5.0
func NewGitlabAuthClient(client *http.Client) GitlabAuthClient
type JWTClient ¶
type JWTClient interface {
GenerateJWT(expirationTime time.Duration, providerName gitproviders.GitProviderName, providerToken string) (string, error)
VerifyJWT(accessToken string) (*Claims, error)
}
JWTClient represents a type that has methods to generate and verify JWT tokens.
func NewJwtClient ¶
NewJwtClient initialize JWTClient instance
type ProviderTokenValidator ¶ added in v0.6.1
type SecretName ¶
type SecretName struct {
Name names.GeneratedSecretName
Namespace string
}
func (SecretName) NamespacedName ¶
func (sn SecretName) NamespacedName() types.NamespacedName
func (SecretName) String ¶
func (sn SecretName) String() string
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
typesfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |