authentication

package
v0.90.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2022 License: Apache-2.0 Imports: 28 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewCSRFMw 

func NewCSRFMw(config CSRFConfig) func(handler http.Handler) http.Handler

func NewLoadUserMw 

func NewLoadUserMw(config LoadUserConfig) func(handler http.Handler) http.Handler

func RedirectAlreadyAuthenticatedUsers 

func RedirectAlreadyAuthenticatedUsers(matchString, matchRegex []string) func(handler http.Handler) http.Handler

func RequiresAuthentication 

func RequiresAuthentication(handler http.Handler) http.Handler

func ValidateRedirectURIQueryParameter 

func ValidateRedirectURIQueryParameter(matchString, matchRegex []string) func(handler http.Handler) http.Handler

Types

type CSRFConfig 

type CSRFConfig struct {
	Path            string
	InsecureCookies bool
	Secret          []byte
}

type CSRFErrorHandler 

type CSRFErrorHandler struct {
	InsecureCookies bool
}

func (*CSRFErrorHandler) ServeHTTP 

func (u *CSRFErrorHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type CSRFTokenHandler 

type CSRFTokenHandler struct{}

func (*CSRFTokenHandler) ServeHTTP 

func (_ *CSRFTokenHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type Claims 

type Claims struct {
	Sub                string `json:"sub"`
	Name               string `json:"name"`
	GivenName          string `json:"given_name"`
	FamilyName         string `json:"family_name"`
	Picture            string `json:"picture"`
	Email              string `json:"email"`
	EmailVerified      bool   `json:"email_verified"`
	Locale             string `json:"locale"`
	HostedGSuiteDomain string `json:"hd"`
}

type ClaimsInfo 

type ClaimsInfo struct {
	ScopesSupported []string `json:"scopes_supported"`
	ClaimsSupported []string `json:"claims_supported"`
}

type CookieUserHandler 

type CookieUserHandler struct {
	HasRevalidateHook bool
	MWClient          *middlewareclient.MiddlewareClient
	Log               abstractlogger.Logger
	Host              string
	InsecureCookies   bool
	Cookie            *securecookie.SecureCookie
}

func (*CookieUserHandler) ServeHTTP 

func (u *CookieUserHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type GithubConfig 

type GithubConfig struct {
	ClientID           string
	ClientSecret       string
	ProviderID         string
	PathPrefix         string
	InsecureCookies    bool
	ForceRedirectHttps bool
	Cookie             *securecookie.SecureCookie
}

type GithubCookieHandler 

type GithubCookieHandler struct {
	// contains filtered or unexported fields
}

func NewGithubCookieHandler 

func NewGithubCookieHandler(log abstractlogger.Logger) *GithubCookieHandler

func (*GithubCookieHandler) Register 

func (g *GithubCookieHandler) Register(authorizeRouter, callbackRouter *mux.Router, config GithubConfig, hooks Hooks)

type GithubUserEmail 

type GithubUserEmail struct {
	Email      string `json:"email"`
	Primary    bool   `json:"primary"`
	Verified   bool   `json:"verified"`
	Visibility string `json:"visibility"`
}

type GithubUserEmails 

type GithubUserEmails []GithubUserEmail

type GithubUserInfo 

type GithubUserInfo struct {
	AvatarURL string `json:"avatar_url"`
	ID        int64  `json:"id"`
	Location  string `json:"location"`
	Login     string `json:"login"`
	Name      string `json:"name"`
	NodeID    string `json:"node_id"`
}

type Hooks 

type Hooks struct {
	Client                     *middlewareclient.MiddlewareClient
	Log                        abstractlogger.Logger
	PostAuthentication         bool
	MutatingPostAuthentication bool
}

type LoadUserConfig 

type LoadUserConfig struct {
	Log           abstractlogger.Logger
	Cookie        *securecookie.SecureCookie
	JwksProviders []*wgpb.JwksAuthProvider
	Hooks         Hooks
}

type MutatingPostAuthenticationResponse 

type MutatingPostAuthenticationResponse struct {
	User    User   `json:"user"`
	Message string `json:"message"`
	Status  string `json:"status"`
}

type OpenIDConnectConfig 

type OpenIDConnectConfig struct {
	Issuer             string
	ClientID           string
	ClientSecret       string
	ProviderID         string
	PathPrefix         string
	InsecureCookies    bool
	ForceRedirectHttps bool
	Cookie             *securecookie.SecureCookie
}

type OpenIDConnectCookieHandler 

type OpenIDConnectCookieHandler struct {
	// contains filtered or unexported fields
}

func NewOpenIDConnectCookieHandler 

func NewOpenIDConnectCookieHandler(log abstractlogger.Logger) *OpenIDConnectCookieHandler

func (*OpenIDConnectCookieHandler) Register 

func (h *OpenIDConnectCookieHandler) Register(authorizeRouter, callbackRouter *mux.Router, config OpenIDConnectConfig, hooks Hooks)

type RBACEnforcer 

type RBACEnforcer struct {
	// contains filtered or unexported fields
}

func NewRBACEnforcer 

func NewRBACEnforcer(operation *wgpb.Operation) *RBACEnforcer

func (*RBACEnforcer) Enforce 

func (e *RBACEnforcer) Enforce(r *http.Request) (proceed bool)

type RedirectURIValidator 

type RedirectURIValidator struct {
	// contains filtered or unexported fields
}

func NewRedirectValidator 

func NewRedirectValidator(matchString, matchRegex []string) *RedirectURIValidator

func (*RedirectURIValidator) GetValidatedRedirectURI 

func (v *RedirectURIValidator) GetValidatedRedirectURI(r *http.Request) (redirectURI string, authorized bool)

type TokenUserHandler 

type TokenUserHandler struct{}

func (TokenUserHandler) ServeHTTP 

func (_ TokenUserHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type User 

type User struct {
	ProviderName     string          `json:"provider,omitempty"`
	ProviderID       string          `json:"provider_id,omitempty"`
	Email            string          `json:"email,omitempty"`
	EmailVerified    bool            `json:"email_verified,omitempty"`
	Name             string          `json:"name,omitempty"`
	FirstName        string          `json:"first_name,omitempty"`
	LastName         string          `json:"last_name,omitempty"`
	NickName         string          `json:"nick_name,omitempty"`
	Description      string          `json:"description,omitempty"`
	UserID           string          `json:"user_id,omitempty"`
	AvatarURL        string          `json:"avatar_url,omitempty"`
	Location         string          `json:"location,omitempty"`
	CustomClaims     json.RawMessage `json:"custom_claims,omitempty"`
	CustomAttributes []string        `json:"custom_attributes,omitempty"`
	Roles            []string        `json:"roles"`
	ExpiresAt        time.Time       `json:"-"`
	ETag             string          `json:"etag,omitempty"`
	FromCookie       bool            `json:"from_cookie,omitempty"`
	AccessToken      json.RawMessage `json:"access_token,omitempty"`
	IdToken          json.RawMessage `json:"id_token,omitempty"`
	RawIDToken       string          `json:"raw_id_token,omitempty"`
}

func UserFromContext 

func UserFromContext(ctx context.Context) *User

func (*User) Load 

func (u *User) Load(loader *UserLoader, r *http.Request) error

func (*User) RemoveInternalFields 

func (u *User) RemoveInternalFields()

RemoveInternalFields should be used before sending the user to the client to not expose internal fields

func (*User) Save 

func (u *User) Save(s *securecookie.SecureCookie, w http.ResponseWriter, r *http.Request, domain string, insecureCookies bool) error

type UserLoadConfig 

type UserLoadConfig struct {
	// contains filtered or unexported fields
}

type UserLoader 

type UserLoader struct {
	// contains filtered or unexported fields
}

type UserLogoutHandler 

type UserLogoutHandler struct {
	InsecureCookies                  bool
	OpenIDConnectIssuersToLogoutURLs map[string]string
}

func (*UserLogoutHandler) ServeHTTP 

func (u *UserLogoutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.