Documentation ¶
Index ¶
- Constants
- Variables
- func CheckAdminHandler(handler http.Handler, rejector Rejector) http.Handler
- func CheckAuthenticationHandler(handler http.Handler, rejector Rejector) http.Handler
- func CheckAuthorizationHandler(handler http.Handler, rejector Rejector) http.Handler
- func IsAdmin(r *http.Request) bool
- func IsAuthenticated(r *http.Request) bool
- func IsAuthorized(r *http.Request) bool
- func NewCheckBuildReadAccessHandlerFactory(buildsDB BuildsDB) *checkBuildReadAccessHandlerFactory
- func NewCheckBuildWriteAccessHandlerFactory(buildsDB BuildsDB) *checkBuildWriteAccessHandlerFactory
- func NewCheckPipelineAccessHandlerFactory(pipelineDBFactory db.PipelineDBFactory, teamDBFactory db.TeamDBFactory) *checkPipelineAccessHandlerFactory
- func NewLogOutHandler(logger lager.Logger) http.Handler
- func NewOAuthBeginHandler(logger lager.Logger, providerFactory ProviderFactory, ...) http.Handler
- func NewOAuthCallbackHandler(logger lager.Logger, providerFactory ProviderFactory, ...) http.Handler
- func NewOAuthHandler(logger lager.Logger, providerFactory ProviderFactory, ...) (http.Handler, error)
- func WrapHandler(handler http.Handler, validator Validator, userContextReader UserContextReader) http.Handler
- type AuthDB
- type BuildsDB
- type CheckBuildReadAccessHandlerFactory
- type CheckBuildWriteAccessHandlerFactory
- type CheckPipelineAccessHandlerFactory
- type CookieSetHandler
- type JWTReader
- type JWTValidator
- type LogOutHandler
- type OAuthBeginHandler
- type OAuthCallbackHandler
- type OAuthState
- type ProviderFactory
- type Rejector
- type Team
- type TokenGenerator
- type TokenType
- type TokenValue
- type UnauthorizedRejector
- type UserContextReader
- type Validator
Constants ¶
View Source
const ( OAuthBegin = "OAuthBegin" OAuthCallback = "OAuthCallback" LogOut = "LogOut" )
View Source
const BuildKey = "build"
View Source
const CookieName = "ATC-Authorization"
View Source
const OAuthStateCookie = "_concourse_oauth_state"
View Source
const PipelineDBKey = "pipelineDB"
View Source
const TokenTypeBearer = "Bearer"
Variables ¶
View Source
var ErrUnparsableHeader = errors.New("cannot parse 'Authorization' header")
View Source
var OAuthRoutes = rata.Routes{ {Path: "/auth/logout", Method: "GET", Name: LogOut}, {Path: "/auth/:provider", Method: "GET", Name: OAuthBegin}, {Path: "/auth/:provider/callback", Method: "GET", Name: OAuthCallback}, }
View Source
var SigningMethod = jwt.SigningMethodRS256
Functions ¶
func CheckAdminHandler ¶
func IsAuthenticated ¶
func IsAuthorized ¶
func NewCheckBuildReadAccessHandlerFactory ¶
func NewCheckBuildReadAccessHandlerFactory( buildsDB BuildsDB, ) *checkBuildReadAccessHandlerFactory
func NewCheckBuildWriteAccessHandlerFactory ¶
func NewCheckBuildWriteAccessHandlerFactory( buildsDB BuildsDB, ) *checkBuildWriteAccessHandlerFactory
func NewCheckPipelineAccessHandlerFactory ¶
func NewCheckPipelineAccessHandlerFactory( pipelineDBFactory db.PipelineDBFactory, teamDBFactory db.TeamDBFactory, ) *checkPipelineAccessHandlerFactory
func NewOAuthBeginHandler ¶
func NewOAuthBeginHandler( logger lager.Logger, providerFactory ProviderFactory, privateKey *rsa.PrivateKey, teamDBFactory db.TeamDBFactory, expire time.Duration, ) http.Handler
func NewOAuthCallbackHandler ¶
func NewOAuthCallbackHandler( logger lager.Logger, providerFactory ProviderFactory, privateKey *rsa.PrivateKey, teamDBFactory db.TeamDBFactory, expire time.Duration, ) http.Handler
func NewOAuthHandler ¶
func NewOAuthHandler( logger lager.Logger, providerFactory ProviderFactory, teamDBFactory db.TeamDBFactory, signingKey *rsa.PrivateKey, expire time.Duration, ) (http.Handler, error)
func WrapHandler ¶
Types ¶
type CookieSetHandler ¶
func (CookieSetHandler) ServeHTTP ¶
func (handler CookieSetHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type JWTValidator ¶
func (JWTValidator) IsAuthenticated ¶
func (validator JWTValidator) IsAuthenticated(r *http.Request) bool
type LogOutHandler ¶
type LogOutHandler struct {
// contains filtered or unexported fields
}
func (*LogOutHandler) ServeHTTP ¶
func (handler *LogOutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthBeginHandler ¶
type OAuthBeginHandler struct {
// contains filtered or unexported fields
}
func (*OAuthBeginHandler) ServeHTTP ¶
func (handler *OAuthBeginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthCallbackHandler ¶
type OAuthCallbackHandler struct {
// contains filtered or unexported fields
}
func (*OAuthCallbackHandler) ServeHTTP ¶
func (handler *OAuthCallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type OAuthState ¶
type ProviderFactory ¶
type TokenGenerator ¶
type TokenGenerator interface {
GenerateToken(expiration time.Time, teamName string, teamID int, isAdmin bool) (TokenType, TokenValue, error)
}
func NewTokenGenerator ¶
func NewTokenGenerator(privateKey *rsa.PrivateKey) TokenGenerator
type TokenValue ¶
type TokenValue string
type UnauthorizedRejector ¶
type UnauthorizedRejector struct{}
func (UnauthorizedRejector) Forbidden ¶
func (UnauthorizedRejector) Forbidden(w http.ResponseWriter, r *http.Request)
func (UnauthorizedRejector) Unauthorized ¶
func (UnauthorizedRejector) Unauthorized(w http.ResponseWriter, r *http.Request)
type UserContextReader ¶
Source Files ¶
- auth_db.go
- basic_auth_validator.go
- builds_db.go
- check_admin_handler.go
- check_auth_handler.go
- check_authorization_handler.go
- check_build_read_access_handler.go
- check_build_write_access_handler.go
- check_pipeline_access_handler.go
- cookie_set_handler.go
- extract_username_and_password.go
- get_jwt.go
- get_team.go
- is_admin.go
- is_authenticated.go
- is_authorized.go
- jwt_reader.go
- jwt_validator.go
- logout_handler.go
- oauth_begin_handler.go
- oauth_callback_handler.go
- oauth_handler.go
- oauth_routes.go
- rejector.go
- team_auth_validator.go
- token_generator.go
- unauthorized_rejector.go
- user_context_reader.go
- validator.go
- wrap_handler.go
Directories ¶
Path | Synopsis |
---|---|
This file was generated by counterfeiter
|
This file was generated by counterfeiter |
githubfakes
This file was generated by counterfeiter
|
This file was generated by counterfeiter |
providerfakes
This file was generated by counterfeiter
|
This file was generated by counterfeiter |
Click to show internal directories.
Click to hide internal directories.