basicauthpassword

package
v1.2.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 21, 2016 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package basicauthpassword implements authenticator.Password by making a BasicAuth call to a remote endpoint and extracting user information from a JSON response.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New

func New(providerName string, url string, transport http.RoundTripper, mapper authapi.UserIdentityMapper) authenticator.Password

New returns an authenticator which will make a basic auth call to the given url. A custom transport can be provided (typically to customize TLS options like trusted roots or present a client certificate). If no transport is provided, http.DefaultTransport is used

Types

type Authenticator

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator uses basic auth to make a request to a JSON-returning URL. A 401 status indicate failed auth. A non-200 status or the presence of an "error" key with a non-empty

value indicates an error:
{"error":"Error message"}

A 200 status with an "id" key indicates success:

{"id":"userid"}

A successful response may also include name and/or email:

{"id":"userid", "name": "User Name", "email":"user@example.com"}

func (*Authenticator) AuthenticatePassword

func (a *Authenticator) AuthenticatePassword(username, password string) (user.Info, bool, error)

type RemoteError

type RemoteError struct {
	Error string
}

RemoteError holds error data returned from a remote authentication request

type RemoteUserData

type RemoteUserData struct {
	// Subject - Identifier for the End-User at the Issuer. Required.
	Subject string `json:"sub"`
	// Name is the end-User's full name in displayable form including all name parts, possibly including titles and suffixes,
	// ordered according to the End-User's locale and preferences.  Optional.
	Name string `json:"name"`
	// PreferredUsername is a shorthand name by which the End-User wishes to be referred. Optional.
	// Useful when the immutable subject is different than the login used by the user to authenticate
	PreferredUsername string `json:"preferred_username"`
	// Email is the end-User's preferred e-mail address. Optional.
	Email string `json:"email"`
}

RemoteUserData holds user data returned from a remote basic-auth protected endpoint. These field names can not be changed unless external integrators are also updated. Names are based on standard OpenID Connect claims: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL