auth

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 15, 2024 License: BSD-3-Clause Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ScopeAdminRead   = Scope("admin.read")
	ScopeAdminWrite  = Scope("admin.write")
	ScopeAdminDelete = Scope("admin.delete")
	ScopeSelfRead    = Scope("self.read")
	ScopeSelfWrite   = Scope("self.write")
	ScopeSelfDelete  = Scope("self.delete")
)

TODO rework, split up

Variables

View Source 
var AuthCtxKey = &contextKey{"auth"}

Functions

func ContextHasScope 

func ContextHasScope(ctx context.Context, scope Scope) error

ContextHasScope checks if a user is authenticated and has the scope By guarding a request with this, accessing the RequestAuth.User is always safe

func ContextHasScopeOrIsUserIDAndHasScope 

func ContextHasScopeOrIsUserIDAndHasScope(ctx context.Context, scope Scope, id *uuid.UUID, userScope Scope) error

ContextHasScopeOrIsUserIDAndHasScope checks if a user is authenticated and has the scope OR has the id and the userScope By guarding a request with this, accessing the RequestAuth.User is always safe

func ContextIsUserIDAndHasScope 

func ContextIsUserIDAndHasScope(ctx context.Context, id uuid.UUID, scope Scope) error

ContextIsUserIDAndHasScope checks if a user is authenticated, has the id and the scope By guarding a request with this, accessing the RequestAuth.User is always safe

Types

type OIDCConfig 

type OIDCConfig struct {
	Provider    string `json:"provider"`
	ClientID    string `json:"client_id"`
	ScopePrefix string `json:"scope_prefix"`
}

func (*OIDCConfig) Discover 

func (c *OIDCConfig) Discover() (*OIDCDiscovery, error)

type OIDCDiscovery 

type OIDCDiscovery struct {
	JWKSURI               string `json:"jwks_uri"`
	UserinfoEndpoint      string `json:"userinfo_endpoint"`
	AuthorizationEndpoint string `json:"authorization_endpoint"`
	TokenEndpoint         string `json:"token_endpoint"`
}

type RequestAuth 

type RequestAuth struct {
	User  *model.User
	Token *jwt.Token

	// Scopes is a filtered list of scopes with the configured prefix removed
	Scopes *Scopes
}

RequestAuth contains information about the authenticated user It always contains validated data, but fields may be nil

func ForContext 

func ForContext(ctx context.Context) *RequestAuth

ForContext gets the auth data from the context. Middleware.Middleware must have run to set the data. Can be nil.

func (*RequestAuth) TokenClaims 

func (ra *RequestAuth) TokenClaims() *TokenClaims

TokenClaims returns the Claims of the Token as TokenClaims or nil, when no Token is set This will intentionally panic if the Claims are the wrong type

type Scope 

type Scope string

type Scopes 

type Scopes []Scope

func (Scopes) HasAny 

func (s Scopes) HasAny(scopes Scopes) bool

type TokenClaims 

type TokenClaims jwt.MapClaims

func (TokenClaims) Scopes 

func (c TokenClaims) Scopes() Scopes

Scopes returns all scopes from the scope claim

func (TokenClaims) Sub 

func (c TokenClaims) Sub() *string

Sub returns the sub claim or nil if missing

func (TokenClaims) Valid 

func (c TokenClaims) Valid() error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.