auth

Documentation

Index

• type Auth
  • func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, ... string, ...) (*Auth, error)
  • func (a *Auth) AuthenticationMiddleware(handler http.Handler, s source.Source) http.Handler
  • func (a *Auth) AuthorizationMiddleware(handler http.Handler) http.Handler
  • func (a *Auth) CheckAuthentication(w http.ResponseWriter, r *http.Request, domain domain) bool
  • func (a *Auth) CheckAuthenticationWithoutProject(w http.ResponseWriter, r *http.Request, domain domain) bool
  • func (a *Auth) CheckResponseForInvalidToken(w http.ResponseWriter, r *http.Request, resp *http.Response) bool
  • func (a *Auth) DecryptCode(jwt, domain string) (string, error)
  • func (a *Auth) EncryptAndSignCode(domain, code string) (string, error)
  • func (a *Auth) GetTokenIfExists(w http.ResponseWriter, r *http.Request) (string, error)
  • func (a *Auth) IsAuthSupported() bool
  • func (a *Auth) RequireAuth(w http.ResponseWriter, r *http.Request) bool
  • func (a *Auth) TryAuthenticate(w http.ResponseWriter, r *http.Request, domains source.Source) bool

Types

type Auth

type Auth struct {
	// contains filtered or unexported fields
}

Auth handles authenticating users with GitLab API

func New

func New(pagesDomain, storeSecret, clientID, clientSecret, redirectURI, internalGitlabServer, publicGitlabServer, authScope string, authTimeout, cookieSessionTimeout time.Duration) (*Auth, error)

New when authentication supported this will be used to create authentication handler

func (*Auth) AuthenticationMiddleware

func (a *Auth) AuthenticationMiddleware(handler http.Handler, s source.Source) http.Handler

AuthenticationMiddleware handles authentication requests

func (*Auth) AuthorizationMiddleware

func (a *Auth) AuthorizationMiddleware(handler http.Handler) http.Handler

AuthorizationMiddleware handles authorization

func (*Auth) CheckAuthentication

func (a *Auth) CheckAuthentication(w http.ResponseWriter, r *http.Request, domain domain) bool

CheckAuthentication checks if user is authenticated and has access to the project will return contentServed = false when authFailed = true

func (*Auth) CheckAuthenticationWithoutProject

func (a *Auth) CheckAuthenticationWithoutProject(w http.ResponseWriter, r *http.Request, domain domain) bool

CheckAuthenticationWithoutProject checks if user is authenticated and has a valid token

func (*Auth) CheckResponseForInvalidToken

func (a *Auth) CheckResponseForInvalidToken(w http.ResponseWriter, r *http.Request,
	resp *http.Response,
) bool

CheckResponseForInvalidToken checks response for invalid token and destroys session if it was invalid

func (*Auth) DecryptCode

func (a *Auth) DecryptCode(jwt, domain string) (string, error)

DecryptCode decodes the secureCode as a JWT token and validates its signature. It then decrypts the code from the token claims and returns it.

func (*Auth) EncryptAndSignCode

func (a *Auth) EncryptAndSignCode(domain, code string) (string, error)

EncryptAndSignCode encrypts the OAuth code deriving the key from the domain. It adds the code and domain as JWT token claims and signs it using signingKey derived from the Auth secret.

func (*Auth) GetTokenIfExists

func (a *Auth) GetTokenIfExists(w http.ResponseWriter, r *http.Request) (string, error)

GetTokenIfExists returns the token if it exists

func (*Auth) IsAuthSupported

func (a *Auth) IsAuthSupported() bool

IsAuthSupported checks if pages is running with the authentication support

func (*Auth) RequireAuth

func (a *Auth) RequireAuth(w http.ResponseWriter, r *http.Request) bool

RequireAuth will trigger authentication flow if no token exists

func (*Auth) TryAuthenticate

func (a *Auth) TryAuthenticate(w http.ResponseWriter, r *http.Request, domains source.Source) bool

TryAuthenticate tries to authenticate user and fetch access token if request is a callback to /auth?