authenticator

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 9, 2022 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authenticator

type Authenticator struct {
	// contains filtered or unexported fields
}

A Authenticator is a bahamut.Authenticator compliant structure to authentify requests using an a3s token.

func New

func New(jwks *token.JWKS, issuer string, audience string, options ...Option) *Authenticator

New returns a new Authenticator that will use the provided JWKS to cryptographically verify a request or session token. It will validate the token comes from the given issuer and has the correct audience.

func (*Authenticator) AuthenticateRequest

func (a *Authenticator) AuthenticateRequest(bctx bahamut.Context) (bahamut.AuthAction, error)

AuthenticateRequest authenticates the request from the given bahamut.Context.

func (*Authenticator) AuthenticateSession

func (a *Authenticator) AuthenticateSession(session bahamut.Session) (bahamut.AuthAction, error)

AuthenticateSession authenticates the given session.

type Option

type Option func(*config)

An Option can be used to configure various options in the Authenticator.

func OptionExternalTrustedIssuers

func OptionExternalTrustedIssuers(issuers ...RemoteIssuer) Option

OptionExternalTrustedIssuers sets the list of additionally trusted issuers. This is to trust tokens from other a3s instances as valid and authenticated.

func OptionIgnoredResources

func OptionIgnoredResources(identities ...string) Option

OptionIgnoredResources sets the list of identities that should skip authentication.

type RemoteIssuer

type RemoteIssuer struct {
	URL  string
	Pool *x509.CertPool
}

A RemoteIssuer holds the URL and the CertPool containing a CA to validate the server

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL