authintegration

package

v0.5.2 Latest Latest Go to latest Published: Jan 19, 2025 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/containerssh/containerssh

README ¶

ContainerSSH Authentication Library

This library provides integration between the sshserver library and the auth library

Using this library

This library can be used to provide an authenticating overlay for ContainerSSH. It stacks well with other libraries. To use it you must first call the authintegration.New() method. This method has three parameters:

authClient is an authentication client from the auth library.
backend is another implementation of the Handler interface from the sshserver library.
behavior influences when the backend is called for authentication purposes.
- BehaviorNoPassthrough means that the backend will not be used for authentication, only for getting further handlers.
- BehaviorPassthroughOnFailure will give the backend an additional chance to authenticate the user if the authentication server returns a failure.
- BehaviorPassthroughOnSuccess passes the credentials to the backend for additional checks of an already verified successful authentication.
- BehaviorPassthroughOnUnavailable passes the authentication to the backend as a fallback if the authentication server failed to return a valid response.

For example:

handler := authintegration.New(
    auth.ClientConfig{
        URL: "http://localhost:8080"
        Password: true,
        PubKey: false,
    },
    otherHandler,
    logger,
    authintegration.BehaviorNoPassthrough,
)

You can then use the handler to launch an SSH server:

server, err := sshserver.New(
    cfg,
    handler,
    logger,
)

Documentation ¶

Index ¶

func New(config config.AuthConfig, backend sshserver.Handler, logger log.Logger, ...) (sshserver.Handler, []service.Service, error)
type Behavior

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(
	config config.AuthConfig,
	backend sshserver.Handler,
	logger log.Logger,
	metricsCollector metrics.Collector,
	behavior Behavior,
) (sshserver.Handler, []service.Service, error)

New creates a new handler that authenticates the users with passwords and public keys.

Types ¶

type Behavior ¶

type Behavior int

Behavior dictates how when the authentication requests are passed to the backends.

const (
	// BehaviorNoPassthrough means that the authentication integration will never call the backend for authentication.
	BehaviorNoPassthrough Behavior = iota
	// BehaviorPassthroughOnFailure will call the backend if the authentication server returned a failure.
	BehaviorPassthroughOnFailure Behavior = iota
	// BehaviorPassthroughOnSuccess will call the backend if the authentication server returned a success.
	BehaviorPassthroughOnSuccess Behavior = iota
	// BehaviorPassthroughOnUnavailable will call the backend if the authentication server is not available.
	BehaviorPassthroughOnUnavailable Behavior = iota
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL