webhook

package

v0.5.1 Latest Latest Go to latest Published: Jun 7, 2024 License: Apache-2.0 Imports: 9 Imported by: 2

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/containerssh/libcontainerssh

Links

Open Source Insights

Documentation ¶

Index ¶

func NewHandler(h AuthRequestHandler, logger log.Logger) http.Handler
func NewServer(cfg config.HTTPServerConfiguration, h AuthRequestHandler, logger log.Logger) (http.Server, error)
type AuthRequestHandler
type AuthenticationResponse
type Client
- func NewTestClient(cfg config.AuthWebhookClientConfig, logger log.Logger) (Client, error)

Examples ¶

NewServer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewHandler ¶

func NewHandler(h AuthRequestHandler, logger log.Logger) http.Handler

NewHandler creates an HTTP handler that forwards calls to the provided h config request handler.

func NewServer ¶

func NewServer(
	cfg config.HTTPServerConfiguration,
	h AuthRequestHandler,
	logger log.Logger,
) (http.Server, error)

NewServer returns a complete HTTP server that responds to the authentication requests.

Example ¶

ExampleNewServer demonstrates how to set up an authentication server.

package main

import (
	"context"
	"os"
	"time"

	auth2 "go.containerssh.io/libcontainerssh/auth"
	"go.containerssh.io/libcontainerssh/auth/webhook"
	"go.containerssh.io/libcontainerssh/config"
	"go.containerssh.io/libcontainerssh/log"
	"go.containerssh.io/libcontainerssh/metadata"
	"go.containerssh.io/libcontainerssh/service"
)

// myAuthReqHandler is your handler for authentication requests.
type myAuthReqHandler struct {
}

// OnPassword will be called when the user requests password authentication.
func (m *myAuthReqHandler) OnPassword(
	meta metadata.ConnectionAuthPendingMetadata,
	password []byte,
) (
	success bool,
	metadata metadata.ConnectionAuthenticatedMetadata,
	err error,
) {
	return true, meta.Authenticated(meta.Username), nil
}

// OnPubKey will be called when the user requests public key authentication.
func (m *myAuthReqHandler) OnPubKey(
	meta metadata.ConnectionAuthPendingMetadata,
	publicKey auth2.PublicKey,
) (
	success bool,
	metadata metadata.ConnectionAuthenticatedMetadata,
	err error,
) {
	return true, meta.Authenticated(meta.Username), nil
}

// OnAuthorization will be called after login in non-webhook auth handlers to verify the user is authorized to login
func (m *myAuthReqHandler) OnAuthorization(
	meta metadata.ConnectionAuthenticatedMetadata,
) (
	success bool,
	metadata metadata.ConnectionAuthenticatedMetadata,
	err error,
) {
	return true, meta, nil
}

// ExampleNewServer demonstrates how to set up an authentication server.
func main() {
	// Set up a logger.
	logger := log.MustNewLogger(config.LogConfig{
		Level:       config.LogLevelWarning,
		Format:      config.LogFormatText,
		Destination: config.LogDestinationStdout,
		Stdout:      os.Stdout,
	})

	// Create a new auth webhook server.
	srv, err := webhook.NewServer(
		config.HTTPServerConfiguration{
			Listen: "0.0.0.0:8001",
		},
		// Pass your handler here.
		&myAuthReqHandler{},
		logger,
	)
	if err != nil {
		// Handle error
		panic(err)
	}

	// Set up and run the web server service.
	lifecycle := service.NewLifecycle(srv)

	go func() {
		//Ignore error, handled later.
		_ = lifecycle.Run()
	}()

	// Sleep for 30 seconds as a test.
	time.Sleep(30 * time.Second)

	// Set up a shutdown context to give a deadline for graceful shutdown.
	shutdownContext, cancel := context.WithTimeout(context.Background(), 30*time.Second)
	defer cancel()
	// Stop the server.
	lifecycle.Stop(shutdownContext)

	// Wait for the server to stop.
	lastError := lifecycle.Wait()
	if lastError != nil {
		// Server stopped abnormally.
		panic(lastError)
	}

}

Output:

Types ¶

type AuthRequestHandler ¶

type AuthRequestHandler interface {
	auth.Handler
}

AuthRequestHandler describes the methods an authentication server has to implement in order to be usable with the server component of this package.

type AuthenticationResponse ¶

type AuthenticationResponse interface {
	// Success must return true or false of the authentication was successful / unsuccessful.
	Success() bool
	// Error returns the error that happened during the authentication. This is useful for returning detailed error
	// message.
	Error() error
	// Metadata returns a set of metadata entries that have been obtained during the authentication.
	Metadata() metadata.ConnectionAuthenticatedMetadata
}

AuthenticationResponse holds the results of an authentication.

type Client ¶

type Client interface {
	// Password authenticates with a password from the client. It returns a bool if the authentication as successful
	// or not. If an error happened while contacting the authentication server it will return an error.
	Password(
		metadata metadata.ConnectionAuthPendingMetadata,
		password []byte,
	) AuthenticationResponse

	// PubKey authenticates with a public key from the client. It returns a bool if the authentication as successful
	// or not. If an error happened while contacting the authentication server it will return an error.
	PubKey(
		metadata metadata.ConnectionAuthPendingMetadata,
		pubKey auth2.PublicKey,
	) AuthenticationResponse
}

func NewTestClient ¶

func NewTestClient(cfg config.AuthWebhookClientConfig, logger log.Logger) (Client, error)

NewTestClient creates a new copy of a client usable for testing purposes.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL