auth

package
v3.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 5, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

Package auth provides methods to generate valid authorization values and to also decode them.

It also provides methods to validate passwords.

Index

Constants

This section is empty.

Variables

View Source
var (
	// APIKey authenticates calls on behalf of an entity on itself, or of users or organizations.
	APIKey = TokenType(enc.EncodeToString([]byte("key")))
	// AccessToken authenticates calls on behalf of a user that authorized an OAuth client.
	AccessToken = TokenType(enc.EncodeToString([]byte("acc")))
	// RefreshToken is used by OAuth clients to refresh AccessTokens.
	RefreshToken = TokenType(enc.EncodeToString([]byte("ref")))
	// AuthorizationCode is used by OAuth clients to exchange AccessTokens.
	AuthorizationCode = TokenType(enc.EncodeToString([]byte("aut")))
	// SessionToken is used to authorize actions by user session.
	SessionToken = TokenType(enc.EncodeToString([]byte("ssn")))
)

Functions

func GenerateID

func GenerateID(_ context.Context) (string, error)

GenerateID generates the "id" part of the token.

func GenerateKey

func GenerateKey(_ context.Context) (string, error)

GenerateKey generates the "key" part of the token.

func Hash

func Hash(ctx context.Context, plain string) (string, error)

Hash hashes a plaintext secret.

func JoinToken

func JoinToken(tokenType TokenType, id, key string) string

JoinToken joins the token as "<prefix>.<id>.<key>".

func NewContextWithHashValidator

func NewContextWithHashValidator(parent context.Context, hashValidator HashValidator) context.Context

NewContextWithHashValidator returns a context derived from parent that contains hashValidator.

func NewContextWithX509DN

func NewContextWithX509DN(ctx context.Context, name pkix.Name) context.Context

NewContextWithX509DN returns a new context with the given distinguished name.

func Validate

func Validate(hashed, plain string) (bool, error)

Validate checks if the hash matches the plaintext.

func X509DNFromContext

func X509DNFromContext(ctx context.Context) (pkix.Name, bool)

X509DNFromContext returns the distinguished name from the given context.

Types

type CookieShape added in v3.9.0

type CookieShape struct {
	UserID        string `json:"user_id"`
	SessionID     string `json:"session_id"`
	SessionSecret string `json:"token_key"`
}

CookieShape is the shape of the auth cookie.

type HashValidator

type HashValidator interface {
	// Name returns the hashing method name that is used to identify which method
	// was used to hash a given secret.
	Name() string

	// Hash hashes the given plain text secret.
	Hash(plain string) (string, error)

	// Validate checks whether the given plain text secret is equal or not to
	// the given hashed secret.
	Validate(hashed, plain string) (bool, error)
}

HashValidator is a method to hash and validate a secret.

func HashValidatorFromContext

func HashValidatorFromContext(ctx context.Context) HashValidator

HashValidatorFromContext returns the HashValidator from the context if present. Otherwise it returns default HashValidator.

type TokenType

type TokenType string

TokenType indicates the type of a token.

func SplitToken

func SplitToken(token string) (tokenType TokenType, id, key string, err error)

SplitToken splits the token from "<prefix>.<id>.<key>".

func (TokenType) Generate

func (t TokenType) Generate(ctx context.Context, id string) (token string, err error)

Generate a token of this type. The ID is only generated if not already given.

func (TokenType) String added in v3.9.0

func (t TokenType) String() string

String returns string representation of token type.

Directories

Path Synopsis
Package cluster contains cluster authentication-related utilities.
Package cluster contains cluster authentication-related utilities.
Package mtls provides functions to authenticate client TLS certificates.
Package mtls provides functions to authenticate client TLS certificates.
Package pbkdf2 implements the PBKDF2 algorithm method used to hash passwords.
Package pbkdf2 implements the PBKDF2 algorithm method used to hash passwords.
Package rights implements rights fetching and checking.
Package rights implements rights fetching and checking.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL