Documentation ¶
Overview ¶
Package auth provides methods to generate valid authorization values and to also decode them.
It also provides methods to validate passwords.
Index ¶
- Variables
- func GenerateID(_ context.Context) (string, error)
- func GenerateKey(_ context.Context) (string, error)
- func Hash(ctx context.Context, plain string) (string, error)
- func JoinToken(tokenType TokenType, id, key string) string
- func NewContextWithHashValidator(parent context.Context, hashValidator HashValidator) context.Context
- func NewContextWithX509DN(ctx context.Context, name pkix.Name) context.Context
- func Validate(hashed, plain string) (bool, error)
- func X509DNFromContext(ctx context.Context) (pkix.Name, bool)
- type CookieShape
- type HashValidator
- type TokenType
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // APIKey authenticates calls on behalf of an entity on itself, or of users or organizations. APIKey = TokenType(enc.EncodeToString([]byte("key"))) // AccessToken authenticates calls on behalf of a user that authorized an OAuth client. AccessToken = TokenType(enc.EncodeToString([]byte("acc"))) // RefreshToken is used by OAuth clients to refresh AccessTokens. RefreshToken = TokenType(enc.EncodeToString([]byte("ref"))) // AuthorizationCode is used by OAuth clients to exchange AccessTokens. AuthorizationCode = TokenType(enc.EncodeToString([]byte("aut"))) // SessionToken is used to authorize actions by user session. SessionToken = TokenType(enc.EncodeToString([]byte("ssn"))) )
Functions ¶
func GenerateID ¶
GenerateID generates the "id" part of the token.
func GenerateKey ¶
GenerateKey generates the "key" part of the token.
func NewContextWithHashValidator ¶
func NewContextWithHashValidator(parent context.Context, hashValidator HashValidator) context.Context
NewContextWithHashValidator returns a context derived from parent that contains hashValidator.
func NewContextWithX509DN ¶
NewContextWithX509DN returns a new context with the given distinguished name.
Types ¶
type CookieShape ¶ added in v3.9.0
type CookieShape struct { UserID string `json:"user_id"` SessionID string `json:"session_id"` SessionSecret string `json:"token_key"` }
CookieShape is the shape of the auth cookie.
type HashValidator ¶
type HashValidator interface { // Name returns the hashing method name that is used to identify which method // was used to hash a given secret. Name() string // Hash hashes the given plain text secret. Hash(plain string) (string, error) // Validate checks whether the given plain text secret is equal or not to // the given hashed secret. Validate(hashed, plain string) (bool, error) }
HashValidator is a method to hash and validate a secret.
func HashValidatorFromContext ¶
func HashValidatorFromContext(ctx context.Context) HashValidator
HashValidatorFromContext returns the HashValidator from the context if present. Otherwise it returns default HashValidator.
Directories ¶
Path | Synopsis |
---|---|
Package cluster contains cluster authentication-related utilities.
|
Package cluster contains cluster authentication-related utilities. |
Package mtls provides functions to authenticate client TLS certificates.
|
Package mtls provides functions to authenticate client TLS certificates. |
Package pbkdf2 implements the PBKDF2 algorithm method used to hash passwords.
|
Package pbkdf2 implements the PBKDF2 algorithm method used to hash passwords. |
Package rights implements rights fetching and checking.
|
Package rights implements rights fetching and checking. |
Click to show internal directories.
Click to hide internal directories.