identityserver

package
v0.0.0-...-5352646 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 26, 2020 License: Apache-2.0 Imports: 44 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Config

type Config struct {
	DatabaseURI      string `name:"database-uri" description:"Database connection URI"`
	UserRegistration struct {
		Invitation struct {
			Required bool          `name:"required" description:"Require invitations for new users"`
			TokenTTL time.Duration `name:"token-ttl" description:"TTL of user invitation tokens"`
		} `name:"invitation"`
		ContactInfoValidation struct {
			Required bool `name:"required" description:"Require contact info validation for new users"`
		} `name:"contact-info-validation"`
		AdminApproval struct {
			Required bool `name:"required" description:"Require admin approval for new users"`
		} `name:"admin-approval"`
		PasswordRequirements struct {
			MinLength    int `name:"min-length" description:"Minimum password length"`
			MaxLength    int `name:"max-length" description:"Maximum password length"`
			MinUppercase int `name:"min-uppercase" description:"Minimum number of uppercase letters"`
			MinDigits    int `name:"min-digits" description:"Minimum number of digits"`
			MinSpecial   int `name:"min-special" description:"Minimum number of special characters"`
		} `name:"password-requirements"`
	} `name:"user-registration"`
	AuthCache struct {
		MembershipTTL time.Duration `name:"membership-ttl" description:"TTL of membership caches"`
	} `name:"auth-cache"`
	OAuth          oauth.Config `name:"oauth"`
	ProfilePicture struct {
		UseGravatar bool   `name:"use-gravatar" description:"Use Gravatar fallback for users without profile picture"`
		Bucket      string `name:"bucket" description:"Bucket used for storing profile pictures"`
		BucketURL   string `name:"bucket-url" description:"Base URL for public bucket access"`
	} `name:"profile-picture"`
	EndDevicePicture struct {
		Bucket    string `name:"bucket" description:"Bucket used for storing end device pictures"`
		BucketURL string `name:"bucket-url" description:"Base URL for public bucket access"`
	} `name:"end-device-picture"`
	Email struct {
		email.Config `name:",squash"`
		SendGrid     sendgrid.Config      `name:"sendgrid"`
		SMTP         smtp.Config          `name:"smtp"`
		Templates    emailTemplatesConfig `name:"templates"`
	} `name:"email"`
}

Config for the Identity Server

type IdentityServer

type IdentityServer struct {
	*component.Component
	// contains filtered or unexported fields
}

IdentityServer implements the Identity Server component.

The Identity Server exposes the Registry and Access services for Applications, OAuth clients, Gateways, Organizations and Users.

func New

func New(c *component.Component, config *Config) (is *IdentityServer, err error)

New returns new *IdentityServer.

func (*IdentityServer) ApplicationRights

func (is *IdentityServer) ApplicationRights(ctx context.Context, appIDs ttnpb.ApplicationIdentifiers) (*ttnpb.Rights, error)

ApplicationRights returns the rights the caller has on the given application.

func (*IdentityServer) ClientRights

func (is *IdentityServer) ClientRights(ctx context.Context, cliIDs ttnpb.ClientIdentifiers) (*ttnpb.Rights, error)

ClientRights returns the rights the caller has on the given client.

func (*IdentityServer) Context

func (is *IdentityServer) Context() context.Context

Context returns the context of the Identity Server.

func (*IdentityServer) GatewayRights

func (is *IdentityServer) GatewayRights(ctx context.Context, gtwIDs ttnpb.GatewayIdentifiers) (*ttnpb.Rights, error)

GatewayRights returns the rights the caller has on the given gateway.

func (*IdentityServer) IsAdmin

func (is *IdentityServer) IsAdmin(ctx context.Context) bool

IsAdmin returns whether the caller is an admin.

func (*IdentityServer) OrganizationRights

func (is *IdentityServer) OrganizationRights(ctx context.Context, orgIDs ttnpb.OrganizationIdentifiers) (*ttnpb.Rights, error)

OrganizationRights returns the rights the caller has on the given organization.

func (*IdentityServer) RegisterHandlers

func (is *IdentityServer) RegisterHandlers(s *runtime.ServeMux, conn *grpc.ClientConn)

RegisterHandlers registers gRPC handlers.

func (*IdentityServer) RegisterServices

func (is *IdentityServer) RegisterServices(s *grpc.Server)

RegisterServices registers services provided by is at s.

func (*IdentityServer) RequireAdmin

func (is *IdentityServer) RequireAdmin(ctx context.Context) error

RequireAdmin returns an error when the caller is not an admin.

func (*IdentityServer) RequireAuthenticated

func (is *IdentityServer) RequireAuthenticated(ctx context.Context) error

RequireAuthenticated checks the request context for authentication presence and returns an error if there is none.

func (*IdentityServer) Roles

func (is *IdentityServer) Roles() []ttnpb.ClusterRole

Roles returns the roles that the Identity Server fulfills.

func (*IdentityServer) SendContactsEmail

func (is *IdentityServer) SendContactsEmail(ctx context.Context, ids *ttnpb.EntityIdentifiers, makeMessage func(emails.Data) email.MessageData) error

SendContactsEmail sends an email to the contacts of the given entity.

func (*IdentityServer) SendEmail

func (is *IdentityServer) SendEmail(ctx context.Context, f func(emails.Data) email.MessageData) (err error)

SendEmail sends an email.

func (*IdentityServer) SendUserEmail

func (is *IdentityServer) SendUserEmail(ctx context.Context, userIDs *ttnpb.UserIdentifiers, makeMessage func(emails.Data) email.MessageData) error

SendUserEmail sends an email to the given user.

func (*IdentityServer) SetRedisCache

func (is *IdentityServer) SetRedisCache(redis *redis.Client)

SetRedisCache configures the given redis instance for caching.

func (*IdentityServer) UniversalRights

func (is *IdentityServer) UniversalRights(ctx context.Context) *ttnpb.Rights

UniversalRights returns the universal rights (that apply to any entity or outside entity scope) contained in the request context. This is used to determine admin rights.

func (*IdentityServer) UserRights

func (is *IdentityServer) UserRights(ctx context.Context, userIDs ttnpb.UserIdentifiers) (*ttnpb.Rights, error)

UserRights returns the rights the caller has on the given user.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL