Documentation

Overview

    Package auth implements authentication services for chasquid.

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    func DecodeResponse

    func DecodeResponse(response string) (user, domain, passwd string, err error)

      DecodeResponse decodes a plain auth response.

      It must be a a base64-encoded string of the form:

      <authorization id> NUL <authentication id> NUL <password>
      

      https://tools.ietf.org/html/rfc4954#section-4.1.

      Either both ID match, or one of them is empty. We expect the ID to be "user@domain", which is NOT an RFC requirement but our own.

      Types

      type Authenticator

      type Authenticator struct {
      
      	// Fallback backend, to use when backends[domain] (which may not exist)
      	// did not yield a positive result.
      	// Note that this backend gets the user with the domain included, of the
      	// form "user@domain".
      	Fallback Backend
      
      	// How long Authenticate calls should last, approximately.
      	// This will be applied both for successful and unsuccessful attempts.
      	// We will increase this number by 0-20%.
      	AuthDuration time.Duration
      	// contains filtered or unexported fields
      }

        Authenticator tracks the backends for each domain, and allows callers to query them with a more practical API.

        func NewAuthenticator

        func NewAuthenticator() *Authenticator

          NewAuthenticator returns a new Authenticator with no backends.

          func (*Authenticator) Authenticate

          func (a *Authenticator) Authenticate(user, domain, password string) (bool, error)

            Authenticate the user@domain with the given password.

            func (*Authenticator) Exists

            func (a *Authenticator) Exists(user, domain string) (bool, error)

              Exists checks that user@domain exists.

              func (*Authenticator) Register

              func (a *Authenticator) Register(domain string, be Backend)

                Register a backend to use for the given domain.

                func (*Authenticator) Reload

                func (a *Authenticator) Reload() error

                  Reload the registered backends.

                  type Backend

                  type Backend interface {
                  	Authenticate(user, password string) (bool, error)
                  	Exists(user string) (bool, error)
                  	Reload() error
                  }

                    Backend is the common interface for all authentication backends.

                    func WrapNoErrorBackend

                    func WrapNoErrorBackend(be NoErrorBackend) Backend

                      WrapNoErrorBackend wraps a NoErrorBackend, converting it into a valid Backend. This is normally used in Auth.Register calls, to register no-error backends.

                      type NoErrorBackend

                      type NoErrorBackend interface {
                      	Authenticate(user, password string) bool
                      	Exists(user string) bool
                      	Reload() error
                      }

                        NoErrorBackend is the interface for authentication backends that don't need to emit errors. This allows backends to avoid unnecessary complexity, in exchange for a bit more here. They can be converted to normal Backend using WrapNoErrorBackend (defined below).

                        Source Files