This section is empty.


This section is empty.


func Authenticated

func Authenticated(req *http.Request) bool

Authenticated returns true if the user is successfully authenticated, in the call trace following SSOWrapper.Wrap.

func Groups

func Groups(req *http.Request) []string

Groups returns the group list for the currently authenticated user.

func Username

func Username(req *http.Request) string

Username of the currently authenticated user.


type SSOWrapper

type SSOWrapper struct {
	// contains filtered or unexported fields

SSOWrapper protects http handlers with single-sign-on authentication.

func NewSSOWrapper

func NewSSOWrapper(serverURL string, pkey []byte, domain string, sessionAuthKey, sessionEncKey []byte, ttl time.Duration) (*SSOWrapper, error)

NewSSOWrapper returns a new SSOWrapper that will authenticate users on the specified login service.

func (*SSOWrapper) Wrap

func (s *SSOWrapper) Wrap(h http.Handler, service string, groups []string) http.Handler

Wrap a http.Handler with authentication and access control. Currently only a simple form of group-based ACLs is supported.

Source Files