httpserver

package module
v0.0.0-...-8df540d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 28, 2023 License: MIT Imports: 30 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	APIAuthHeaderVer1Prefix               = "v1-hmac-sha256"
	APIAuthHeaderVer1CredentialPrefix     = "Credential="
	APIAuthHeaderVer1SignedHeadersPrefix  = "SignedHeaders="
	APIAuthHeaderVer1SignatureValuePrefix = "Signature="
)

Variables

View Source 
var (
	GetCertsForUserByPrimaryNameAdminPrefixPath = "/swoossh/admin/Cert/User/Name/"
	GetCertsForUserByPrimaryNameAdminSuffixPath = "/list"

	CreateCertForUserAdminPrefixPath = "/swoossh/admin/Cert/User/Name/"
	CreateCertForUserAdminSuffixPath = "/NewCert"

	GetCertsSizeQueryParamName  = "size"
	GetCertsTokenQueryParamName = "token"
	GetCertsOrderQueryParamName = "order"

	MAXCERTPAYLOADBODYSIZE         = 1048576
	GetCertsDefaultResultSize      = 20
	GetCertsOrderValueEnumForward  = "forw"
	GetCertsOrderValueEnumPrevious = "prev"
)
View Source 
var (
	GetGroupByIDPrefixPath           = "/swoossh/admin/Group/ID/"
	GetGroupByPrimaryNamePrefixPath  = "/swoossh/admin/Group/Name/"
	PutGroupByIDPrefixPath           = "/swoossh/admin/Group/ID/"
	PutGroupByPrimaryNamePrefixPath  = "/swoossh/admin/Group/Name/"
	DeleteGroupByNamePrefixPath      = "/swoossh/admin/Group/Name/"
	SearchGroupsByNameQueryParamName = "name"
	SearchGroupsTokenQueryParamName  = "token"
	SearchGroupsSizeQueryParamName   = "size"
	SearchGroupsOrderQueryParamName  = "order"

	MAXGROUPPAYLOADBODYSIZE            = 1048576
	SearchGroupsDefaultResultSize      = 20
	SearchGroupsOrderValueEnumForward  = "forw"
	SearchGroupsOrderValueEnumPrevious = "prev"
)
View Source 
var (
	GetUserByIDPrefixPath                  = "/swoossh/admin/User/ID/"
	GetUserByPrimaryNamePrefixPath         = "/swoossh/admin/User/Name/"
	PutUserByIDPrefixPath                  = "/swoossh/admin/User/ID/"
	PutUserByPrimaryNamePrefixPath         = "/swoossh/admin/User/Name/"
	PutUserByIDPrefixPathNonAdmin          = "/swoossh/User/ID/"
	DeleteUserByPrincipalNamePrefixPath    = "/swoossh/admin/User/Name/"
	POSTNewUserpath                        = "/swoossh/admin/User"
	SearchUsersByPrimaryNameQueryParamName = "name"
	SearchUsersSizeQueryParamName          = "size"
	SearchUsersTokenQueryParamName         = "token"
	SearchUsersOrderQueryParamName         = "order"

	MAXUSERPAYLOADBODYSIZE            = 1048576
	SearchUsersDefaultResultSize      = 20
	SearchUsersOrderValueEnumForward  = "forw"
	SearchUsersOrderValueEnumPrevious = "prev"
)

Functions

func DefaultHTTPPasswdChangeHandler 

func DefaultHTTPPasswdChangeHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for POST /swoossh/changePasswd

func DefaultHTTPServerCreateSSHUserCertHandler 

func DefaultHTTPServerCreateSSHUserCertHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests GET /swoossh/myNewCert for requests GET /swoossh/admin/Cert/User/Name/:xxx/NewCert creates and returns a new certificate

func DefaultHTTPServerDeleteGroupHandler 

func DefaultHTTPServerDeleteGroupHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests DELETE /swoossh/admin/Group/Name/:groupName deletes an existing group

func DefaultHTTPServerDeleteUserHandler 

func DefaultHTTPServerDeleteUserHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests DELETE /swoossh/admim/User/Name/:principalName deletes an existing user

func DefaultHTTPServerGetCertsForUserHandler 

func DefaultHTTPServerGetCertsForUserHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests GET /swoossh/admin/Cert/User/Name/:xxx/list?size=yy&token=zz&order=prev fetches user certs for requests GET /swoossh/myCerts?size=yy&token=zz&order=prev fetches user certs

func DefaultHTTPServerGetGroupHandler 

func DefaultHTTPServerGetGroupHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests GET /swoossh/admin/Group/ID/:uuid or /swoossh/admin/Group/Name/:groupname

func DefaultHTTPServerGetUserHandler 

func DefaultHTTPServerGetUserHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests GET /swoossh/admin/User/ID/:uuid or /swoossh/admin/User/Name/:principalName

func DefaultHTTPServerHomeHandler 

func DefaultHTTPServerHomeHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for GET /swoossh/ or /swoossh/home

func DefaultHTTPServerPostGroupHandler 

func DefaultHTTPServerPostGroupHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests POST /swoossh/admin/Group creates a new group

func DefaultHTTPServerPostUserHandler 

func DefaultHTTPServerPostUserHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests POST "/swoossh/admin/User"

func DefaultHTTPServerPutGroupHandler 

func DefaultHTTPServerPutGroupHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests PUT /swoossh/admin/Group/Name/:groupName creates a new group for requests PUT /swoossh/admin/Group/ID/:uuid attempts to update an existing group

func DefaultHTTPServerPutUserHandler 

func DefaultHTTPServerPutUserHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests PUT /swoossh/admin/User/Name/:principalName creates a new user for requests PUT /swoossh/admin/User/ID/:uuid attempts to update an existing user

func DefaultHTTPServerPutUserHandlerNonAdmin 

func DefaultHTTPServerPutUserHandlerNonAdmin(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests PUT /swoossh/User/ID/:uuid attempts to update an existing user currently only supports updating the publickey and latestPasswdHash of the user

func DefaultHTTPServerSearchGroupsHandler 

func DefaultHTTPServerSearchGroupsHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests GET /swoossh/admin/Groups?name=xxx&size=yy&token=zz&order=prev searches for groups

func DefaultHTTPServerSearchUsersHandler 

func DefaultHTTPServerSearchUsersHandler(w http.ResponseWriter, r *http.Request, srv *DefaultHTTPServer)

for requests GET /swoossh/admin/Users?name=xxx&size=yy&token=zz&order=prev searches for users

func GenerateSignatureHeader_v1 

func GenerateSignatureHeader_v1(r *http.Request, creds ApiKeyCreds, headersToSign []string) (*string, error)

func ValidateSignature_v1 

func ValidateSignature_v1(r *http.Request, creds []*ApiKeyCreds, authSansVersion string, during time.Time, forPeriodInSecs int64) (bool, *string, error)

Types

type ApiKeyCreds 

type ApiKeyCreds struct {
	ApiKeyID string
	ApiKey   []byte
}

type AuthnzResult 

type AuthnzResult interface {
	AuthenticatedPrincipal() (user.User, error)
	AuthorizationResult() (*bool, error)
	IsAdmin() *bool
}

type AuthorizationHandler 

type AuthorizationHandler interface {
	AuthorizationHandler(w http.ResponseWriter, r *http.Request, store storage.Store) (authnzResult AuthnzResult, requestFulfilled bool, err error)
}

type DefaultAuthnzResult 

type DefaultAuthnzResult struct {
	// contains filtered or unexported fields
}

func (*DefaultAuthnzResult) AuthenticatedPrincipal 

func (c *DefaultAuthnzResult) AuthenticatedPrincipal() (user.User, error)

func (*DefaultAuthnzResult) AuthorizationResult 

func (c *DefaultAuthnzResult) AuthorizationResult() (*bool, error)

func (*DefaultAuthnzResult) IsAdmin 

func (c *DefaultAuthnzResult) IsAdmin() *bool

type DefaultHTTPServer 

type DefaultHTTPServer struct {
	Store             storage.Store
	CA                ca.CA
	AuthHandler       AuthorizationHandler
	TemplateFS        fs.FS
	AdminHomeTmplName *string
	HomeTmplName      *string
}

func (*DefaultHTTPServer) AuthorizationHandler 

func (c *DefaultHTTPServer) AuthorizationHandler(w http.ResponseWriter, r *http.Request) (authzResult AuthnzResult, requestFulfilled bool, err error)

func (*DefaultHTTPServer) CreateSSHUserCertHandler 

func (c *DefaultHTTPServer) CreateSSHUserCertHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) DeleteGroupHandler 

func (c *DefaultHTTPServer) DeleteGroupHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) DeleteUserHandler 

func (c *DefaultHTTPServer) DeleteUserHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) GetCertsForUserHandler 

func (c *DefaultHTTPServer) GetCertsForUserHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) GetGroupHandler 

func (c *DefaultHTTPServer) GetGroupHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) GetUserHandler 

func (c *DefaultHTTPServer) GetUserHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) HomeHandler 

func (c *DefaultHTTPServer) HomeHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) PasswdChangeHandler 

func (c *DefaultHTTPServer) PasswdChangeHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) PostGroupHandler 

func (c *DefaultHTTPServer) PostGroupHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) PostUserHandler 

func (c *DefaultHTTPServer) PostUserHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) PutGroupHandler 

func (c *DefaultHTTPServer) PutGroupHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) PutUserHandler 

func (c *DefaultHTTPServer) PutUserHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) PutUserHandlerNonAdmin 

func (c *DefaultHTTPServer) PutUserHandlerNonAdmin(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) SearchGroupsHandler 

func (c *DefaultHTTPServer) SearchGroupsHandler(w http.ResponseWriter, r *http.Request)

func (*DefaultHTTPServer) SearchUsersHandler 

func (c *DefaultHTTPServer) SearchUsersHandler(w http.ResponseWriter, r *http.Request)

type DefaultHTTPServerAuthHandler 

type DefaultHTTPServerAuthHandler struct {
	AuthzCreds                    []*ApiKeyCreds
	ApiKeySignatureValidityInSecs *int64
	ApiKeyAuthzReqHeader          *string
	OAuthClient                   OAuthClientInterface
	CookieKey                     *string
	Siv                           siv.SIV
	AdminUserClaimsMatches        []string
}

func (*DefaultHTTPServerAuthHandler) AuthorizationHandler 

func (c *DefaultHTTPServerAuthHandler) AuthorizationHandler(w http.ResponseWriter, r *http.Request, store storage.Store) (AuthnzResult, bool, error)

type GetCertsForUserHandler 

type GetCertsForUserHandler interface {
	GetCertsForUserHandler(w http.ResponseWriter, r *http.Request)
}

type GroupsHandler 

type GroupsHandler interface {
	GetGroupHandler(w http.ResponseWriter, r *http.Request)
	PutGroupHandler(w http.ResponseWriter, r *http.Request)
	PostGroupHandler(w http.ResponseWriter, r *http.Request)
	DeleteGroupHandler(w http.ResponseWriter, r *http.Request)
}

type HTTPServer 

type HTTPServer interface {
	UsersHandler
	GroupsHandler
	SSHCertHandler
	AuthorizationHandler
}

type IDTokenInterface 

type IDTokenInterface interface {
	Claims(v interface{}) error
}

type IDTokenVerifier 

type IDTokenVerifier struct {
	*oidc.IDTokenVerifier
}

func (*IDTokenVerifier) Verify 

func (c *IDTokenVerifier) Verify(ctx context.Context, rawIDToken string) (IDTokenInterface, error)

type IDTokenVerifierInterface 

type IDTokenVerifierInterface interface {
	Verify(ctx context.Context, rawIDToken string) (IDTokenInterface, error)
}

type OAuthClientInterface 

type OAuthClientInterface interface {
	SetOauthRedirectURL(baseHost, scheme string)
	GetOauthRedirectPath() string
	GetAuthCodeURL(state string) string
	OAuthStateParamName() string
	//OAuthConfig() *oauth2.Config
	OAuthConfig() OauthConfigInterface
	//GetOpenIDCProvider() *oidc.Provider
	GetOpenIDCProvider() OIDCProviderInterface
	GetEntitlementsFieldForClaims() string
}

type OIDCProvider 

type OIDCProvider struct {
	*oidc.Provider
}

func (*OIDCProvider) Verifier 

func (c *OIDCProvider) Verifier(config *oidc.Config) IDTokenVerifierInterface

type OIDCProviderInterface 

type OIDCProviderInterface interface {
	Verifier(config *oidc.Config) IDTokenVerifierInterface
}

type OauthClient 

type OauthClient struct {
	OauthConfig                OauthConfig
	OpenIDCProvider            OIDCProvider
	OauthCallBackHandlerPath   *string
	OauthStateParamName        *string
	EntitlementsFieldForClaims *string
}

func (*OauthClient) GetAuthCodeURL 

func (c *OauthClient) GetAuthCodeURL(state string) string

func (*OauthClient) GetEntitlementsFieldForClaims 

func (c *OauthClient) GetEntitlementsFieldForClaims() string

func (*OauthClient) GetOauthRedirectPath 

func (c *OauthClient) GetOauthRedirectPath() string

func (*OauthClient) GetOpenIDCProvider 

func (c *OauthClient) GetOpenIDCProvider() OIDCProviderInterface

func (*OauthClient) OAuthConfig 

func (c *OauthClient) OAuthConfig() OauthConfigInterface

func (*OauthClient) OAuthStateParamName 

func (c *OauthClient) OAuthStateParamName() string

func (*OauthClient) SetOauthRedirectURL 

func (c *OauthClient) SetOauthRedirectURL(baseHost, scheme string)

type OauthConfig 

type OauthConfig struct {
	*oauth2.Config
}

func (*OauthConfig) ClientID 

func (c *OauthConfig) ClientID() string

func (*OauthConfig) Exchange 

func (c *OauthConfig) Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (OauthTokenInterface, error)

type OauthConfigInterface 

type OauthConfigInterface interface {
	Exchange(ctx context.Context, code string, opts ...oauth2.AuthCodeOption) (OauthTokenInterface, error)
	ClientID() string
}

type OauthTokenInterface 

type OauthTokenInterface interface {
	Extra(key string) interface{}
}

type SSHCertHandler 

type SSHCertHandler interface {
	CreateSSHUserCertHandler(w http.ResponseWriter, r *http.Request)
}

type SearchGroupsHandler 

type SearchGroupsHandler interface {
	SearchGroupsHandler(w http.ResponseWriter, r *http.Request)
}

type SearchUsersHandler 

type SearchUsersHandler interface {
	SearchUsersHandler(w http.ResponseWriter, r *http.Request)
}

type UsersHandler 

type UsersHandler interface {
	GetUserHandler(w http.ResponseWriter, r *http.Request)
	PutUserHandler(w http.ResponseWriter, r *http.Request)
	PostUserHandler(w http.ResponseWriter, r *http.Request)
	DeleteUserHandler(w http.ResponseWriter, r *http.Request)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.