security

Documentation

Index

• Constants
• func IsAvailableScope(scope Scope) bool
• func ParseHashedPassword(value string, bcryptCost int) ([]byte, bool)
• func RegisterHooks(lifecycle fx.Lifecycle, config *config.Config, provider *UserProvider)
• func VerifyPassword(hashedPassword, password []byte) bool
• func WithAuthenticatedUser(ctx context.Context, user *User) context.Context
• type HashedPasswordParser
  • func MustGetPasswordParser(key string) HashedPasswordParser
• type Scope
  • func GetAvailableScopes() []Scope
  • func ParseScopes(values []string) (scopes []Scope)
  • func VerifyScopes(actualScopes, expectedScopes []Scope) (requiredScopes []Scope)
  • func (s Scope) String() string
• type TokenManager
  • func NewTokenManager(config *config.Config) *TokenManager
  • func (m *TokenManager) Extract(tokenString string) (*jwt.Token, error)
  • func (m *TokenManager) Sign(claims jwt.Claims) (string, error)
• type User
  • func AuthenticatedUser(ctx context.Context) *User
  • func NewUser(name string, hashedPassword []byte, scopes []Scope) *User
  • func (u *User) HashedPassword() []byte
  • func (u *User) Name() string
  • func (u *User) Scopes() []Scope
• type UserProvider
  • func NewUserProvider() *UserProvider
  • func (p *UserProvider) Get(name string) *User
  • func (p *UserProvider) Set(name string, user *User)

Constants

const (
	PasswordTypePlain   = "plain"
	PasswordTypeEnv     = "env"
	PasswordTypeEncrypt = "encrypt"
)

const (
	ScopeReadServer = "read:server"
	ScopeReadTubes  = "read:tubes"
	ScopeReadJobs   = "read:jobs"
	ScopeWriteJobs  = "write:jobs"
)

Functions

func IsAvailableScope

func IsAvailableScope(scope Scope) bool

func ParseHashedPassword

func ParseHashedPassword(value string, bcryptCost int) ([]byte, bool)

func RegisterHooks

func RegisterHooks(lifecycle fx.Lifecycle, config *config.Config, provider *UserProvider)

func VerifyPassword

func VerifyPassword(hashedPassword, password []byte) bool

func WithAuthenticatedUser

func WithAuthenticatedUser(ctx context.Context, user *User) context.Context

Types

type HashedPasswordParser

type HashedPasswordParser interface {
	Parse(value string, bcryptCost int) ([]byte, error)
}

func MustGetPasswordParser

func MustGetPasswordParser(key string) HashedPasswordParser

type Scope

type Scope string

func GetAvailableScopes

func GetAvailableScopes() []Scope

func ParseScopes

func ParseScopes(values []string) (scopes []Scope)

func VerifyScopes

func VerifyScopes(actualScopes, expectedScopes []Scope) (requiredScopes []Scope)

func (Scope) String

func (s Scope) String() string

type TokenManager

type TokenManager struct {
	// contains filtered or unexported fields
}

func NewTokenManager

func NewTokenManager(config *config.Config) *TokenManager

func (*TokenManager) Extract

func (m *TokenManager) Extract(tokenString string) (*jwt.Token, error)

func (*TokenManager) Sign

func (m *TokenManager) Sign(claims jwt.Claims) (string, error)

type User

type User struct {
	// contains filtered or unexported fields
}

func AuthenticatedUser

func AuthenticatedUser(ctx context.Context) *User

func NewUser

func NewUser(name string, hashedPassword []byte, scopes []Scope) *User

func (*User) HashedPassword

func (u *User) HashedPassword() []byte

func (*User) Name

func (u *User) Name() string

func (*User) Scopes

func (u *User) Scopes() []Scope

type UserProvider

type UserProvider struct {
	// contains filtered or unexported fields
}

func NewUserProvider

func NewUserProvider() *UserProvider

func (*UserProvider) Get

func (p *UserProvider) Get(name string) *User

func (*UserProvider) Set

func (p *UserProvider) Set(name string, user *User)