client

package

v0.2.1 Latest Latest Go to latest Published: Sep 30, 2019 License: MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/NetAuth/NetAuth

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func Register(name string, impl TokenStore)
type NetAuthClient
- func New() (*NetAuthClient, error)
type TokenStore

Constants ¶

This section is empty.

Variables ¶

View Source

var (

	// ErrNoSuchTokenStore is returned in the case when the token
	// store requested does not actually exist.
	ErrNoSuchTokenStore = errors.New("no token store with that name exists")

	// ErrTokenUnavailable is returned when there is no token
	// available to be returned.
	ErrTokenUnavailable = errors.New("the stored token is unavailable")
)

View Source

var (
	// ErrConfigError is returned when the configuration was
	// loaded but was missing required values.
	ErrConfigError = errors.New("Required configuration values are missing")
)

Functions ¶

func Register ¶

func Register(name string, impl TokenStore)

Register is called by implementations to register into the token system.

Types ¶

type NetAuthClient ¶

type NetAuthClient struct {
	// contains filtered or unexported fields
}

The NetAuthClient is the logical abstraction on top of the gRPC client form the Protobuf. This includes the additional components such as the TokenService and the TokenStore, as well as the config structures that drive the client.

func New ¶

func New() (*NetAuthClient, error)

New returns a complete client ready to use.

func (*NetAuthClient) AddEntityToGroup ¶

func (n *NetAuthClient) AddEntityToGroup(t, g, e string) (*pb.SimpleResult, error)

AddEntityToGroup modifies direct membership of entities. This action must be authorized.

func (*NetAuthClient) Authenticate ¶

func (n *NetAuthClient) Authenticate(entity string, secret string) (*pb.SimpleResult, error)

Authenticate takes in an entity and a secret and tries to validate that the identity is legitimate by verifying the secret provided.

func (*NetAuthClient) ChangeSecret ¶

func (n *NetAuthClient) ChangeSecret(e, s, me, ms, t string) (*pb.SimpleResult, error)

ChangeSecret crafts a modEntity request with the correct fields to change an entity secret either via self authentication or via token authentication which is held by an appropriate administrator.

func (*NetAuthClient) DeleteGroup ¶

func (n *NetAuthClient) DeleteGroup(name, t string) (*pb.SimpleResult, error)

DeleteGroup removes a group by name. This action must be authorized.

func (*NetAuthClient) DestroyToken ¶

func (n *NetAuthClient) DestroyToken(name string) error

DestroyToken proxies inwards to the tokenStore to shield the client API for the future.

func (*NetAuthClient) EntityInfo ¶

func (n *NetAuthClient) EntityInfo(id string) (*pb.Entity, error)

EntityInfo btains the entity object with the secure fields redacted. This is primarily used for displaying the values of the metadata struct internally.

func (*NetAuthClient) GetToken ¶

func (n *NetAuthClient) GetToken(entity, secret string) (string, error)

GetToken is identical to Authenticate except on success it will return a token which can be used to authorize additional later requests.

func (*NetAuthClient) GroupInfo ¶

func (n *NetAuthClient) GroupInfo(name string) (*pb.GroupInfoResult, error)

GroupInfo provides information about a single group.

func (*NetAuthClient) InspectToken ¶

func (n *NetAuthClient) InspectToken(t string) (token.Claims, error)

InspectToken proxies through to the tokenService since the inner function may oneday be significantly more complicated, but hte function in the client should not change.

func (*NetAuthClient) ListGroupMembers ¶

func (n *NetAuthClient) ListGroupMembers(g string) ([]*pb.Entity, error)

ListGroupMembers returns a list of members for the requested group. This action does not require authorization.

func (*NetAuthClient) ListGroups ¶

func (n *NetAuthClient) ListGroups(entity string, indirects bool) ([]*pb.Group, error)

ListGroups returns a list of groups to the caller. This action does not require authorization.

func (*NetAuthClient) LockEntity ¶ added in v0.0.11

func (n *NetAuthClient) LockEntity(t, e string) (*pb.SimpleResult, error)

LockEntity locks an entity which prevents validation of an entity secret.

func (*NetAuthClient) ManageCapabilities ¶

func (n *NetAuthClient) ManageCapabilities(t, e, g, c, m string) (*pb.SimpleResult, error)

ManageCapabilities modifies the capabilities present on an entity or group. This action must be authorized.

func (*NetAuthClient) ModifyEntityKeys ¶

func (n *NetAuthClient) ModifyEntityKeys(t, e, m, kt, kv string) ([]string, error)

ModifyEntityKeys modifies the keys on an entity, this action must be authorized.

func (*NetAuthClient) ModifyEntityMeta ¶

func (n *NetAuthClient) ModifyEntityMeta(id, t string, meta *pb.EntityMeta) (*pb.SimpleResult, error)

ModifyEntityMeta makes an authenticated request to the server to update the metadata of an entity.

func (*NetAuthClient) ModifyGroupExpansions ¶

func (n *NetAuthClient) ModifyGroupExpansions(t, p, c, m string) (*pb.SimpleResult, error)

ModifyGroupExpansions modifies the parent/child status of the provided groups. This action must be authorized.

func (*NetAuthClient) ModifyGroupMeta ¶

func (n *NetAuthClient) ModifyGroupMeta(group *pb.Group, token string) (*pb.SimpleResult, error)

ModifyGroupMeta allows a group's metadata to be altered after the fact. This action must be authorized.

func (*NetAuthClient) ModifyUntypedEntityMeta ¶ added in v0.0.10

func (n *NetAuthClient) ModifyUntypedEntityMeta(t, e, m, k, v string) (map[string]string, error)

ModifyUntypedEntityMeta manages actions on the untyped metadata storage.

func (*NetAuthClient) ModifyUntypedGroupMeta ¶ added in v0.0.10

func (n *NetAuthClient) ModifyUntypedGroupMeta(t, g, m, k, v string) (map[string]string, error)

ModifyUntypedGroupMeta manages actions on the untyped metadata storage.

func (*NetAuthClient) NewEntity ¶

func (n *NetAuthClient) NewEntity(id string, uidn int32, secret, t string) (*pb.SimpleResult, error)

NewEntity crafts a modEntity request with the correct fields to create a new entity.

func (*NetAuthClient) NewGroup ¶

func (n *NetAuthClient) NewGroup(name, displayname, managedby, t string, number int) (*pb.SimpleResult, error)

NewGroup creates a new group with the given name, display name, and group number. This action must be authorized.

func (*NetAuthClient) Ping ¶

func (n *NetAuthClient) Ping() (*pb.PingResponse, error)

Ping very simply pings the server. The reply will contain the health status of the server as a server that replies and a server that can serve are two very different things (data might be reloading during the request).

func (*NetAuthClient) RemoveEntity ¶

func (n *NetAuthClient) RemoveEntity(id, token string) (*pb.SimpleResult, error)

RemoveEntity removes an entity by the given name. Only the 'entity' field of the modEntityRequest is required.

func (*NetAuthClient) RemoveEntityFromGroup ¶

func (n *NetAuthClient) RemoveEntityFromGroup(t, g, e string) (*pb.SimpleResult, error)

RemoveEntityFromGroup modifies direct membership of entities. This action must be authorized.

func (*NetAuthClient) SearchEntities ¶ added in v0.0.13

func (n *NetAuthClient) SearchEntities(expr string) (*pb.EntityList, error)

SearchEntities takes a string search expression to search for entites on the server.

func (*NetAuthClient) SearchGroups ¶ added in v0.0.13

func (n *NetAuthClient) SearchGroups(expr string) (*pb.GroupList, error)

SearchGroups takes a string search expression to search for entites on the server.

func (*NetAuthClient) UnlockEntity ¶ added in v0.0.11

func (n *NetAuthClient) UnlockEntity(t, e string) (*pb.SimpleResult, error)

UnlockEntity unlocks an entity which was previously locked.

func (*NetAuthClient) ValidateToken ¶

func (n *NetAuthClient) ValidateToken(entity string) (*pb.SimpleResult, error)

ValidateToken sends the token to the server for validation. This is effectively asking the server to authenticate the token and not do anything else. Returns a comment from the server and an error.

type TokenStore ¶

type TokenStore interface {
	StoreToken(string, string) error
	GetToken(string) (string, error)
	DestroyToken(string) error
}

The TokenStore is a convenient way to securely store tokens for entities. Care should be taken with all implementations to avoid loosing security of the token, since a token attack can be escalated to persistent root in the right circumstances.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL