tokenstore

package

v1.0.2 Latest Latest Go to latest Published: Dec 1, 2020 License: Apache-2.0 Imports: 2 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/PureStorage-OpenConnect/pure1-unplugged

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// HmacSecret is generated randomly on startup and used to encode JWTs
	HmacSecret string
)

Functions ¶

This section is empty.

Types ¶

type APITokenClaims ¶

type APITokenClaims struct {
	Email      string `json:"email,omitempty"`
	Randomizer int    `json:"randomizer,omitempty"`
	jwt.StandardClaims
}

APITokenClaims represents the claims stored in a Pure1 Unplugged API token

type APITokenStore ¶

type APITokenStore interface {
	// GenerateAPIToken generates a new API token for long-term use
	GenerateAPIToken(userID string, email string) (string, error)

	// GenerateSessionToken generates a token for a user session (short-lived)
	GenerateSessionToken(userID string, email string) (string, error)

	// GetAPITokenNames gets a list of all API token names in this store
	GetAPITokenNames() []string

	// ContainsAPIToken checks if this APITokenStore contains an API token with this name
	ContainsAPIToken(tokenName string) bool

	// GetUserForToken fetches which user this token represents. If the given token doesn't exist, returns an error
	GetUserForToken(apiToken string) (string, error)

	// StoreAPIToken registers an API token in this store mapped to the given user. WARNING: this WILL overwrite
	// existing token names, api tokens, or users (and thus can be used for upserts), check all relevant methods
	// before calling this
	StoreAPIToken(tokenName string, apiToken string, userID string) error

	// DeleteAPIToken deletes the API token with the given name. Note that "this token doesn't exist" is NOT an
	// error
	DeleteAPIToken(tokenName string) error

	// HasUserCredentials checks if this user's OAuth token is stored in this token store
	HasUserCredentials(userID string) bool

	// Remove this user from the mapping. This is usually called if a refresh fails and we want to remove it so we can
	// re-authenticate on next login (this way the user doesn't get locked out with bad credentials)
	InvalidateUser(userID string) error

	// StoreUser associates the given userID with their OAuth token. If the given user already has an OAuth token stored,
	// returns an error. WARNING: this WILL overwrite existing user IDs and tokens, this functions as an upsert.
	StoreUser(userID string, token *oauth2.Token) error

	// GetTokenForUser gets the OAuth token for the given user
	GetTokenForUser(userID string) (*oauth2.Token, error)
}

APITokenStore provides an interface for all operations involved with API tokens and their persistence

Source Files ¶

View all Source files

types.go

Directories ¶

Path	Synopsis
kube
memory
mock

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL