session

package
v1.8.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2021 License: Apache-2.0 Imports: 26 Imported by: 105

Documentation

Index

Constants

View Source 
const (
	// SessionManagerClaimsIssuer fills the "iss" field of the token.
	SessionManagerClaimsIssuer = "argocd"
)

Variables

View Source 
var (
	InvalidLoginErr = status.Errorf(codes.Unauthenticated, invalidLoginError)
)

Functions

func Groups added in v1.2.4 

func Groups(ctx context.Context, scopes []string) []string

func Iat added in v1.5.0 

func Iat(ctx context.Context) (time.Time, error)

func Iss added in v1.2.4 

func Iss(ctx context.Context) string

func LoggedIn added in v1.2.4 

func LoggedIn(ctx context.Context) bool

func NewInMemoryUserStateStorage added in v1.5.3 

func NewInMemoryUserStateStorage() *inMemoryUserStateStorage

func Sub added in v1.2.4 

func Sub(ctx context.Context) string

func Username added in v0.7.0 

func Username(ctx context.Context) string

Username is a helper to extract a human readable username from a context

Types

type LoginAttempts added in v1.5.3 

type LoginAttempts struct {
	// Time of the last failed login
	LastFailed time.Time `json:"lastFailed"`
	// Number of consecutive login failures
	FailCount int `json:"failCount"`
}

LoginAttempts is a timestamped counter for failed login attempts

type SessionManager 

type SessionManager struct {
	// contains filtered or unexported fields
}

SessionManager generates and validates JWT tokens for login sessions.

func NewSessionManager added in v0.4.0 

func NewSessionManager(settingsMgr *settings.SettingsManager, projectsLister v1alpha1.AppProjectNamespaceLister, dexServerAddr string, storage UserStateStorage) *SessionManager

NewSessionManager creates a new session manager from Argo CD settings

func (*SessionManager) Create 

func (mgr *SessionManager) Create(subject string, secondsBeforeExpiry int64, id string) (string, error)

Create creates a new token for a given subject (user) and returns it as a string. Passing a value of `0` for secondsBeforeExpiry creates a token that never expires. The id parameter holds an optional unique JWT token identifier and stored as a standard claim "jti" in the JWT token.

func (*SessionManager) GetLoginFailures added in v1.5.3 

func (mgr *SessionManager) GetLoginFailures() map[string]LoginAttempts

GetLoginFailures retrieves the login failure information from the cache

func (*SessionManager) Parse 

func (mgr *SessionManager) Parse(tokenString string) (jwt.Claims, error)

Parse tries to parse the provided string and returns the token claims for local login.

func (*SessionManager) VerifyToken added in v0.4.0 

func (mgr *SessionManager) VerifyToken(tokenString string) (jwt.Claims, error)

VerifyToken verifies if a token is correct. Tokens can be issued either from us or by an IDP. We choose how to verify based on the issuer.

func (*SessionManager) VerifyUsernamePassword added in v0.4.0 

func (mgr *SessionManager) VerifyUsernamePassword(username string, password string) error

VerifyUsernamePassword verifies if a username/password combo is correct

type UserStateStorage added in v1.5.3 

type UserStateStorage interface {
	GetLoginAttempts(attempts *map[string]LoginAttempts) error
	SetLoginAttempts(attempts map[string]LoginAttempts) error
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.