Documentation ¶
Index ¶
- func NewProviderSession(pconfig ProviderConfig, provider session.Provider) (p *session.Session, err error)
- type Elevation
- type Elevations
- type EncryptingSerializer
- type Identity
- type Provider
- type ProviderConfig
- type Serializer
- type Session
- func (p *Session) DestroySession(ctx *fasthttp.RequestCtx) error
- func (p *Session) GetExpiration(ctx *fasthttp.RequestCtx) (time.Duration, error)
- func (p *Session) GetSession(ctx *fasthttp.RequestCtx) (userSession UserSession, err error)
- func (p *Session) NewDefaultUserSession() (userSession UserSession)
- func (p *Session) RegenerateSession(ctx *fasthttp.RequestCtx) error
- func (p *Session) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) (err error)
- func (p *Session) UpdateExpiration(ctx *fasthttp.RequestCtx, expiration time.Duration) (err error)
- type TOTP
- type UserSession
- func (s *UserSession) AuthenticatedTime(level authorization.Level) (authenticatedTime time.Time, err error)
- func (s *UserSession) GetDisplayName() (name string)
- func (s *UserSession) GetEmails() (emails []string)
- func (s *UserSession) GetGroups() (groups []string)
- func (s *UserSession) GetUsername() (username string)
- func (s *UserSession) Identity() Identity
- func (s *UserSession) IsAnonymous() bool
- func (s *UserSession) SetOneFactor(now time.Time, details *authentication.UserDetails, keepMeLoggedIn bool)
- func (s *UserSession) SetTwoFactorDuo(now time.Time)
- func (s *UserSession) SetTwoFactorTOTP(now time.Time)
- func (s *UserSession) SetTwoFactorWebAuthn(now time.Time, hardware, userPresence, userVerified bool)
- type WebAuthn
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewProviderSession ¶ added in v4.38.0
func NewProviderSession(pconfig ProviderConfig, provider session.Provider) (p *session.Session, err error)
Types ¶
type Elevations ¶ added in v4.38.0
type Elevations struct {
User *Elevation
}
Elevations describes various session elevations.
type EncryptingSerializer ¶
type EncryptingSerializer struct {
// contains filtered or unexported fields
}
EncryptingSerializer a serializer encrypting the data with AES-GCM with 256-bit keys.
func NewEncryptingSerializer ¶
func NewEncryptingSerializer(secret string) *EncryptingSerializer
NewEncryptingSerializer return new encrypt instance.
func (*EncryptingSerializer) Decode ¶
func (e *EncryptingSerializer) Decode(dst *session.Dict, src []byte) (err error)
Decode decrypt and decode session.
func (*EncryptingSerializer) Encode ¶
func (e *EncryptingSerializer) Encode(src session.Dict) (data []byte, err error)
Encode encode and encrypt session.
type Provider ¶
type Provider struct {
// contains filtered or unexported fields
}
Provider contains a list of domain sessions.
func NewProvider ¶
NewProvider instantiate a session provider given a configuration.
type ProviderConfig ¶
type ProviderConfig struct {
// contains filtered or unexported fields
}
ProviderConfig is the configuration used to create the session provider.
func NewProviderConfig ¶
func NewProviderConfig(config schema.SessionCookie, providerName string, serializer Serializer) ProviderConfig
NewProviderConfig creates a configuration for creating the session provider.
func NewProviderConfigAndSession ¶ added in v4.38.0
func NewProviderConfigAndSession(config schema.SessionCookie, providerName string, serializer Serializer, provider session.Provider) (c ProviderConfig, p *session.Session, err error)
type Serializer ¶ added in v4.38.0
type Serializer interface { Encode(src session.Dict) (data []byte, err error) Decode(dst *session.Dict, src []byte) (err error) }
Serializer is a function that can serialize session information.
func NewSessionProvider ¶ added in v4.38.0
type Session ¶ added in v4.38.0
type Session struct { Config schema.SessionCookie // contains filtered or unexported fields }
Session a session provider.
func (*Session) DestroySession ¶ added in v4.38.0
func (p *Session) DestroySession(ctx *fasthttp.RequestCtx) error
DestroySession destroy a session ID and delete the cookie.
func (*Session) GetExpiration ¶ added in v4.38.0
GetExpiration get the expiration of the current session.
func (*Session) GetSession ¶ added in v4.38.0
func (p *Session) GetSession(ctx *fasthttp.RequestCtx) (userSession UserSession, err error)
GetSession return the user session from a request.
func (*Session) NewDefaultUserSession ¶ added in v4.38.0
func (p *Session) NewDefaultUserSession() (userSession UserSession)
NewDefaultUserSession returns a new default UserSession for this session provider.
func (*Session) RegenerateSession ¶ added in v4.38.0
func (p *Session) RegenerateSession(ctx *fasthttp.RequestCtx) error
RegenerateSession regenerate a session ID.
func (*Session) SaveSession ¶ added in v4.38.0
func (p *Session) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) (err error)
SaveSession save the user session.
func (*Session) UpdateExpiration ¶ added in v4.38.0
UpdateExpiration update the expiration of the cookie and session.
type TOTP ¶ added in v4.38.0
type TOTP struct { Issuer string Algorithm string Digits uint32 Period uint Secret string Expires time.Time }
TOTP holds the TOTP registration session data.
type UserSession ¶
type UserSession struct { CookieDomain string Username string DisplayName string // TODO(c.michaud): move groups out of the session. Groups []string Emails []string KeepMeLoggedIn bool AuthenticationLevel authentication.Level LastActivity int64 FirstFactorAuthnTimestamp int64 SecondFactorAuthnTimestamp int64 AuthenticationMethodRefs oidc.AuthenticationMethodsReferences // WebAuthn holds the session registration data for this session. WebAuthn *WebAuthn TOTP *TOTP // This boolean is set to true after identity verification and checked // while doing the query actually updating the password. PasswordResetUsername *string RefreshTTL time.Time Elevations Elevations }
UserSession is the structure representing the session of a user.
func NewDefaultUserSession ¶
func NewDefaultUserSession() UserSession
NewDefaultUserSession create a default user session.
func (*UserSession) AuthenticatedTime ¶
func (s *UserSession) AuthenticatedTime(level authorization.Level) (authenticatedTime time.Time, err error)
AuthenticatedTime returns the unix timestamp this session authenticated successfully at the given level.
func (*UserSession) GetDisplayName ¶ added in v4.38.7
func (s *UserSession) GetDisplayName() (name string)
func (*UserSession) GetEmails ¶ added in v4.38.7
func (s *UserSession) GetEmails() (emails []string)
func (*UserSession) GetGroups ¶ added in v4.38.7
func (s *UserSession) GetGroups() (groups []string)
func (*UserSession) GetUsername ¶ added in v4.38.7
func (s *UserSession) GetUsername() (username string)
func (*UserSession) Identity ¶ added in v4.38.0
func (s *UserSession) Identity() Identity
Identity value of the user session.
func (*UserSession) IsAnonymous ¶ added in v4.37.0
func (s *UserSession) IsAnonymous() bool
IsAnonymous returns true if the username is empty or the AuthenticationLevel is authentication.NotAuthenticated.
func (*UserSession) SetOneFactor ¶
func (s *UserSession) SetOneFactor(now time.Time, details *authentication.UserDetails, keepMeLoggedIn bool)
SetOneFactor sets the 1FA AMR's and expected property values for one factor authentication.
func (*UserSession) SetTwoFactorDuo ¶ added in v4.35.0
func (s *UserSession) SetTwoFactorDuo(now time.Time)
SetTwoFactorDuo sets the relevant Duo AMR's and sets the factor to 2FA.
func (*UserSession) SetTwoFactorTOTP ¶ added in v4.35.0
func (s *UserSession) SetTwoFactorTOTP(now time.Time)
SetTwoFactorTOTP sets the relevant TOTP AMR's and sets the factor to 2FA.
func (*UserSession) SetTwoFactorWebAuthn ¶ added in v4.38.0
func (s *UserSession) SetTwoFactorWebAuthn(now time.Time, hardware, userPresence, userVerified bool)
SetTwoFactorWebAuthn sets the relevant WebAuthn AMR's and sets the factor to 2FA.
type WebAuthn ¶ added in v4.38.0
type WebAuthn struct { *webauthn.SessionData Description string `json:"description"` }
WebAuthn holds the standard WebAuthn session data plus some extra.