Documentation ¶
Index ¶
- type EncryptingSerializer
- type Identity
- type OIDCWorkflowSession
- type Provider
- func (p *Provider) DestroySession(ctx *fasthttp.RequestCtx) error
- func (p *Provider) GetExpiration(ctx *fasthttp.RequestCtx) (time.Duration, error)
- func (p *Provider) GetSession(ctx *fasthttp.RequestCtx) (UserSession, error)
- func (p *Provider) RegenerateSession(ctx *fasthttp.RequestCtx) error
- func (p *Provider) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) error
- func (p *Provider) UpdateExpiration(ctx *fasthttp.RequestCtx, expiration time.Duration) error
- type ProviderConfig
- type U2FRegistration
- type UserSession
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EncryptingSerializer ¶
type EncryptingSerializer struct {
// contains filtered or unexported fields
}
EncryptingSerializer a serializer encrypting the data with AES-GCM with 256-bit keys.
func NewEncryptingSerializer ¶
func NewEncryptingSerializer(secret string) *EncryptingSerializer
NewEncryptingSerializer return new encrypt instance.
func (*EncryptingSerializer) Decode ¶
func (e *EncryptingSerializer) Decode(dst *session.Dict, src []byte) error
Decode decrypt and decode session.
func (*EncryptingSerializer) Encode ¶
func (e *EncryptingSerializer) Encode(src session.Dict) ([]byte, error)
Encode encode and encrypt session.
type OIDCWorkflowSession ¶
type OIDCWorkflowSession struct { ClientID string RequestedScopes []string GrantedScopes []string RequestedAudience []string GrantedAudience []string TargetURI string AuthURI string RequiredAuthorizationLevel authorization.Level CreatedTimestamp int64 }
OIDCWorkflowSession represent an OIDC workflow session.
type Provider ¶
type Provider struct { RememberMe time.Duration Inactivity time.Duration // contains filtered or unexported fields }
Provider a session provider.
func NewProvider ¶
func NewProvider(configuration schema.SessionConfiguration, certPool *x509.CertPool) *Provider
NewProvider instantiate a session provider given a configuration.
func (*Provider) DestroySession ¶
func (p *Provider) DestroySession(ctx *fasthttp.RequestCtx) error
DestroySession destroy a session ID and delete the cookie.
func (*Provider) GetExpiration ¶
GetExpiration get the expiration of the current session.
func (*Provider) GetSession ¶
func (p *Provider) GetSession(ctx *fasthttp.RequestCtx) (UserSession, error)
GetSession return the user session from a request.
func (*Provider) RegenerateSession ¶
func (p *Provider) RegenerateSession(ctx *fasthttp.RequestCtx) error
RegenerateSession regenerate a session ID.
func (*Provider) SaveSession ¶
func (p *Provider) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) error
SaveSession save the user session.
func (*Provider) UpdateExpiration ¶
UpdateExpiration update the expiration of the cookie and session.
type ProviderConfig ¶
type ProviderConfig struct {
// contains filtered or unexported fields
}
ProviderConfig is the configuration used to create the session provider.
func NewProviderConfig ¶
func NewProviderConfig(configuration schema.SessionConfiguration, certPool *x509.CertPool) ProviderConfig
NewProviderConfig creates a configuration for creating the session provider.
type U2FRegistration ¶
U2FRegistration is a serializable version of a U2F registration.
type UserSession ¶
type UserSession struct { Username string DisplayName string // TODO(c.michaud): move groups out of the session. Groups []string Emails []string KeepMeLoggedIn bool AuthenticationLevel authentication.Level LastActivity int64 FirstFactorAuthnTimestamp int64 SecondFactorAuthnTimestamp int64 // The challenge generated in first step of U2F registration (after identity verification) or authentication. // This is used reused in the second phase to check that the challenge has been completed. U2FChallenge *u2f.Challenge // The registration representing a U2F device in DB set after identity verification. // This is used in second phase of a U2F authentication. U2FRegistration *U2FRegistration // Represent an OIDC workflow session initiated by the client if not null. OIDCWorkflowSession *OIDCWorkflowSession // This boolean is set to true after identity verification and checked // while doing the query actually updating the password. PasswordResetUsername *string RefreshTTL time.Time }
UserSession is the structure representing the session of a user.
func NewDefaultUserSession ¶
func NewDefaultUserSession() UserSession
NewDefaultUserSession create a default user session.
func (UserSession) AuthenticatedTime ¶
func (s UserSession) AuthenticatedTime(level authorization.Level) (authenticatedTime time.Time, err error)
AuthenticatedTime returns the unix timestamp this session authenticated successfully at the given level.
func (*UserSession) SetOneFactor ¶
func (s *UserSession) SetOneFactor(now time.Time, details *authentication.UserDetails, keepMeLoggedIn bool)
SetOneFactor sets the expected property values for one factor authentication.
func (*UserSession) SetTwoFactor ¶
func (s *UserSession) SetTwoFactor(now time.Time)
SetTwoFactor sets the expected property values for two factor authentication.