v4.33.2 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jan 21, 2022 License: Apache-2.0 Imports: 21 Imported by: 0




This section is empty.


This section is empty.


This section is empty.


type EncryptingSerializer

type EncryptingSerializer struct {
	// contains filtered or unexported fields

EncryptingSerializer a serializer encrypting the data with AES-GCM with 256-bit keys.

func NewEncryptingSerializer

func NewEncryptingSerializer(secret string) *EncryptingSerializer

NewEncryptingSerializer return new encrypt instance.

func (*EncryptingSerializer) Decode

func (e *EncryptingSerializer) Decode(dst *session.Dict, src []byte) error

Decode decrypt and decode session.

func (*EncryptingSerializer) Encode

func (e *EncryptingSerializer) Encode(src session.Dict) ([]byte, error)

Encode encode and encrypt session.

type Identity

type Identity struct {
	Username string
	Email    string

Identity identity of the user who is being verified.

type OIDCWorkflowSession

type OIDCWorkflowSession struct {
	ClientID                   string
	RequestedScopes            []string
	GrantedScopes              []string
	RequestedAudience          []string
	GrantedAudience            []string
	TargetURI                  string
	AuthURI                    string
	RequiredAuthorizationLevel authorization.Level
	CreatedTimestamp           int64

OIDCWorkflowSession represent an OIDC workflow session.

type Provider

type Provider struct {
	RememberMe time.Duration
	Inactivity time.Duration
	// contains filtered or unexported fields

Provider a session provider.

func NewProvider

func NewProvider(configuration schema.SessionConfiguration, certPool *x509.CertPool) *Provider

NewProvider instantiate a session provider given a configuration.

func (*Provider) DestroySession

func (p *Provider) DestroySession(ctx *fasthttp.RequestCtx) error

DestroySession destroy a session ID and delete the cookie.

func (*Provider) GetExpiration

func (p *Provider) GetExpiration(ctx *fasthttp.RequestCtx) (time.Duration, error)

GetExpiration get the expiration of the current session.

func (*Provider) GetSession

func (p *Provider) GetSession(ctx *fasthttp.RequestCtx) (UserSession, error)

GetSession return the user session from a request.

func (*Provider) RegenerateSession

func (p *Provider) RegenerateSession(ctx *fasthttp.RequestCtx) error

RegenerateSession regenerate a session ID.

func (*Provider) SaveSession

func (p *Provider) SaveSession(ctx *fasthttp.RequestCtx, userSession UserSession) error

SaveSession save the user session.

func (*Provider) UpdateExpiration

func (p *Provider) UpdateExpiration(ctx *fasthttp.RequestCtx, expiration time.Duration) error

UpdateExpiration update the expiration of the cookie and session.

type ProviderConfig

type ProviderConfig struct {
	// contains filtered or unexported fields

ProviderConfig is the configuration used to create the session provider.

func NewProviderConfig

func NewProviderConfig(configuration schema.SessionConfiguration, certPool *x509.CertPool) ProviderConfig

NewProviderConfig creates a configuration for creating the session provider.

type U2FRegistration

type U2FRegistration struct {
	KeyHandle []byte
	PublicKey []byte

U2FRegistration is a serializable version of a U2F registration.

type UserSession

type UserSession struct {
	Username    string
	DisplayName string
	// TODO(c.michaud): move groups out of the session.
	Groups []string
	Emails []string

	KeepMeLoggedIn      bool
	AuthenticationLevel authentication.Level
	LastActivity        int64

	FirstFactorAuthnTimestamp  int64
	SecondFactorAuthnTimestamp int64

	// The challenge generated in first step of U2F registration (after identity verification) or authentication.
	// This is used reused in the second phase to check that the challenge has been completed.
	U2FChallenge *u2f.Challenge
	// The registration representing a U2F device in DB set after identity verification.
	// This is used in second phase of a U2F authentication.
	U2FRegistration *U2FRegistration

	// Represent an OIDC workflow session initiated by the client if not null.
	OIDCWorkflowSession *OIDCWorkflowSession

	// This boolean is set to true after identity verification and checked
	// while doing the query actually updating the password.
	PasswordResetUsername *string

	RefreshTTL time.Time

UserSession is the structure representing the session of a user.

func NewDefaultUserSession

func NewDefaultUserSession() UserSession

NewDefaultUserSession create a default user session.

func (UserSession) AuthenticatedTime

func (s UserSession) AuthenticatedTime(level authorization.Level) (authenticatedTime time.Time, err error)

AuthenticatedTime returns the unix timestamp this session authenticated successfully at the given level.

func (*UserSession) SetOneFactor

func (s *UserSession) SetOneFactor(now time.Time, details *authentication.UserDetails, keepMeLoggedIn bool)

SetOneFactor sets the expected property values for one factor authentication.

func (*UserSession) SetTwoFactor

func (s *UserSession) SetTwoFactor(now time.Time)

SetTwoFactor sets the expected property values for two factor authentication.


Path Synopsis
Package mock_session is a generated GoMock package.
Package mock_session is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL