Documentation ¶
Overview ¶
Code generated by MockGen. DO NOT EDIT. Source: ldap_connection_factory.go
Index ¶
- Constants
- Variables
- func CheckPassword(password, hash string) (ok bool, err error)
- func HashPassword(password, salt string, algorithm CryptAlgo, ...) (hash string, err error)
- type CryptAlgo
- type DatabaseModel
- type FileUserProvider
- func (p *FileUserProvider) CheckUserPassword(username string, password string) (bool, error)
- func (p *FileUserProvider) GetDetails(username string) (*UserDetails, error)
- func (p *FileUserProvider) StartupCheck() (err error)
- func (p *FileUserProvider) UpdatePassword(username string, newPassword string) error
- type LDAPConnection
- type LDAPConnectionFactory
- type LDAPConnectionFactoryImpl
- type LDAPConnectionImpl
- func (lc *LDAPConnectionImpl) Bind(username, password string) error
- func (lc *LDAPConnectionImpl) Close()
- func (lc *LDAPConnectionImpl) Modify(modifyRequest *ldap.ModifyRequest) error
- func (lc *LDAPConnectionImpl) PasswordModify(pwdModifyRequest *ldap.PasswordModifyRequest) error
- func (lc *LDAPConnectionImpl) Search(searchRequest *ldap.SearchRequest) (*ldap.SearchResult, error)
- func (lc *LDAPConnectionImpl) StartTLS(config *tls.Config) error
- type LDAPUserProvider
- func (p *LDAPUserProvider) CheckUserPassword(inputUsername string, password string) (bool, error)
- func (p *LDAPUserProvider) GetDetails(inputUsername string) (*UserDetails, error)
- func (p *LDAPUserProvider) StartupCheck() (err error)
- func (p *LDAPUserProvider) UpdatePassword(inputUsername string, newPassword string) error
- type Level
- type MockLDAPConnection
- func (m *MockLDAPConnection) Bind(username, password string) error
- func (m *MockLDAPConnection) Close()
- func (m *MockLDAPConnection) EXPECT() *MockLDAPConnectionMockRecorder
- func (m *MockLDAPConnection) Modify(modifyRequest *ldap.ModifyRequest) error
- func (m *MockLDAPConnection) PasswordModify(pwdModifyRequest *ldap.PasswordModifyRequest) error
- func (m *MockLDAPConnection) Search(searchRequest *ldap.SearchRequest) (*ldap.SearchResult, error)
- func (m *MockLDAPConnection) StartTLS(config *tls.Config) error
- type MockLDAPConnectionFactory
- type MockLDAPConnectionFactoryMockRecorder
- type MockLDAPConnectionMockRecorder
- func (mr *MockLDAPConnectionMockRecorder) Bind(username, password interface{}) *gomock.Call
- func (mr *MockLDAPConnectionMockRecorder) Close() *gomock.Call
- func (mr *MockLDAPConnectionMockRecorder) Modify(modifyRequest interface{}) *gomock.Call
- func (mr *MockLDAPConnectionMockRecorder) PasswordModify(pwdModifyRequest interface{}) *gomock.Call
- func (mr *MockLDAPConnectionMockRecorder) Search(searchRequest interface{}) *gomock.Call
- func (mr *MockLDAPConnectionMockRecorder) StartTLS(config interface{}) *gomock.Call
- type PasswordHash
- type UserDetails
- type UserDetailsModel
- type UserProvider
Constants ¶
const ( // TOTP Method using Time-Based One-Time Password applications like Google Authenticator. TOTP = "totp" // Webauthn Method using Webauthn devices like YubiKeys. Webauthn = "webauthn" // Push Method using Duo application to receive push notifications. Push = "mobile_push" )
const ( HashingDefaultArgon2idTime = 1 HashingDefaultArgon2idMemory = 32 * 1024 HashingDefaultArgon2idParallelism = 4 HashingDefaultArgon2idKeyLength = 32 HashingDefaultSHA512Iterations = 5000 )
These are the default values from the upstream crypt module we use them to for GetInt and they need to be checked when updating github.com/simia-tech/crypt.
Variables ¶
var ErrUserNotFound = errors.New("user not found")
ErrUserNotFound indicates the user wasn't found in the authentication backend.
var HashingPossibleSaltCharacters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/"
HashingPossibleSaltCharacters represents valid hashing runes.
var PossibleMethods = []string{TOTP, Webauthn, Push}
PossibleMethods is the set of all possible 2FA methods.
Functions ¶
func CheckPassword ¶
CheckPassword check a password against a hash.
Types ¶
type CryptAlgo ¶
type CryptAlgo string
CryptAlgo the crypt representation of an algorithm used in the prefix of the hash.
func ConfigAlgoToCryptoAlgo ¶
ConfigAlgoToCryptoAlgo returns a CryptAlgo and nil error if valid, otherwise it returns argon2id and an error.
type DatabaseModel ¶
type DatabaseModel struct {
Users map[string]UserDetailsModel `yaml:"users" valid:"required"`
}
DatabaseModel is the model of users file database.
type FileUserProvider ¶
type FileUserProvider struct {
// contains filtered or unexported fields
}
FileUserProvider is a provider reading details from a file.
func NewFileUserProvider ¶
func NewFileUserProvider(configuration *schema.FileAuthenticationBackendConfiguration) *FileUserProvider
NewFileUserProvider creates a new instance of FileUserProvider.
func (*FileUserProvider) CheckUserPassword ¶
func (p *FileUserProvider) CheckUserPassword(username string, password string) (bool, error)
CheckUserPassword checks if provided password matches for the given user.
func (*FileUserProvider) GetDetails ¶
func (p *FileUserProvider) GetDetails(username string) (*UserDetails, error)
GetDetails retrieve the groups a user belongs to.
func (*FileUserProvider) StartupCheck ¶ added in v4.31.0
func (p *FileUserProvider) StartupCheck() (err error)
StartupCheck implements the startup check provider interface.
func (*FileUserProvider) UpdatePassword ¶
func (p *FileUserProvider) UpdatePassword(username string, newPassword string) error
UpdatePassword update the password of the given user.
type LDAPConnection ¶
type LDAPConnection interface { Bind(username, password string) error Close() Search(searchRequest *ldap.SearchRequest) (*ldap.SearchResult, error) Modify(modifyRequest *ldap.ModifyRequest) error PasswordModify(pwdModifyRequest *ldap.PasswordModifyRequest) error StartTLS(config *tls.Config) error }
LDAPConnection interface representing a connection to the ldap.
type LDAPConnectionFactory ¶
type LDAPConnectionFactory interface {
DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error)
}
LDAPConnectionFactory an interface of factory of ldap connections.
type LDAPConnectionFactoryImpl ¶
type LDAPConnectionFactoryImpl struct{}
LDAPConnectionFactoryImpl the production implementation of an ldap connection factory.
func NewLDAPConnectionFactoryImpl ¶
func NewLDAPConnectionFactoryImpl() *LDAPConnectionFactoryImpl
NewLDAPConnectionFactoryImpl create a concrete ldap connection factory.
func (*LDAPConnectionFactoryImpl) DialURL ¶
func (lcf *LDAPConnectionFactoryImpl) DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error)
DialURL creates a connection from an LDAP URL when successful.
type LDAPConnectionImpl ¶
type LDAPConnectionImpl struct {
// contains filtered or unexported fields
}
LDAPConnectionImpl the production implementation of an ldap connection.
func NewLDAPConnectionImpl ¶
func NewLDAPConnectionImpl(conn *ldap.Conn) *LDAPConnectionImpl
NewLDAPConnectionImpl create a new ldap connection.
func (*LDAPConnectionImpl) Bind ¶
func (lc *LDAPConnectionImpl) Bind(username, password string) error
Bind binds ldap connection to a username/password.
func (*LDAPConnectionImpl) Close ¶
func (lc *LDAPConnectionImpl) Close()
Close closes a ldap connection.
func (*LDAPConnectionImpl) Modify ¶
func (lc *LDAPConnectionImpl) Modify(modifyRequest *ldap.ModifyRequest) error
Modify modifies an ldap object.
func (*LDAPConnectionImpl) PasswordModify ¶
func (lc *LDAPConnectionImpl) PasswordModify(pwdModifyRequest *ldap.PasswordModifyRequest) error
PasswordModify modifies an ldap objects password.
func (*LDAPConnectionImpl) Search ¶
func (lc *LDAPConnectionImpl) Search(searchRequest *ldap.SearchRequest) (*ldap.SearchResult, error)
Search searches a ldap server.
type LDAPUserProvider ¶
type LDAPUserProvider struct {
// contains filtered or unexported fields
}
LDAPUserProvider is a UserProvider that connects to LDAP servers like ActiveDirectory, OpenLDAP, OpenDJ, FreeIPA, etc.
func NewLDAPUserProvider ¶
func NewLDAPUserProvider(configuration schema.AuthenticationBackendConfiguration, certPool *x509.CertPool) (provider *LDAPUserProvider)
NewLDAPUserProvider creates a new instance of LDAPUserProvider.
func (*LDAPUserProvider) CheckUserPassword ¶
func (p *LDAPUserProvider) CheckUserPassword(inputUsername string, password string) (bool, error)
CheckUserPassword checks if provided password matches for the given user.
func (*LDAPUserProvider) GetDetails ¶
func (p *LDAPUserProvider) GetDetails(inputUsername string) (*UserDetails, error)
GetDetails retrieve the groups a user belongs to.
func (*LDAPUserProvider) StartupCheck ¶ added in v4.31.0
func (p *LDAPUserProvider) StartupCheck() (err error)
StartupCheck implements the startup check provider interface.
func (*LDAPUserProvider) UpdatePassword ¶
func (p *LDAPUserProvider) UpdatePassword(inputUsername string, newPassword string) error
UpdatePassword update the password of the given user.
type MockLDAPConnection ¶
type MockLDAPConnection struct {
// contains filtered or unexported fields
}
MockLDAPConnection is a mock of LDAPConnection interface.
func NewMockLDAPConnection ¶
func NewMockLDAPConnection(ctrl *gomock.Controller) *MockLDAPConnection
NewMockLDAPConnection creates a new mock instance.
func (*MockLDAPConnection) Bind ¶
func (m *MockLDAPConnection) Bind(username, password string) error
Bind mocks base method.
func (*MockLDAPConnection) EXPECT ¶
func (m *MockLDAPConnection) EXPECT() *MockLDAPConnectionMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
func (*MockLDAPConnection) Modify ¶
func (m *MockLDAPConnection) Modify(modifyRequest *ldap.ModifyRequest) error
Modify mocks base method.
func (*MockLDAPConnection) PasswordModify ¶
func (m *MockLDAPConnection) PasswordModify(pwdModifyRequest *ldap.PasswordModifyRequest) error
PasswordModify mocks base method.
func (*MockLDAPConnection) Search ¶
func (m *MockLDAPConnection) Search(searchRequest *ldap.SearchRequest) (*ldap.SearchResult, error)
Search mocks base method.
type MockLDAPConnectionFactory ¶
type MockLDAPConnectionFactory struct {
// contains filtered or unexported fields
}
MockLDAPConnectionFactory is a mock of LDAPConnectionFactory interface.
func NewMockLDAPConnectionFactory ¶
func NewMockLDAPConnectionFactory(ctrl *gomock.Controller) *MockLDAPConnectionFactory
NewMockLDAPConnectionFactory creates a new mock instance.
func (*MockLDAPConnectionFactory) DialURL ¶
func (m *MockLDAPConnectionFactory) DialURL(addr string, opts ...ldap.DialOpt) (LDAPConnection, error)
DialURL mocks base method.
func (*MockLDAPConnectionFactory) EXPECT ¶
func (m *MockLDAPConnectionFactory) EXPECT() *MockLDAPConnectionFactoryMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
type MockLDAPConnectionFactoryMockRecorder ¶
type MockLDAPConnectionFactoryMockRecorder struct {
// contains filtered or unexported fields
}
MockLDAPConnectionFactoryMockRecorder is the mock recorder for MockLDAPConnectionFactory.
func (*MockLDAPConnectionFactoryMockRecorder) DialURL ¶
func (mr *MockLDAPConnectionFactoryMockRecorder) DialURL(addr interface{}, opts ...interface{}) *gomock.Call
DialURL indicates an expected call of DialURL.
type MockLDAPConnectionMockRecorder ¶
type MockLDAPConnectionMockRecorder struct {
// contains filtered or unexported fields
}
MockLDAPConnectionMockRecorder is the mock recorder for MockLDAPConnection.
func (*MockLDAPConnectionMockRecorder) Bind ¶
func (mr *MockLDAPConnectionMockRecorder) Bind(username, password interface{}) *gomock.Call
Bind indicates an expected call of Bind.
func (*MockLDAPConnectionMockRecorder) Close ¶
func (mr *MockLDAPConnectionMockRecorder) Close() *gomock.Call
Close indicates an expected call of Close.
func (*MockLDAPConnectionMockRecorder) Modify ¶
func (mr *MockLDAPConnectionMockRecorder) Modify(modifyRequest interface{}) *gomock.Call
Modify indicates an expected call of Modify.
func (*MockLDAPConnectionMockRecorder) PasswordModify ¶
func (mr *MockLDAPConnectionMockRecorder) PasswordModify(pwdModifyRequest interface{}) *gomock.Call
PasswordModify indicates an expected call of PasswordModify.
func (*MockLDAPConnectionMockRecorder) Search ¶
func (mr *MockLDAPConnectionMockRecorder) Search(searchRequest interface{}) *gomock.Call
Search indicates an expected call of Search.
func (*MockLDAPConnectionMockRecorder) StartTLS ¶
func (mr *MockLDAPConnectionMockRecorder) StartTLS(config interface{}) *gomock.Call
StartTLS indicates an expected call of StartTLS.
type PasswordHash ¶
type PasswordHash struct { Algorithm CryptAlgo Iterations int Salt string Key string KeyLength int Memory int Parallelism int }
PasswordHash represents all characteristics of a password hash. Authelia only supports salted SHA512 or salted argon2id method, i.e., $6$ mode or $argon2id$ mode.
func ParseHash ¶
func ParseHash(hash string) (passwordHash *PasswordHash, err error)
ParseHash extracts all characteristics of a hash given its string representation.
type UserDetails ¶
UserDetails represent the details retrieved for a given user.
type UserDetailsModel ¶
type UserDetailsModel struct { HashedPassword string `yaml:"password" valid:"required"` DisplayName string `yaml:"displayname" valid:"required"` Email string `yaml:"email"` Groups []string `yaml:"groups"` }
UserDetailsModel is the model of user details in the file database.
type UserProvider ¶
type UserProvider interface { model.StartupCheck CheckUserPassword(username string, password string) (valid bool, err error) GetDetails(username string) (details *UserDetails, err error) UpdatePassword(username string, newPassword string) (err error) }
UserProvider is the interface for checking user password and gathering user details.