Documentation ¶
Index ¶
- type AuthenticationAttempt
- type Base64
- type DuoDevice
- type IP
- type IdentityVerification
- type IdentityVerificationClaim
- type Migration
- type NullIP
- type SchemaMigration
- type StartupCheck
- type TOTPConfiguration
- type U2FDevice
- type UserInfo
- type WebauthnDevice
- type WebauthnUser
- func (w WebauthnUser) HasFIDOU2F() bool
- func (w WebauthnUser) WebAuthnCredentialDescriptors() (descriptors []protocol.CredentialDescriptor)
- func (w WebauthnUser) WebAuthnCredentials() (credentials []webauthn.Credential)
- func (w WebauthnUser) WebAuthnDisplayName() string
- func (w WebauthnUser) WebAuthnID() []byte
- func (w WebauthnUser) WebAuthnIcon() string
- func (w WebauthnUser) WebAuthnName() string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticationAttempt ¶
type AuthenticationAttempt struct { ID int `db:"id"` Time time.Time `db:"time"` Successful bool `db:"successful"` Banned bool `db:"banned"` Username string `db:"username"` Type string `db:"auth_type"` RemoteIP NullIP `db:"remote_ip"` RequestURI string `db:"request_uri"` RequestMethod string `db:"request_method"` }
AuthenticationAttempt represents an authentication attempt row in the database.
type Base64 ¶
type Base64 struct {
// contains filtered or unexported fields
}
Base64 saves bytes to the database as a base64 encoded string.
type DuoDevice ¶
type DuoDevice struct { ID int `db:"id"` Username string `db:"username"` Device string `db:"device"` Method string `db:"method"` }
DuoDevice represents a DUO Device.
type IP ¶
IP is a type specific for storage of a net.IP in the database which can't be NULL.
type IdentityVerification ¶
type IdentityVerification struct { ID int `db:"id"` JTI uuid.UUID `db:"jti"` IssuedAt time.Time `db:"iat"` IssuedIP IP `db:"issued_ip"` ExpiresAt time.Time `db:"exp"` Action string `db:"action"` Username string `db:"username"` Consumed *time.Time `db:"consumed"` ConsumedIP NullIP `db:"consumed_ip"` }
IdentityVerification represents an identity verification row in the database.
func NewIdentityVerification ¶
func NewIdentityVerification(jti uuid.UUID, username, action string, ip net.IP) (verification IdentityVerification)
NewIdentityVerification creates a new IdentityVerification from a given username and action.
func (IdentityVerification) ToIdentityVerificationClaim ¶
func (v IdentityVerification) ToIdentityVerificationClaim() (claim *IdentityVerificationClaim)
ToIdentityVerificationClaim converts the IdentityVerification into a IdentityVerificationClaim.
type IdentityVerificationClaim ¶
type IdentityVerificationClaim struct { jwt.RegisteredClaims // The action this token has been crafted for. Action string `json:"action"` // The user this token has been crafted for. Username string `json:"username"` }
IdentityVerificationClaim custom claim for specifying the action claim. The action can be to register a TOTP device, a U2F device or reset one's password.
func (IdentityVerificationClaim) ToIdentityVerification ¶
func (v IdentityVerificationClaim) ToIdentityVerification() (verification *IdentityVerification, err error)
ToIdentityVerification converts the IdentityVerificationClaim into a IdentityVerification.
type Migration ¶
type Migration struct { ID int `db:"id"` Applied time.Time `db:"applied"` Before int `db:"version_before"` After int `db:"version_after"` Version string `db:"application_version"` }
Migration represents a migration row in the database.
type NullIP ¶
NullIP is a type specific for storage of a net.IP in the database which can also be NULL.
func NewNullIPFromString ¶
NewNullIPFromString easily constructs a new NullIP from a string.
type SchemaMigration ¶
SchemaMigration represents an intended migration.
func (SchemaMigration) After ¶
func (m SchemaMigration) After() (after int)
After returns the version the schema will be at After the migration is applied.
func (SchemaMigration) Before ¶
func (m SchemaMigration) Before() (before int)
Before returns the version the schema should be at Before the migration is applied.
type StartupCheck ¶
type StartupCheck interface {
StartupCheck() (err error)
}
StartupCheck represents a provider that has a startup check.
type TOTPConfiguration ¶
type TOTPConfiguration struct { ID int `db:"id" json:"-"` CreatedAt time.Time `db:"created_at" json:"-"` LastUsedAt *time.Time `db:"last_used_at" json:"-"` Username string `db:"username" json:"-"` Issuer string `db:"issuer" json:"-"` Algorithm string `db:"algorithm" json:"-"` Digits uint `db:"digits" json:"digits"` Period uint `db:"period" json:"period"` Secret []byte `db:"secret" json:"-"` }
TOTPConfiguration represents a users TOTP configuration row in the database.
func (TOTPConfiguration) Image ¶
func (c TOTPConfiguration) Image(width, height int) (img image.Image, err error)
Image returns the image.Image of the TOTPConfiguration using the Image func from the return of TOTPConfiguration.Key.
func (TOTPConfiguration) Key ¶
func (c TOTPConfiguration) Key() (key *otp.Key, err error)
Key returns the *otp.Key using TOTPConfiguration.URI with otp.NewKeyFromURL.
func (TOTPConfiguration) URI ¶
func (c TOTPConfiguration) URI() (uri string)
URI shows the configuration in the URI representation.
func (*TOTPConfiguration) UpdateSignInInfo ¶
func (c *TOTPConfiguration) UpdateSignInInfo(now time.Time)
UpdateSignInInfo adjusts the values of the TOTPConfiguration after a sign in.
type U2FDevice ¶
type U2FDevice struct { ID int `db:"id"` Username string `db:"username"` Description string `db:"description"` KeyHandle []byte `db:"key_handle"` PublicKey []byte `db:"public_key"` }
U2FDevice represents a users U2F device row in the database.
type UserInfo ¶
type UserInfo struct { // The users display name. DisplayName string `db:"-" json:"display_name"` // The preferred 2FA method. Method string `db:"second_factor_method" json:"method" valid:"required"` // True if a TOTP device has been registered. HasTOTP bool `db:"has_totp" json:"has_totp" valid:"required"` // True if a Webauthn device has been registered. HasWebauthn bool `db:"has_webauthn" json:"has_webauthn" valid:"required"` // True if a duo device has been configured as the preferred. HasDuo bool `db:"has_duo" json:"has_duo" valid:"required"` }
UserInfo represents the user information required by the web UI.
type WebauthnDevice ¶
type WebauthnDevice struct { ID int `db:"id"` CreatedAt time.Time `db:"created_at"` LastUsedAt *time.Time `db:"last_used_at"` RPID string `db:"rpid"` Username string `db:"username"` Description string `db:"description"` KID Base64 `db:"kid"` PublicKey []byte `db:"public_key"` AttestationType string `db:"attestation_type"` Transport string `db:"transport"` AAGUID uuid.UUID `db:"aaguid"` SignCount uint32 `db:"sign_count"` CloneWarning bool `db:"clone_warning"` }
WebauthnDevice represents a Webauthn Device in the database storage.
func NewWebauthnDeviceFromCredential ¶
func NewWebauthnDeviceFromCredential(rpid, username, description string, credential *webauthn.Credential) (device WebauthnDevice)
NewWebauthnDeviceFromCredential creates a WebauthnDevice from a webauthn.Credential.
func (*WebauthnDevice) UpdateSignInInfo ¶
UpdateSignInInfo adjusts the values of the WebauthnDevice after a sign in.
type WebauthnUser ¶
type WebauthnUser struct { Username string DisplayName string Devices []WebauthnDevice }
WebauthnUser is an object to represent a user for the Webauthn lib.
func (WebauthnUser) HasFIDOU2F ¶
func (w WebauthnUser) HasFIDOU2F() bool
HasFIDOU2F returns true if the user has any attestation type `fido-u2f` devices.
func (WebauthnUser) WebAuthnCredentialDescriptors ¶
func (w WebauthnUser) WebAuthnCredentialDescriptors() (descriptors []protocol.CredentialDescriptor)
WebAuthnCredentialDescriptors decodes the users credentials into protocol.CredentialDescriptor's.
func (WebauthnUser) WebAuthnCredentials ¶
func (w WebauthnUser) WebAuthnCredentials() (credentials []webauthn.Credential)
WebAuthnCredentials implements the webauthn.User interface.
func (WebauthnUser) WebAuthnDisplayName ¶
func (w WebauthnUser) WebAuthnDisplayName() string
WebAuthnDisplayName implements the webauthn.User interface.
func (WebauthnUser) WebAuthnID ¶
func (w WebauthnUser) WebAuthnID() []byte
WebAuthnID implements the webauthn.User interface.
func (WebauthnUser) WebAuthnIcon ¶
func (w WebauthnUser) WebAuthnIcon() string
WebAuthnIcon implements the webauthn.User interface.
func (WebauthnUser) WebAuthnName ¶
func (w WebauthnUser) WebAuthnName() string
WebAuthnName implements the webauthn.User interface.