utils

package
Version: v4.36.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 26, 2022 License: Apache-2.0 Imports: 39 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// RFC3339Zero is the default value for time.Time.Unix().
	RFC3339Zero = int64(-62135596800)

	// TLS13 is the textual representation of TLS 1.3.
	TLS13 = "1.3"

	// TLS12 is the textual representation of TLS 1.2.
	TLS12 = "1.2"

	// TLS11 is the textual representation of TLS 1.1.
	TLS11 = "1.1"

	// TLS10 is the textual representation of TLS 1.0.
	TLS10 = "1.0"
)
View Source 
const (
	BlockTypeRSAPrivateKey      = "RSA PRIVATE KEY"
	BlockTypeRSAPublicKey       = "RSA PUBLIC KEY"
	BlockTypeECDSAPrivateKey    = "EC PRIVATE KEY"
	BlockTypePKCS8PrivateKey    = "PRIVATE KEY"
	BlockTypePKIXPublicKey      = "PUBLIC KEY"
	BlockTypeCertificate        = "CERTIFICATE"
	BlockTypeCertificateRequest = "CERTIFICATE REQUEST"

	KeyAlgorithmRSA     = "RSA"
	KeyAlgorithmECDSA   = "ECDSA"
	KeyAlgorithmEd25519 = "ED25519"

	HashAlgorithmSHA1   = "SHA1"
	HashAlgorithmSHA256 = "SHA256"
	HashAlgorithmSHA384 = "SHA384"
	HashAlgorithmSHA512 = "SHA512"

	EllipticCurveP224 = "P224"
	EllipticCurveP256 = "P256"
	EllipticCurveP384 = "P384"
	EllipticCurveP521 = "P521"

	EllipticCurveAltP224 = "P-224"
	EllipticCurveAltP256 = "P-256"
	EllipticCurveAltP384 = "P-384"
	EllipticCurveAltP521 = "P-521"
)

X.509 consts.

View Source 
const (
	// Hour is an int based representation of the time unit.
	Hour = time.Minute * 60

	// Day is an int based representation of the time unit.
	Day = Hour * 24

	// Week is an int based representation of the time unit.
	Week = Day * 7

	// Year is an int based representation of the time unit.
	Year = Day * 365

	// Month is an int based representation of the time unit.
	Month = Year / 12
)
View Source 
const (
	DurationUnitDays   = "d"
	DurationUnitWeeks  = "w"
	DurationUnitMonths = "M"
	DurationUnitYears  = "y"
)

Duration unit types.

View Source 
const (
	HoursInDay   = 24
	HoursInWeek  = HoursInDay * 7
	HoursInMonth = HoursInDay * 30
	HoursInYear  = HoursInDay * 365
)

Number of hours in particular measurements of time.

Variables

View Source 
var (
	// AlphaNumericCharacters are literally just valid alphanumeric chars.
	AlphaNumericCharacters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
)
View Source 
var BuildBranch = "master"

BuildBranch is replaced by LDFLAGS at build time with the current branch.

View Source 
var BuildCommit = "unknown"

BuildCommit is replaced by LDFLAGS at build time with the current commit.

View Source 
var BuildDate = ""

BuildDate is replaced by LDFLAGS at build time with the date the build started.

View Source 
var BuildExtra = ""

BuildExtra is replaced by LDFLAGS at build time with a blank string by default. People porting Authelia can use this to add a suffix to their versions.

View Source 
var BuildNumber = "0"

BuildNumber is replaced by LDFLAGS at build time with the CI build number.

View Source 
var BuildState = "untagged dirty"

BuildState is replaced by LDFLAGS at build time with `tagged` or `untagged` depending on if the commit is tagged, and `clean` or `dirty` depending on the working tree state. For example if the commit was tagged and the working tree was dirty it would be "tagged dirty". This is used to determine the version string output mode.

View Source 
var BuildTag = "unknown"

BuildTag is replaced by LDFLAGS at build time with the latest tag at or before the current commit.

View Source 
var ErrTLSVersionNotSupported = errors.New("supplied tls version isn't supported")

ErrTLSVersionNotSupported returned when an unknown TLS version supplied.

View Source 
var ErrTimeoutReached = errors.New("timeout reached")

ErrTimeoutReached error thrown when a timeout is reached.

Functions

func CastX509AsCertificate added in v4.36.0 

func CastX509AsCertificate(c interface{}) (certificate *x509.Certificate, ok bool)

CastX509AsCertificate converts an interface to an *x509.Certificate.

func CheckUntil 

func CheckUntil(interval time.Duration, timeout time.Duration, predicate func() (bool, error)) error

CheckUntil regularly check a predicate until it's true or time out is reached.

func Command 

func Command(name string, args ...string) *exec.Cmd

Command create a command at the project root.

func CommandWithStdout 

func CommandWithStdout(name string, args ...string) *exec.Cmd

CommandWithStdout create a command forwarding stdout and stderr to the OS streams.

func ConvertDERToPEM added in v4.35.0 

func ConvertDERToPEM(der []byte, blockType PEMBlockType) ([]byte, error)

ConvertDERToPEM convert certificate in DER format into PEM format.

func Decrypt 

func Decrypt(ciphertext []byte, key *[32]byte) (plaintext []byte, err error)

Decrypt decrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Expects input form nonce|ciphertext|tag where '|' indicates concatenation.

func DirectoryExists 

func DirectoryExists(path string) (exists bool, err error)

DirectoryExists returns true if the given path exists and is a directory.

func ECDSASignatureAlgorithmFromString added in v4.36.0 

func ECDSASignatureAlgorithmFromString(algorithm string) (alg x509.SignatureAlgorithm)

ECDSASignatureAlgorithmFromString returns a x509.SignatureAlgorithm for the ECDSA x509.PublicKeyAlgorithm given an algorithm string.

func EllipticCurveFromString added in v4.36.0 

func EllipticCurveFromString(curveString string) (curve elliptic.Curve)

EllipticCurveFromString turns a string into an elliptic.Curve.

func Encrypt 

func Encrypt(plaintext []byte, key *[32]byte) (ciphertext []byte, err error)

Encrypt encrypts data using 256-bit AES-GCM. This both hides the content of the data and provides a check that it hasn't been altered. Output takes the form nonce|ciphertext|tag where '|' indicates concatenation.

func FileExists 

func FileExists(path string) (exists bool, err error)

FileExists returns true if the given path exists and is a file.

func GenerateCertificate added in v4.35.0 

func GenerateCertificate(privateKeyBuilder PrivateKeyBuilder, hosts []string, validFrom time.Time, validFor time.Duration, isCA bool) ([]byte, []byte, error)

GenerateCertificate generate a certificate given a private key. RSA, Ed25519 and ECDSA are officially supported.

func GetExpectedErrTxt 

func GetExpectedErrTxt(err string) string

GetExpectedErrTxt returns error text for expected errs.

func HasURIDomainSuffix added in v4.36.7 

func HasURIDomainSuffix(uri *url.URL, domain string) bool

HasURIDomainSuffix returns true if the URI hostname is equal to the domain or if it has a suffix of the domain prefixed with a period.

func HashSHA256FromPath 

func HashSHA256FromPath(path string) (output string, err error)

HashSHA256FromPath takes a path string and calculates the SHA256 checksum of the file at the path returning it as a base16 hash string.

func HashSHA256FromString 

func HashSHA256FromString(input string) (output string)

HashSHA256FromString takes an input string and calculates the SHA256 checksum returning it as a base16 hash string.

func IsBoolCountLessThanN added in v4.35.0 

func IsBoolCountLessThanN(n int, v bool, vals ...bool) bool

IsBoolCountLessThanN takes an int (n), bool (v), and then a variadic slice of bool (vals). If the number of bools in vals with the value v is more than n, it returns false, otherwise it returns true.

func IsStringAbsURL 

func IsStringAbsURL(input string) (err error)

IsStringAbsURL checks a string can be parsed as a URL and that is IsAbs and if it can't it returns an error describing why.

func IsStringAlphaNumeric 

func IsStringAlphaNumeric(input string) bool

IsStringAlphaNumeric returns false if any rune in the string is not alpha-numeric.

func IsStringInSlice 

func IsStringInSlice(needle string, haystack []string) (inSlice bool)

IsStringInSlice checks if a single string is in a slice of strings.

func IsStringInSliceContains 

func IsStringInSliceContains(needle string, haystack []string) (inSlice bool)

IsStringInSliceContains checks if a single string is in an array of strings.

func IsStringInSliceFold 

func IsStringInSliceFold(needle string, haystack []string) (inSlice bool)

IsStringInSliceFold checks if a single string is in a slice of strings but uses strings.EqualFold to compare them.

func IsStringInSliceSuffix 

func IsStringInSliceSuffix(needle string, haystack []string) (hasSuffix bool)

IsStringInSliceSuffix checks if the needle string has one of the suffixes in the haystack.

func IsStringSliceContainsAll added in v4.33.0 

func IsStringSliceContainsAll(needles []string, haystack []string) (inSlice bool)

IsStringSliceContainsAll checks if the haystack contains all strings in the needles.

func IsStringSliceContainsAny added in v4.33.0 

func IsStringSliceContainsAny(needles []string, haystack []string) (inSlice bool)

IsStringSliceContainsAny checks if the haystack contains any of the strings in the needles.

func IsStringSlicesDifferent 

func IsStringSlicesDifferent(a, b []string) (different bool)

IsStringSlicesDifferent checks two slices of strings and on the first occurrence of a string item not existing in the other slice returns true, otherwise returns false.

func IsStringSlicesDifferentFold 

func IsStringSlicesDifferentFold(a, b []string) (different bool)

IsStringSlicesDifferentFold checks two slices of strings and on the first occurrence of a string item not existing in the other slice (case insensitive) returns true, otherwise returns false.

func IsURISafeRedirection added in v4.36.7 

func IsURISafeRedirection(uri *url.URL, domain string) bool

IsURISafeRedirection returns true if the URI passes the IsURISecure and HasURIDomainSuffix, i.e. if the scheme is secure and the given URI has a hostname that is either exactly equal to the given domain or if it has a suffix of the domain prefixed with a period.

func IsURISecure added in v4.36.7 

func IsURISecure(uri *url.URL) bool

IsURISecure returns true if the URI has a secure schemes (https or wss).

func IsURIStringSafeRedirection added in v4.36.7 

func IsURIStringSafeRedirection(uri, protectedDomain string) (safe bool, err error)

IsURIStringSafeRedirection determines whether the URI is safe to be redirected to.

func IsURLHostComponent added in v4.35.0 

func IsURLHostComponent(u url.URL) (isHostComponent bool)

IsURLHostComponent returns true if the provided url.URL that was parsed from a string to a url.URL via url.Parse is just a hostname. This is needed because of the way this function parses such strings.

func IsURLHostComponentWithPort added in v4.35.0 

func IsURLHostComponentWithPort(u url.URL) (isHostComponentWithPort bool)

IsURLHostComponentWithPort returns true if the provided url.URL that was parsed from a string to a url.URL via url.Parse is just a hostname with a port. This is needed because of the way this function parses such strings.

func IsURLInSlice added in v4.35.0 

func IsURLInSlice(needle url.URL, haystack []url.URL) (has bool)

IsURLInSlice returns true if the needle url.URL is in the []url.URL haystack.

func IsX509PrivateKey added in v4.36.0 

func IsX509PrivateKey(i interface{}) bool

IsX509PrivateKey returns true if the provided interface is an rsa.PrivateKey, ecdsa.PrivateKey, or ed25519.PrivateKey.

func JoinAndCanonicalizeHeaders added in v4.35.0 

func JoinAndCanonicalizeHeaders(sep []byte, headers ...string) (joined []byte)

JoinAndCanonicalizeHeaders join header strings by a given sep.

func KeySigAlgorithmFromString added in v4.36.0 

func KeySigAlgorithmFromString(keyAlgorithm, signatureAlgorithm string) (keyAlg x509.PublicKeyAlgorithm, sigAlg x509.SignatureAlgorithm)

KeySigAlgorithmFromString returns a x509.PublicKeyAlgorithm and x509.SignatureAlgorithm given a keyAlgorithm and signatureAlgorithm string.

func NewTLSConfig 

func NewTLSConfig(config *schema.TLSConfig, defaultMinVersion uint16, certPool *x509.CertPool) (tlsConfig *tls.Config)

NewTLSConfig generates a tls.Config from a schema.TLSConfig and a x509.CertPool.

func NewWriteCloser added in v4.36.5 

func NewWriteCloser(wr io.Writer) io.WriteCloser

NewWriteCloser creates a new io.WriteCloser from an io.Writer.

func NewX509CertPool 

func NewX509CertPool(directory string) (certPool *x509.CertPool, warnings []error, errors []error)

NewX509CertPool generates a x509.CertPool from the system PKI and the directory specified.

func OriginFromURL added in v4.35.0 

func OriginFromURL(u url.URL) (origin url.URL)

OriginFromURL returns an origin url.URL given another url.URL.

func PEMBlockFromX509Key added in v4.36.0 

func PEMBlockFromX509Key(key interface{}, pkcs8 bool) (pemBlock *pem.Block, err error)

PEMBlockFromX509Key turns a PublicKey or PrivateKey into a pem.Block.

func ParseDurationString 

func ParseDurationString(input string) (duration time.Duration, err error)

ParseDurationString standardizes a duration string with StandardizeDurationString then uses time.ParseDuration to convert it into a time.Duration.

func ParseX509FromPEM added in v4.36.0 

func ParseX509FromPEM(data []byte) (key interface{}, err error)

ParseX509FromPEM parses PEM bytes and returns a PKCS key.

func PathExists 

func PathExists(path string) (exists bool, err error)

PathExists returns true if the given path exists.

func PublicKeyAlgorithmFromString added in v4.36.0 

func PublicKeyAlgorithmFromString(algorithm string) (alg x509.PublicKeyAlgorithm)

PublicKeyAlgorithmFromString returns a x509.PublicKeyAlgorithm given an appropriate string.

func PublicKeyFromPrivateKey added in v4.36.0 

func PublicKeyFromPrivateKey(privateKey interface{}) (publicKey interface{})

PublicKeyFromPrivateKey returns a PublicKey when provided with a PrivateKey.

func RSASignatureAlgorithmFromString added in v4.36.0 

func RSASignatureAlgorithmFromString(algorithm string) (alg x509.SignatureAlgorithm)

RSASignatureAlgorithmFromString returns a x509.SignatureAlgorithm for the RSA x509.PublicKeyAlgorithm given an algorithm string.

func RandomBytes added in v4.33.0 

func RandomBytes(n int, characters string, crypto bool) (bytes []byte)

RandomBytes returns a random []byte with a given length with values from the provided characters. When crypto is set to false we use math/rand and when it's set to true we use crypto/rand. The crypto option should always be set to true excluding when the task is time sensitive and would not benefit from extra randomness.

func RandomString 

func RandomString(n int, characters string, crypto bool) (randomString string)

RandomString returns a random string with a given length with values from the provided characters. When crypto is set to false we use math/rand and when it's set to true we use crypto/rand. The crypto option should always be set to true excluding when the task is time sensitive and would not benefit from extra randomness.

func RunCommandAndReturnOutput 

func RunCommandAndReturnOutput(command string) (output string, exitCode int, err error)

RunCommandAndReturnOutput runs a shell command then returns the stdout and the exit code.

func RunCommandUntilCtrlC 

func RunCommandUntilCtrlC(cmd *exec.Cmd)

RunCommandUntilCtrlC run a command until ctrl-c is hit.

func RunCommandWithTimeout 

func RunCommandWithTimeout(cmd *exec.Cmd, timeout time.Duration) error

RunCommandWithTimeout run a command with timeout.

func RunFuncUntilCtrlC 

func RunFuncUntilCtrlC(fn func() error) error

RunFuncUntilCtrlC run a function until ctrl-c is hit.

func RunFuncWithRetry 

func RunFuncWithRetry(attempts int, sleep time.Duration, f func() error) (err error)

RunFuncWithRetry run a function for n attempts with a sleep of n duration between each attempt.

func Shell 

func Shell(command string) *exec.Cmd

Shell create a shell command.

func SliceString 

func SliceString(s string, d int) (array []string)

SliceString splits a string s into an array with each item being a max of int d d = denominator, n = numerator, q = quotient, r = remainder.

func StandardizeDurationString added in v4.34.0 

func StandardizeDurationString(input string) (output string, err error)

StandardizeDurationString converts units of time that stdlib is unaware of to hours.

func StringHTMLEscape 

func StringHTMLEscape(input string) (output string)

StringHTMLEscape escapes chars for a HTML body.

func StringJoinDelimitedEscaped added in v4.35.0 

func StringJoinDelimitedEscaped(value []string, delimiter rune) string

StringJoinDelimitedEscaped joins a string with a specified rune delimiter after escaping any instance of that string in the string slice. Used with StringSplitDelimitedEscaped.

func StringSliceFromURLs added in v4.35.0 

func StringSliceFromURLs(urls []url.URL) []string

StringSliceFromURLs returns a []string from a []url.URL.

func StringSlicesDelta 

func StringSlicesDelta(before, after []string) (added, removed []string)

StringSlicesDelta takes a before and after []string and compares them returning a added and removed []string.

func StringSplitDelimitedEscaped added in v4.35.0 

func StringSplitDelimitedEscaped(value string, delimiter rune) (out []string)

StringSplitDelimitedEscaped splits a string with a specified rune delimiter after unescaping any instance of that string in the string slice that has been escaped. Used with StringJoinDelimitedEscaped.

func TLSStringToTLSConfigVersion 

func TLSStringToTLSConfigVersion(input string) (version uint16, err error)

TLSStringToTLSConfigVersion returns a go crypto/tls version for a tls.Config based on string input.

func URLPathFullClean added in v4.36.2 

func URLPathFullClean(u *url.URL) (output string)

URLPathFullClean returns a URL path with the query parameters appended (full path) with the path portion parsed through path.Clean given a *url.URL.

func URLsFromStringSlice added in v4.35.0 

func URLsFromStringSlice(urls []string) []url.URL

URLsFromStringSlice returns a []url.URL from a []string.

func Version 

func Version() (versionString string)

Version returns the Authelia version.

The format of the string is dependent on the values in BuildState. If tagged and clean are present it returns the BuildTag i.e. v1.0.0. If dirty and tagged are present it returns <BuildTag>-dirty. Otherwise, the following is the format: untagged-<BuildTag>-dirty-<BuildExtra> (<BuildBranch>, <BuildCommit>).

func VersionAdv added in v4.36.9 

func VersionAdv(tag, state, commit, branch, extra string) (version string)

VersionAdv takes inputs to generate the version.

func WriteCertificateBytesToPEM added in v4.36.0 

func WriteCertificateBytesToPEM(cert []byte, path string, csr bool) (err error)

WriteCertificateBytesToPEM writes a certificate/csr to a file in the PEM format.

func WriteKeyToPEM added in v4.36.0 

func WriteKeyToPEM(key interface{}, path string, pkcs8 bool) (err error)

WriteKeyToPEM writes a key that can be encoded as a PEM to a file in the PEM format.

func X509ParseExtendedKeyUsage added in v4.36.0 

func X509ParseExtendedKeyUsage(extKeyUsages []string, ca bool) (extKeyUsage []x509.ExtKeyUsage)

X509ParseExtendedKeyUsage parses a list of extended key usages. If provided with an empty list returns a default of Server Auth unless ca is true in which case it returns a default of Any.

func X509ParseKeyUsage added in v4.36.0 

func X509ParseKeyUsage(keyUsages []string, ca bool) (keyUsage x509.KeyUsage)

X509ParseKeyUsage parses a list of key usages. If provided with an empty list returns a default of Key Encipherment and Digital Signature unless ca is true in which case it returns Cert Sign.

Types

type Clock 

type Clock interface {
	Now() time.Time
	After(d time.Duration) <-chan time.Time
}

Clock is an interface for a clock.

type ECDSAKeyBuilder added in v4.35.0 

type ECDSAKeyBuilder struct {
	// contains filtered or unexported fields
}

ECDSAKeyBuilder builder of ECDSA private key.

func (ECDSAKeyBuilder) Build added in v4.35.0 

func (ekb ECDSAKeyBuilder) Build() (interface{}, error)

Build an ECDSA private key.

func (ECDSAKeyBuilder) WithCurve added in v4.35.0 

func (ekb ECDSAKeyBuilder) WithCurve(curve elliptic.Curve) ECDSAKeyBuilder

WithCurve configure the curve to use for the ECDSA private key.

type Ed25519KeyBuilder added in v4.35.0 

type Ed25519KeyBuilder struct{}

Ed25519KeyBuilder builder of Ed25519 private key.

func (Ed25519KeyBuilder) Build added in v4.35.0 

func (ekb Ed25519KeyBuilder) Build() (interface{}, error)

Build an Ed25519 private key.

type ErrSliceSortAlphabetical 

type ErrSliceSortAlphabetical []error

ErrSliceSortAlphabetical is a helper type that can be used with sort.Sort to sort a slice of errors in alphabetical order. Usage is simple just do sort.Sort(ErrSliceSortAlphabetical([]error{})).

func (ErrSliceSortAlphabetical) Len 

func (s ErrSliceSortAlphabetical) Len() int

func (ErrSliceSortAlphabetical) Less 

func (s ErrSliceSortAlphabetical) Less(i, j int) bool

func (ErrSliceSortAlphabetical) Swap 

func (s ErrSliceSortAlphabetical) Swap(i, j int)

type PEMBlockType added in v4.35.0 

type PEMBlockType int

PEMBlockType represent an enum of the existing PEM block types. 

const (
	// Certificate block type.
	Certificate PEMBlockType = iota
	// PrivateKey block type.
	PrivateKey
)

type PrivateKeyBuilder added in v4.35.0 

type PrivateKeyBuilder interface {
	Build() (interface{}, error)
}

PrivateKeyBuilder interface for a private key builder.

type RSAKeyBuilder added in v4.35.0 

type RSAKeyBuilder struct {
	// contains filtered or unexported fields
}

RSAKeyBuilder builder of RSA private key.

func (RSAKeyBuilder) Build added in v4.35.0 

func (rkb RSAKeyBuilder) Build() (interface{}, error)

Build a RSA private key.

func (RSAKeyBuilder) WithKeySize added in v4.35.0 

func (rkb RSAKeyBuilder) WithKeySize(bits int) RSAKeyBuilder

WithKeySize configure the key size to use with RSA.

type RealClock 

type RealClock struct{}

RealClock is the implementation of a clock for production code.

func (RealClock) After 

func (RealClock) After(d time.Duration) <-chan time.Time

After return a channel receiving the time after the defined duration.

func (RealClock) Now 

func (RealClock) Now() time.Time

Now return the current time.

type WriteCloser added in v4.36.5 

type WriteCloser struct {
	// contains filtered or unexported fields
}

WriteCloser is a io.Writer with an io.Closer.

func (*WriteCloser) Close added in v4.36.5 

func (w *WriteCloser) Close() error

Close the io.Closer.

func (*WriteCloser) Write added in v4.36.5 

func (w *WriteCloser) Write(p []byte) (n int, err error)

Write to the io.Writer.

Source Files

View all

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.