Documentation ¶
Overview ¶
Package authentication is a generated GoMock package.
Package authentication is a generated GoMock package.
Index ¶
- Variables
- func LevelToString(level Level) string
- func NewFileCryptoHashFromConfig(config schema.Password) (hash algorithm.Hash, err error)
- type DatabaseModel
- type DatabaseUserDetails
- type FileUserDatabase
- func (m *FileUserDatabase) GetUserDetails(username string) (user DatabaseUserDetails, err error)
- func (m *FileUserDatabase) Load() (err error)
- func (m *FileUserDatabase) LoadAliases() (err error)
- func (m *FileUserDatabase) Save() (err error)
- func (m *FileUserDatabase) SetUserDetails(username string, details *DatabaseUserDetails)
- func (m *FileUserDatabase) ToDatabaseModel() (model *DatabaseModel)
- type FileUserProvider
- func (p *FileUserProvider) CheckUserPassword(username string, password string) (match bool, err error)
- func (p *FileUserProvider) GetDetails(username string) (details *UserDetails, err error)
- func (p *FileUserProvider) Reload() (reloaded bool, err error)
- func (p *FileUserProvider) StartupCheck() (err error)
- func (p *FileUserProvider) UpdatePassword(username string, newPassword string) (err error)
- type LDAPClient
- type LDAPClientFactory
- type LDAPSupportedControlTypes
- type LDAPSupportedExtensions
- type LDAPSupportedFeatures
- type LDAPUserProvider
- func (p *LDAPUserProvider) CheckUserPassword(username string, password string) (valid bool, err error)
- func (p *LDAPUserProvider) GetDetails(username string) (details *UserDetails, err error)
- func (p *LDAPUserProvider) StartupCheck() (err error)
- func (p *LDAPUserProvider) UpdatePassword(username, password string) (err error)
- type Level
- type MockLDAPClient
- func (m *MockLDAPClient) Bind(arg0, arg1 string) error
- func (m *MockLDAPClient) Close()
- func (m *MockLDAPClient) EXPECT() *MockLDAPClientMockRecorder
- func (m *MockLDAPClient) Modify(arg0 *ldap.ModifyRequest) error
- func (m *MockLDAPClient) PasswordModify(arg0 *ldap.PasswordModifyRequest) (*ldap.PasswordModifyResult, error)
- func (m *MockLDAPClient) Search(arg0 *ldap.SearchRequest) (*ldap.SearchResult, error)
- func (m *MockLDAPClient) StartTLS(arg0 *tls.Config) error
- func (m *MockLDAPClient) UnauthenticatedBind(arg0 string) error
- type MockLDAPClientFactory
- type MockLDAPClientFactoryMockRecorder
- type MockLDAPClientMockRecorder
- func (mr *MockLDAPClientMockRecorder) Bind(arg0, arg1 interface{}) *gomock.Call
- func (mr *MockLDAPClientMockRecorder) Close() *gomock.Call
- func (mr *MockLDAPClientMockRecorder) Modify(arg0 interface{}) *gomock.Call
- func (mr *MockLDAPClientMockRecorder) PasswordModify(arg0 interface{}) *gomock.Call
- func (mr *MockLDAPClientMockRecorder) Search(arg0 interface{}) *gomock.Call
- func (mr *MockLDAPClientMockRecorder) StartTLS(arg0 interface{}) *gomock.Call
- func (mr *MockLDAPClientMockRecorder) UnauthenticatedBind(arg0 interface{}) *gomock.Call
- type ProductionLDAPClientFactory
- type UserDetails
- type UserDetailsModel
- type UserProvider
Constants ¶
This section is empty.
Variables ¶
var ( // ErrUserNotFound indicates the user wasn't found in the authentication backend. ErrUserNotFound = errors.New("user not found") // ErrNoContent is returned when the file is empty. ErrNoContent = errors.New("no file content") )
Functions ¶
func LevelToString ¶ added in v4.36.0
LevelToString returns a string representation of an authentication.Level.
Types ¶
type DatabaseModel ¶
type DatabaseModel struct {
Users map[string]UserDetailsModel `yaml:"users" valid:"required"`
}
DatabaseModel is the model of users file database.
func (*DatabaseModel) Read ¶ added in v4.37.0
func (m *DatabaseModel) Read(filePath string) (err error)
Read a DatabaseModel from disk.
func (*DatabaseModel) ReadToFileUserDatabase ¶ added in v4.37.0
func (m *DatabaseModel) ReadToFileUserDatabase(db *FileUserDatabase) (err error)
ReadToFileUserDatabase reads the DatabaseModel into a FileUserDatabase.
func (*DatabaseModel) Write ¶ added in v4.37.0
func (m *DatabaseModel) Write(fileName string) (err error)
Write a DatabaseModel to disk.
type DatabaseUserDetails ¶ added in v4.37.0
type DatabaseUserDetails struct { Username string Digest algorithm.Digest Disabled bool DisplayName string Email string Groups []string }
DatabaseUserDetails is the model of user details in the file database.
func (DatabaseUserDetails) ToUserDetails ¶ added in v4.37.0
func (m DatabaseUserDetails) ToUserDetails() (details *UserDetails)
ToUserDetails converts DatabaseUserDetails into a *UserDetails given a username.
func (DatabaseUserDetails) ToUserDetailsModel ¶ added in v4.37.0
func (m DatabaseUserDetails) ToUserDetailsModel() (model UserDetailsModel)
ToUserDetailsModel converts DatabaseUserDetails into a UserDetailsModel.
type FileUserDatabase ¶ added in v4.37.0
type FileUserDatabase struct { *sync.RWMutex Path string Users map[string]DatabaseUserDetails Emails map[string]string Aliases map[string]string SearchEmail bool SearchCI bool }
FileUserDatabase is a user details database that is concurrency safe database and can be reloaded.
func NewFileUserDatabase ¶ added in v4.37.0
func NewFileUserDatabase(filePath string, searchEmail, searchCI bool) (database *FileUserDatabase)
NewFileUserDatabase creates a new FileUserDatabase.
func (*FileUserDatabase) GetUserDetails ¶ added in v4.37.0
func (m *FileUserDatabase) GetUserDetails(username string) (user DatabaseUserDetails, err error)
GetUserDetails get a DatabaseUserDetails given a username as a value type where the username must be the users actual username.
func (*FileUserDatabase) Load ¶ added in v4.37.0
func (m *FileUserDatabase) Load() (err error)
Load the database from disk.
func (*FileUserDatabase) LoadAliases ¶ added in v4.37.0
func (m *FileUserDatabase) LoadAliases() (err error)
LoadAliases performs the loading of alias information from the database.
func (*FileUserDatabase) Save ¶ added in v4.37.0
func (m *FileUserDatabase) Save() (err error)
Save the database to disk.
func (*FileUserDatabase) SetUserDetails ¶ added in v4.37.0
func (m *FileUserDatabase) SetUserDetails(username string, details *DatabaseUserDetails)
SetUserDetails sets the DatabaseUserDetails for a given user.
func (*FileUserDatabase) ToDatabaseModel ¶ added in v4.37.0
func (m *FileUserDatabase) ToDatabaseModel() (model *DatabaseModel)
ToDatabaseModel converts the FileUserDatabase into the DatabaseModel for saving.
type FileUserProvider ¶
type FileUserProvider struct {
// contains filtered or unexported fields
}
FileUserProvider is a provider reading details from a file.
func NewFileUserProvider ¶
func NewFileUserProvider(config *schema.FileAuthenticationBackend) (provider *FileUserProvider)
NewFileUserProvider creates a new instance of FileUserProvider.
func (*FileUserProvider) CheckUserPassword ¶
func (p *FileUserProvider) CheckUserPassword(username string, password string) (match bool, err error)
CheckUserPassword checks if provided password matches for the given user.
func (*FileUserProvider) GetDetails ¶
func (p *FileUserProvider) GetDetails(username string) (details *UserDetails, err error)
GetDetails retrieve the groups a user belongs to.
func (*FileUserProvider) Reload ¶ added in v4.37.0
func (p *FileUserProvider) Reload() (reloaded bool, err error)
Reload the database.
func (*FileUserProvider) StartupCheck ¶ added in v4.31.0
func (p *FileUserProvider) StartupCheck() (err error)
StartupCheck implements the startup check provider interface.
func (*FileUserProvider) UpdatePassword ¶
func (p *FileUserProvider) UpdatePassword(username string, newPassword string) (err error)
UpdatePassword update the password of the given user.
type LDAPClient ¶ added in v4.35.3
type LDAPClient interface { Close() StartTLS(config *tls.Config) (err error) Bind(username, password string) (err error) UnauthenticatedBind(username string) (err error) Modify(modifyRequest *ldap.ModifyRequest) (err error) PasswordModify(pwdModifyRequest *ldap.PasswordModifyRequest) (pwdModifyResult *ldap.PasswordModifyResult, err error) Search(searchRequest *ldap.SearchRequest) (searchResult *ldap.SearchResult, err error) }
LDAPClient is a cut down version of the ldap.Client interface with just the methods we use.
Methods added to this interface that have a direct correlation with one from ldap.Client should have the same signature.
type LDAPClientFactory ¶ added in v4.35.3
type LDAPClientFactory interface {
DialURL(addr string, opts ...ldap.DialOpt) (client LDAPClient, err error)
}
LDAPClientFactory an interface of factory of LDAP clients.
type LDAPSupportedControlTypes ¶ added in v4.35.3
LDAPSupportedControlTypes represents control types which a server may support which are implemented in code.
type LDAPSupportedExtensions ¶ added in v4.35.3
LDAPSupportedExtensions represents extensions which a server may support which are implemented in code.
type LDAPSupportedFeatures ¶ added in v4.35.3
type LDAPSupportedFeatures struct { Extensions LDAPSupportedExtensions ControlTypes LDAPSupportedControlTypes }
LDAPSupportedFeatures represents features which a server may support which are implemented in code.
type LDAPUserProvider ¶
type LDAPUserProvider struct {
// contains filtered or unexported fields
}
LDAPUserProvider is a UserProvider that connects to LDAP servers like ActiveDirectory, OpenLDAP, OpenDJ, FreeIPA, etc.
func NewLDAPUserProvider ¶
func NewLDAPUserProvider(config schema.AuthenticationBackend, certPool *x509.CertPool) (provider *LDAPUserProvider)
NewLDAPUserProvider creates a new instance of LDAPUserProvider.
func (*LDAPUserProvider) CheckUserPassword ¶
func (p *LDAPUserProvider) CheckUserPassword(username string, password string) (valid bool, err error)
CheckUserPassword checks if provided password matches for the given user.
func (*LDAPUserProvider) GetDetails ¶
func (p *LDAPUserProvider) GetDetails(username string) (details *UserDetails, err error)
GetDetails retrieve the groups a user belongs to.
func (*LDAPUserProvider) StartupCheck ¶ added in v4.31.0
func (p *LDAPUserProvider) StartupCheck() (err error)
StartupCheck implements the startup check provider interface.
func (*LDAPUserProvider) UpdatePassword ¶
func (p *LDAPUserProvider) UpdatePassword(username, password string) (err error)
UpdatePassword update the password of the given user.
type MockLDAPClient ¶ added in v4.35.3
type MockLDAPClient struct {
// contains filtered or unexported fields
}
MockLDAPClient is a mock of LDAPClient interface.
func NewMockLDAPClient ¶ added in v4.35.3
func NewMockLDAPClient(ctrl *gomock.Controller) *MockLDAPClient
NewMockLDAPClient creates a new mock instance.
func (*MockLDAPClient) Bind ¶ added in v4.35.3
func (m *MockLDAPClient) Bind(arg0, arg1 string) error
Bind mocks base method.
func (*MockLDAPClient) Close ¶ added in v4.35.3
func (m *MockLDAPClient) Close()
Close mocks base method.
func (*MockLDAPClient) EXPECT ¶ added in v4.35.3
func (m *MockLDAPClient) EXPECT() *MockLDAPClientMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
func (*MockLDAPClient) Modify ¶ added in v4.35.3
func (m *MockLDAPClient) Modify(arg0 *ldap.ModifyRequest) error
Modify mocks base method.
func (*MockLDAPClient) PasswordModify ¶ added in v4.35.3
func (m *MockLDAPClient) PasswordModify(arg0 *ldap.PasswordModifyRequest) (*ldap.PasswordModifyResult, error)
PasswordModify mocks base method.
func (*MockLDAPClient) Search ¶ added in v4.35.3
func (m *MockLDAPClient) Search(arg0 *ldap.SearchRequest) (*ldap.SearchResult, error)
Search mocks base method.
func (*MockLDAPClient) StartTLS ¶ added in v4.35.3
func (m *MockLDAPClient) StartTLS(arg0 *tls.Config) error
StartTLS mocks base method.
func (*MockLDAPClient) UnauthenticatedBind ¶ added in v4.36.0
func (m *MockLDAPClient) UnauthenticatedBind(arg0 string) error
UnauthenticatedBind mocks base method.
type MockLDAPClientFactory ¶ added in v4.35.3
type MockLDAPClientFactory struct {
// contains filtered or unexported fields
}
MockLDAPClientFactory is a mock of LDAPClientFactory interface.
func NewMockLDAPClientFactory ¶ added in v4.35.3
func NewMockLDAPClientFactory(ctrl *gomock.Controller) *MockLDAPClientFactory
NewMockLDAPClientFactory creates a new mock instance.
func (*MockLDAPClientFactory) DialURL ¶ added in v4.35.3
func (m *MockLDAPClientFactory) DialURL(arg0 string, arg1 ...v3.DialOpt) (LDAPClient, error)
DialURL mocks base method.
func (*MockLDAPClientFactory) EXPECT ¶ added in v4.35.3
func (m *MockLDAPClientFactory) EXPECT() *MockLDAPClientFactoryMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
type MockLDAPClientFactoryMockRecorder ¶ added in v4.35.3
type MockLDAPClientFactoryMockRecorder struct {
// contains filtered or unexported fields
}
MockLDAPClientFactoryMockRecorder is the mock recorder for MockLDAPClientFactory.
func (*MockLDAPClientFactoryMockRecorder) DialURL ¶ added in v4.35.3
func (mr *MockLDAPClientFactoryMockRecorder) DialURL(arg0 interface{}, arg1 ...interface{}) *gomock.Call
DialURL indicates an expected call of DialURL.
type MockLDAPClientMockRecorder ¶ added in v4.35.3
type MockLDAPClientMockRecorder struct {
// contains filtered or unexported fields
}
MockLDAPClientMockRecorder is the mock recorder for MockLDAPClient.
func (*MockLDAPClientMockRecorder) Bind ¶ added in v4.35.3
func (mr *MockLDAPClientMockRecorder) Bind(arg0, arg1 interface{}) *gomock.Call
Bind indicates an expected call of Bind.
func (*MockLDAPClientMockRecorder) Close ¶ added in v4.35.3
func (mr *MockLDAPClientMockRecorder) Close() *gomock.Call
Close indicates an expected call of Close.
func (*MockLDAPClientMockRecorder) Modify ¶ added in v4.35.3
func (mr *MockLDAPClientMockRecorder) Modify(arg0 interface{}) *gomock.Call
Modify indicates an expected call of Modify.
func (*MockLDAPClientMockRecorder) PasswordModify ¶ added in v4.35.3
func (mr *MockLDAPClientMockRecorder) PasswordModify(arg0 interface{}) *gomock.Call
PasswordModify indicates an expected call of PasswordModify.
func (*MockLDAPClientMockRecorder) Search ¶ added in v4.35.3
func (mr *MockLDAPClientMockRecorder) Search(arg0 interface{}) *gomock.Call
Search indicates an expected call of Search.
func (*MockLDAPClientMockRecorder) StartTLS ¶ added in v4.35.3
func (mr *MockLDAPClientMockRecorder) StartTLS(arg0 interface{}) *gomock.Call
StartTLS indicates an expected call of StartTLS.
func (*MockLDAPClientMockRecorder) UnauthenticatedBind ¶ added in v4.36.0
func (mr *MockLDAPClientMockRecorder) UnauthenticatedBind(arg0 interface{}) *gomock.Call
UnauthenticatedBind indicates an expected call of UnauthenticatedBind.
type ProductionLDAPClientFactory ¶ added in v4.35.3
type ProductionLDAPClientFactory struct{}
ProductionLDAPClientFactory the production implementation of an ldap connection factory.
func NewProductionLDAPClientFactory ¶ added in v4.35.3
func NewProductionLDAPClientFactory() *ProductionLDAPClientFactory
NewProductionLDAPClientFactory create a concrete ldap connection factory.
func (*ProductionLDAPClientFactory) DialURL ¶ added in v4.35.3
func (f *ProductionLDAPClientFactory) DialURL(addr string, opts ...ldap.DialOpt) (client LDAPClient, err error)
DialURL creates a client from an LDAP URL when successful.
type UserDetails ¶
UserDetails represent the details retrieved for a given user.
func (UserDetails) Addresses ¶ added in v4.36.3
func (d UserDetails) Addresses() (addresses []mail.Address)
Addresses returns the Emails []string as []mail.Address formatted with DisplayName as the Name attribute.
type UserDetailsModel ¶
type UserDetailsModel struct { HashedPassword string `yaml:"password" valid:"required"` DisplayName string `yaml:"displayname" valid:"required"` Email string `yaml:"email"` Groups []string `yaml:"groups"` Disabled bool `yaml:"disabled"` }
UserDetailsModel is the model of user details in the file database.
func (UserDetailsModel) ToDatabaseUserDetailsModel ¶ added in v4.37.0
func (m UserDetailsModel) ToDatabaseUserDetailsModel(username string) (model *DatabaseUserDetails, err error)
ToDatabaseUserDetailsModel converts a UserDetailsModel into a *DatabaseUserDetails.
type UserProvider ¶
type UserProvider interface { model.StartupCheck CheckUserPassword(username string, password string) (valid bool, err error) GetDetails(username string) (details *UserDetails, err error) UpdatePassword(username string, newPassword string) (err error) }
UserProvider is the interface for checking user password and gathering user details.