service

package
v0.0.0-...-122f59b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	VerifyPasswordPerIP        ratelimit.BucketName = "VerifyPasswordPerIP"
	VerifyPasswordPerUserPerIP ratelimit.BucketName = "VerifyPasswordPerUserPerIP"
	VerifyTOTPPerIP            ratelimit.BucketName = "VerifyTOTPPerIP"
	VerifyTOTPPerUserPerIP     ratelimit.BucketName = "VerifyTOTPPerUserPerIP"
	VerifyPasskeyPerIP         ratelimit.BucketName = "VerifyPasskeyPerIP"
)

Variables

View Source 
var DependencySet = wire.NewSet(
	wire.Struct(new(Store), "*"),
	wire.Struct(new(RateLimits), "*"),
	wire.Struct(new(Lockout), "*"),
	wire.Struct(new(Service), "*"),
)

Functions

This section is empty.

Types

type Lockout 

type Lockout struct {
	Config   *config.AuthenticationLockoutConfig
	RemoteIP httputil.RemoteIP
	Provider LockoutProvider
}

func (*Lockout) Check 

func (l *Lockout) Check(userID string) error

func (*Lockout) ClearAttempts 

func (l *Lockout) ClearAttempts(userID string, usedMethods []config.AuthenticationLockoutMethod) error

func (*Lockout) MakeAttempt 

func (l *Lockout) MakeAttempt(userID string, authenticatorType model.AuthenticatorType) error

type LockoutProvider 

type LockoutProvider interface {
	MakeAttempts(spec lockout.LockoutSpec, contributor string, attempts int) (result *lockout.MakeAttemptResult, err error)
	ClearAttempts(spec lockout.LockoutSpec, contributor string) error
}

type OOBOTPAuthenticatorProvider 

type OOBOTPAuthenticatorProvider interface {
	Get(userID, id string) (*authenticator.OOBOTP, error)
	GetMany(ids []string) ([]*authenticator.OOBOTP, error)
	List(userID string) ([]*authenticator.OOBOTP, error)
	New(id string, userID string, oobAuthenticatorType model.AuthenticatorType, target string, isDefault bool, kind string) (*authenticator.OOBOTP, error)
	WithSpec(a *authenticator.OOBOTP, spec *authenticator.OOBOTPSpec) (*authenticator.OOBOTP, error)
	Create(*authenticator.OOBOTP) error
	Update(*authenticator.OOBOTP) error
	Delete(*authenticator.OOBOTP) error
}

type OTPCodeService 

type OTPCodeService interface {
	VerifyOTP(kind otp.Kind, target string, otp string, opts *otp.VerifyOptions) error
}

type PasskeyAuthenticatorProvider 

type PasskeyAuthenticatorProvider interface {
	Get(userID, id string) (*authenticator.Passkey, error)
	GetMany(ids []string) ([]*authenticator.Passkey, error)
	List(userID string) ([]*authenticator.Passkey, error)
	New(
		id string,
		userID string,
		attestationResponse []byte,
		isDefault bool,
		kind string,
	) (*authenticator.Passkey, error)
	Create(*authenticator.Passkey) error
	Update(*authenticator.Passkey) error
	Delete(*authenticator.Passkey) error
	Authenticate(a *authenticator.Passkey, assertionResponse []byte) (requireUpdate bool, err error)
}

type PasswordAuthenticatorProvider 

type PasswordAuthenticatorProvider interface {
	Get(userID, id string) (*authenticator.Password, error)
	GetMany(ids []string) ([]*authenticator.Password, error)
	List(userID string) ([]*authenticator.Password, error)
	New(id string, userID string, passwordSpec *authenticator.PasswordSpec, isDefault bool, kind string) (*authenticator.Password, error)
	// WithPassword returns new authenticator pointer if password is changed
	// Otherwise original authenticator will be returned
	WithPassword(a *authenticator.Password, password string) (*authenticator.Password, error)
	Create(*authenticator.Password) error
	UpdatePassword(*authenticator.Password) error
	Delete(*authenticator.Password) error
	Authenticate(a *authenticator.Password, password string) (verifyResult *password.VerifyResult, err error)
}

type RateLimiter 

type RateLimiter interface {
	Reserve(spec ratelimit.BucketSpec) *ratelimit.Reservation
	Cancel(r *ratelimit.Reservation)
}

type RateLimits 

type RateLimits struct {
	IP     httputil.RemoteIP
	Config *config.AuthenticationConfig

	RateLimiter RateLimiter
}

func (*RateLimits) Cancel 

func (l *RateLimits) Cancel(r *Reservation)

func (*RateLimits) Reserve 

func (l *RateLimits) Reserve(userID string, authType model.AuthenticatorType) *Reservation

type Reservation 

type Reservation struct {
	// contains filtered or unexported fields
}

func (*Reservation) Consume 

func (r *Reservation) Consume()

func (*Reservation) Error 

func (r *Reservation) Error() error

type Service 

type Service struct {
	Store          *Store
	Config         *config.AppConfig
	Password       PasswordAuthenticatorProvider
	Passkey        PasskeyAuthenticatorProvider
	TOTP           TOTPAuthenticatorProvider
	OOBOTP         OOBOTPAuthenticatorProvider
	OTPCodeService OTPCodeService
	RateLimits     RateLimits
	Lockout        Lockout
}

func (*Service) ClearLockoutAttempts 

func (s *Service) ClearLockoutAttempts(userID string, usedMethods []config.AuthenticationLockoutMethod) error

func (*Service) Count 

func (s *Service) Count(userID string) (uint64, error)

func (*Service) Create 

func (s *Service) Create(info *authenticator.Info) error

func (*Service) Delete 

func (s *Service) Delete(info *authenticator.Info) error

func (*Service) Get 

func (s *Service) Get(id string) (*authenticator.Info, error)

func (*Service) GetMany 

func (s *Service) GetMany(ids []string) ([]*authenticator.Info, error)

func (*Service) List 

func (s *Service) List(userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)

func (*Service) ListByUserIDs 

func (s *Service) ListByUserIDs(userIDs []string, filters ...authenticator.Filter) (map[string][]*authenticator.Info, error)

nolint:gocognit

func (*Service) ListRefsByUsers 

func (s *Service) ListRefsByUsers(userIDs []string, authenticatorType *model.AuthenticatorType, authenticatorKind *authenticator.Kind) ([]*authenticator.Ref, error)

func (*Service) New 

func (s *Service) New(spec *authenticator.Spec) (*authenticator.Info, error)

func (*Service) NewWithAuthenticatorID 

func (s *Service) NewWithAuthenticatorID(authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)

func (*Service) RemoveOrphans 

func (s *Service) RemoveOrphans(identities []*identity.Info) error

func (*Service) Update 

func (s *Service) Update(info *authenticator.Info) error

func (*Service) UpdateOrphans 

func (s *Service) UpdateOrphans(oldInfo *identity.Info, newInfo *identity.Info) error

func (*Service) VerifyOneWithSpec 

func (s *Service) VerifyOneWithSpec(
	userID string,
	authenticatorType model.AuthenticatorType,
	infos []*authenticator.Info,
	spec *authenticator.Spec,
	options *VerifyOptions) (info *authenticator.Info, verifyResult *VerifyResult, err error)

Given a list of authenticators, try to verify one of them

func (*Service) WithSpec 

func (s *Service) WithSpec(ai *authenticator.Info, spec *authenticator.Spec) (bool, *authenticator.Info, error)

type Store 

type Store struct {
	SQLBuilder  *appdb.SQLBuilderApp
	SQLExecutor *appdb.SQLExecutor
}

func (*Store) Count 

func (s *Store) Count(userID string) (uint64, error)

func (*Store) GetRefByID 

func (s *Store) GetRefByID(id string) (*authenticator.Ref, error)

func (*Store) ListRefsByIDs 

func (s *Store) ListRefsByIDs(ids []string) ([]*authenticator.Ref, error)

func (*Store) ListRefsByUsers 

func (s *Store) ListRefsByUsers(userIDs []string, authenticatorType *model.AuthenticatorType, authenticatorKind *authenticator.Kind) ([]*authenticator.Ref, error)

type TOTPAuthenticatorProvider 

type TOTPAuthenticatorProvider interface {
	Get(userID, id string) (*authenticator.TOTP, error)
	GetMany(ids []string) ([]*authenticator.TOTP, error)
	List(userID string) ([]*authenticator.TOTP, error)
	New(id string, userID string, totpSpec *authenticator.TOTPSpec, isDefault bool, kind string) (*authenticator.TOTP, error)
	Create(*authenticator.TOTP) error
	Delete(*authenticator.TOTP) error
	Authenticate(a *authenticator.TOTP, code string) error
}

type VerifyOptions 

type VerifyOptions struct {
	OOBChannel        *model.AuthenticatorOOBChannel
	UseSubmittedValue bool
}

type VerifyResult 

type VerifyResult struct {
	Password *password.VerifyResult
	Passkey  bool
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.