auth

package
v0.0.0-...-b06d393 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 27, 2016 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (
	OAuthBegin    = "OAuthBegin"
	OAuthCallback = "OAuthCallback"
	LogOut        = "LogOut"
)
View Source
const BuildKey = "build"
View Source
const CookieName = "ATC-Authorization"
View Source
const OAuthStateCookie = "_concourse_oauth_state"
View Source
const PipelineDBKey = "pipelineDB"
View Source
const TokenTypeBearer = "Bearer"

Variables

View Source
var ErrUnparsableHeader = errors.New("cannot parse 'Authorization' header")
View Source
var OAuthRoutes = rata.Routes{
	{Path: "/auth/logout", Method: "GET", Name: LogOut},
	{Path: "/auth/:provider", Method: "GET", Name: OAuthBegin},
	{Path: "/auth/:provider/callback", Method: "GET", Name: OAuthCallback},
}
View Source
var SigningMethod = jwt.SigningMethodRS256

Functions

func CheckAdminHandler

func CheckAdminHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func CheckAuthenticationHandler

func CheckAuthenticationHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func CheckAuthorizationHandler

func CheckAuthorizationHandler(
	handler http.Handler,
	rejector Rejector,
) http.Handler

func IsAdmin

func IsAdmin(r *http.Request) bool

func IsAuthenticated

func IsAuthenticated(r *http.Request) bool

func IsAuthorized

func IsAuthorized(r *http.Request) bool

func NewCheckBuildReadAccessHandlerFactory

func NewCheckBuildReadAccessHandlerFactory(
	buildsDB BuildsDB,
) *checkBuildReadAccessHandlerFactory

func NewCheckBuildWriteAccessHandlerFactory

func NewCheckBuildWriteAccessHandlerFactory(
	buildsDB BuildsDB,
) *checkBuildWriteAccessHandlerFactory

func NewCheckPipelineAccessHandlerFactory

func NewCheckPipelineAccessHandlerFactory(
	pipelineDBFactory db.PipelineDBFactory,
	teamDBFactory db.TeamDBFactory,
) *checkPipelineAccessHandlerFactory

func NewLogOutHandler

func NewLogOutHandler(logger lager.Logger) http.Handler

func NewOAuthBeginHandler

func NewOAuthBeginHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	privateKey *rsa.PrivateKey,
	teamDBFactory db.TeamDBFactory,
	expire time.Duration,
) http.Handler

func NewOAuthCallbackHandler

func NewOAuthCallbackHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	privateKey *rsa.PrivateKey,
	teamDBFactory db.TeamDBFactory,
	expire time.Duration,
) http.Handler

func NewOAuthHandler

func NewOAuthHandler(
	logger lager.Logger,
	providerFactory ProviderFactory,
	teamDBFactory db.TeamDBFactory,
	signingKey *rsa.PrivateKey,
	expire time.Duration,
) (http.Handler, error)

func WrapHandler

func WrapHandler(
	handler http.Handler,
	validator Validator,
	userContextReader UserContextReader,
) http.Handler

Types

type AuthDB

type AuthDB interface {
	GetTeam() (db.SavedTeam, bool, error)
}

type BuildsDB

type BuildsDB interface {
	GetBuildByID(buildID int) (db.Build, bool, error)
}

type CheckBuildReadAccessHandlerFactory

type CheckBuildReadAccessHandlerFactory interface {
	AnyJobHandler(delegateHandler http.Handler, rejector Rejector) http.Handler
	CheckIfPrivateJobHandler(delegateHandler http.Handler, rejector Rejector) http.Handler
}

type CheckBuildWriteAccessHandlerFactory

type CheckBuildWriteAccessHandlerFactory interface {
	HandlerFor(delegateHandler http.Handler, rejector Rejector) http.Handler
}

type CheckPipelineAccessHandlerFactory

type CheckPipelineAccessHandlerFactory interface {
	HandlerFor(pipelineScopedHandler http.Handler, rejector Rejector) http.Handler
}

type CookieSetHandler

type CookieSetHandler struct {
	Handler http.Handler
}

func (CookieSetHandler) ServeHTTP

func (handler CookieSetHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type JWTReader

type JWTReader struct {
	PublicKey *rsa.PublicKey
}

func (JWTReader) GetSystem

func (jr JWTReader) GetSystem(r *http.Request) (bool, bool)

func (JWTReader) GetTeam

func (jr JWTReader) GetTeam(r *http.Request) (string, int, bool, bool)

type JWTValidator

type JWTValidator struct {
	PublicKey *rsa.PublicKey
}

func (JWTValidator) IsAuthenticated

func (validator JWTValidator) IsAuthenticated(r *http.Request) bool

type LogOutHandler

type LogOutHandler struct {
	// contains filtered or unexported fields
}

func (*LogOutHandler) ServeHTTP

func (handler *LogOutHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthBeginHandler

type OAuthBeginHandler struct {
	// contains filtered or unexported fields
}

func (*OAuthBeginHandler) ServeHTTP

func (handler *OAuthBeginHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthCallbackHandler

type OAuthCallbackHandler struct {
	// contains filtered or unexported fields
}

func (*OAuthCallbackHandler) ServeHTTP

func (handler *OAuthCallbackHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type OAuthState

type OAuthState struct {
	Redirect string `json:"redirect"`
	TeamName string `json:"team_name"`
}

type ProviderFactory

type ProviderFactory interface {
	GetProvider(db.SavedTeam, string) (provider.Provider, bool, error)
}

type Rejector

type Rejector interface {
	Unauthorized(http.ResponseWriter, *http.Request)
	Forbidden(http.ResponseWriter, *http.Request)
}

type Team

type Team interface {
	Name() string
	ID() int
	IsAdmin() bool
	IsAuthorized(teamName string) bool
}

func GetTeam

func GetTeam(r *http.Request) (Team, bool)

type TokenGenerator

type TokenGenerator interface {
	GenerateToken(expiration time.Time, teamName string, teamID int, isAdmin bool) (TokenType, TokenValue, error)
}

func NewTokenGenerator

func NewTokenGenerator(privateKey *rsa.PrivateKey) TokenGenerator

type TokenType

type TokenType string

type TokenValue

type TokenValue string

type UnauthorizedRejector

type UnauthorizedRejector struct{}

func (UnauthorizedRejector) Forbidden

func (UnauthorizedRejector) Unauthorized

func (UnauthorizedRejector) Unauthorized(w http.ResponseWriter, r *http.Request)

type UserContextReader

type UserContextReader interface {
	GetTeam(r *http.Request) (string, int, bool, bool)
	GetSystem(r *http.Request) (bool, bool)
}

type Validator

type Validator interface {
	IsAuthenticated(*http.Request) bool
}

func NewBasicAuthValidator

func NewBasicAuthValidator(team db.SavedTeam) Validator

func NewTeamAuthValidator

func NewTeamAuthValidator(
	teamDBFactory db.TeamDBFactory,
	jwtValidator Validator,
) Validator

Directories

Path Synopsis
This file was generated by counterfeiter
This file was generated by counterfeiter
githubfakes
This file was generated by counterfeiter
This file was generated by counterfeiter
providerfakes
This file was generated by counterfeiter
This file was generated by counterfeiter

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL