authn

package
v1.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 9, 2024 License: Apache-2.0 Imports: 45 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIConfig added in v1.0.14

type APIConfig struct {
	ProfileEnabled bool `json:"profile_enabled,omitempty" xml:"profile_enabled,omitempty" yaml:"profile_enabled,omitempty"`
	AdminEnabled   bool `json:"admin_enabled,omitempty" xml:"admin_enabled,omitempty" yaml:"admin_enabled,omitempty"`
}

APIConfig holds the configuration for API endpoints.

type AccessDeniedResponse

type AccessDeniedResponse struct {
	Error     bool   `json:"error,omitempty" xml:"error,omitempty" yaml:"error,omitempty"`
	Message   string `json:"message,omitempty" xml:"message,omitempty" yaml:"message,omitempty"`
	Timestamp string `json:"timestamp,omitempty" xml:"timestamp,omitempty" yaml:"timestamp,omitempty"`
}

AccessDeniedResponse is the access denied response.

type AuthRequest

type AuthRequest struct {
	Username string `json:"username,omitempty" xml:"username,omitempty" yaml:"username,omitempty"`
	Password string `json:"password,omitempty" xml:"password,omitempty" yaml:"password,omitempty"`
	Realm    string `json:"realm,omitempty" xml:"realm,omitempty" yaml:"realm,omitempty"`
}

AuthRequest is authentication request.

type AuthResponse

type AuthResponse struct {
	Token     string `json:"token,omitempty" xml:"token,omitempty" yaml:"token,omitempty"`
	TokenName string `json:"token_name,omitempty" xml:"token_name,omitempty" yaml:"token_name,omitempty"`
}

AuthResponse is the response to authentication request.

type Portal

type Portal struct {
	// contains filtered or unexported fields
}

Portal is an authentication portal.

func NewPortal

func NewPortal(params PortalParameters) (*Portal, error)

NewPortal returns an instance of Portal.

func (*Portal) APIKeyAuth

func (p *Portal) APIKeyAuth(r *authproxy.Request) error

APIKeyAuth performs API key authentication.

func (*Portal) AddUserAPIKey added in v1.1.1

func (p *Portal) AddUserAPIKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

AddUserAPIKey adds API key to user identity.

func (*Portal) AddUserAppMultiFactorVerifier added in v1.1.1

func (p *Portal) AddUserAppMultiFactorVerifier(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

AddUserAppMultiFactorVerifier adds app multi factor authenticator to user identity.

func (*Portal) AddUserGPGKey added in v1.1.1

func (p *Portal) AddUserGPGKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

AddUserGPGKey adds GPG key to user identity.

func (*Portal) AddUserRegistry added in v1.0.23

func (p *Portal) AddUserRegistry(userRegistry registry.UserRegistry) error

AddUserRegistry adds registry.UserRegistry instance to Portal.

func (*Portal) AddUserSSHKey added in v1.1.1

func (p *Portal) AddUserSSHKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

AddUserSSHKey adds SSH key to user identity.

func (*Portal) AddUserUniSecFactorToken added in v1.1.1

func (p *Portal) AddUserUniSecFactorToken(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

AddUserUniSecFactorToken adds U2F token to user identity.

func (*Portal) BasicAuth

func (p *Portal) BasicAuth(r *authproxy.Request) error

BasicAuth performs API key authentication.

func (*Portal) DeleteUserAPIKey added in v1.1.1

func (p *Portal) DeleteUserAPIKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

DeleteUserAPIKey deletes API key from user identity.

func (*Portal) DeleteUserGPGKey added in v1.1.1

func (p *Portal) DeleteUserGPGKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

DeleteUserGPGKey deletes GPG key from user identity.

func (*Portal) DeleteUserMultiFactorVerifier added in v1.1.1

func (p *Portal) DeleteUserMultiFactorVerifier(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

DeleteUserMultiFactorVerifier deletes app multi factor authenticator from user identity.

func (*Portal) DeleteUserSSHKey added in v1.1.1

func (p *Portal) DeleteUserSSHKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

DeleteUserSSHKey deletes SSH key from user identity.

func (*Portal) FetchDebug added in v1.1.1

func (p *Portal) FetchDebug(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchDebug fetches debug information.

func (*Portal) FetchUserAPIKey added in v1.1.1

func (p *Portal) FetchUserAPIKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserAPIKey fetches API key from user identity.

func (*Portal) FetchUserAPIKeys added in v1.1.1

func (p *Portal) FetchUserAPIKeys(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchUserAPIKeys fetches API keys from user identity.

func (*Portal) FetchUserAppMultiFactorVerifierCode added in v1.1.1

func (p *Portal) FetchUserAppMultiFactorVerifierCode(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserAppMultiFactorVerifierCode fetches app multi factor authenticator passcode.

func (*Portal) FetchUserDashboardData added in v1.1.1

func (p *Portal) FetchUserDashboardData(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchUserDashboardData fetches user dashboard information.

func (*Portal) FetchUserGPGKey added in v1.1.1

func (p *Portal) FetchUserGPGKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserGPGKey fetches GPG key from user identity.

func (*Portal) FetchUserGPGKeys added in v1.1.1

func (p *Portal) FetchUserGPGKeys(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchUserGPGKeys fetches GPG keys from user identity.

func (*Portal) FetchUserInfo added in v1.1.1

func (p *Portal) FetchUserInfo(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchUserInfo fetches user identity information.

func (*Portal) FetchUserMultiFactorVerifier added in v1.1.1

func (p *Portal) FetchUserMultiFactorVerifier(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserMultiFactorVerifier fetches app multi factor authenticator from user identity.

func (*Portal) FetchUserMultiFactorVerifiers added in v1.1.1

func (p *Portal) FetchUserMultiFactorVerifiers(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchUserMultiFactorVerifiers fetches app multi factor authenticators from user identity.

func (*Portal) FetchUserSSHKey added in v1.1.1

func (p *Portal) FetchUserSSHKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserSSHKey fetches SSH key from user identity.

func (*Portal) FetchUserSSHKeys added in v1.1.1

func (p *Portal) FetchUserSSHKeys(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore) error

FetchUserSSHKeys fetches SSH keys from user identity.

func (*Portal) FetchUserUniSecFactorRegParams added in v1.1.1

func (p *Portal) FetchUserUniSecFactorRegParams(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserUniSecFactorRegParams fetches U2F authenticator registration parameters.

func (*Portal) FetchUserUniSecFactorVerParams added in v1.1.1

func (p *Portal) FetchUserUniSecFactorVerParams(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

FetchUserUniSecFactorVerParams fetches U2F authenticator verification parameters.

func (*Portal) GetIdentityStoreNames added in v1.0.23

func (p *Portal) GetIdentityStoreNames() map[string]string

GetIdentityStoreNames returns a list of existing identity stores.

func (*Portal) GetName added in v1.0.21

func (p *Portal) GetName() string

GetName returns the configuration name of the Portal.

func (*Portal) ServeHTTP

func (p *Portal) ServeHTTP(ctx context.Context, w http.ResponseWriter, r *http.Request, rr *requests.Request) error

ServeHTTP is a gateway for the authentication portal.

func (*Portal) TestUserAPIKey added in v1.1.1

func (p *Portal) TestUserAPIKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserAPIKey tests API key.

func (*Portal) TestUserAppMultiFactorVerifier added in v1.1.1

func (p *Portal) TestUserAppMultiFactorVerifier(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserAppMultiFactorVerifier tests app multi factor authenticator passcode.

func (*Portal) TestUserAppTokenPasscode added in v1.1.1

func (p *Portal) TestUserAppTokenPasscode(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserAppTokenPasscode tests app multi factor authenticator passcode.

func (*Portal) TestUserGPGKey added in v1.1.1

func (p *Portal) TestUserGPGKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserGPGKey tests GPG key.

func (*Portal) TestUserSSHKey added in v1.1.1

func (p *Portal) TestUserSSHKey(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserSSHKey tests SSH key.

func (*Portal) TestUserUniSecFactorReg added in v1.1.1

func (p *Portal) TestUserUniSecFactorReg(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserUniSecFactorReg verifies U2F authenticator.

func (*Portal) TestUserWebAuthnToken added in v1.1.1

func (p *Portal) TestUserWebAuthnToken(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

TestUserWebAuthnToken tests WebAuthn token.

func (*Portal) UpdateUserPassword added in v1.1.1

func (p *Portal) UpdateUserPassword(
	ctx context.Context,
	w http.ResponseWriter,
	r *http.Request,
	rr *requests.Request,
	parsedUser *user.User,
	resp map[string]interface{},
	usr *user.User,
	backend ids.IdentityStore,
	bodyData map[string]interface{}) error

UpdateUserPassword updates user password.

type PortalConfig

type PortalConfig struct {
	Name string `json:"name,omitempty" xml:"name,omitempty" yaml:"name,omitempty"`
	// UI holds the configuration for the user interface.
	UI *ui.Parameters `json:"ui,omitempty" xml:"ui,omitempty" yaml:"ui,omitempty"`
	// UserTransformerConfig holds the configuration for the user transformer.
	UserTransformerConfigs []*transformer.Config `json:"user_transformer_configs,omitempty" xml:"user_transformer_configs,omitempty" yaml:"user_transformer_configs,omitempty"`
	// CookieConfig holds the configuration for the cookies issues by Authenticator.
	CookieConfig *cookie.Config `json:"cookie_config,omitempty" xml:"cookie_config,omitempty" yaml:"cookie_config,omitempty"`
	// The names of identity stores.
	IdentityStores []string `json:"identity_stores,omitempty" xml:"identity_stores,omitempty" yaml:"identity_stores,omitempty"`
	// The names of identity providers.
	IdentityProviders []string `json:"identity_providers,omitempty" xml:"identity_providers,omitempty" yaml:"identity_providers,omitempty"`
	// The names of SSO providers.
	SingleSignOnProviders []string `json:"sso_providers,omitempty" xml:"sso_providers,omitempty" yaml:"sso_providers,omitempty"`
	// The names of user registries.
	UserRegistries []string `json:"user_registries,omitempty" xml:"user_registries,omitempty" yaml:"user_registries,omitempty"`
	// AccessListConfigs hold the configurations for the ACL of the token validator.
	AccessListConfigs []*acl.RuleConfiguration `json:"access_list_configs,omitempty" xml:"access_list_configs,omitempty" yaml:"access_list_configs,omitempty"`
	// TokenValidatorOptions holds the configuration for the token validator.
	TokenValidatorOptions *options.TokenValidatorOptions `json:"token_validator_options,omitempty" xml:"token_validator_options,omitempty" yaml:"token_validator_options,omitempty"`
	// CryptoKeyConfigs hold the configurations for the keys used to issue and validate user tokens.
	CryptoKeyConfigs []*kms.CryptoKeyConfig `json:"crypto_key_configs,omitempty" xml:"crypto_key_configs,omitempty" yaml:"crypto_key_configs,omitempty"`
	// CryptoKeyStoreConfig hold the default configuration for the keys, e.g. token name and lifetime.
	CryptoKeyStoreConfig map[string]interface{} `json:"crypto_key_store_config,omitempty" xml:"crypto_key_store_config,omitempty" yaml:"crypto_key_store_config,omitempty"`
	// TokenGrantorOptions holds the configuration for the tokens issues by Authenticator.
	TokenGrantorOptions *options.TokenGrantorOptions `json:"token_grantor_options,omitempty" xml:"token_grantor_options,omitempty" yaml:"token_grantor_options,omitempty"`
	// TrustedLogoutRedirectURIConfigs holds the configuration of trusted logout redirect URIs.
	TrustedLogoutRedirectURIConfigs []*redirects.RedirectURIMatchConfig `` /* 157-byte string literal not displayed */

	// PortalAdminRoles holds the list of role names granted to do administrative tasks in the portal.
	PortalAdminRoles map[string]interface{} `json:"portal_admin_roles,omitempty" xml:"portal_admin_roles,omitempty" yaml:"portal_admin_roles,omitempty"`
	// PortalUserRoles holds the list of role names granted to do perform profile tasks in the portal.
	PortalUserRoles map[string]interface{} `json:"portal_user_roles,omitempty" xml:"portal_user_roles,omitempty" yaml:"portal_user_roles,omitempty"`
	// PortalGuestRoles holds the list of role names without admin or user privileges in the portal.
	PortalGuestRoles map[string]interface{} `json:"portal_guest_roles,omitempty" xml:"portal_guest_roles,omitempty" yaml:"portal_guest_roles,omitempty"`

	// PortalAdminRolePatterns holds the list of regular expressions for the role names granted to do administrative tasks in the portal.
	PortalAdminRolePatterns []string `` /* 130-byte string literal not displayed */

	// PortalUserRolePatterns holds the list of regular expressions for the role names granted to do perform profile tasks in the portal.
	PortalUserRolePatterns []string `` /* 127-byte string literal not displayed */

	// PortalGuestRolePatterns holds the list of regular expressions for the role names without admin or user privileges in the portal.
	PortalGuestRolePatterns []string `` /* 130-byte string literal not displayed */

	// API holds the configuration for API endpoints.
	API *APIConfig `json:"api,omitempty" xml:"api,omitempty" yaml:"api,omitempty"`
	// contains filtered or unexported fields
}

PortalConfig represents Portal configuration.

func (*PortalConfig) AddRawCryptoConfigs

func (cfg *PortalConfig) AddRawCryptoConfigs(s string)

AddRawCryptoConfigs adds raw crypto configs.

func (*PortalConfig) GetGuestPortalRoles added in v1.1.3

func (cfg *PortalConfig) GetGuestPortalRoles() []string

GetGuestPortalRoles returns the names of guest portal roles.

func (*PortalConfig) GetReservedPortalRoles added in v1.1.3

func (cfg *PortalConfig) GetReservedPortalRoles() map[string]interface{}

GetReservedPortalRoles returns the names of reserved portal roles.

func (*PortalConfig) Validate

func (cfg *PortalConfig) Validate() error

Validate validates PortalConfig.

type PortalParameters added in v1.0.20

type PortalParameters struct {
	Config                *PortalConfig              `json:"config,omitempty" xml:"config,omitempty" yaml:"config,omitempty"`
	Logger                *zap.Logger                `json:"logger,omitempty" xml:"logger,omitempty" yaml:"logger,omitempty"`
	IdentityStores        []ids.IdentityStore        `json:"identity_stores,omitempty" xml:"identity_stores,omitempty" yaml:"identity_stores,omitempty"`
	IdentityProviders     []idp.IdentityProvider     `json:"identity_providers,omitempty" xml:"identity_providers,omitempty" yaml:"identity_providers,omitempty"`
	SingleSignOnProviders []sso.SingleSignOnProvider `json:"sso_providers,omitempty" xml:"sso_providers,omitempty" yaml:"sso_providers,omitempty"`
}

PortalParameters are input parameters for NewPortal.

Source Files

Directories

Path Synopsis
enums

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL