types

package

v0.0.0-...-a92fb97 Latest Latest Go to latest Published: Dec 7, 2020 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jrockway/jsso2

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

View Source

var File_types_proto protoreflect.FileDescriptor

Functions ¶

This section is empty.

Types ¶

type BearerToken ¶

type BearerToken struct {
	Username  string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	RequestId string `protobuf:"bytes,2,opt,name=request_id,json=requestId,proto3" json:"request_id,omitempty"`
	// contains filtered or unexported fields
}

BearerToken is information authenticating a single request. It's intended to be wrapped in a SecureToken.

func (*BearerToken) Descriptor deprecated

func (*BearerToken) Descriptor() ([]byte, []int)

Deprecated: Use BearerToken.ProtoReflect.Descriptor instead.

func (*BearerToken) GetRequestId ¶

func (x *BearerToken) GetRequestId() string

func (*BearerToken) GetUsername ¶

func (x *BearerToken) GetUsername() string

func (*BearerToken) ProtoMessage ¶

func (*BearerToken) ProtoMessage()

func (*BearerToken) ProtoReflect ¶

func (x *BearerToken) ProtoReflect() protoreflect.Message

func (*BearerToken) Reset ¶

func (x *BearerToken) Reset()

func (*BearerToken) String ¶

func (x *BearerToken) String() string

type Credential ¶

type Credential struct {

	// A synthetic identifier to distingish between cases where a credential is
	// revoked and re-added, or two users have the same credential.
	Id int64 `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
	// The id of the credential, as determined by the authenticator.
	CredentialId []byte `protobuf:"bytes,2,opt,name=credential_id,json=credentialId,proto3" json:"credential_id,omitempty"`
	// The public key of the credential, used to verify signataures from an
	// authenticator.
	PublicKey []byte `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// The user that enrolled this credential.
	User *User `protobuf:"bytes,4,opt,name=user,proto3" json:"user,omitempty"`
	// The name that the user gave this; for display purposes only.
	Name string `protobuf:"bytes,5,opt,name=name,proto3" json:"name,omitempty"`
	// When this credential was enrolled.
	CreatedAt *timestamp.Timestamp `protobuf:"bytes,6,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	// When this credential was revoked, or zero if not revoked.
	DeletedAt *timestamp.Timestamp `protobuf:"bytes,7,opt,name=deleted_at,json=deletedAt,proto3" json:"deleted_at,omitempty"`
	// The session id that was in use to access the enrollment page.  We don't
	// use this anywhere, it's just for audit purposes.  (That's why it's just
	// the ID and not the full Session object.)
	CreatedBySessionId []byte `protobuf:"bytes,8,opt,name=created_by_session_id,json=createdBySessionId,proto3" json:"created_by_session_id,omitempty"`
	// The AAGUID of the authenticator.  (Supposedly this identifies the
	// manufacturer of the authenticator.)
	Aaguid []byte `protobuf:"bytes,9,opt,name=aaguid,proto3" json:"aaguid,omitempty"`
	// The last-seen sign count of the authenticator.  If the sign count is less
	// than this when logging in, we know the credential has been cloned.
	SignCount int64 `protobuf:"varint,10,opt,name=sign_count,json=signCount,proto3" json:"sign_count,omitempty"`
	// contains filtered or unexported fields
}

Credential represents a WebAuthn public-key credential.

func (*Credential) Descriptor deprecated

func (*Credential) Descriptor() ([]byte, []int)

Deprecated: Use Credential.ProtoReflect.Descriptor instead.

func (*Credential) GetAaguid ¶

func (x *Credential) GetAaguid() []byte

func (*Credential) GetCreatedAt ¶

func (x *Credential) GetCreatedAt() *timestamp.Timestamp

func (*Credential) GetCreatedBySessionId ¶

func (x *Credential) GetCreatedBySessionId() []byte

func (*Credential) GetCredentialId ¶

func (x *Credential) GetCredentialId() []byte

func (*Credential) GetDeletedAt ¶

func (x *Credential) GetDeletedAt() *timestamp.Timestamp

func (*Credential) GetId ¶

func (x *Credential) GetId() int64

func (*Credential) GetName ¶

func (x *Credential) GetName() string

func (*Credential) GetPublicKey ¶

func (x *Credential) GetPublicKey() []byte

func (*Credential) GetSignCount ¶

func (x *Credential) GetSignCount() int64

func (*Credential) GetUser ¶

func (x *Credential) GetUser() *User

func (*Credential) ProtoMessage ¶

func (*Credential) ProtoMessage()

func (*Credential) ProtoReflect ¶

func (x *Credential) ProtoReflect() protoreflect.Message

func (*Credential) Reset ¶

func (x *Credential) Reset()

func (*Credential) String ¶

func (x *Credential) String() string

type Header ¶

type Header struct {
	Key   string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"`
	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

Header is an HTTP header.

func (*Header) Descriptor() ([]byte, []int)

Deprecated: Use Header.ProtoReflect.Descriptor instead.

func (x *Header) GetKey() string

func (x *Header) GetValue() string

func (*Header) ProtoMessage ¶

func (*Header) ProtoMessage()

func (x *Header) ProtoReflect() protoreflect.Message

func (x *Header) Reset()

func (x *Header) String() string

type RedirectToken ¶

type RedirectToken struct {
	Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"`
	// contains filtered or unexported fields
}

RedirectToken is a request to redirect to a new URI. It is issued when authentication fails to allow the user to immediately go to their original destination after they log in, without allowing arbitrary sites on the Internet to trick you into visiting them.

func (*RedirectToken) Descriptor deprecated

func (*RedirectToken) Descriptor() ([]byte, []int)

Deprecated: Use RedirectToken.ProtoReflect.Descriptor instead.

func (*RedirectToken) GetUri ¶

func (x *RedirectToken) GetUri() string

func (*RedirectToken) ProtoMessage ¶

func (*RedirectToken) ProtoMessage()

func (*RedirectToken) ProtoReflect ¶

func (x *RedirectToken) ProtoReflect() protoreflect.Message

func (*RedirectToken) Reset ¶

func (x *RedirectToken) Reset()

func (*RedirectToken) String ¶

func (x *RedirectToken) String() string

type SecureToken ¶

type SecureToken struct {

	// We use an Any here because it includes the type of the message.  This
	// means that when we sign one of these tokens, we also sign the type of the
	// token, ensuring that validation does not succeed on the wrong type of
	// message.
	Message *any.Any `protobuf:"bytes,1,opt,name=message,proto3" json:"message,omitempty"`
	// When this token was created.
	IssuedAt *timestamp.Timestamp `protobuf:"bytes,2,opt,name=issued_at,json=issuedAt,proto3" json:"issued_at,omitempty"`
	// contains filtered or unexported fields
}

func (*SecureToken) Descriptor deprecated

func (*SecureToken) Descriptor() ([]byte, []int)

Deprecated: Use SecureToken.ProtoReflect.Descriptor instead.

func (*SecureToken) GetIssuedAt ¶

func (x *SecureToken) GetIssuedAt() *timestamp.Timestamp

func (*SecureToken) GetMessage ¶

func (x *SecureToken) GetMessage() *any.Any

func (*SecureToken) ProtoMessage ¶

func (*SecureToken) ProtoMessage()

func (*SecureToken) ProtoReflect ¶

func (x *SecureToken) ProtoReflect() protoreflect.Message

func (*SecureToken) Reset ¶

func (x *SecureToken) Reset()

func (*SecureToken) String ¶

func (x *SecureToken) String() string

type Session ¶

type Session struct {
	Id        []byte               `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	User      *User                `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty"`
	Metadata  *SessionMetadata     `protobuf:"bytes,3,opt,name=metadata,proto3" json:"metadata,omitempty"`
	CreatedAt *timestamp.Timestamp `protobuf:"bytes,4,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	ExpiresAt *timestamp.Timestamp `protobuf:"bytes,5,opt,name=expires_at,json=expiresAt,proto3" json:"expires_at,omitempty"`
	Taints    []string             `protobuf:"bytes,6,rep,name=taints,proto3" json:"taints,omitempty"`
	// contains filtered or unexported fields
}

Session links a token (the id) and a user. If expires_at is less than or equal to the current time, the session is expired.

func (*Session) Descriptor deprecated

func (*Session) Descriptor() ([]byte, []int)

Deprecated: Use Session.ProtoReflect.Descriptor instead.

func (*Session) GetCreatedAt ¶

func (x *Session) GetCreatedAt() *timestamp.Timestamp

func (*Session) GetExpiresAt ¶

func (x *Session) GetExpiresAt() *timestamp.Timestamp

func (*Session) GetId ¶

func (x *Session) GetId() []byte

func (*Session) GetMetadata ¶

func (x *Session) GetMetadata() *SessionMetadata

func (*Session) GetTaints ¶

func (x *Session) GetTaints() []string

func (*Session) GetUser ¶

func (x *Session) GetUser() *User

func (*Session) ProtoMessage ¶

func (*Session) ProtoMessage()

func (*Session) ProtoReflect ¶

func (x *Session) ProtoReflect() protoreflect.Message

func (*Session) Reset ¶

func (x *Session) Reset()

func (*Session) String ¶

func (x *Session) String() string

type SessionMetadata ¶

type SessionMetadata struct {
	IpAddress        string `protobuf:"bytes,1,opt,name=ip_address,json=ipAddress,proto3" json:"ip_address,omitempty"`
	UserAgent        string `protobuf:"bytes,2,opt,name=user_agent,json=userAgent,proto3" json:"user_agent,omitempty"`
	RevocationReason string `protobuf:"bytes,3,opt,name=revocation_reason,json=revocationReason,proto3" json:"revocation_reason,omitempty"`
	// contains filtered or unexported fields
}

SessionMetadata stores extra information about a session. Extra information isn't used by JSSO itself, but might be useful for audit logs, evaluating policy rules, etc.

func (*SessionMetadata) Descriptor deprecated

func (*SessionMetadata) Descriptor() ([]byte, []int)

Deprecated: Use SessionMetadata.ProtoReflect.Descriptor instead.

func (*SessionMetadata) GetIpAddress ¶

func (x *SessionMetadata) GetIpAddress() string

func (*SessionMetadata) GetRevocationReason ¶

func (x *SessionMetadata) GetRevocationReason() string

func (*SessionMetadata) GetUserAgent ¶

func (x *SessionMetadata) GetUserAgent() string

func (*SessionMetadata) ProtoMessage ¶

func (*SessionMetadata) ProtoMessage()

func (*SessionMetadata) ProtoReflect ¶

func (x *SessionMetadata) ProtoReflect() protoreflect.Message

func (*SessionMetadata) Reset ¶

func (x *SessionMetadata) Reset()

func (*SessionMetadata) String ¶

func (x *SessionMetadata) String() string

type SetCookieRequest ¶

type SetCookieRequest struct {

	// The session ID to set.
	SessionId []byte `protobuf:"bytes,1,opt,name=session_id,json=sessionId,proto3" json:"session_id,omitempty"`
	// Where to redirect after setting the cookie.
	RedirectUrl string `protobuf:"bytes,2,opt,name=redirect_url,json=redirectUrl,proto3" json:"redirect_url,omitempty"`
	// When the session cookie should expire.
	SessionExpiresAt *timestamp.Timestamp `protobuf:"bytes,3,opt,name=session_expires_at,json=sessionExpiresAt,proto3" json:"session_expires_at,omitempty"`
	// contains filtered or unexported fields
}

SetCookieRequest is a request to set a session cookie. It's intended to be wrapped in a SecureToken, so that a gRPC request can return a token and it can be passed to a regular HTTP service that sets an HttpOnly cookie.

func (*SetCookieRequest) Descriptor deprecated

func (*SetCookieRequest) Descriptor() ([]byte, []int)

Deprecated: Use SetCookieRequest.ProtoReflect.Descriptor instead.

func (*SetCookieRequest) GetRedirectUrl ¶

func (x *SetCookieRequest) GetRedirectUrl() string

func (*SetCookieRequest) GetSessionExpiresAt ¶

func (x *SetCookieRequest) GetSessionExpiresAt() *timestamp.Timestamp

func (*SetCookieRequest) GetSessionId ¶

func (x *SetCookieRequest) GetSessionId() []byte

func (*SetCookieRequest) ProtoMessage ¶

func (*SetCookieRequest) ProtoMessage()

func (*SetCookieRequest) ProtoReflect ¶

func (x *SetCookieRequest) ProtoReflect() protoreflect.Message

func (*SetCookieRequest) Reset ¶

func (x *SetCookieRequest) Reset()

func (*SetCookieRequest) String ¶

func (x *SetCookieRequest) String() string

type User ¶

type User struct {
	Id         int64                `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
	Username   string               `protobuf:"bytes,2,opt,name=username,proto3" json:"username,omitempty"`
	CreatedAt  *timestamp.Timestamp `protobuf:"bytes,3,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"`
	DisabledAt *timestamp.Timestamp `protobuf:"bytes,4,opt,name=disabled_at,json=disabledAt,proto3" json:"disabled_at,omitempty"`
	// contains filtered or unexported fields
}

User represents something that can log in.

func (*User) Descriptor deprecated

func (*User) Descriptor() ([]byte, []int)

Deprecated: Use User.ProtoReflect.Descriptor instead.

func (*User) GetCreatedAt ¶

func (x *User) GetCreatedAt() *timestamp.Timestamp

func (*User) GetDisabledAt ¶

func (x *User) GetDisabledAt() *timestamp.Timestamp

func (*User) GetId ¶

func (x *User) GetId() int64

func (*User) GetUsername ¶

func (x *User) GetUsername() string

func (*User) ProtoMessage ¶

func (*User) ProtoMessage()

func (*User) ProtoReflect ¶

func (x *User) ProtoReflect() protoreflect.Message

func (*User) Reset ¶

func (x *User) Reset()

func (*User) String ¶

func (x *User) String() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL