auth

package

v0.0.0-...-177c375 Latest Latest Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kinvolk/nebraska

Links

Open Source Insights

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authenticator ¶

type Authenticator interface {
	// Authenticate checks if the user is authenticated. It should
	// return an ID of a team from the database if user is
	// authenticated. If authentication fails, the function should
	// do the 403 HTTP reply and return true for the "replied"
	// return value. Similar should happen if the authentication
	// routine requires redirection - issue a redirection HTTP
	// reply and return true for "replied".
	Authenticate(c echo.Context) (teamID string, replied bool)

	Login(ctx echo.Context) error

	LoginCb(ctx echo.Context) error

	LoginToken(ctx echo.Context) error

	ValidateToken(ctx echo.Context) error

	LoginWebhook(ctx echo.Context) error
}

Authenticator provides a way to authenticate a user sending an HTTP request.

func NewGithubAuthenticator ¶

func NewGithubAuthenticator(config *GithubAuthConfig) Authenticator

func NewNoopAuthenticator ¶

func NewNoopAuthenticator(config *NoopAuthConfig) Authenticator

NewNoopAuthenticator is an authenticator that does not really challenge the user to prove its identity - it will always let users' requests through.

func NewOIDCAuthenticator ¶

func NewOIDCAuthenticator(config *OIDCAuthConfig) (Authenticator, error)

type GithubAuthConfig ¶

type GithubAuthConfig struct {
	EnterpriseURL     string
	OAuthClientID     string
	OAuthClientSecret string
	WebhookSecret     string
	ReadWriteTeams    []string
	ReadOnlyTeams     []string
	DefaultTeamID     string
	SessionStore      *sessions.Store
}

type NoopAuthConfig ¶

type NoopAuthConfig struct {
	// DefaultTeamID is an ID of the team the the noop
	// authenticator will return in its Authenticate
	// function.
	DefaultTeamID string
}

NoopAuthConfig is used to configure the noop authenticator.

type OIDCAuthConfig ¶

type OIDCAuthConfig struct {
	DefaultTeamID     string
	ClientID          string
	ClientSecret      string
	CallbackURL       string
	TokenPath         string
	IssuerURL         string
	LogoutURL         string
	ManagementURL     string
	ValidRedirectURLs []string
	AdminRoles        []string
	ViewerRoles       []string
	RolesPath         string
	Scopes            []string
	SessionStore      *sessions.Store
}

type OIDCTokenProviderResp ¶

type OIDCTokenProviderResp struct {
	AccessToken      string `json:"access_token"`
	ExpiresIn        int    `json:"expires_in"`
	RefreshExpiresIn int    `json:"refresh_expires_in"`
	RefreshToken     string `json:"refresh_token"`
	TokenType        string `json:"token_type"`
	IDToken          string `json:"id_token"`
	NotBeforePolicy  int    `json:"not-before-policy"`
	SessionState     string `json:"session_state"`
	Scope            string `json:"scope"`
}

OIDCTokenProviderResp is used to bind response from OIDC provider password grant_type

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL