auth

package

v0.1.1 Latest Latest Go to latest Published: May 24, 2019 License: MPL-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mjslabs/auth-plug

Links

Open Source Insights

Documentation ¶

Index ¶

func Initialize()
func InitializeServer(c *Configuration)
func JWTCreateToken(u User) (string, error)
type Configuration
type Server
type ServerAttributes
type User
- func ValidateLogin(username, password string) (ok bool, u User, err error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Initialize ¶

func Initialize()

Initialize the Cfg instance and server config

func JWTCreateToken ¶

func JWTCreateToken(u User) (string, error)

JWTCreateToken creates a JWT with the claims configured in the User struct and sends it back to the client.

Types ¶

type Configuration ¶

type Configuration struct {
	// JWT configuration
	JWTMethod       string        `env:"AUTH_JWT_METHOD" envDefault:"HS512"`
	JWTSecret       string        `env:"AUTH_JWT_SECRET,required"`
	JWTValidMinutes time.Duration `env:"AUTH_JWT_VALID_MIN" envDefault:"30m"`

	// Server attributes defined in
	Serv ServerAttributes
}

Configuration defines the main authentication configuration parameters. This should contain a connection to your authentication server, plus configuration for JWT and the auth server's connection parameters.

var Cfg Configuration

Cfg is the instance of Configuration.

type Server ¶

type Server interface {
	Close()
	Connect() error
	Authenticate(string, string) (bool, map[string]string, error)
	GetGroupsOfUser(string) ([]string, error)
}

Server is the interface that the auth server client library satisfies

type ServerAttributes ¶

type ServerAttributes struct {
	Conn         Server
	BaseDN       string   `env:"AUTH_LDAP_BASE,required"`
	BindDN       string   `env:"AUTH_LDAP_BIND_DN"`
	BindPW       string   `env:"AUTH_LDAP_BIND_PW"`
	Host         string   `env:"AUTH_LDAP_HOST" envDefault:"localhost"`
	Port         int      `env:"AUTH_LDAP_PORT" envDefault:"389"`
	UseTLS       bool     `env:"AUTH_LDAP_TLS" envDefault:"false"`
	StartTLS     bool     `env:"AUTH_LDAP_START_TLS" envDefault:"false"`
	UIDFieldName string   `env:"AUTH_LDAP_UID_NAME" envDefault:"uid"`
	GIDFieldName string   `env:"AUTH_LDAP_GID_NAME" envDefault:"memberUid"`
	Timeout      int      `env:"AUTH_LDAP_TIMEOUT_SECS" envDefault:"3"`
	Fields       []string // Populated based on the mapstructure tags in User
}

ServerAttributes contains the fields needed to connect to the auth server

type User ¶

type User struct {
	Email    string `mapstructure:"mail"  structs:"email"`
	Realname string `mapstructure:"gecos" structs:"fullname"`
	Username string `mapstructure:"uid"   structs:"name"`
	// Groups isn't directly pulled from a single LDAP field, nor is it
	// stored in the JWT claims
	Groups []string `structs:",omitempty"`
}

User contains data about the user that we care about.

The 'mapstructure' tag maps to LDAP fields, and 'structs' maps to JWT claims e.g. Email is stored in ldap as "mail", and in the JWT claims as "email". There must be a mapstructure tag for the field to be pulled from LDAP and similarly there must be a structs tag for the field to be put into the JWT claims

func ValidateLogin ¶

func ValidateLogin(username, password string) (ok bool, u User, err error)

ValidateLogin validates the username and password against the LDAP server. Decodes User.Fields from LDAP into the User struct based on the 'mapstructure' tag

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL