authflow

package

v0.4.9 Latest Latest Go to latest Published: Sep 25, 2020 License: Apache-2.0 Imports: 11 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/moov-io/authn

Documentation ¶

Index ¶

Variables
func NewAuthenticationResponseWriter(request *http.Request, response http.ResponseWriter, authFlow *authFlow, ...) http.ResponseWriter
func VerifyState(r *http.Request, state State) error
type AuthenticationFlow
- func NewAuthenticationFlow(logger logging.Logger, jweService jwe.JWEService) AuthenticationFlow
type LoginSession
type Register
type SessionConfig
type State
- func NewState() State

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrFlowDoesntMatch   = errors.New("flow doesn't match")
	ErrProviderChanged   = errors.New("provider changed mid flow")
	ErrCredentialMissing = errors.New("credential missing on finish")
)

Functions ¶

func NewAuthenticationResponseWriter ¶

func NewAuthenticationResponseWriter(request *http.Request, response http.ResponseWriter, authFlow *authFlow, session *LoginSession) http.ResponseWriter

func VerifyState ¶

func VerifyState(r *http.Request, state State) error

Types ¶

type AuthenticationFlow ¶

type AuthenticationFlow interface {
	Start(flow string, providerNames []string, request *http.Request, response http.ResponseWriter, run func(w http.ResponseWriter, session *LoginSession) error)

	Continue(provider string, w http.ResponseWriter, req *http.Request, run func(w http.ResponseWriter, session *LoginSession) error)

	Finish(flow string, response http.ResponseWriter, request *http.Request, run func(w http.ResponseWriter, session *LoginSession) (string, error))

	Failure(response http.ResponseWriter, request *http.Request, session *LoginSession, err error)
}

func NewAuthenticationFlow ¶

func NewAuthenticationFlow(logger logging.Logger, jweService jwe.JWEService) AuthenticationFlow

type LoginSession ¶

type LoginSession struct {
	jwe.Claims

	// CSRF state token used during login
	State State `json:"st"`

	// Domain this was created under and only usable under.
	Origin string `json:"or"`

	// Flow this session was stated with and must end with
	Flow string `json:"fl"`

	// List of available providers for the tenantID
	Providers []string `json:"ps,omitempty"`

	// Provider that supplied the SubjectID
	Provider string `json:"pv,omitempty"`

	// Unique ID of the user under the external provider.
	SubjectID string `json:"si,omitempty"`

	// Set during logging in everytime and used to look up credentials
	Issuer *string `json:"pi"` // Issuer attribute of the login

	// IP Address of the login
	IP string `json:"ip"`

	// Scope of what this token is allow to do.
	Scopes []string `json:"scp"`

	// Login URL for the start of the flow
	LoginURL string `json:"lu"`

	// Store whatever we can get from the OIDC provider if the invite code isn't empty
	identity.Register
}

type Register ¶

type Register = client.Register

type SessionConfig ¶

type SessionConfig struct {
	Expiration time.Duration
}

type State ¶

type State string

func NewState ¶

func NewState() State

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL