Documentation ¶
Index ¶
- Variables
- func GetRoutesForServer(oauth *OAuth, handlers ...router.Constructor) []*proxy.Route
- type AccessRequestType
- type AuthorizeRequestType
- type AwareTransport
- type ClientEndpoints
- type Controller
- type Endpoints
- type KeyExistsMiddleware
- type Loader
- type Manager
- type MongoRepository
- type OAuth
- type Repository
- type RoundTripper
- type SecretMiddleware
Constants ¶
This section is empty.
Variables ¶
var ( // ErrClientIDNotFound is raised when a client_id was not found ErrClientIDNotFound = errors.New(http.StatusBadRequest, "Invalid client ID provided") // ErrAuthorizationFieldNotFound is used when the http Authorization header is missing from the request ErrAuthorizationFieldNotFound = errors.New(http.StatusBadRequest, "authorization field missing") // ErrBearerMalformed is used when the Bearer string in the Authorization header is not found or is malformed ErrBearerMalformed = errors.New(http.StatusBadRequest, "bearer token malformed") // ErrAccessTokenNotAuthorized is used when the access token is not found on the storage ErrAccessTokenNotAuthorized = errors.New(http.StatusUnauthorized, "access token not authorized") // ErrOauthServerNotFound is used when the oauth server was not found in the datastore ErrOauthServerNotFound = errors.New(http.StatusNotFound, "oauth server not found") // ErrDBContextNotSet is used when the database request context is not set ErrDBContextNotSet = errors.New(http.StatusInternalServerError, "DB context was not set for this request") )
var ( SessionData = request.ContextKey("session_data") AuthHeaderValue = request.ContextKey("auth_header") )
Enums for keys to be stored in a session context - this is how gorilla expects these to be implemented and is lifted pretty much from docs
Functions ¶
func GetRoutesForServer ¶
func GetRoutesForServer(oauth *OAuth, handlers ...router.Constructor) []*proxy.Route
GetRoutesForServer converts an oauth definition into many proxies
Types ¶
type AccessRequestType ¶
type AccessRequestType string
AccessRequestType is the type for OAuth param `grant_type`
type AuthorizeRequestType ¶
type AuthorizeRequestType string
AuthorizeRequestType is the type for OAuth param `response_type`
type AwareTransport ¶
type AwareTransport struct {
// contains filtered or unexported fields
}
AwareTransport is a RoundTripper that is aware of the access tokens that come back from the authentication server. After retrieving the token, we delagete the storage of it for the oauth manager
func NewAwareTransport ¶
func NewAwareTransport(manager *Manager) *AwareTransport
NewAwareTransport creates a new instance of AwareTransport
func (*AwareTransport) GetRoundTripper ¶
func (at *AwareTransport) GetRoundTripper(roundTripper http.RoundTripper) http.RoundTripper
type ClientEndpoints ¶
type ClientEndpoints struct { Create *proxy.Definition `bson:"create" json:"create"` Remove *proxy.Definition `bson:"remove" json:"remove"` }
ClientEndpoints defines the oauth client endpoints that wil be proxied
type Controller ¶
type Controller struct {
// contains filtered or unexported fields
}
Controller is the api rest controller
func NewController ¶
func NewController(loader *Loader) *Controller
NewController creates a new instance of Controller
func (*Controller) DeleteBy ¶
func (u *Controller) DeleteBy() http.HandlerFunc
func (*Controller) Get ¶
func (u *Controller) Get() http.HandlerFunc
func (*Controller) GetBy ¶
func (u *Controller) GetBy() http.HandlerFunc
GetBy gets an oauth server by its id
func (*Controller) Post ¶
func (u *Controller) Post() http.HandlerFunc
func (*Controller) PutBy ¶
func (u *Controller) PutBy() http.HandlerFunc
type Endpoints ¶
type Endpoints struct { Authorize *proxy.Definition `bson:"authorize" json:"authorize"` Token *proxy.Definition `bson:"token" json:"token"` Info *proxy.Definition `bson:"info" json:"info"` }
Endpoints defines the oauth endpoints that wil be proxied
type KeyExistsMiddleware ¶
type KeyExistsMiddleware struct {
// contains filtered or unexported fields
}
KeyExistsMiddleware checks the integrity of the provided OAuth headers
func NewKeyExistsMiddleware ¶
func NewKeyExistsMiddleware(manager *Manager) *KeyExistsMiddleware
NewKeyExistsMiddleware creates a new instance of KeyExistsMiddleware
func (*KeyExistsMiddleware) CheckSessionAndIdentityForValidKey ¶
func (m *KeyExistsMiddleware) CheckSessionAndIdentityForValidKey(key string) (session.SessionState, bool)
CheckSessionAndIdentityForValidKey ensures we have the valid key in the session store
type Loader ¶
type Loader struct {
// contains filtered or unexported fields
}
Loader handles the loading of the api specs
func NewLoader ¶
func NewLoader(register proxy.Register, accessor *middleware.DatabaseAccessor, debug bool) *Loader
NewLoader creates a new instance of the api manager
func (*Loader) RegisterOAuthServer ¶
RegisterOAuthServer register the an oauth server
func (*Loader) RegisterOAuthServers ¶
RegisterOAuthServers register many oauth servers
type Manager ¶
Manager is responsible for managing the access tokens
func (*Manager) IsKeyAuthorised ¶
func (o *Manager) IsKeyAuthorised(accessToken string) (session.SessionState, bool)
IsKeyAuthorised checks if the access token is valid
type MongoRepository ¶
type MongoRepository struct {
// contains filtered or unexported fields
}
MongoRepository represents a mongodb repository
func NewMongoRepository ¶
func NewMongoRepository(db *mgo.Database) (*MongoRepository, error)
NewMongoRepository creates a mongo country repo
func (*MongoRepository) Add ¶
func (r *MongoRepository) Add(oauth *OAuth) error
Add adds a country to the repository
func (*MongoRepository) FindAll ¶
func (r *MongoRepository) FindAll() ([]*OAuth, error)
FindAll fetches all the countries available
func (*MongoRepository) FindByID ¶
func (r *MongoRepository) FindByID(id string) (*OAuth, error)
FindByID find a country by the iso2code provided
func (*MongoRepository) Remove ¶
func (r *MongoRepository) Remove(id string) error
Remove removes a country from the repository
type OAuth ¶
type OAuth struct { ID bson.ObjectId `bson:"_id,omitempty" json:"id,omitempty" valid:"required"` Name string `bson:"name" json:"name" valid:"required"` CreatedAt time.Time `bson:"created_at" json:"created_at" valid:"-"` UpdatedAt time.Time `bson:"updated_at" json:"updated_at" valid:"-"` Endpoints Endpoints `bson:"oauth_endpoints" json:"oauth_endpoints"` ClientEndpoints ClientEndpoints `bson:"oauth_client_endpoints" json:"oauth_client_endpoints"` AllowedAccessTypes []AccessRequestType `bson:"allowed_access_types" json:"allowed_access_types"` AllowedAuthorizeTypes []AuthorizeRequestType `bson:"allowed_authorize_types" json:"allowed_authorize_types"` AuthorizeLoginRedirect string `bson:"auth_login_redirect" json:"auth_login_redirect"` Secrets map[string]string `bson:"secrets" json:"secrets"` CorsMeta cors.Meta `bson:"cors_meta" json:"cors_meta" valid:"cors_meta"` }
OAuth holds the configuration for oauth proxies
type Repository ¶
type Repository interface { FindAll() ([]*OAuth, error) FindByID(id string) (*OAuth, error) Add(oauth *OAuth) error Remove(id string) error }
Repository defines the behaviour of a authentication repo
type RoundTripper ¶
type RoundTripper struct { RoundTripper http.RoundTripper // contains filtered or unexported fields }
func (*RoundTripper) RoundTrip ¶
RoundTrip executes a single HTTP transaction, returning a Response for the provided Request.
RoundTrip should not attempt to interpret the response. In particular, RoundTrip must return err == nil if it obtained a response, regardless of the response's HTTP status code. A non-nil err should be reserved for failure to obtain a response. Similarly, RoundTrip should not attempt to handle higher-level protocol details such as redirects, authentication, or cookies.
RoundTrip should not modify the request, except for consuming and closing the Request's Body.
RoundTrip must always close the body, including on errors, but depending on the implementation may do so in a separate goroutine even after RoundTrip returns. This means that callers wanting to reuse the body for subsequent requests must arrange to wait for the Close call before doing so.
The Request's URL and Header fields must be initialized.
type SecretMiddleware ¶
type SecretMiddleware struct {
// contains filtered or unexported fields
}
SecretMiddleware prevents requests to an API from exceeding a specified rate limit.
func NewSecretMiddleware ¶
func NewSecretMiddleware(oauth *OAuth) *SecretMiddleware
NewSecretMiddleware creates an instance of SecretMiddleware
func (*SecretMiddleware) ChangeRequest ¶
func (m *SecretMiddleware) ChangeRequest(req *http.Request, clientID, clientSecret string)
ChangeRequest modifies the request to add the Authorization headers.