guard

package
v0.0.0-...-8f9ce2e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 12, 2023 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidCredentialsFormat   = errors.New("invalid credentials format")
	ErrInvalidCredentials         = errors.New("invalid credentials")
	ErrUnableRetrieveUser         = errors.New("unable to retrieve the user")
	ErrCredentialMismatch         = errors.New("credential mismatch")
	ErrAuthenticatedTokenCreation = errors.New("unable to create authentication token")
	ErrTokenExpired               = errors.New("token expired")
)
View Source 
var OAuth2Extractor = &request.MultiExtractor{
	&CookieExtractor{
		CookieName: "access_token",
	},
	request.AuthorizationHeaderExtractor,
	request.ArgumentExtractor{"access_token"},
}

Extractor for OAuth2 access tokens. Looks in 'Authorization' header then 'access_token' argument for a token.

Functions

func GetGuardMiddleware 

func GetGuardMiddleware(auths []GuardAuthenticator) func(c *web.C, h http.Handler) http.Handler

Types

type AnonymousAuthenticator 

type AnonymousAuthenticator struct {
	DefaultRoles []string
}

func (*AnonymousAuthenticator) CheckCredentials 

func (a *AnonymousAuthenticator) CheckCredentials(credentials interface{}, user GuardUser) error

func (*AnonymousAuthenticator) CreateAuthenticatedToken 

func (a *AnonymousAuthenticator) CreateAuthenticatedToken(user GuardUser) (GuardToken, error)

func (*AnonymousAuthenticator) GetCredentials 

func (a *AnonymousAuthenticator) GetCredentials(req *http.Request) (interface{}, error)

func (*AnonymousAuthenticator) GetUser 

func (a *AnonymousAuthenticator) GetUser(credentials interface{}) (GuardUser, error)

func (*AnonymousAuthenticator) OnAuthenticationFailure 

func (a *AnonymousAuthenticator) OnAuthenticationFailure(req *http.Request, res http.ResponseWriter, err error) bool

func (*AnonymousAuthenticator) OnAuthenticationSuccess 

func (a *AnonymousAuthenticator) OnAuthenticationSuccess(req *http.Request, res http.ResponseWriter, token GuardToken) bool

type CookieExtractor 

type CookieExtractor struct {
	CookieName string
}

Extract token from cookie request.

func (*CookieExtractor) ExtractToken 

func (e *CookieExtractor) ExtractToken(req *http.Request) (string, error)

type DefaultGuardToken 

type DefaultGuardToken struct {
	Username string
	Roles    []string
}

Default implementation to the GuardToken

func (*DefaultGuardToken) GetRoles 

func (t *DefaultGuardToken) GetRoles() []string

func (*DefaultGuardToken) GetUsername 

func (t *DefaultGuardToken) GetUsername() string

type DefaultGuardUser 

type DefaultGuardUser struct {
	Username string
	Password string
	Roles    []string
}

func (*DefaultGuardUser) GetPassword 

func (u *DefaultGuardUser) GetPassword() string

func (*DefaultGuardUser) GetRoles 

func (u *DefaultGuardUser) GetRoles() []string

func (*DefaultGuardUser) GetUsername 

func (u *DefaultGuardUser) GetUsername() string

type GuardAuthenticator 

type GuardAuthenticator interface {
	// This method is call on each request.
	// If the method return nil as interface{} value, it means the authenticator
	// cannot handle the request
	GetCredentials(req *http.Request) (interface{}, error)

	// Return the user from the credentials
	GetUser(credentials interface{}) (GuardUser, error)

	// Check if the provided credentials are valid for the current user
	CheckCredentials(credentials interface{}, user GuardUser) error

	// Return a security token related to the user
	CreateAuthenticatedToken(u GuardUser) (GuardToken, error)

	// Action when the authentication fail.
	// On a default form login, it can be used to redirect the user to login page
	// return true if the workflows must be stopped (ie, the authenticator was written
	// bytes on the response. false if not.
	OnAuthenticationFailure(req *http.Request, res http.ResponseWriter, err error) bool

	// Action when the authentication success
	// On a default form login, it can be used to redirect the user to protected page
	// or the homepage
	// return true if the workflows must be stopped (ie, the authenticator was written
	// bytes on the response. false if not.
	OnAuthenticationSuccess(req *http.Request, res http.ResponseWriter, token GuardToken) bool
}

type GuardManager 

type GuardManager interface {
	GetUser(username string) (GuardUser, error)
}

type GuardToken 

type GuardToken interface {
	// return the current username for the current token
	GetUsername() string

	// return the related roles linked to the current token
	GetRoles() []string
}

Bare interface to used inside a request lifecycle

type GuardUser 

type GuardUser interface {
	GetUsername() string
	GetPassword() string
	GetRoles() []string
}

Bare interface with the default requirement to check username and password

type JwtLoginGuardAuthenticator 

type JwtLoginGuardAuthenticator struct {
	EndPoint *regexp.Regexp
	Manager  GuardManager
	Validity int64
	Key      []byte
	Logger   *log.Logger
}

this authenticator will create a JWT Token from a standard form

func (*JwtLoginGuardAuthenticator) CheckCredentials 

func (a *JwtLoginGuardAuthenticator) CheckCredentials(credentials interface{}, user GuardUser) error

func (*JwtLoginGuardAuthenticator) CreateAuthenticatedToken 

func (a *JwtLoginGuardAuthenticator) CreateAuthenticatedToken(user GuardUser) (GuardToken, error)

func (*JwtLoginGuardAuthenticator) GetCredentials 

func (a *JwtLoginGuardAuthenticator) GetCredentials(req *http.Request) (interface{}, error)

func (*JwtLoginGuardAuthenticator) GetUser 

func (a *JwtLoginGuardAuthenticator) GetUser(credentials interface{}) (GuardUser, error)

func (*JwtLoginGuardAuthenticator) OnAuthenticationFailure 

func (a *JwtLoginGuardAuthenticator) OnAuthenticationFailure(req *http.Request, res http.ResponseWriter, err error) bool

func (*JwtLoginGuardAuthenticator) OnAuthenticationSuccess 

func (a *JwtLoginGuardAuthenticator) OnAuthenticationSuccess(req *http.Request, res http.ResponseWriter, token GuardToken) bool

type JwtTokenGuardAuthenticator 

type JwtTokenGuardAuthenticator struct {
	Apply     *regexp.Regexp // url to intercept as it is a login request
	Ignore    []*regexp.Regexp
	Manager   GuardManager
	Validity  int64
	Key       []byte
	Logger    *log.Logger
	LoginPage string // url to redirect to if the token is not valid
}

this authenticator will create a JWT Token from a standard form

func (*JwtTokenGuardAuthenticator) CheckCredentials 

func (a *JwtTokenGuardAuthenticator) CheckCredentials(credentials interface{}, user GuardUser) error

func (*JwtTokenGuardAuthenticator) CreateAuthenticatedToken 

func (a *JwtTokenGuardAuthenticator) CreateAuthenticatedToken(user GuardUser) (GuardToken, error)

func (*JwtTokenGuardAuthenticator) GetCredentials 

func (a *JwtTokenGuardAuthenticator) GetCredentials(req *http.Request) (interface{}, error)

func (*JwtTokenGuardAuthenticator) GetUser 

func (a *JwtTokenGuardAuthenticator) GetUser(credentials interface{}) (GuardUser, error)

func (*JwtTokenGuardAuthenticator) OnAuthenticationFailure 

func (a *JwtTokenGuardAuthenticator) OnAuthenticationFailure(req *http.Request, res http.ResponseWriter, err error) bool

func (*JwtTokenGuardAuthenticator) OnAuthenticationSuccess 

func (a *JwtTokenGuardAuthenticator) OnAuthenticationSuccess(req *http.Request, res http.ResponseWriter, token GuardToken) bool

type MockedAuthenticator 

type MockedAuthenticator struct {
	mock.Mock
}

func (*MockedAuthenticator) CheckCredentials 

func (m *MockedAuthenticator) CheckCredentials(credentials interface{}, user GuardUser) error

func (*MockedAuthenticator) CreateAuthenticatedToken 

func (m *MockedAuthenticator) CreateAuthenticatedToken(u GuardUser) (GuardToken, error)

func (*MockedAuthenticator) GetCredentials 

func (m *MockedAuthenticator) GetCredentials(req *http.Request) (interface{}, error)

func (*MockedAuthenticator) GetUser 

func (m *MockedAuthenticator) GetUser(credentials interface{}) (GuardUser, error)

func (*MockedAuthenticator) OnAuthenticationFailure 

func (m *MockedAuthenticator) OnAuthenticationFailure(req *http.Request, res http.ResponseWriter, err error) bool

func (*MockedAuthenticator) OnAuthenticationSuccess 

func (m *MockedAuthenticator) OnAuthenticationSuccess(req *http.Request, res http.ResponseWriter, token GuardToken) bool

type MockedManager 

type MockedManager struct {
	mock.Mock
}

func (*MockedManager) GetUser 

func (m *MockedManager) GetUser(username string) (GuardUser, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.