auth

package
v1.1.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2020 License: MPL-2.0, MPL-2.0 Imports: 45 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Store adapter

Store is the package state variable which contains database connections

Functions

func CheckPassword 

func CheckPassword(userDetails *models.UserWithPass, email, password string) (reason consts.FailedReason, err error)

func ConfirmTOTPAndSave added in v1.1.4 

func ConfirmTOTPAndSave(w http.ResponseWriter, r *http.Request)

Check newly added TOTP to complete device registration process. This function will also create http session

func Enrol2FADevice 

func Enrol2FADevice(w http.ResponseWriter, r *http.Request)

Enrol2FADevice primary function is to enrol user mobile device for 2FA. While previously this function was used to enrol U2F only part, this function now also syncs totp shared secret key for user for their particular organization. This is a Four step process. 1) handle user login, 2) generate device, get totpssc ID 3) send GetDeviceDetail Request to trasa cloud 4) respond with device ID and otpauth url.

func InitStore 

func InitStore(state *global.State)

InitStore initialises package state

func InitStoreMock 

func InitStoreMock() *authMock

InitStoreMock will init mock state of this package

func LoginHandler 

func LoginHandler(w http.ResponseWriter, r *http.Request)

LoginHandler authenticates user for configured identity provider. successful authentication should respond with tfarequired intent. If user has not enrolled any 2fa device, this handler should respond with enroll device intent.

func LogoutHandler 

func LogoutHandler(w http.ResponseWriter, r *http.Request)

LogoutHandler handles logout

func RegisterUserDevice 

func RegisterUserDevice(w http.ResponseWriter, r *http.Request)

RegisterUserDevice registers new user device and stores device hygiene, device browser and browser extensions details.

func SAMLLoginHandler added in v1.1.4 

func SAMLLoginHandler(w http.ResponseWriter, r *http.Request)

SAMLLoginHandler handles SAML login request. IF validation is failed, return 403 response. If validation succeeds, respond with TRASA session response (csrf and session tokens)

func SetSession 

func SetSession(userID, orgID, deviceID, browserID string) (string, string, error)

SetSession sets, encrypts and serializes session cookies and csrf tokens

func SyncExtension 

func SyncExtension(w http.ResponseWriter, r *http.Request)

SyncExtension extension does not requires sending in device hygiene.

func TfaHandler 

func TfaHandler(w http.ResponseWriter, r *http.Request)

TfaHandler handles two factor authentication from TRASA ui

func UpdateHygiene 

func UpdateHygiene(w http.ResponseWriter, r *http.Request)

Types

type ConfirmTOTPPreq added in v1.1.4 

type ConfirmTOTPPreq struct {
	TOTPCode string `json:"totpCode"`
	DeviceID string `json:"deviceID"`
}

type DeviceDetail 

type DeviceDetail struct {
	DeviceBrowser     models.DeviceBrowser       `json:"deviceBrowser"`
	BrowserExtensions []models.BrowserExtensions `json:"browserExtensions"`
	DeviceHygiene     models.DeviceHygiene       `json:"deviceHygiene"`
}

type EnrolDeviceStruct 

type EnrolDeviceStruct struct {
	DeviceID      string `json:"deviceID"`
	TotpSSC       string `json:"totpSSC"`
	OrgName       string `json:"orgName"`
	CloudProxyURL string `json:"cloudProxyURL"`
}

type LoginRequest 

type LoginRequest struct {
	OrgID     string `json:"orgId"`
	UserID    string `json:"userId"`
	Email     string `json:"email"`
	Username  string `json:"username"`
	Password  string `json:"password"`
	TfaMethod string `json:"tfaMethod"`
	Totp      string `json:"totp"`
	PublicKey []byte `json:"publicKey"`
	DeviceID  string `json:"deviceID"`
	IdpName   string `json:"idpName"`
	Intent    string `json:"intent"`
}

type RegisterDeviceReq 

type RegisterDeviceReq struct {
	TfaMethod string `json:"tfaMethod"`
	TotpCode  string `json:"totpCode"`
	TrasaID   string `json:"trasaID"`
	OrgID     string `json:"orgID"`
	// Device name to be used before we decrypt deviceHygiene
	DeviceName    string `json:"deviceName"`
	DeviceHygiene string `json:"deviceHygiene"`
}

type TfaRequest added in v1.1.4 

type TfaRequest struct {
	// Token is unique to tfarequest which is tied to specific user profile
	Token string `json:"token"`
	// TfaMethod can be u2f, totp or htoken
	TfaMethod string `json:"tfaMethod"`
	// Totp is value if TfaMethod is totp. otherwise it is nil.
	Totp string `json:"totpCode"`
	// Intent identifies where the tfa request is in context. Value can be login, forget password, appconnect.
	Intent          string `json:"intent"`
	HTTPProxyDomain string `json:"httpProxyDomain"`
	ExtID           string `json:"extID"`
	DeviceHygiene   string `json:"deviceHygiene"`
	ClientPubKey    string `json:"clientPubKey"`
}

type UpdateHygienereq 

type UpdateHygienereq struct {
	TrasaID       string `json:"trasaID"`
	DeviceHygiene string `json:"deviceHygiene"`
	ClientKey     string `json:"clientKey"`
	Token         string `json:"token"`
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.