auth

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 24, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Google OAuth2 provider
	Google = "google"

	// Github OAuth2 provider
	Github = "github"
)

Variables

View Source 
var OAuthSuccessHtml []byte

OAuthSuccessHtml is the html page sent to the client upon successful enrollment via CLI

View Source 
var TokenInfoKey struct{}

TokenInfoKey is the key used to store the token info in the context

Functions

func DeleteAccessToken 

func DeleteAccessToken(ctx context.Context, provider string, token string) error

DeleteAccessToken deletes the access token for a given provider

func GenerateToken 

func GenerateToken(userClaims UserClaims, accessPrivateKey []byte, refreshPrivateKey []byte,
	expiry int64, refreshExpiry int64) (string, string, int64, int64, error)

GenerateToken generates a JWT token

func GetDefaultGroup 

func GetDefaultGroup(ctx context.Context) (int32, error)

GetDefaultGroup returns the default group id for the user

func GetUserGroups 

func GetUserGroups(ctx context.Context) ([]int32, error)

GetUserGroups returns all the groups where an user belongs to

func IsAuthorizedForGroup 

func IsAuthorizedForGroup(ctx context.Context, groupId int32) bool

IsAuthorizedForGroup returns true if the user is authorized for the given group

func NewOAuthConfig 

func NewOAuthConfig(provider string, cli bool) (*oauth2.Config, error)

NewOAuthConfig creates a new OAuth2 config for the given provider and whether the client is a CLI or web client

func NewProviderHttpClient 

func NewProviderHttpClient(provider string) *http.Client

NewProviderHttpClient creates a new http client for the given provider

func RegisterOAuthFlags 

func RegisterOAuthFlags(v *viper.Viper, flags *pflag.FlagSet) error

RegisterOAuthFlags registers client ID and secret file flags for all known providers. This is pretty tied into the internal of the auth module, so it lives here, but it would be nice if we have a consistent registration pattern (database flags are registered in the config module).

func ValidateProviderToken 

func ValidateProviderToken(_ context.Context, provider string, token string) error

ValidateProviderToken validates the given token for the given provider

func VerifyRefreshToken 

func VerifyRefreshToken(tokenString string, publicKey []byte, store db.Store) (int32, error)

VerifyRefreshToken verifies the refresh token string and returns the user ID

Types

type RoleInfo 

type RoleInfo struct {
	RoleID         int32 `json:"role_id"`
	IsAdmin        bool  `json:"is_admin"`
	GroupID        int32 `json:"group_id"`
	OrganizationID int32 `json:"organization_id"`
}

RoleInfo contains the role information for a user

type UserClaims 

type UserClaims struct {
	UserId              int32
	GroupIds            []int32
	Roles               []RoleInfo
	OrganizationId      int32
	NeedsPasswordChange bool
}

UserClaims contains the claims for a user

func GetUserClaims 

func GetUserClaims(ctx context.Context, store db.Store, userId int32) (UserClaims, error)

GetUserClaims returns the user claims for the given user

func VerifyToken 

func VerifyToken(tokenString string, publicKey []byte, store db.Store) (UserClaims, error)

VerifyToken verifies the token string and returns the user ID nolint:gocyclo

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.