Affected by 
Documentation
¶
Index ¶
- Constants
- Variables
- func DeleteAccessToken(ctx context.Context, provider string, token string) error
- func GetDefaultProject(ctx context.Context) (uuid.UUID, error)
- func GetUserProjects(ctx context.Context) ([]uuid.UUID, error)
- func IsAuthorizedForProject(ctx context.Context, projectID uuid.UUID) bool
- func NewOAuthConfig(provider string, cli bool) (*oauth2.Config, error)
- func NewProviderHttpClient(provider string) *http.Client
- func RegisterOAuthFlags(v *viper.Viper, flags *pflag.FlagSet) error
- func ValidateProviderToken(_ context.Context, provider string, token string) error
- func WithPermissionsContext(ctx context.Context, claims UserPermissions) context.Context
- type JwkSetJwtValidator
- type JwtValidator
- type KeySetCache
- type KeySetFetcher
- type RoleInfo
- type UserDetails
- type UserPermissions
Constants ¶
const ( // Google OAuth2 provider Google = "google" // Github OAuth2 provider Github = "github" )
Variables ¶
var OAuthSuccessHtml []byte
OAuthSuccessHtml is the html page sent to the client upon successful enrollment via CLI
Functions ¶
func DeleteAccessToken ¶
DeleteAccessToken deletes the access token for a given provider
func GetDefaultProject ¶
GetDefaultProject returns the default group id for the user
func GetUserProjects ¶
GetUserProjects returns all the groups where an user belongs to
func IsAuthorizedForProject ¶
IsAuthorizedForProject returns true if the user is authorized for the given group
func NewOAuthConfig ¶
NewOAuthConfig creates a new OAuth2 config for the given provider and whether the client is a CLI or web client
func NewProviderHttpClient ¶
NewProviderHttpClient creates a new http client for the given provider
func RegisterOAuthFlags ¶
RegisterOAuthFlags registers client ID and secret file flags for all known providers. This is pretty tied into the internal of the auth module, so it lives here, but it would be nice if we have a consistent registration pattern (database flags are registered in the config module).
func ValidateProviderToken ¶
ValidateProviderToken validates the given token for the given provider
func WithPermissionsContext ¶
func WithPermissionsContext(ctx context.Context, claims UserPermissions) context.Context
WithPermissionsContext stores the specified UserClaim in the context.
Types ¶
type JwkSetJwtValidator ¶
type JwkSetJwtValidator struct {
// contains filtered or unexported fields
}
JwkSetJwtValidator is a JWT validator that uses a JWK set URL to validate the tokens
func (*JwkSetJwtValidator) ParseAndValidate ¶
func (j *JwkSetJwtValidator) ParseAndValidate(tokenString string) (openid.Token, error)
ParseAndValidate validates a token string and returns an openID token, or an error if the token is invalid
type JwtValidator ¶
JwtValidator provides the functions to validate a JWT
func NewJwtValidator ¶
func NewJwtValidator(ctx context.Context, jwksUrl string) (JwtValidator, error)
NewJwtValidator creates a new JWT validator that uses a JWK set URL to validate the tokens
type KeySetCache ¶
type KeySetCache struct {
// contains filtered or unexported fields
}
KeySetCache is a KeySetFetcher that fetches the JWK set from a cache
type KeySetFetcher ¶
KeySetFetcher provides the functions to fetch a JWK set
type RoleInfo ¶
type RoleInfo struct {
RoleID int32 `json:"role_id"`
IsAdmin bool `json:"is_admin"`
ProjectID *uuid.UUID `json:"project_id"`
OrganizationID uuid.UUID `json:"organization_id"`
}
RoleInfo contains the role information for a user
type UserDetails ¶
UserDetails is a helper struct for getting user details
func GetUserDetails ¶
GetUserDetails is a helper for getting user details such as name and email from the jwt token
type UserPermissions ¶
type UserPermissions struct {
UserId int32
ProjectIds []uuid.UUID
Roles []RoleInfo
OrganizationId uuid.UUID
IsStaff bool
}
UserPermissions contains the permissions for a user
func GetPermissionsFromContext ¶
func GetPermissionsFromContext(ctx context.Context) UserPermissions
GetPermissionsFromContext returns the claims from the context, or an empty default
Source Files
Directories