Documentation
¶
Index ¶
- Constants
- func GetMaxValidity(cs *macaroon.CaveatSet) (time.Duration, bool)
- type ConfineGitHubOrg
- type ConfineGoogleHD
- type ConfineOrganization
- type ConfineUser
- type DischargeRequest
- type FlyioAuth
- type FlyioUserID
- type GitHubAuth
- type GitHubUserID
- type GoogleAuth
- type GoogleUserID
- func (c *GoogleUserID) CaveatType() macaroon.CaveatType
- func (c *GoogleUserID) DecodeMsgpack(dec *msgpack.Decoder) error
- func (c *GoogleUserID) EncodeMsgpack(enc *msgpack.Encoder) error
- func (c *GoogleUserID) IsAttestation() bool
- func (c *GoogleUserID) MarshalJSON() ([]byte, error)
- func (c *GoogleUserID) Name() string
- func (c *GoogleUserID) Prohibits(a macaroon.Access) error
- func (c *GoogleUserID) UnmarshalJSON(data []byte) error
- type MaxValidity
Constants ¶
View Source
const ( CavConfineUser = macaroon.CavAuthConfineUser CavConfineOrganization = macaroon.CavAuthConfineOrganization CavConfineGoogleHD = macaroon.CavAuthConfineGoogleHD CavConfineGitHubOrg = macaroon.CavAuthConfineGitHubOrg CavMaxValidity = macaroon.CavAuthMaxValidity AttestationFlyioUserID = macaroon.AttestationAuthFlyioUserID AttestationGitHubUserID = macaroon.AttestationAuthGitHubUserID AttestationGoogleUserID = macaroon.AttestationAuthGoogleUserID )
Variables ¶
This section is empty.
Functions ¶
Types ¶
type ConfineGitHubOrg ¶
type ConfineGitHubOrg uint64
Implements macaroon.Caveat and error. Requires that the user is authenticated to GitHub with an account that has access the specified org.
func RequireGitHubOrg ¶
func RequireGitHubOrg(id uint64) *ConfineGitHubOrg
func (*ConfineGitHubOrg) CaveatType ¶
func (c *ConfineGitHubOrg) CaveatType() macaroon.CaveatType
func (*ConfineGitHubOrg) Name ¶
func (c *ConfineGitHubOrg) Name() string
type ConfineGoogleHD ¶
type ConfineGoogleHD string
Implements macaroon.Caveat and error. Requires that the user is authenticated to Google with an account in the specified HD.
func RequireGoogleHD ¶
func RequireGoogleHD(hd string) *ConfineGoogleHD
func (*ConfineGoogleHD) CaveatType ¶
func (c *ConfineGoogleHD) CaveatType() macaroon.CaveatType
func (*ConfineGoogleHD) Name ¶
func (c *ConfineGoogleHD) Name() string
type ConfineOrganization ¶
type ConfineOrganization struct {
ID uint64 `json:"id"`
}
ConfineOrganization is a requirement placed on 3P caveats, requiring that the authenticated used be associated with OrgID. It has no meaning in a 1P setting.
func RequireOrganization ¶
func RequireOrganization(id uint64) *ConfineOrganization
func (*ConfineOrganization) CaveatType ¶
func (c *ConfineOrganization) CaveatType() macaroon.CaveatType
func (*ConfineOrganization) Name ¶
func (c *ConfineOrganization) Name() string
type ConfineUser ¶
type ConfineUser struct {
ID uint64 `json:"id"`
}
ConfineUser is a caveat limiting this token to a specific user ID.
func RequireUser ¶
func RequireUser(id uint64) *ConfineUser
func (*ConfineUser) CaveatType ¶
func (c *ConfineUser) CaveatType() macaroon.CaveatType
func (*ConfineUser) Name ¶
func (c *ConfineUser) Name() string
type DischargeRequest ¶
type DischargeRequest struct {
Flyio []*FlyioAuth
Google []*GoogleAuth
GitHub []*GitHubAuth
Expiry time.Time
}
implements macaroon.Access
func (*DischargeRequest) FlyioOrganizationIDs ¶ added in v0.2.10
func (a *DischargeRequest) FlyioOrganizationIDs() []uint64
func (*DischargeRequest) FlyioUserIDs ¶ added in v0.2.10
func (a *DischargeRequest) FlyioUserIDs() []uint64
func (*DischargeRequest) GitHubOrgIDs ¶ added in v0.2.10
func (a *DischargeRequest) GitHubOrgIDs() []uint64
func (*DischargeRequest) GoogleHDs ¶ added in v0.2.10
func (a *DischargeRequest) GoogleHDs() []string
func (*DischargeRequest) Now ¶
func (a *DischargeRequest) Now() time.Time
func (*DischargeRequest) Validate ¶
func (a *DischargeRequest) Validate() error
type FlyioUserID ¶ added in v0.2.8
type FlyioUserID uint64
func (*FlyioUserID) CaveatType ¶ added in v0.2.8
func (c *FlyioUserID) CaveatType() macaroon.CaveatType
func (*FlyioUserID) IsAttestation ¶ added in v0.2.8
func (c *FlyioUserID) IsAttestation() bool
func (*FlyioUserID) Name ¶ added in v0.2.8
func (c *FlyioUserID) Name() string
type GitHubAuth ¶
type GitHubUserID ¶ added in v0.2.8
type GitHubUserID uint64
func (*GitHubUserID) CaveatType ¶ added in v0.2.8
func (c *GitHubUserID) CaveatType() macaroon.CaveatType
func (*GitHubUserID) IsAttestation ¶ added in v0.2.8
func (c *GitHubUserID) IsAttestation() bool
func (*GitHubUserID) Name ¶ added in v0.2.8
func (c *GitHubUserID) Name() string
type GoogleAuth ¶
type GoogleAuth struct {
HD string
UserID *GoogleUserID // reuse attestation type for serialization
Email string
}
type GoogleUserID ¶ added in v0.2.8
func (*GoogleUserID) CaveatType ¶ added in v0.2.8
func (c *GoogleUserID) CaveatType() macaroon.CaveatType
func (*GoogleUserID) DecodeMsgpack ¶ added in v0.2.8
func (c *GoogleUserID) DecodeMsgpack(dec *msgpack.Decoder) error
func (*GoogleUserID) EncodeMsgpack ¶ added in v0.2.8
func (c *GoogleUserID) EncodeMsgpack(enc *msgpack.Encoder) error
func (*GoogleUserID) IsAttestation ¶ added in v0.2.8
func (c *GoogleUserID) IsAttestation() bool
func (*GoogleUserID) MarshalJSON ¶ added in v0.2.8
func (c *GoogleUserID) MarshalJSON() ([]byte, error)
func (*GoogleUserID) Name ¶ added in v0.2.8
func (c *GoogleUserID) Name() string
func (*GoogleUserID) Prohibits ¶ added in v0.2.8
func (c *GoogleUserID) Prohibits(a macaroon.Access) error
func (*GoogleUserID) UnmarshalJSON ¶ added in v0.2.8
func (c *GoogleUserID) UnmarshalJSON(data []byte) error
type MaxValidity ¶
type MaxValidity uint64
Implements macaroon.Caveat. Limits the validity window length (seconds) of discharges issued by 3ps.
func (*MaxValidity) CaveatType ¶
func (c *MaxValidity) CaveatType() macaroon.CaveatType
func (*MaxValidity) Name ¶
func (c *MaxValidity) Name() string
Source Files
Click to show internal directories.
Click to hide internal directories.