data

package
v0.0.0-...-2540832 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 5, 2017 License: BSD-3-Clause Imports: 22 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckScope 

func CheckScope(scope util.StringSet) bool

CheckScope checks whether a certain scope exists by searching through all provided scopes from all registered clients.

func DescribeScope 

func DescribeScope(scope util.StringSet) (map[string]string, bool)

DescribeScope turns a scope into a map of names to descriptions. If the map is complete the second return value is true.

func EmailDispatch 

func EmailDispatch()

EmailDispatch checks e-mail queue database entries, handles the entries according to the smtp mode setting and removes the entries after they successful handling.

func InitClients 

func InitClients(path string)

InitClients loads client information from a yaml configuration file and updates the corresponding entries in the database.

func InitDb 

func InitDb(config *conf.DbConfig)

InitDb initializes a global database connection. An existing connection will be closed.

func InitTestDb 

func InitTestDb(t *testing.T)

InitTestDb initializes a database for testing purpose.

func RemoveExpired 

func RemoveExpired()

RemoveExpired removes rows of expired entries from AccessTokens, Sessions and GrantRequests database tables.

func RemoveStaleAccounts 

func RemoveStaleAccounts()

RemoveStaleAccounts removes all accounts that where registered, but never accessed within a defined period of time

func RunCleaner 

func RunCleaner()

RunCleaner starts an infinite loop which periodically executes database cleanup functions.

func RunEmailDispatch 

func RunEmailDispatch()

RunEmailDispatch starts an infinite loop which periodically runs e-mail queue functions.

Types

type AccessToken 

type AccessToken struct {
	Token       string // This is just a random string not the JWT token
	Scope       util.StringSet
	Expires     time.Time
	ClientUUID  string
	AccountUUID sql.NullString
	CreatedAt   time.Time
	UpdatedAt   time.Time
}

AccessToken represents an OAuth access token

func GetAccessToken 

func GetAccessToken(token string) (*AccessToken, bool)

GetAccessToken returns a access token with a given token. Returns false if no such access token exists.

func ListAccessTokens 

func ListAccessTokens() []AccessToken

ListAccessTokens returns all access tokens sorted by creation time.

func (*AccessToken) Create 

func (tok *AccessToken) Create() error

Create stores a new access token in the database. If the token is empty a random token will be generated.

func (*AccessToken) Delete 

func (tok *AccessToken) Delete() error

Delete removes an access token from the database.

func (*AccessToken) UpdateExpirationTime 

func (tok *AccessToken) UpdateExpirationTime() error

UpdateExpirationTime updates the expiration time and stores the new time in the database.

type Account 

type Account struct {
	UUID                string
	Login               string
	PWHash              string `json:"-"` // safety net
	Email               string
	IsEmailPublic       bool
	Title               sql.NullString
	FirstName           string
	MiddleName          sql.NullString
	LastName            string
	Institute           string
	Department          string
	City                string
	Country             string
	IsAffiliationPublic bool
	ActivationCode      sql.NullString
	ResetPWCode         sql.NullString
	IsDisabled          bool
	CreatedAt           time.Time
	UpdatedAt           time.Time
}

Account data as stored in the database

func GetAccount 

func GetAccount(uuid string) (*Account, bool)

GetAccount returns an account with matching UUID Returns false if no account with such UUID exists

func GetAccountByActivationCode 

func GetAccountByActivationCode(code string) (*Account, bool)

GetAccountByActivationCode returns an account with matching activation code. Returns false if no account with the activation code can be found.

func GetAccountByCredential 

func GetAccountByCredential(id string) (*Account, bool)

GetAccountByCredential returns an active account (non disabled, no activation code, no reset password code) with matching login or email address. Returns false if no account with such login or email address exists.

func GetAccountByLogin 

func GetAccountByLogin(login string) (*Account, bool)

GetAccountByLogin returns an active account (non disabled, no activation code, no reset password code) with matching login. Returns false if no account with such login exists.

func GetAccountByResetPWCode 

func GetAccountByResetPWCode(code string) (*Account, bool)

GetAccountByResetPWCode returns an account with matching reset password code. Returns false if no account with the reset password code can be found.

func GetAccountDisabled 

func GetAccountDisabled(uuid string) (*Account, bool)

GetAccountDisabled returns a disabled account with a matching uuid. Returns false if no account with the uuid can be found or if it is not disabled.

func ListAccounts 

func ListAccounts() []Account

ListAccounts returns all accounts stored in the database

func SearchAccounts 

func SearchAccounts(search string) []Account

SearchAccounts returns all accounts stored in the database where the account name (firstName, middleName, lastName or login) contains the search string.

func SetPasswordReset 

func SetPasswordReset(credential string) (*Account, bool)

SetPasswordReset updates the password reset code with a new token, if an account can be found, that is non disabled and has either email or login of a provided credential. Returns false, if no non-disabled account with the credential as email or login can be found.

func (*Account) Create 

func (acc *Account) Create() error

Create stores the account as new Account in the database. If the UUID string is empty a new UUID will be generated.

func (*Account) RemoveActivationCode 

func (acc *Account) RemoveActivationCode() error

RemoveActivationCode is the only way to remove an ActivationCode from an Account, since this field should never be set via the Update function by accident.

func (*Account) SSHKeys 

func (acc *Account) SSHKeys() []SSHKey

SSHKeys returns a slice with all non temporary SSH keys belonging to this account.

func (*Account) SetPassword 

func (acc *Account) SetPassword(plain string) error

SetPassword hashes the plain text password and sets PWHash to the new value.

func (*Account) Update 

func (acc *Account) Update() error

Update stores the new values of an Account in the database. New values for Login and CreatedAt are ignored. UpdatedAt will be set automatically to the current date and time. Field ActivationCode is not set via this update function, since this field fulfills a special role. It can only be set to a value once by account create and can only be set to null via its own function. Fields password and email are not set via this update function, since they require sufficient scope to change.

func (*Account) UpdateEmail 

func (acc *Account) UpdateEmail(email string) error

UpdateEmail checks validity of a new e-mail address and updates the current account with a valid new e-mail address. The normal account update does not include the e-mail address for safety reasons.

func (*Account) UpdatePassword 

func (acc *Account) UpdatePassword(plain string) error

UpdatePassword hashes a plain text password and updates the database entry of the corresponding account.

func (*Account) Validate 

func (acc *Account) Validate() *util.ValidationError

Validate the content of an Account. First name, last name, login, email, institute, department, city and country must not be empty; Title, first name, middle name last name, login, email, institute, department, city and country must not be longer than 521 characters; A given login and e-mail address must not exist in the database; An e-mail address must contain an "@".

func (*Account) VerifyPassword 

func (acc *Account) VerifyPassword(plain string) bool

VerifyPassword checks whether the stored hash matches the plain text password

type AccountMarshaler 

type AccountMarshaler struct {
	WithMail        bool
	WithAffiliation bool
	Account         *Account
}

AccountMarshaler handles JSON marshalling for Account

Fields: - WithMail If true, mail information will be serialized - WithAffiliation If true, affiliation will be serialized

func (*AccountMarshaler) MarshalJSON 

func (am *AccountMarshaler) MarshalJSON() ([]byte, error)

MarshalJSON implements Marshaler for AccountMarshaler

func (*AccountMarshaler) UnmarshalJSON 

func (am *AccountMarshaler) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements Unmarshaler for AccountMarshaler. Only parses updatable fields: Title, FirstName, MiddleName and LastName

type Client 

type Client struct {
	UUID             string
	Name             string
	Secret           string
	ScopeProvidedMap map[string]string
	ScopeWhitelist   util.StringSet
	ScopeBlacklist   util.StringSet
	RedirectURIs     util.StringSet
	CreatedAt        time.Time
	UpdatedAt        time.Time
}

Client object stored in the database

func GetClient 

func GetClient(uuid string) (*Client, bool)

GetClient returns an OAuth client with a given uuid. Returns false if no client with a matching uuid can be found.

func GetClientByName 

func GetClientByName(name string) (*Client, bool)

GetClientByName returns an OAuth client with a given client name. Returns false if no client with a matching name can be found.

func ListClients 

func ListClients() []Client

ListClients returns all registered OAuth clients ordered by name

func (*Client) ApprovalForAccount 

func (client *Client) ApprovalForAccount(accountUUID string) (*ClientApproval, bool)

ApprovalForAccount gets a client approval for this client which was approved for a specific account.

func (*Client) Approve 

func (client *Client) Approve(accountUUID string, scope util.StringSet) (err error)

Approve creates a new client approval or extends an existing approval, such that the given scope is is approved for the given account.

func (*Client) CreateGrantRequest 

func (client *Client) CreateGrantRequest(responseType, redirectURI, state string, scope util.StringSet) (*GrantRequest, error)

CreateGrantRequest check whether response type, redirect URI and scope are valid and creates a new grant request for this client. Grant types are defined by RFC6749 "OAuth 2.0 Authorization Framework" Supported grant types are: "code" (authorization code), "token" (implicit request), "owner" (resource owner password credentials), "client" (client credentials)

func (*Client) ScopeProvided 

func (client *Client) ScopeProvided() util.StringSet

ScopeProvided the scope provided by this client as a StringSet. The scope is extracted from the clients ScopeProvidedMap.

type ClientApproval 

type ClientApproval struct {
	UUID        string
	Scope       util.StringSet
	ClientUUID  string
	AccountUUID string
	CreatedAt   time.Time
	UpdatedAt   time.Time
}

ClientApproval contains information about scopes a user has already approved for a certain client. This is needed to implement Trust On First Use (TOFU).

func GetClientApproval 

func GetClientApproval(uuid string) (*ClientApproval, bool)

GetClientApproval retrieves an approval with a given UUID. Returns false if no matching approval exists.

func ListClientApprovals 

func ListClientApprovals() []ClientApproval

ListClientApprovals returns all client approvals stored in the database ordered by creation time.

func (*ClientApproval) Create 

func (app *ClientApproval) Create() error

Create stores a new approval in the database. If the UUID is empty a new random UUID will be created.

func (*ClientApproval) Delete 

func (app *ClientApproval) Delete() error

Delete removes an approval from the database.

func (*ClientApproval) Update 

func (app *ClientApproval) Update() error

Update stores the new values of the approval in the database. New values for CreatedAt will be ignored. UpdatedAt will be set automatically to the current time.

type Email 

type Email struct {
	Id        int
	Mode      sql.NullString
	Sender    string
	Recipient util.StringSet
	Content   []byte
	CreatedAt time.Time
}

Email data as stored in the database

func GetQueuedEmails 

func GetQueuedEmails() ([]Email, error)

GetQueuedEmails selects all unsent e-mails from the email queue database table and returns the result as a slice of Emails.

func (*Email) Create 

func (e *Email) Create(to util.StringSet, content []byte) error

Create adds a new entry to table EmailQueue

func (*Email) Delete 

func (e *Email) Delete() error

Delete removes the current e-mail from table EmailQueue

func (*Email) Send 

func (e *Email) Send() error

Send checks the smtp Mode setting and if appropriate sets up authentication for e-mail dispatch via smtp and sends the e-mail.

type GrantRequest 

type GrantRequest struct {
	Token          string
	GrantType      string
	State          string
	Code           sql.NullString
	ScopeRequested util.StringSet
	RedirectURI    string
	ClientUUID     string
	AccountUUID    sql.NullString
	CreatedAt      time.Time
	UpdatedAt      time.Time
}

GrantRequest contains data about an ongoing authorization grant request.

func GetGrantRequest 

func GetGrantRequest(token string) (*GrantRequest, bool)

GetGrantRequest returns a grant request with a given token. Returns false if no request with a matching token exists.

func GetGrantRequestByCode 

func GetGrantRequestByCode(code string) (*GrantRequest, bool)

GetGrantRequestByCode returns a grant request with a given code. Returns false if no request with a matching code exists.

func ListGrantRequests 

func ListGrantRequests() []GrantRequest

ListGrantRequests returns all current grant requests ordered by creation time.

func (*GrantRequest) Client 

func (req *GrantRequest) Client() *Client

Client returns the client associated with the grant request.

func (*GrantRequest) Create 

func (req *GrantRequest) Create() error

Create stores a new grant request.

func (*GrantRequest) Delete 

func (req *GrantRequest) Delete() error

Delete removes an existing request from the database.

func (*GrantRequest) ExchangeCodeForTokens 

func (req *GrantRequest) ExchangeCodeForTokens() (string, string, error)

ExchangeCodeForTokens creates an access token and a refresh token. Finally the grant request will be deleted from the database, even if the token creation fails!

func (*GrantRequest) IsApproved 

func (req *GrantRequest) IsApproved() bool

IsApproved just looks up whether the requested scope is covered by the scope of an existing approval

func (*GrantRequest) Update 

func (req *GrantRequest) Update() error

Update an existing grant request.

type RefreshToken 

type RefreshToken struct {
	Token       string
	Scope       util.StringSet
	ClientUUID  string
	AccountUUID string
	CreatedAt   time.Time
	UpdatedAt   time.Time
}

RefreshToken represents an OAuth refresh token issued in a `code` grant request.

func GetRefreshToken 

func GetRefreshToken(token string) (*RefreshToken, bool)

GetRefreshToken returns a refresh token with a given token value. Returns false if no such refresh token exists.

func ListRefreshTokens 

func ListRefreshTokens() []RefreshToken

ListRefreshTokens returns all refresh tokens sorted by creation time.

func (*RefreshToken) Create 

func (tok *RefreshToken) Create() error

Create stores a new refresh token in the database. If the token is empty a random token will be generated.

func (*RefreshToken) Delete 

func (tok *RefreshToken) Delete() error

Delete removes an refresh token from the database.

type SSHKey 

type SSHKey struct {
	Fingerprint string
	Key         string
	Description string
	AccountUUID string
	Temporary   bool
	CreatedAt   time.Time
	UpdatedAt   time.Time
}

SSHKey object stored in the database.

func GetSSHKey 

func GetSSHKey(fingerprint string) (*SSHKey, bool)

GetSSHKey returns an SSH key (permanent or temporary) for a given fingerprint. Returns false if no permanent key with the fingerprint can be found. Returns false if no temporary key with the fingerprint created within the LifeTime of temporary ssh keys can be found.

func ListSSHKeys 

func ListSSHKeys() []SSHKey

ListSSHKeys returns all stored ssh keys.

func (*SSHKey) Create 

func (key *SSHKey) Create() error

Create stores a new SSH key in the database.

func (*SSHKey) Delete 

func (key *SSHKey) Delete() error

Delete removes an existing SSH key from the database.

func (*SSHKey) UnmarshalJSON 

func (key *SSHKey) UnmarshalJSON(bytes []byte) error

UnmarshalJSON implements Unmarshaler for SSHKey Only parses updatable fields: Key, Description, and Temporary. The fingerprint is parsed from the key.

type SSHKeyMarshaler 

type SSHKeyMarshaler struct {
	SSHKey  *SSHKey
	Account *Account
}

SSHKeyMarshaler wraps a SSHKey together with an Account to provide all information needed to marshal a SSHKey

func (*SSHKeyMarshaler) MarshalJSON 

func (keyMarshaler *SSHKeyMarshaler) MarshalJSON() ([]byte, error)

MarshalJSON implements Marshaler for SSHKeyMarshaler

type Session 

type Session struct {
	Token       string
	Expires     time.Time
	AccountUUID string
	CreatedAt   time.Time
	UpdatedAt   time.Time
}

Session contains data about session tokens used to identify logged in accounts.

func GetSession 

func GetSession(token string) (*Session, bool)

GetSession returns a session with a given token. Returns false if no such session exists.

func ListSessions 

func ListSessions() []Session

ListSessions returns all sessions sorted by creation time.

func (*Session) Create 

func (sess *Session) Create() error

Create stores a new session. If the token is empty a random token will be generated.

func (*Session) Delete 

func (sess *Session) Delete() error

Delete removes a session from the database.

func (*Session) UpdateExpirationTime 

func (sess *Session) UpdateExpirationTime() error

UpdateExpirationTime updates the expiration time and stores the new time in the database.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.