authn

func Authenticate ¶

func Authenticate(username string, challenge string, provider string) bool

Authenticate sends the username and challenge to the authentication provider requested and passes the resulting boolean back. Any non-true result including technical failures and the authentication provider being unknown will be interepreted as the user not being authenticated

func Decrypt ¶

func Decrypt(tokenString string) *jwt.StandardClaims

Decrypt decrypts a string containing a token It returns nil if - the token has been minted more than tokenTTL minutes ago - the token message is not a valid TokenStruct - the token cannot be decrypted using known keys

func GetKey ¶

func GetKey() *rsa.PrivateKey

GetKey returns the current key used for session tokens If the key not initialized, nil is returned

func GetToken ¶

func GetToken(username string) string

GetToken wraps the incoming username into a TokenStruct, serializes the result to json and generates a Fernet token based on the resulting string

func GetValidateKey ¶

func GetValidateKey() *rsa.PublicKey

GetValidateKeys returns the key reference in a thread-safe fashion

func InitMint ¶

func InitMint()

func InitValidator ¶

func InitValidator()

InitValidator initializes the validator by storing current config version, creating a new lock and loading validation keys

func KnownProviders ¶

func KnownProviders() []string

KnownProviders returns the list of known authentication providers

func LoadMintKeyByName ¶

func LoadMintKeyByName(filename string)

loadMintKeyByName loads a key by filename and stores it in the struct The function is threadsafe and panics if the key file is invalid

func ReissueToken ¶

func ReissueToken(token string) (string, error)

ReissueToken re-issues a token based on a previous valid token

func Validate ¶

func Validate(token string) (string, error)

Validate the Fernet token and extract the username Returns either a username or an error