auth

package
v0.0.0-...-c1ffc38 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 2, 2023 License: Apache-2.0 Imports: 40 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterAuthHandlers 

func RegisterAuthHandlers(router *gin.RouterGroup, si AuthServer)

RegisterAuthHandlers creates http.Handler with routing matching OpenAPI spec.

func RegisterHandlersManual 

func RegisterHandlersManual(router *gin.RouterGroup, service *ServerImpl)

func RegisterValidator 

func RegisterValidator()

Types

type AuthServer 

type AuthServer interface {
	// BindMfa Verify a one-time password (OTP) value to binding MFA.
	// (POST /mfa/bind)
	BindMfa(*gin.Context, *BindMfaRequest) (bool, error)
	// BindMfaPrepare Use this api to get the temporary MFA secret key.
	// (POST /mfa/bind-prepare)
	BindMfaPrepare(*gin.Context) (*Mfa, error)
	// Captcha Use this API to get captcha
	// (GET /captcha)
	Captcha(*gin.Context, *CaptchaRequest) (*Captcha, error)
	// CreateSpm create spm key.
	// (POST /spm/create)
	CreateSpm(*gin.Context) (string, error)
	// ForgetPwdBegin start the process of forgetting your password by verifying your account.
	// (POST /forget-pwd/begin)
	ForgetPwdBegin(*gin.Context, *ForgetPwdBeginRequest) (*ForgetPwdBeginResponse, error)
	// ForgetPwdReset reset-password.
	// (POST /forget-pwd/reset)
	ForgetPwdReset(*gin.Context, *ForgetPwdResetRequest) (bool, error)
	// ForgetPwdSendEmail send an email to get the verify code.
	// (POST /forget-pwd/send-email)
	ForgetPwdSendEmail(*gin.Context, *ForgetPwdSendEmailRequest) (string, error)
	// ForgetPwdVerifyEmail verify the email to reset-password.
	// (POST /forget-pwd/verify-email)
	ForgetPwdVerifyEmail(*gin.Context, *ForgetPwdVerifyEmailRequest) (*ForgetPwdBeginResponse, error)
	// ForgetPwdVerifyMfa verify the email to reset-password.
	// (POST /forget-pwd/verify-mfa)
	ForgetPwdVerifyMfa(*gin.Context, *ForgetPwdVerifyMfaRequest) (*ForgetPwdBeginResponse, error)
	// GetSpmAuth get auth data by spm.
	// (POST /spm/auth)
	GetSpmAuth(*gin.Context, *GetSpmAuthRequest) (*LoginResponse, error)
	// Login Use this API to Login
	// (POST /login/auth)
	Login(*gin.Context, *LoginRequest) (*LoginResponse, error)
	// Logout log out a user
	// (POST /logout)
	Logout(*gin.Context) error
	// RefreshToken Use this API to refresh token
	// (POST /login/refresh-token)
	RefreshToken(*gin.Context, *RefreshTokenRequest) (*LoginResponse, error)
	// ResetPassword if login profile demand change password. use this API to reset password.
	// (POST /login/reset-password)
	ResetPassword(*gin.Context, *ResetPasswordRequest) (*LoginResponse, error)
	// (POST /token)
	Token(*gin.Context, *TokenRequest) (*TokenResponse, error)
	// UnBindMfa Verify a one-time password (OTP) value to unBind MFA.
	// (POST /mfa/unbind)
	UnBindMfa(*gin.Context, *UnBindMfaRequest) (bool, error)
	// VerifyFactor Verify a one-time password (OTP) value, provided for a second factor, when multi-factor authentication (MFA) is required.
	// (POST /login/verify-factor)
	VerifyFactor(*gin.Context, *VerifyFactorRequest) (*LoginResponse, error)
}

AuthServer is the server API for Auth service.

type BindMfaRequest 

type BindMfaRequest struct {
	OtpToken   string `binding:"required" json:"otpToken"`
	StateToken string `binding:"required" json:"stateToken"`
}

BindMfaRequest is the request object for (POST /mfa/bind)

type Captcha 

type Captcha struct {
	CaptchaId    string `json:"captchaId,omitempty"`
	CaptchaImage string `json:"captchaImage,omitempty"`
}

Captcha captcha info

type CaptchaRequest 

type CaptchaRequest struct {
	// W width of captcha
	W *int `form:"w"`
	// H height of captcha
	H *int `form:"h"`
}

CaptchaRequest is the request object for (GET /captcha)

type Domain 

type Domain struct {
	ID   int    `json:"id,omitempty"`
	Name string `json:"name,omitempty"`
}

type Error 

type Error struct {
	Code    int    `json:"code,omitempty"`
	Details string `json:"details,omitempty"`
	Message string `json:"message,omitempty"`
}

type ErrorResponse 

type ErrorResponse struct {
	Errors []*Error `json:"errors,omitempty"`
}

type ForgetPwdBeginRequest 

type ForgetPwdBeginRequest struct {
	Captcha   string `binding:"required" json:"captcha"`
	CaptchaId string `binding:"required" json:"captchaId"`
	Username  string `binding:"required" json:"username"`
}

ForgetPwdBeginRequest is the request object for (POST /forget-pwd/begin)

type ForgetPwdBeginResponse 

type ForgetPwdBeginResponse struct {
	StateToken    string             `json:"stateToken,omitempty"`
	StateTokenTTL float64            `json:"stateTokenTTL,omitempty"`
	Verifies      []*ForgetPwdVerify `json:"verifies,omitempty"`
}

type ForgetPwdResetRequest 

type ForgetPwdResetRequest struct {
	NewPassword string `binding:"required" json:"newPassword"`
	// StateToken from verify-mfa or verify-email
	StateToken string `binding:"required" json:"stateToken"`
}

ForgetPwdResetRequest is the request object for (POST /forget-pwd/reset)

type ForgetPwdSendEmailRequest 

type ForgetPwdSendEmailRequest struct {
	// StateToken form begin
	StateToken string `binding:"required" json:"stateToken"`
}

ForgetPwdSendEmailRequest is the request object for (POST /forget-pwd/send-email)

type ForgetPwdVerify 

type ForgetPwdVerify struct {
	Kind  string `json:"kind,omitempty"`
	Value string `json:"value,omitempty"`
}

type ForgetPwdVerifyEmailRequest 

type ForgetPwdVerifyEmailRequest struct {
	// Captcha the email verify code
	Captcha string `binding:"required" json:"captcha"`
	// CaptchaId the email verify code
	CaptchaId string `binding:"required" json:"captchaId"`
	// StateToken form begin
	StateToken string `binding:"required" json:"stateToken"`
}

ForgetPwdVerifyEmailRequest is the request object for (POST /forget-pwd/verify-email)

type ForgetPwdVerifyMfaRequest 

type ForgetPwdVerifyMfaRequest struct {
	// OtpToken the email verify code
	OtpToken string `binding:"required" json:"otpToken"`
	// StateToken form begin
	StateToken string `binding:"required" json:"stateToken"`
}

ForgetPwdVerifyMfaRequest is the request object for (POST /forget-pwd/verify-mfa)

type GetSpmAuthRequest 

type GetSpmAuthRequest struct {
	// Spm the spm key to get auth data
	Spm string `binding:"required" json:"spm"`
}

GetSpmAuthRequest is the request object for (POST /spm/auth)

type LoginRequest 

type LoginRequest struct {
	// Captcha captcha code,if login fail 3 times, the login profile will demand captcha.
	Captcha string `json:"captcha,omitempty"`
	// CaptchaId captcha id,if login fail 3 times, the login profile will demand captcha.
	CaptchaId string `json:"captchaId,omitempty"`
	// Password hashed password
	Password string `binding:"required" json:"password"`
	// Username username or email
	Username string `binding:"required" json:"username"`
}

LoginRequest is the request object for (POST /login/auth)

type LoginResponse 

type LoginResponse struct {
	AccessToken  string `json:"accessToken,omitempty"`
	CallbackUrl  string `json:"callbackUrl,omitempty"`
	ExpiresIn    int    `json:"expiresIn,omitempty"`
	RefreshToken string `json:"refreshToken,omitempty"`
	// StateToken when need MFA or Change PWD. use the state token to request callback_url
	StateToken string `json:"stateToken,omitempty"`
	User       *User  `json:"user,omitempty"`
}

LoginResponse when complete login accessToken,expiresAt,refreshToken will be filled

type Mfa 

type Mfa struct {
	PrincipalName string `json:"principalName,omitempty"`
	QrCodeUri     string `json:"qrCodeUri,omitempty"`
	Secret        string `json:"secret,omitempty"`
	// StateToken when need MFA or Change PWD. use the state token to request callback_url
	StateToken    string  `json:"stateToken,omitempty"`
	StateTokenTTL float64 `json:"stateTokenTTL,omitempty"`
}

Mfa mfa info

type Options 

type Options struct {
	// the path key of cache config, default `redis`
	CacheDriverName   string        `json:"cacheDriverName"`
	CaptchaCollectNum int           `json:"captchaCollectNum"` // captcha memory store collect num
	CaptchaExpire     time.Duration `json:"captchaExpire"`     // captcha expire time
	CaptchaLength     int           `json:"captchaLength"`     // captcha length
	CaptchaTimes      int           `json:"captchaTimes"`      // if login fail times, captcha will force show
	CaptchaTTL        time.Duration `json:"captchaTTL"`        // captcha ttl
	LoginFailTimes    int           `json:"loginFailTimes"`    // if login fail times, captcha will force show
	LoginFailLockTime time.Duration `json:"loginFailLockTime"` // lock time while login upper to max fail times
	StateTokenTTL     time.Duration `json:"stateTokenTTL"`     // state token ttl
	StateTokenSecret  string        `json:"stateTokenSecret"`  // state token secret
	SpmTTL            time.Duration `json:"spmTTL"`            // spm ttl
	JWT               struct {
		SigningMethod   string        `json:"signingMethod"`
		SigningKey      string        `json:"signingKey"`
		TokenTTL        time.Duration `json:"tokenTTL"`
		RefreshTokenTTL time.Duration `json:"refreshTokenTTL"`
	} `json:"jwt"`
}

Options is the configuration of AuthServer in the `auth` section.

type RefreshTokenRequest 

type RefreshTokenRequest struct {
	// RefreshToken the refreshToken
	RefreshToken string `binding:"required" json:"refreshToken"`
}

RefreshTokenRequest is the request object for (POST /login/refresh-token)

type ResetPasswordRequest 

type ResetPasswordRequest struct {
	NewPassword string `binding:"required" json:"newPassword"`
	StateToken  string `binding:"required" json:"stateToken"`
}

ResetPasswordRequest is the request object for (POST /login/reset-password)

type ServerImpl 

type ServerImpl struct {
	Options

	LogoutHandler func(*gin.Context)
	// contains filtered or unexported fields
}

ServerImpl is the server API for service.

func NewServer 

func NewServer(app *woocoo.App) *ServerImpl

func (*ServerImpl) Apply 

func (s *ServerImpl) Apply(cnf *conf.AppConfiguration) error

func (*ServerImpl) BindMfa 

func (s *ServerImpl) BindMfa(ctx *gin.Context, req *BindMfaRequest) (bool, error)

func (*ServerImpl) BindMfaPrepare 

func (s *ServerImpl) BindMfaPrepare(ctx *gin.Context) (*Mfa, error)

func (*ServerImpl) Captcha 

func (s *ServerImpl) Captcha(ctx *gin.Context, req *CaptchaRequest) (*Captcha, error)

func (*ServerImpl) CreateSpm 

func (s *ServerImpl) CreateSpm(ctx *gin.Context) (string, error)

CreateSpm 创建spm key

func (*ServerImpl) ForgetPwdBegin 

func (s *ServerImpl) ForgetPwdBegin(ctx *gin.Context, req *ForgetPwdBeginRequest) (*ForgetPwdBeginResponse, error)

ForgetPwdBegin 忘记密码验证用户账户,开始修改密码流程

func (*ServerImpl) ForgetPwdReset 

func (s *ServerImpl) ForgetPwdReset(ctx *gin.Context, req *ForgetPwdResetRequest) (bool, error)

ForgetPwdReset 忘记密码设置新密码

func (*ServerImpl) ForgetPwdSendEmail 

func (s *ServerImpl) ForgetPwdSendEmail(ctx *gin.Context, req *ForgetPwdSendEmailRequest) (string, error)

ForgetPwdSendEmail 忘记密码 发送邮件验证码

func (*ServerImpl) ForgetPwdVerifyEmail 

func (s *ServerImpl) ForgetPwdVerifyEmail(ctx *gin.Context, req *ForgetPwdVerifyEmailRequest) (*ForgetPwdBeginResponse, error)

ForgetPwdVerifyEmail 忘记密码 邮件验证身份

func (*ServerImpl) ForgetPwdVerifyMfa 

func (s *ServerImpl) ForgetPwdVerifyMfa(ctx *gin.Context, req *ForgetPwdVerifyMfaRequest) (*ForgetPwdBeginResponse, error)

ForgetPwdVerifyMfa 忘记密码 mfa验证身份

func (*ServerImpl) GetSpmAuth 

func (s *ServerImpl) GetSpmAuth(c *gin.Context, r *GetSpmAuthRequest) (*LoginResponse, error)

GetSpmAuth 根据spm 获取登录信息

func (*ServerImpl) GetUserRootOrg 

func (s *ServerImpl) GetUserRootOrg(ctx *gin.Context, uid int) (uorg *ent.Org, err error)

func (*ServerImpl) Login 

func (s *ServerImpl) Login(ctx *gin.Context, req *LoginRequest) (res *LoginResponse, err error)

Login login

func (*ServerImpl) Logout 

func (s *ServerImpl) Logout(ctx *gin.Context) error

func (*ServerImpl) MfaQRCode 

func (s *ServerImpl) MfaQRCode(ctx *gin.Context, userID int, secret string) ([]byte, error)

MfaQRCode generate a QR code for MFA, the code is a png image

func (*ServerImpl) RefreshToken 

func (s *ServerImpl) RefreshToken(ctx *gin.Context, req *RefreshTokenRequest) (*LoginResponse, error)

func (*ServerImpl) ResetPassword 

func (s *ServerImpl) ResetPassword(ctx *gin.Context, req *ResetPasswordRequest) (res *LoginResponse, err error)

func (*ServerImpl) Start 

func (s *ServerImpl) Start(ctx context.Context) error

Start implements woocoo.Server but do noting in start, the web server has registered by NewServer.

func (*ServerImpl) Stop 

func (s *ServerImpl) Stop(ctx context.Context) error

func (*ServerImpl) Token 

func (s *ServerImpl) Token(c *gin.Context, r *TokenRequest) (*TokenResponse, error)

Token oauth获取accessToken

func (*ServerImpl) UnBindMfa 

func (s *ServerImpl) UnBindMfa(ctx *gin.Context, req *UnBindMfaRequest) (bool, error)

func (*ServerImpl) VerifyFactor 

func (s *ServerImpl) VerifyFactor(ctx *gin.Context, req *VerifyFactorRequest) (*LoginResponse, error)

type TokenRequest 

type TokenRequest struct {
	ClientID     string `binding:"required" form:"client_id"`
	ClientSecret string `binding:"required" form:"client_secret"`
	GrantType    string `binding:"required" form:"grant_type"`
}

TokenRequest is the request object for (POST /token)

type TokenResponse 

type TokenResponse struct {
	AccessToken string `json:"access_token,omitempty"`
	ExpiresIn   int    `json:"expires_in,omitempty"`
}

TokenResponse successful operation

type UnBindMfaRequest 

type UnBindMfaRequest struct {
	OtpToken string `binding:"required" json:"otpToken"`
}

UnBindMfaRequest is the request object for (POST /mfa/unbind)

type UnimplementedAuthServer 

type UnimplementedAuthServer struct {
}

func (UnimplementedAuthServer) BindMfa 

func (UnimplementedAuthServer) BindMfa(c *gin.Context, req *BindMfaRequest) (_ bool, err error)

func (UnimplementedAuthServer) BindMfaPrepare 

func (UnimplementedAuthServer) BindMfaPrepare(c *gin.Context) (_ *Mfa, err error)

func (UnimplementedAuthServer) Captcha 

func (UnimplementedAuthServer) Captcha(c *gin.Context, req *CaptchaRequest) (_ *Captcha, err error)

func (UnimplementedAuthServer) CreateSpm 

func (UnimplementedAuthServer) CreateSpm(c *gin.Context) (_ string, err error)

func (UnimplementedAuthServer) ForgetPwdBegin 

func (UnimplementedAuthServer) ForgetPwdBegin(c *gin.Context, req *ForgetPwdBeginRequest) (_ *ForgetPwdBeginResponse, err error)

func (UnimplementedAuthServer) ForgetPwdReset 

func (UnimplementedAuthServer) ForgetPwdReset(c *gin.Context, req *ForgetPwdResetRequest) (_ bool, err error)

func (UnimplementedAuthServer) ForgetPwdSendEmail 

func (UnimplementedAuthServer) ForgetPwdSendEmail(c *gin.Context, req *ForgetPwdSendEmailRequest) (_ string, err error)

func (UnimplementedAuthServer) ForgetPwdVerifyEmail 

func (UnimplementedAuthServer) ForgetPwdVerifyEmail(c *gin.Context, req *ForgetPwdVerifyEmailRequest) (_ *ForgetPwdBeginResponse, err error)

func (UnimplementedAuthServer) ForgetPwdVerifyMfa 

func (UnimplementedAuthServer) ForgetPwdVerifyMfa(c *gin.Context, req *ForgetPwdVerifyMfaRequest) (_ *ForgetPwdBeginResponse, err error)

func (UnimplementedAuthServer) GetSpmAuth 

func (UnimplementedAuthServer) GetSpmAuth(c *gin.Context, req *GetSpmAuthRequest) (_ *LoginResponse, err error)

func (UnimplementedAuthServer) Login 

func (UnimplementedAuthServer) Login(c *gin.Context, req *LoginRequest) (_ *LoginResponse, err error)

func (UnimplementedAuthServer) Logout 

func (UnimplementedAuthServer) Logout(c *gin.Context) (err error)

func (UnimplementedAuthServer) RefreshToken 

func (UnimplementedAuthServer) RefreshToken(c *gin.Context, req *RefreshTokenRequest) (_ *LoginResponse, err error)

func (UnimplementedAuthServer) ResetPassword 

func (UnimplementedAuthServer) ResetPassword(c *gin.Context, req *ResetPasswordRequest) (_ *LoginResponse, err error)

func (UnimplementedAuthServer) Token 

func (UnimplementedAuthServer) Token(c *gin.Context, req *TokenRequest) (_ *TokenResponse, err error)

func (UnimplementedAuthServer) UnBindMfa 

func (UnimplementedAuthServer) UnBindMfa(c *gin.Context, req *UnBindMfaRequest) (_ bool, err error)

func (UnimplementedAuthServer) VerifyFactor 

func (UnimplementedAuthServer) VerifyFactor(c *gin.Context, req *VerifyFactorRequest) (_ *LoginResponse, err error)

type User 

type User struct {
	AvatarFileId int       `json:"avatarFileId,omitempty"`
	DisplayName  string    `json:"displayName,omitempty"`
	Domains      []*Domain `json:"domains,omitempty"`
	ID           int       `json:"id,omitempty"`
}

type VerifyFactorRequest 

type VerifyFactorRequest struct {
	// DeviceId provide the MFA deviceId. the deviceId is register by MFA setting.
	DeviceId   string `binding:"required" json:"deviceId"`
	OtpToken   string `binding:"required" json:"otpToken"`
	StateToken string `binding:"required" json:"stateToken"`
}

VerifyFactorRequest is the request object for (POST /login/verify-factor)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.