Documentation ¶
Overview ¶
Package public (ssas/service/api/public) contains API functions, middleware, and a router designed to:
- Be accessible to the public
- Offer system self-registration and self-management
Index ¶
- func CreateCommonClaims(tokenType, oktaID, systemID, clientID, data, systemXData string, ...) (claims service.CommonClaims)
- func MintRegistrationToken(oktaID string, groupIDs []string) (*jwt.Token, string, error)
- func RegisterSystem(w http.ResponseWriter, r *http.Request)
- func ResetSecret(w http.ResponseWriter, r *http.Request)
- func Server() *service.Server
- func SetMockAccessTokenCreator(t *testing.T, other *MockTokenCreator)
- func ValidateSecret(system ssas.System, secret string, w http.ResponseWriter, r *http.Request) (err error)
- type AccessTokenCreator
- type JWKS
- type Key
- type MockTokenCreator
- type RegistrationRequest
- type ResetRequest
- type SystemResponse
- type TokenCreator
- type TokenResponse
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateCommonClaims ¶
func CreateCommonClaims(tokenType, oktaID, systemID, clientID, data, systemXData string, groupIDs []string) (claims service.CommonClaims)
func MintRegistrationToken ¶
MintRegistrationToken generates a tokenstring for system self-registration endpoints
func RegisterSystem ¶
func RegisterSystem(w http.ResponseWriter, r *http.Request)
RegisterSystem is mounted at POST /auth/register and allows for self-registration. It requires that a registration token containing one or more group ids be presented and parsed by middleware, with the GroupID[s] placed in the context key "rd".
func ResetSecret ¶
func ResetSecret(w http.ResponseWriter, r *http.Request)
ResetSecret is mounted at POST /reset and allows the authenticated manager of a system to rotate their secret.
func SetMockAccessTokenCreator ¶
func SetMockAccessTokenCreator(t *testing.T, other *MockTokenCreator)
SetMockTokenCreator sets the current token creator to the one that's supplied in this function. It leverages the Cleanup() func to ensure the original token creator is restored at the end of the test.
func ValidateSecret ¶
Types ¶
type AccessTokenCreator ¶
type AccessTokenCreator struct { }
AccessTokenCreator is an implementation of TokenCreator that creates access tokens.
func (AccessTokenCreator) GenerateToken ¶
func (accessTokenCreator AccessTokenCreator) GenerateToken(claims service.CommonClaims) (*jwt.Token, string, error)
GenerateToken generates a tokenstring that expires in server.tokenTTL time
type MockTokenCreator ¶
MockTokenCreator is an autogenerated mock type for the TokenCreator type
func NewMockTokenCreator ¶
func NewMockTokenCreator(t mockConstructorTestingTNewMockTokenCreator) *MockTokenCreator
NewMockTokenCreator creates a new instance of MockTokenCreator. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations.
func (*MockTokenCreator) GenerateToken ¶
func (_m *MockTokenCreator) GenerateToken(claims service.CommonClaims) (*jwt.Token, string, error)
GenerateToken provides a mock function with given fields: claims
type RegistrationRequest ¶
type ResetRequest ¶
type ResetRequest struct {
ClientID string `json:"client_id"`
}
type SystemResponse ¶
type TokenCreator ¶
type TokenCreator interface {
GenerateToken(claims service.CommonClaims) (*jwt.Token, string, error)
}
TokenCreator provides methods for the creation of tokens. Currently only AccessTokenCreator implements this interface. TO DO: Define a MFATokenCreator & a RegistrationTokenCreator that will implement TokenCreator interface, then add CreateCommonClaims to this interface that all 3 can share.
func GetAccessTokenCreator ¶
func GetAccessTokenCreator() TokenCreator