Documentation
¶
Index ¶
- Constants
- Variables
- func IsOAuthSSOProviderTypeDisabled(typ config.OAuthSSOProviderType, ...) bool
- type Anonymous
- type AnonymousSpec
- type Biometric
- type BiometricSpec
- type Candidate
- type Filter
- type FilterFunc
- type Info
- func (i *Info) AMR() []string
- func (i *Info) AllStandardClaims() map[string]interface{}
- func (i *Info) DisplayID() string
- func (i *Info) GetMeta() model.Meta
- func (i *Info) IdentityAwareStandardClaims() map[model.ClaimName]string
- func (i *Info) ModifyDisabled(c *config.IdentityConfig) bool
- func (i *Info) PrimaryAuthenticatorTypes() []model.AuthenticatorType
- func (i *Info) ToModel() model.Identity
- func (i *Info) ToRef() *model.IdentityRef
- func (i *Info) ToSpec() Spec
- type LoginID
- type LoginIDMigrateSpec
- type LoginIDSpec
- type MigrateSpec
- type NewIdentityOptions
- type OAuth
- type OAuthSpec
- type Passkey
- type PasskeySpec
- type SIWE
- type SIWESpec
- type Spec
Constants ¶
View Source
const ( CandidateKeyIdentityID = "identity_id" CandidateKeyType = "type" CandidateKeyProviderType = "provider_type" CandidateKeyProviderAlias = "provider_alias" CandidateKeyProviderSubjectID = "provider_subject_id" CandidateKeyProviderAppType = "provider_app_type" CandidateKeyLoginIDType = "login_id_type" CandidateKeyLoginIDKey = "login_id_key" CandidateKeyLoginIDValue = "login_id_value" CandidateKeyDisplayID = "display_id" CandidateKeyModifyDisabled = "modify_disabled" )
View Source
const ( // IdentityClaimOAuthProviderType is a claim with a string value. IdentityClaimOAuthProviderType string = "https://authgear.com/claims/oauth/provider_type" // IdentityClaimOAuthProviderAlias is a claim with a string value. IdentityClaimOAuthProviderAlias string = "https://authgear.com/claims/oauth/provider_alias" // IdentityClaimOAuthSubjectID is a claim with a string value like `1098765432`. IdentityClaimOAuthSubjectID string = "https://authgear.com/claims/oauth/subject_id" // IdentityClaimOAuthData is a claim with a map value containing raw OAuth provider profile. IdentityClaimOAuthProfile string = "https://authgear.com/claims/oauth/profile" // IdentityClaimLoginIDType is a claim with a string value indicating the type of login ID. IdentityClaimLoginIDType string = "https://authgear.com/claims/login_id/type" // IdentityClaimLoginIDValue is a claim with a string value indicating the key of login ID. IdentityClaimLoginIDKey string = "https://authgear.com/claims/login_id/key" // IdentityClaimLoginIDOriginalValue is a claim with a string value indicating the value of original login ID. IdentityClaimLoginIDOriginalValue string = "https://authgear.com/claims/login_id/original_value" // IdentityClaimLoginIDValue is a claim with a string value indicating the value of login ID. IdentityClaimLoginIDValue string = "https://authgear.com/claims/login_id/value" // IdentityClaimAnonymousKeyID is a claim with a string value containing anonymous key ID. IdentityClaimAnonymousKeyID string = "https://authgear.com/claims/anonymous/key_id" // IdentityClaimBiometricKeyID is a claim with a string value containing biometric key ID. IdentityClaimBiometricKeyID string = "https://authgear.com/claims/biometric/key_id" // IdentityClaimBiometricDeviceInfo is a claim with a map value containing device info. IdentityClaimBiometricDeviceInfo string = "https://authgear.com/claims/biometric/device_info" // IdentityClaimBiometricFormattedDeviceInfo is a claim with a string value indicating formatted device info for display. IdentityClaimBiometricFormattedDeviceInfo string = "https://authgear.com/claims/biometric/formatted_device_info" // IdentityClaimPasskeyCredentialID is a claim with a string value. // nolint: gosec IdentityClaimPasskeyCredentialID string = "https://authgear.com/claims/passkey/credential_id" // nolint: gosec IdentityClaimPasskeyDisplayName string = "https://authgear.com/claims/passkey/display_name" // IdentityClaimSIWEAddress is a claim with a string value. IdentityClaimSIWEAddress string = "https://authgear.com/claims/siwe/address" // IdentityClaimSIWEChainID is a claim with an interger value. IdentityClaimSIWEChainID string = "https://authgear.com/claims/siwe/chain_id" StandardClaimEmail string = "email" StandardClaimPhoneNumber string = "phone_number" StandardClaimPreferredUsername string = "preferred_username" )
Variables ¶
View Source
var ErrIdentityAlreadyExists = errors.New("identity already exists")
View Source
var ErrIdentityNotFound = errors.New("identity not found")
Functions ¶
func IsOAuthSSOProviderTypeDisabled ¶
func IsOAuthSSOProviderTypeDisabled(typ config.OAuthSSOProviderType, featureConfig *config.OAuthSSOProvidersFeatureConfig) bool
Types ¶
type Anonymous ¶
type AnonymousSpec ¶
type Biometric ¶
type Biometric struct {
ID string `json:"id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
UserID string `json:"user_id"`
KeyID string `json:"key_id"`
Key []byte `json:"key"`
DeviceInfo map[string]interface{} `json:"device_info"`
}
func (*Biometric) FormattedDeviceInfo ¶
type BiometricSpec ¶
type Candidate ¶
type Candidate map[string]interface{}
func NewLoginIDCandidate ¶
func NewLoginIDCandidate(c *config.LoginIDKeyConfig) Candidate
func NewOAuthCandidate ¶
func NewOAuthCandidate(c *config.OAuthSSOProviderConfig) Candidate
func NewSIWECandidate ¶
func NewSIWECandidate() Candidate
type FilterFunc ¶
var KeepIdentifiable FilterFunc = func(ii *Info) bool { switch ii.Type { case model.IdentityTypeLoginID: return true case model.IdentityTypeOAuth: return true case model.IdentityTypeAnonymous: return false case model.IdentityTypeBiometric: return false case model.IdentityTypePasskey: return false case model.IdentityTypeSIWE: return false default: panic(fmt.Sprintf("identity: unexpected identity type: %s", ii.Type)) } }
KeepIdentifiable keeps Login ID identity and OAuth identity.
func (FilterFunc) Keep ¶
func (f FilterFunc) Keep(ii *Info) bool
type Info ¶
type Info struct {
ID string `json:"id"`
UserID string `json:"user_id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
Type model.IdentityType `json:"type"`
LoginID *LoginID `json:"login_id,omitempty"`
OAuth *OAuth `json:"oauth,omitempty"`
Anonymous *Anonymous `json:"anonymous,omitempty"`
Biometric *Biometric `json:"biometric,omitempty"`
Passkey *Passkey `json:"passkey,omitempty"`
SIWE *SIWE `json:"siwe,omitempty"`
}
func ApplyFilters ¶
func (*Info) AllStandardClaims ¶
func (*Info) DisplayID ¶
DisplayID returns a string that is suitable for the owner to identify the identity. If it is a Login ID identity, the original login ID value is returned. If it is a OAuth identity, email, phone_number or preferred_username is returned. If it is a anonymous identity, the kid is returned. If it is a biometric identity, the kid is returned. If it is a passkey identity, the name is returned. If it is a SIWE identity, EIP681 of the address and chainID is returned
func (*Info) IdentityAwareStandardClaims ¶
func (*Info) ModifyDisabled ¶
func (i *Info) ModifyDisabled(c *config.IdentityConfig) bool
func (*Info) PrimaryAuthenticatorTypes ¶
func (i *Info) PrimaryAuthenticatorTypes() []model.AuthenticatorType
func (*Info) ToRef ¶
func (i *Info) ToRef() *model.IdentityRef
type LoginID ¶
type LoginID struct {
ID string `json:"id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
UserID string `json:"user_id"`
LoginIDKey string `json:"login_id_key"`
LoginIDType model.LoginIDKeyType `json:"login_id_type"`
LoginID string `json:"login_id"`
OriginalLoginID string `json:"original_login_id"`
UniqueKey string `json:"unique_key"`
Claims map[string]interface{} `json:"claims,omitempty"`
}
func (*LoginID) ToChannelTarget ¶
func (i *LoginID) ToChannelTarget() (model.AuthenticatorOOBChannel, string)
type LoginIDMigrateSpec ¶
type LoginIDMigrateSpec struct {
Key string `json:"key"`
Type model.LoginIDKeyType `json:"type"`
Value string `json:"value"`
}
type LoginIDSpec ¶
type LoginIDSpec struct {
Key string `json:"key"`
Type model.LoginIDKeyType `json:"type"`
Value string `json:"value"`
}
type MigrateSpec ¶
type MigrateSpec struct {
Type model.IdentityType `json:"type"`
LoginID *LoginIDMigrateSpec `json:"login_id,omitempty"`
}
func (*MigrateSpec) GetSpec ¶
func (s *MigrateSpec) GetSpec() *Spec
type NewIdentityOptions ¶
type NewIdentityOptions struct {
LoginIDEmailByPassBlocklistAllowlist bool
}
type OAuth ¶
type OAuth struct {
ID string `json:"id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
UserID string `json:"user_id"`
ProviderID config.ProviderID `json:"provider_id"`
ProviderSubjectID string `json:"provider_subject_id"`
UserProfile map[string]interface{} `json:"user_profile,omitempty"`
Claims map[string]interface{} `json:"claims,omitempty"`
// This is a derived field and NOT persisted to database.
// We still include it in JSON serialization so it can be persisted in the graph.
ProviderAlias string `json:"provider_alias,omitempty"`
}
type OAuthSpec ¶
type OAuthSpec struct {
ProviderID config.ProviderID `json:"provider_id"`
SubjectID string `json:"subject_id"`
RawProfile map[string]interface{} `json:"raw_profile,omitempty"`
StandardClaims map[string]interface{} `json:"standard_claims,omitempty"`
}
type Passkey ¶
type Passkey struct {
ID string `json:"id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
UserID string `json:"user_id"`
CredentialID string `json:"credential_id"`
CreationOptions *model.WebAuthnCreationOptions `json:"creation_options,omitempty"`
AttestationResponse []byte `json:"attestation_response,omitempty"`
}
type PasskeySpec ¶
type SIWE ¶
type SIWE struct {
ID string `json:"id"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
UserID string `json:"user_id"`
ChainID int `json:"chain_id"`
Address web3.EIP55 `json:"address"`
Data *model.SIWEVerifiedData `json:"data"`
}
func (*SIWE) ToContractID ¶
func (i *SIWE) ToContractID() (*web3.ContractID, error)
type Spec ¶
type Spec struct {
Type model.IdentityType `json:"type"`
LoginID *LoginIDSpec `json:"login_id,omitempty"`
OAuth *OAuthSpec `json:"oauth,omitempty"`
Anonymous *AnonymousSpec `json:"anonymous,omitempty"`
Biometric *BiometricSpec `json:"biometric,omitempty"`
Passkey *PasskeySpec `json:"passkey,omitempty"`
SIWE *SIWESpec `json:"siwe,omitempty"`
}
Source Files
¶
- anonymous_identity.go
- anonymous_spec.go
- biometric_identity.go
- biometric_spec.go
- candidate.go
- claim_key.go
- errors.go
- filters.go
- info.go
- loginid_identity.go
- loginid_spec.go
- migrate_spec.go
- oauth_identity.go
- oauth_spec.go
- options.go
- passkey_identity.go
- passkey_spec.go
- siwe_identity.go
- siwe_spec.go
- spec.go
Directories
Click to show internal directories.
Click to hide internal directories.