facade

package
v0.0.0-...-122f59b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DependencySet = wire.NewSet(
	wire.Struct(new(Coordinator), "*"),
	wire.Struct(new(AuthenticatorFacade), "*"),
	wire.Struct(new(IdentityFacade), "*"),
	wire.Struct(new(UserFacade), "*"),
	wire.Struct(new(WorkflowVerificationFacade), "*"),
	wire.Struct(new(AdminVerificationFacade), "*"),
	wire.Struct(new(MFAFacade), "*"),
)
View Source 
var ErrUserIsAnonymized = apierrors.Invalid.WithReason("UserIsAnonymized").New("user is anonymized")
View Source 
var InvariantViolated = apierrors.Invalid.WithReason("InvariantViolated")

Functions

func NewInvariantViolated 

func NewInvariantViolated(cause string, msg string, data map[string]interface{}) error

Types

type AdminVerificationFacade 

type AdminVerificationFacade struct {
	Verification VerificationService
	Coordinator  *Coordinator
}

func (AdminVerificationFacade) DeleteClaim 

func (v AdminVerificationFacade) DeleteClaim(claim *verification.Claim) error

func (AdminVerificationFacade) GetClaims 

func (v AdminVerificationFacade) GetClaims(userID string) ([]*verification.Claim, error)

func (AdminVerificationFacade) MarkClaimVerified 

func (v AdminVerificationFacade) MarkClaimVerified(claim *verification.Claim) error

func (AdminVerificationFacade) NewVerifiedClaim 

func (v AdminVerificationFacade) NewVerifiedClaim(userID string, claimName string, claimValue string) *verification.Claim

type AuthenticationDetails 

type AuthenticationDetails struct {
	UserID             string
	Stage              authn.AuthenticationStage
	AuthenticationType authn.AuthenticationType
}

func NewAuthenticationDetails 

func NewAuthenticationDetails(
	userID string,
	stage authn.AuthenticationStage,
	authenticationType authn.AuthenticationType,
) *AuthenticationDetails

type AuthenticatorFacade 

type AuthenticatorFacade struct {
	Coordinator *Coordinator
}

func (AuthenticatorFacade) ClearLockoutAttempts 

func (a AuthenticatorFacade) ClearLockoutAttempts(userID string, usedMethods []config.AuthenticationLockoutMethod) error

func (AuthenticatorFacade) Create 

func (a AuthenticatorFacade) Create(authenticatorInfo *authenticator.Info, markVerified bool) error

func (AuthenticatorFacade) Delete 

func (a AuthenticatorFacade) Delete(authenticatorInfo *authenticator.Info) error

func (AuthenticatorFacade) Get 

func (a AuthenticatorFacade) Get(id string) (*authenticator.Info, error)

func (AuthenticatorFacade) List 

func (a AuthenticatorFacade) List(userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)

func (AuthenticatorFacade) MarkOOBIdentityVerified 

func (a AuthenticatorFacade) MarkOOBIdentityVerified(info *authenticator.Info) error

func (AuthenticatorFacade) New 

func (a AuthenticatorFacade) New(spec *authenticator.Spec) (*authenticator.Info, error)

func (AuthenticatorFacade) NewWithAuthenticatorID 

func (a AuthenticatorFacade) NewWithAuthenticatorID(authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)

func (AuthenticatorFacade) Update 

func (a AuthenticatorFacade) Update(authenticatorInfo *authenticator.Info) error

func (AuthenticatorFacade) VerifyOneWithSpec 

func (a AuthenticatorFacade) VerifyOneWithSpec(userID string, authenticatorType apimodel.AuthenticatorType, infos []*authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (info *authenticator.Info, verifyResult *service.VerifyResult, err error)

func (AuthenticatorFacade) VerifyWithSpec 

func (a AuthenticatorFacade) VerifyWithSpec(info *authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (verifyResult *service.VerifyResult, err error)

func (AuthenticatorFacade) WithSpec 

func (a AuthenticatorFacade) WithSpec(authenticatorInfo *authenticator.Info, spec *authenticator.Spec) (changed bool, info *authenticator.Info, err error)

type AuthenticatorService 

type AuthenticatorService interface {
	Get(id string) (*authenticator.Info, error)
	List(userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)
	New(spec *authenticator.Spec) (*authenticator.Info, error)
	NewWithAuthenticatorID(authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)
	WithSpec(authenticatorInfo *authenticator.Info, spec *authenticator.Spec) (changed bool, info *authenticator.Info, err error)
	Create(authenticatorInfo *authenticator.Info) error
	Update(authenticatorInfo *authenticator.Info) error
	Delete(authenticatorInfo *authenticator.Info) error
	VerifyOneWithSpec(userID string, authenticatorType model.AuthenticatorType, infos []*authenticator.Info, spec *authenticator.Spec, options *service.VerifyOptions) (info *authenticator.Info, verifyResult *service.VerifyResult, err error)
	UpdateOrphans(oldInfo *identity.Info, newInfo *identity.Info) error
	RemoveOrphans(identities []*identity.Info) error
	ClearLockoutAttempts(userID string, usedMethods []config.AuthenticationLockoutMethod) error
}

type Coordinator 

type Coordinator struct {
	Events                     EventService
	Identities                 IdentityService
	Authenticators             AuthenticatorService
	Verification               VerificationService
	MFA                        MFAService
	UserCommands               UserCommands
	UserQueries                UserQueries
	RolesGroupsCommands        RolesGroupsCommands
	StdAttrsService            StdAttrsService
	PasswordHistory            PasswordHistoryStore
	OAuth                      OAuthService
	IDPSessions                IDPSessionManager
	OAuthSessions              OAuthSessionManager
	IdentityConfig             *config.IdentityConfig
	AccountDeletionConfig      *config.AccountDeletionConfig
	AccountAnonymizationConfig *config.AccountAnonymizationConfig
	Clock                      clock.Clock
}

Coordinator represents interaction between identities, authenticators, and other high-level features (such as verification). FIXME(interaction): This is used to avoid circular dependency between 

feature implementations. We should investigate a proper
resolution, as the interactions between features will
get complicated fast.

FIXME(mfa): remove all MFA recovery code when last secondary authenticator is 

removed, so that recovery codes are re-generated when setup again.

func (*Coordinator) AuthenticatorClearLockoutAttempts 

func (c *Coordinator) AuthenticatorClearLockoutAttempts(userID string, usedMethods []config.AuthenticationLockoutMethod) error

func (*Coordinator) AuthenticatorCreate 

func (c *Coordinator) AuthenticatorCreate(authenticatorInfo *authenticator.Info, markVerified bool) error

func (*Coordinator) AuthenticatorDelete 

func (c *Coordinator) AuthenticatorDelete(authenticatorInfo *authenticator.Info) error

func (*Coordinator) AuthenticatorGet 

func (c *Coordinator) AuthenticatorGet(id string) (*authenticator.Info, error)

func (*Coordinator) AuthenticatorList 

func (c *Coordinator) AuthenticatorList(userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)

func (*Coordinator) AuthenticatorNew 

func (c *Coordinator) AuthenticatorNew(spec *authenticator.Spec) (*authenticator.Info, error)

func (*Coordinator) AuthenticatorNewWithAuthenticatorID 

func (c *Coordinator) AuthenticatorNewWithAuthenticatorID(authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)

func (*Coordinator) AuthenticatorUpdate 

func (c *Coordinator) AuthenticatorUpdate(authenticatorInfo *authenticator.Info) error

func (*Coordinator) AuthenticatorVerifyOneWithSpec 

func (c *Coordinator) AuthenticatorVerifyOneWithSpec(userID string, authenticatorType model.AuthenticatorType, infos []*authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (info *authenticator.Info, verifyResult *service.VerifyResult, err error)

func (*Coordinator) AuthenticatorVerifyWithSpec 

func (c *Coordinator) AuthenticatorVerifyWithSpec(info *authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (verifyResult *service.VerifyResult, err error)

func (*Coordinator) AuthenticatorWithSpec 

func (c *Coordinator) AuthenticatorWithSpec(authenticatorInfo *authenticator.Info, spec *authenticator.Spec) (changed bool, info *authenticator.Info, err error)

func (*Coordinator) DeleteVerifiedClaimByAdmin 

func (c *Coordinator) DeleteVerifiedClaimByAdmin(claim *verification.Claim) error

func (*Coordinator) IdentityCheckDuplicated 

func (c *Coordinator) IdentityCheckDuplicated(info *identity.Info) (*identity.Info, error)

func (*Coordinator) IdentityCreate 

func (c *Coordinator) IdentityCreate(is *identity.Info) error

func (*Coordinator) IdentityDelete 

func (c *Coordinator) IdentityDelete(is *identity.Info) error

func (*Coordinator) IdentityGet 

func (c *Coordinator) IdentityGet(id string) (*identity.Info, error)

func (*Coordinator) IdentityListByClaim 

func (c *Coordinator) IdentityListByClaim(name string, value string) ([]*identity.Info, error)

func (*Coordinator) IdentityListByUser 

func (c *Coordinator) IdentityListByUser(userID string) ([]*identity.Info, error)

func (*Coordinator) IdentityNew 

func (c *Coordinator) IdentityNew(userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

func (*Coordinator) IdentitySearchBySpec 

func (c *Coordinator) IdentitySearchBySpec(spec *identity.Spec) (exactMatch *identity.Info, otherMatches []*identity.Info, err error)

func (*Coordinator) IdentityUpdate 

func (c *Coordinator) IdentityUpdate(oldInfo *identity.Info, newInfo *identity.Info) error

func (*Coordinator) IdentityUpdateWithSpec 

func (c *Coordinator) IdentityUpdateWithSpec(is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

func (*Coordinator) MFAConsumeRecoveryCode 

func (c *Coordinator) MFAConsumeRecoveryCode(rc *mfa.RecoveryCode) error

func (*Coordinator) MFACreateDeviceToken 

func (c *Coordinator) MFACreateDeviceToken(userID string, token string) (*mfa.DeviceToken, error)

func (*Coordinator) MFAGenerateDeviceToken 

func (c *Coordinator) MFAGenerateDeviceToken() string

func (*Coordinator) MFAGenerateRecoveryCodes 

func (c *Coordinator) MFAGenerateRecoveryCodes() []string

func (*Coordinator) MFAInvalidateAllDeviceTokens 

func (c *Coordinator) MFAInvalidateAllDeviceTokens(userID string) error

func (*Coordinator) MFAListRecoveryCodes 

func (c *Coordinator) MFAListRecoveryCodes(userID string) ([]*mfa.RecoveryCode, error)

func (*Coordinator) MFAReplaceRecoveryCodes 

func (c *Coordinator) MFAReplaceRecoveryCodes(userID string, codes []string) ([]*mfa.RecoveryCode, error)

func (*Coordinator) MFAVerifyDeviceToken 

func (c *Coordinator) MFAVerifyDeviceToken(userID string, token string) error

func (*Coordinator) MFAVerifyRecoveryCode 

func (c *Coordinator) MFAVerifyRecoveryCode(userID string, code string) (*mfa.RecoveryCode, error)

func (*Coordinator) MarkClaimVerifiedByAdmin 

func (c *Coordinator) MarkClaimVerifiedByAdmin(claim *verification.Claim) error

func (*Coordinator) MarkOOBIdentityVerified 

func (c *Coordinator) MarkOOBIdentityVerified(info *authenticator.Info) error

func (*Coordinator) UserAnonymize 

func (c *Coordinator) UserAnonymize(userID string, IsScheduledAnonymization bool) error

func (*Coordinator) UserCheckAnonymized 

func (c *Coordinator) UserCheckAnonymized(userID string) error

func (*Coordinator) UserDelete 

func (c *Coordinator) UserDelete(userID string, isScheduledDeletion bool) error

func (*Coordinator) UserDisable 

func (c *Coordinator) UserDisable(userID string, reason *string) error

func (*Coordinator) UserReenable 

func (c *Coordinator) UserReenable(userID string) error

func (*Coordinator) UserScheduleAnonymizationByAdmin 

func (c *Coordinator) UserScheduleAnonymizationByAdmin(userID string) error

func (*Coordinator) UserScheduleDeletionByAdmin 

func (c *Coordinator) UserScheduleDeletionByAdmin(userID string) error

func (*Coordinator) UserScheduleDeletionByEndUser 

func (c *Coordinator) UserScheduleDeletionByEndUser(userID string) error

func (*Coordinator) UserUnscheduleAnonymizationByAdmin 

func (c *Coordinator) UserUnscheduleAnonymizationByAdmin(userID string) error

func (*Coordinator) UserUnscheduleDeletionByAdmin 

func (c *Coordinator) UserUnscheduleDeletionByAdmin(userID string) error

type EventService 

type EventService interface {
	DispatchEventOnCommit(payload event.Payload) error
	DispatchEventImmediately(payload event.NonBlockingPayload) error
}

type IDPSessionManager 

type IDPSessionManager SessionManager

type IdentityFacade 

type IdentityFacade struct {
	Coordinator *Coordinator
}

func (IdentityFacade) CheckDuplicated 

func (i IdentityFacade) CheckDuplicated(info *identity.Info) (*identity.Info, error)

func (IdentityFacade) Create 

func (i IdentityFacade) Create(is *identity.Info) error

func (IdentityFacade) Delete 

func (i IdentityFacade) Delete(is *identity.Info) error

func (IdentityFacade) Get 

func (i IdentityFacade) Get(id string) (*identity.Info, error)

func (IdentityFacade) ListByClaim 

func (i IdentityFacade) ListByClaim(name string, value string) ([]*identity.Info, error)

func (IdentityFacade) ListByUser 

func (i IdentityFacade) ListByUser(userID string) ([]*identity.Info, error)

func (IdentityFacade) New 

func (i IdentityFacade) New(userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

func (IdentityFacade) SearchBySpec 

func (i IdentityFacade) SearchBySpec(spec *identity.Spec) (exactMatch *identity.Info, otherMatches []*identity.Info, err error)

func (IdentityFacade) Update 

func (i IdentityFacade) Update(oldInfo *identity.Info, newInfo *identity.Info) error

func (IdentityFacade) UpdateWithSpec 

func (i IdentityFacade) UpdateWithSpec(is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

type IdentityService 

type IdentityService interface {
	Get(id string) (*identity.Info, error)
	SearchBySpec(spec *identity.Spec) (exactMatch *identity.Info, otherMatches []*identity.Info, err error)
	ListByUser(userID string) ([]*identity.Info, error)
	ListByClaim(name string, value string) ([]*identity.Info, error)
	New(userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)
	UpdateWithSpec(is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)
	Create(is *identity.Info) error
	Update(info *identity.Info) error
	Delete(is *identity.Info) error
	CheckDuplicated(info *identity.Info) (*identity.Info, error)
}

type MFAFacade 

type MFAFacade struct {
	Coordinator *Coordinator
}

func (*MFAFacade) ConsumeRecoveryCode 

func (f *MFAFacade) ConsumeRecoveryCode(rc *mfa.RecoveryCode) error

func (*MFAFacade) CreateDeviceToken 

func (f *MFAFacade) CreateDeviceToken(userID string, token string) (*mfa.DeviceToken, error)

func (*MFAFacade) GenerateDeviceToken 

func (f *MFAFacade) GenerateDeviceToken() string

func (*MFAFacade) GenerateRecoveryCodes 

func (f *MFAFacade) GenerateRecoveryCodes() []string

func (*MFAFacade) InvalidateAllDeviceTokens 

func (f *MFAFacade) InvalidateAllDeviceTokens(userID string) error

func (*MFAFacade) ListRecoveryCodes 

func (f *MFAFacade) ListRecoveryCodes(userID string) ([]*mfa.RecoveryCode, error)

func (*MFAFacade) ReplaceRecoveryCodes 

func (f *MFAFacade) ReplaceRecoveryCodes(userID string, codes []string) ([]*mfa.RecoveryCode, error)

func (*MFAFacade) VerifyDeviceToken 

func (f *MFAFacade) VerifyDeviceToken(userID string, token string) error

func (*MFAFacade) VerifyRecoveryCode 

func (f *MFAFacade) VerifyRecoveryCode(userID string, code string) (*mfa.RecoveryCode, error)

type MFAService 

type MFAService interface {
	InvalidateAllRecoveryCode(userID string) error
	GenerateDeviceToken() string
	CreateDeviceToken(userID string, token string) (*mfa.DeviceToken, error)
	VerifyDeviceToken(userID string, token string) error
	InvalidateAllDeviceTokens(userID string) error
	VerifyRecoveryCode(userID string, code string) (*mfa.RecoveryCode, error)
	ConsumeRecoveryCode(rc *mfa.RecoveryCode) error
	GenerateRecoveryCodes() []string
	ReplaceRecoveryCodes(userID string, codes []string) ([]*mfa.RecoveryCode, error)
	ListRecoveryCodes(userID string) ([]*mfa.RecoveryCode, error)
}

type OAuthService 

type OAuthService interface {
	ResetAll(userID string) error
}

type OAuthSessionManager 

type OAuthSessionManager SessionManager

type PasswordHistoryStore 

type PasswordHistoryStore interface {
	ResetPasswordHistory(userID string) error
}

type RolesGroupsCommands 

type RolesGroupsCommands interface {
	DeleteUserGroup(userID string) error
	DeleteUserRole(userID string) error
}

type SessionManager 

type SessionManager interface {
	Delete(session session.Session) error
	List(userID string) ([]session.Session, error)
}

type StdAttrsService 

type StdAttrsService interface {
	PopulateIdentityAwareStandardAttributes(userID string) error
}

type UserCommands 

type UserCommands interface {
	UpdateAccountStatus(userID string, accountStatus user.AccountStatus) error
	Delete(userID string) error
	Anonymize(userID string) error
}

type UserFacade 

type UserFacade struct {
	UserProvider
	Coordinator *Coordinator
}

func (UserFacade) Anonymize 

func (u UserFacade) Anonymize(userID string) error

func (UserFacade) AnonymizeFromScheduledAnonymization 

func (u UserFacade) AnonymizeFromScheduledAnonymization(userID string) error

func (UserFacade) CheckUserAnonymized 

func (u UserFacade) CheckUserAnonymized(userID string) error

func (UserFacade) Delete 

func (u UserFacade) Delete(userID string) error

func (UserFacade) DeleteFromScheduledDeletion 

func (u UserFacade) DeleteFromScheduledDeletion(userID string) error

func (UserFacade) Disable 

func (u UserFacade) Disable(userID string, reason *string) error

func (UserFacade) Reenable 

func (u UserFacade) Reenable(userID string) error

func (UserFacade) ScheduleAnonymizationByAdmin 

func (u UserFacade) ScheduleAnonymizationByAdmin(userID string) error

func (UserFacade) ScheduleDeletionByAdmin 

func (u UserFacade) ScheduleDeletionByAdmin(userID string) error

func (UserFacade) ScheduleDeletionByEndUser 

func (u UserFacade) ScheduleDeletionByEndUser(userID string) error

func (UserFacade) UnscheduleAnonymizationByAdmin 

func (u UserFacade) UnscheduleAnonymizationByAdmin(userID string) error

func (UserFacade) UnscheduleDeletionByAdmin 

func (u UserFacade) UnscheduleDeletionByAdmin(userID string) error

type UserProvider 

type UserProvider interface {
	Create(userID string) (*user.User, error)
	GetRaw(id string) (*user.User, error)
	Count() (uint64, error)
	QueryPage(listOption user.ListOptions, pageArgs graphqlutil.PageArgs) ([]apimodel.PageItemRef, error)
}

type UserQueries 

type UserQueries interface {
	GetRaw(userID string) (*user.User, error)
	Get(userID string, role accesscontrol.Role) (*model.User, error)
}

type VerificationService 

type VerificationService interface {
	GetClaims(userID string) ([]*verification.Claim, error)
	GetClaimStatus(userID string, claimName model.ClaimName, claimValue string) (*verification.ClaimStatus, error)
	GetIdentityVerificationStatus(i *identity.Info) ([]verification.ClaimStatus, error)
	NewVerifiedClaim(userID string, claimName string, claimValue string) *verification.Claim
	MarkClaimVerified(claim *verification.Claim) error
	DeleteClaim(claim *verification.Claim) error
	RemoveOrphanedClaims(userID string, identities []*identity.Info, authenticators []*authenticator.Info) error
	ResetVerificationStatus(userID string) error
}

type VerifyOptions 

type VerifyOptions struct {
	OOBChannel            *apimodel.AuthenticatorOOBChannel
	UseSubmittedValue     bool
	AuthenticationDetails *AuthenticationDetails
}

type WorkflowVerificationFacade 

type WorkflowVerificationFacade struct {
	Verification VerificationService
}

func (WorkflowVerificationFacade) GetClaimStatus 

func (v WorkflowVerificationFacade) GetClaimStatus(userID string, claimName model.ClaimName, claimValue string) (*verification.ClaimStatus, error)

func (WorkflowVerificationFacade) GetIdentityVerificationStatus 

func (v WorkflowVerificationFacade) GetIdentityVerificationStatus(i *identity.Info) ([]verification.ClaimStatus, error)

func (WorkflowVerificationFacade) MarkClaimVerified 

func (v WorkflowVerificationFacade) MarkClaimVerified(claim *verification.Claim) error

func (WorkflowVerificationFacade) NewVerifiedClaim 

func (v WorkflowVerificationFacade) NewVerifiedClaim(userID string, claimName string, claimValue string) *verification.Claim

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.