Documentation ¶
Index ¶
- Constants
- Variables
- func Version() string
- type LoginForm
- type RegistrationForm
- type Render
- type Server
- func (s *Server) Available() gin.HandlerFunc
- func (s *Server) BeginLogin(c *gin.Context)
- func (s *Server) BeginRegistration(c *gin.Context)
- func (s *Server) FinishLogin(c *gin.Context)
- func (s *Server) FinishRegistration(c *gin.Context)
- func (s *Server) Healthz(c *gin.Context)
- func (s *Server) Index(c *gin.Context)
- func (s *Server) Login(c *gin.Context)
- func (s *Server) NotAllowed(c *gin.Context)
- func (s *Server) NotFound(c *gin.Context)
- func (s *Server) Readyz(c *gin.Context)
- func (s *Server) Register(c *gin.Context)
- func (s *Server) Serve() (err error)
- func (s *Server) SetStatus(health, ready bool)
- func (s *Server) Shutdown() error
- func (s *Server) Status(c *gin.Context)
- func (s *Server) URL() string
- type User
- func (u *User) AddCredential(cred webauthn.Credential)
- func (u *User) CredentialExcludeList() []protocol.CredentialDescriptor
- func (u *User) WebAuthnCredentials() []webauthn.Credential
- func (u *User) WebAuthnDisplayName() string
- func (u *User) WebAuthnID() []byte
- func (u *User) WebAuthnIcon() string
- func (u *User) WebAuthnName() string
- type UserList
- type Users
- type WebData
Constants ¶
const ( VersionMajor = 0 VersionMinor = 2 VersionPatch = 0 VersionReleaseLevel = "alpha" VersionReleaseNumber = 2 )
Version component constants for the current build.
Variables ¶
var ( ErrUserNotFound = errors.New("user not found") ErrUserAlreadyExists = errors.New("user already exists") ErrUnknownIDType = errors.New("unknown user ID type must be uuid") )
var GitVersion string
Set the GitVersion via -ldflags="-X 'github.com/bbengfort/yubikey.GitVersion=$(git rev-parse --short HEAD)'"
Functions ¶
Types ¶
type RegistrationForm ¶
type Server ¶
func (*Server) Available ¶
func (s *Server) Available() gin.HandlerFunc
Available is middleware that uses the healthy boolean to return a service unavailable http status code if the server is shutting down. It does this before all routes to ensure that complex handling doesn't bog down the server.
func (*Server) BeginLogin ¶
func (*Server) BeginRegistration ¶
func (*Server) FinishLogin ¶
func (*Server) FinishRegistration ¶
func (*Server) NotAllowed ¶
func (*Server) SetStatus ¶
SetHealth sets the health status on the API server, putting it into unavailable mode if health is false, and removing maintenance mode if health is true. Here primarily for testing purposes since it is unlikely an outside caller can access this.
func (*Server) Status ¶
Status is an unauthenticated endpoint that returns the status of the api server and can be used for heartbeats and liveness checks. This status method is the global status method, meaning it returns the latest version of the whipser service, no matter how many API versions are available.
type User ¶
type User struct { sync.RWMutex ID uuid.UUID Name string Email string // contains filtered or unexported fields }
func (*User) AddCredential ¶
func (u *User) AddCredential(cred webauthn.Credential)
func (*User) CredentialExcludeList ¶
func (u *User) CredentialExcludeList() []protocol.CredentialDescriptor
func (*User) WebAuthnCredentials ¶
func (u *User) WebAuthnCredentials() []webauthn.Credential
WebAuthnCredentials provides the list of Credential objects owned by the user.
func (*User) WebAuthnDisplayName ¶
WebAuthnDisplayName provides the name attribute of the user account during registration and is a human-palatable name for the user account, intended only for display. For example, "Alex Müller" or "田中倫". The Relying Party SHOULD let the user choose this, and SHOULD NOT restrict the choice more than necessary.
Specification: §5.4.3. User Account Parameters for Credential Generation (https://www.w3.org/TR/webauthn/#dom-publickeycredentialuserentity-displayname)
func (*User) WebAuthnID ¶
WebAuthnID provides the user handle of the user account. A user handle is an opaque byte sequence with a maximum size of 64 bytes, and is not meant to be displayed to the user.
To ensure secure operation, authentication and authorization decisions MUST be made on the basis of this id member, not the displayName nor name members. See Section 6.1 of [RFC8266].
It's recommended this value is completely random and uses the entire 64 bytes.
Specification: §5.4.3. User Account Parameters for Credential Generation (https://w3c.github.io/webauthn/#dom-publickeycredentialuserentity-id)
func (*User) WebAuthnIcon ¶
WebAuthnIcon is a deprecated option. Deprecated: this has been removed from the specification recommendation. Suggest a blank string.
func (*User) WebAuthnName ¶
WebAuthnName provides the name attribute of the user account during registration and is a human-palatable name for the user account, intended only for display. For example, "Alex Müller" or "田中倫". The Relying Party SHOULD let the user choose this, and SHOULD NOT restrict the choice more than necessary.
Specification: §5.4.3. User Account Parameters for Credential Generation (https://w3c.github.io/webauthn/#dictdef-publickeycredentialuserentity)
type Users ¶
func (*Users) CredentialExists ¶
func (db *Users) CredentialExists(creds *webauthn.Credential) bool