community: github.com/documize/community/model/auth Index | Files

package auth

import "github.com/documize/community/model/auth"

Index

Package Files

auth.go cas.go keycloak.go ldap.go

Constants

const (
    // AuthProviderDocumize is email/password based
    AuthProviderDocumize = "documize"

    // AuthProviderKeycloak performs login and user sync with external provider
    AuthProviderKeycloak = "keycloak"

    // AuthProviderLDAP performs login and user sync with external provider
    AuthProviderLDAP = "ldap"
)
const (
    // ServerTypeLDAP represents a generic LDAP server OpenLDAP.
    ServerTypeLDAP = "ldap"
    // ServerTypeAD represents Microsoft Active Directory server.
    ServerTypeAD = "ad"
)
const (
    // EncryptionTypeNone is none.
    EncryptionTypeNone = "none"

    // EncryptionTypeStartTLS is using start TLS.
    EncryptionTypeStartTLS = "starttls"
)
const (
    // MaxPageSize controls how many query results are
    // fetched at once from the LDAP server.
    // See https://answers.splunk.com/answers/1538/what-is-ldap-error-size-limit-exceeded.html
    MaxPageSize = 250
)

type AuthenticationModel Uses

type AuthenticationModel struct {
    Token string    `json:"token"`
    User  user.User `json:"user"`
}

AuthenticationModel details authentication token and user details.

type CASAuthRequest Uses

type CASAuthRequest struct {
    Ticket string `json:"ticket"`
    Domain string `json:"domain"`
}

CASAuthRequest data received via CAS client library

type CASConfig Uses

type CASConfig struct {
    URL         string `json:"url"`
    RedirectURL string `json"redirectUrl"`
}

CASConfig server configuration

type EncryptionType Uses

type EncryptionType string

EncryptionType determines encryption method for LDAP connection.EncryptionType

type KeycloakAPIAuth Uses

type KeycloakAPIAuth struct {
    AccessToken string `json:"access_token"`
}

KeycloakAPIAuth is returned when authenticating with Keycloak REST API.

type KeycloakAuthRequest Uses

type KeycloakAuthRequest struct {
    Domain    string `json:"domain"`
    Token     string `json:"token"`
    RemoteID  string `json:"remoteId"`
    Email     string `json:"email"`
    Username  string `json:"username"`
    Firstname string `json:"firstname"`
    Lastname  string `json:"lastname"`
    Enabled   bool   `json:"enabled"`
}

KeycloakAuthRequest data received via Keycloak client library

type KeycloakConfig Uses

type KeycloakConfig struct {
    URL                       string `json:"url"`
    Realm                     string `json:"realm"`
    ClientID                  string `json:"clientId"`
    PublicKey                 string `json:"publicKey"`
    AdminUser                 string `json:"adminUser"`
    AdminPassword             string `json:"adminPassword"`
    Group                     string `json:"group"`
    DisableLogout             bool   `json:"disableLogout"`
    DefaultPermissionAddSpace bool   `json:"defaultPermissionAddSpace"`
}

KeycloakConfig server configuration

type KeycloakUser Uses

type KeycloakUser struct {
    ID        string `json:"id"`
    Username  string `json:"username"`
    Email     string `json:"email"`
    Firstname string `json:"firstName"`
    Lastname  string `json:"lastName"`
    Enabled   bool   `json:"enabled"`
}

KeycloakUser details user record returned by Keycloak

type LDAPConfig Uses

type LDAPConfig struct {
    ServerHost                string         `json:"serverHost"`
    ServerPort                int            `json:"serverPort"`
    ServerType                ServerType     `json:"serverType"`
    EncryptionType            EncryptionType `json:"encryptionType"`
    BaseDN                    string         `json:"baseDN"`
    BindDN                    string         `json:"bindDN"`
    BindPassword              string         `json:"bindPassword"`
    UserFilter                string         `json:"userFilter"`
    GroupFilter               string         `json:"groupFilter"`
    DisableLogout             bool           `json:"disableLogout"`
    DefaultPermissionAddSpace bool           `json:"defaultPermissionAddSpace"`
    AllowFormsAuth            bool           `json:"allowFormsAuth"`           // enable dual login via LDAP + email/password
    AttributeUserRDN          string         `json:"attributeUserRDN"`         // usually uid (LDAP) or sAMAccountName (AD)
    AttributeUserFirstname    string         `json:"attributeUserFirstname"`   // usually givenName
    AttributeUserLastname     string         `json:"attributeUserLastname"`    // usually sn
    AttributeUserEmail        string         `json:"attributeUserEmail"`       // usually mail
    AttributeUserDisplayName  string         `json:"attributeUserDisplayName"` // usually displayName
    AttributeUserGroupName    string         `json:"attributeUserGroupName"`   // usually memberOf
    AttributeGroupMember      string         `json:"attributeGroupMember"`     // usually member
}

LDAPConfig that specifies LDAP server connection details and query filters.

func (*LDAPConfig) Clean Uses

func (c *LDAPConfig) Clean()

Clean ensures configuration data is formatted correctly.

func (*LDAPConfig) GetGroupFilterAttributes Uses

func (c *LDAPConfig) GetGroupFilterAttributes() []string

GetGroupFilterAttributes gathers the fields that can be requested when executing a group-based object filter.

func (*LDAPConfig) GetUserFilterAttributes Uses

func (c *LDAPConfig) GetUserFilterAttributes() []string

GetUserFilterAttributes gathers the fields that can be requested when executing a user-based object filter.

type LDAPUser Uses

type LDAPUser struct {
    RemoteID  string `json:"remoteId"`
    CN        string `json:"cn"`
    Email     string `json:"email"`
    Firstname string `json:"firstName"`
    Lastname  string `json:"lastName"`
}

LDAPUser details user record returned by LDAP

type ServerType Uses

type ServerType string

ServerType identifies the LDAP server type

Package auth imports 2 packages (graph) and is imported by 4 packages. Updated 2019-10-06. Refresh now. Tools for package owners.