iam

package
v0.0.0-...-2754675 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2021 License: MIT Imports: 42 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AuthorizationMetadataKey    = "Authorization"
	AuthorizationMetadataKeyAlt = "authorization"
)

Used in API call metadata: HTTP header and gRPC call metadata

View Source 
const (
	// AccessTokenTTLDefault is the active duration for an access token.
	//
	// We might want to make this configurable.
	AccessTokenTTLDefault = 20 * time.Minute
	// AccessTokenTTLDefaultInSeconds is a shortcut to get AccessTokenTTLDefault in seconds.
	AccessTokenTTLDefaultInSeconds = int64(AccessTokenTTLDefault / time.Second)
)
View Source 
const (
	TerminalVerificationResourceTypePhoneNumber  = "phone-number"
	TerminalVerificationResourceTypeEmailAddress = "email-address"

	TerminalVerificationResourceTypeOAuthAuthorizationCode = "oauth2-authorization-code"
	TerminalVerificationResourceTypeOAuthImplicit          = "oauth2-implicit"
	TerminalVerificationResourceTypeOAuthClientCredentials = "oauth2-client-credentials"
)
View Source 
const AuthorizationInstanceIDZero = AuthorizationInstanceID(0)
View Source 
const ClientIDZero = ClientID(0)

ClientIDZero is the default value for a ClientID. ClientIDZero never represent valid client.

View Source 
const RefreshTokenTTLDefault = 30 * 24 * time.Hour

RefreshTokenTTLDefault is the active duration for a refresh token.

We might want to make this configurable.

View Source 
const TerminalIDZero = TerminalID(0)
View Source 
const UserIDZero = UserID(0)

UserIDZero is the default value. This value is invalid for UserID.

Variables

View Source 
var (
	ErrReqFieldAuthorizationMalformed = ReqFieldErr("Authorization", dataerrs.ErrMalformed)

	ErrReqFieldAuthorizationTypeUnsupported = ReqFieldErr("Authorization", dataerrs.ErrTypeUnsupported)

	ErrAuthorizationCodeAlreadyClaimed = errors.EntMsg("authorization code", "already claimed")
)
View Source 
var (
	ErrAuthorizationRequired = accesserrs.Msg("authorization context required")
	ErrAuthorizationInvalid  = accesserrs.Msg("authorization invalid")

	ErrUserContextRequired          = accesserrs.Msg("user context required")
	ErrServiceClientContextRequired = accesserrs.Msg("service client context required")

	ErrContextUserNotAllowedToPerformActionOnResource = accesserrs.Msg("context user is not allowed perform action on the target resource")
	ErrContextUserNotAllowedToAccessToOthersResource  = accesserrs.Msg("context user is not allowed to access to other's resource")
)
View Source 
var (
	ErrTerminalVerificationCodeMismatch = errors.EntMsg("terminal verification code", "mismatch")
	ErrTerminalVerificationCodeExpired  = errors.EntMsg("terminal verification code", "expired")

	ErrTerminalVerificationResourceConflict = errors.EntMsg("terminal verification resource", "conflict")

	ErrTerminalVerificationResourceNameInvalid = errors.Ent("terminal verification resource name", nil)
)
View Source 
var (
	ErrUserIDStringInvalid        = errors.Ent("user ID string", nil)
	ErrServiceUserIDStringInvalid = errors.Ent("service user ID string", nil)
)
View Source 
var AuthorizationIDZero = AuthorizationID{}
View Source 
var (
	ErrUserPrimaryPhoneNumberConflict = errors.EntMsg("user primary phone number", "conflict")
)

Functions

func IsValidEmailAddress 

func IsValidEmailAddress(str string) bool

func ReqFieldErr 

func ReqFieldErr(fieldName string, err error) error

func ReqFieldErrMsg 

func ReqFieldErrMsg(fieldName, errMsg string) error

func UseAuthorizationIDV0Enconding 

func UseAuthorizationIDV0Enconding()

func UseClientIDV0Enconding 

func UseClientIDV0Enconding()

func UseTerminalIDV0Enconding 

func UseTerminalIDV0Enconding()

func UseUserIDV0Enconding 

func UseUserIDV0Enconding()

Types

type AccessTokenClaims 

type AccessTokenClaims struct {
	jwt.Claims

	AuthorizedParty string `json:"azp,omitempty"`
	SubType         string `json:"sub_type,omitempty"`
	TerminalID      string `json:"terminal_id,omitempty"`
}

func (AccessTokenClaims) Valid 

func (claims AccessTokenClaims) Valid() error

TODO: unused. remove this.

type Actor 

type Actor struct {
	// UserID is the ID of the user who performed the action. This might be
	// empty if the action was performed by non-user-representing agent.
	UserID UserID
	// TerminalID is the ID of the terminal where the action was initiated
	// from.
	TerminalID TerminalID
}

Actor provides information about who or what performed an action.

TODO: assuming actor

type App 

type App struct {
	app.App
	ServiceClient
}

func NewAppSimple 

func NewAppSimple(envVarPrefix string) (*App, error)

type Authorization 

type Authorization struct {
	// If this context is an assumed context, this field
	// holds info about the assuming context.
	AssumingAuthorization *Authorization `json:"assuming_authorization,omitempty"`

	// AuthorizationID holds the ID of the token where
	// this context was loaded from. An AuthorizationID is unique across
	// the system and could be used as session identifier.
	AuthorizationID AuthorizationID `json:"jti,omitempty"`

	// If the authorized party represents a user, this
	// filed holds the ID of the authorized user.
	UserID UserID `json:"sub,omitempty"`
	// contains filtered or unexported fields
}

Authorization is generally used to provide authorization information for call or request. An Authorization is usually obtained from authorization token / access token provided along the request / call.

func (Authorization) Actor 

func (authCtx Authorization) Actor() Actor

func (Authorization) ClientID 

func (authCtx Authorization) ClientID() ClientID

func (Authorization) IsNotValid 

func (authCtx Authorization) IsNotValid() bool

func (Authorization) IsServiceClientContext 

func (authCtx Authorization) IsServiceClientContext() bool

func (Authorization) IsUserContext 

func (authCtx Authorization) IsUserContext() bool

IsUserContext is used to determine if this context represents a user.

func (Authorization) IsValid 

func (authCtx Authorization) IsValid() bool

func (Authorization) RawToken 

func (authCtx Authorization) RawToken() string

RawToken returns the token where this instance of Authorization was parsed from.

func (Authorization) TerminalID 

func (authCtx Authorization) TerminalID() TerminalID

func (Authorization) TerminalIDPtr 

func (authCtx Authorization) TerminalIDPtr() *TerminalID

TerminalIDPtr returns a pointer to a new copy of terminal ID. The returned value is non-nil when the terminal ID is valid.

func (Authorization) UserIDPtr 

func (authCtx Authorization) UserIDPtr() *UserID

UserIDPtr returns a pointer to a new copy of user ID. The returned value is non-nil when the user ID is valid.

type AuthorizationID 

type AuthorizationID struct {
	TerminalID TerminalID
	InstanceID AuthorizationInstanceID
}

func AuthorizationIDFromString 

func AuthorizationIDFromString(s string) (AuthorizationID, error)

func (AuthorizationID) ClientID 

func (authzID AuthorizationID) ClientID() ClientID

func (AuthorizationID) IsNotValid 

func (authzID AuthorizationID) IsNotValid() bool

func (AuthorizationID) IsValid 

func (authzID AuthorizationID) IsValid() bool

func (AuthorizationID) MarshalJSON 

func (authzID AuthorizationID) MarshalJSON() ([]byte, error)

func (AuthorizationID) String 

func (authzID AuthorizationID) String() string

func (*AuthorizationID) UnmarshalJSON 

func (authzID *AuthorizationID) UnmarshalJSON(b []byte) error

type AuthorizationInstanceID 

type AuthorizationInstanceID int64

AuthorizationInstanceID is a type which holds an instance ID of an authorization.

TODO: use 32bit integer instead as we are scoped within terminal ID

func (AuthorizationInstanceID) IsNotValid 

func (authInstID AuthorizationInstanceID) IsNotValid() bool

func (AuthorizationInstanceID) IsValid 

func (authInstID AuthorizationInstanceID) IsValid() bool

type CallContext 

type CallContext interface {
	api.CallContext
	Authorization() Authorization
	IsUserContext() bool
}

CallContext provides call-scoped information.

func NewEmptyCallContext 

func NewEmptyCallContext(ctx context.Context) CallContext

type Client 

type Client struct {
	ID                ClientID
	DisplayName       string
	Secret            string
	PlatformType      string // only for user-agent types
	RequiredScopes    []string
	OAuth2RedirectURI []string
}

func (Client) HasOAuth2RedirectURI 

func (cl Client) HasOAuth2RedirectURI(redirectURI string) bool

type ClientDataProvider 

type ClientDataProvider interface {
	GetClient(id ClientID) (*Client, error)
}

type ClientID 

type ClientID int32

ClientID is the primary way to identify a client within the system.

Currently we are using 32bit integer to store it. This should be enough for most use cases. This might change if there's any real case needing us to use type with higher capacity.

func ClientIDFromString 

func ClientIDFromString(s string) (ClientID, error)

func GenerateClientID 

func GenerateClientID(clientTyp string) ClientID

GenerateClientID generates a new ClientID. Note that this function is not consulting any database. To ensure that the generated ClientID is unique, check the client database.

func (ClientID) IsConfidential 

func (clientID ClientID) IsConfidential() bool

func (ClientID) IsNotValid 

func (clientID ClientID) IsNotValid() bool

func (ClientID) IsPublic 

func (clientID ClientID) IsPublic() bool

func (ClientID) IsService 

func (clientID ClientID) IsService() bool

func (ClientID) IsUserAgent 

func (clientID ClientID) IsUserAgent() bool

func (ClientID) IsValid 

func (clientID ClientID) IsValid() bool

func (ClientID) String 

func (clientID ClientID) String() string

type EmailAddress 

type EmailAddress struct {
	// contains filtered or unexported fields
}

func EmailAddressFromString 

func EmailAddressFromString(str string) (EmailAddress, error)

func (EmailAddress) DomainPart 

func (emailAddress EmailAddress) DomainPart() string

func (EmailAddress) IsValid 

func (emailAddress EmailAddress) IsValid() bool

TODO: at least common address convention

func (EmailAddress) LocalPart 

func (emailAddress EmailAddress) LocalPart() string

func (EmailAddress) RawInput 

func (emailAddress EmailAddress) RawInput() string

func (EmailAddress) String 

func (emailAddress EmailAddress) String() string

type Error 

type Error struct {
	Msg string
	Err error
}

func (*Error) Error 

func (e *Error) Error() string

type GRPCCallContext 

type GRPCCallContext struct {
	CallContext
}

type GRPCServiceClient 

type GRPCServiceClient interface {
	// AuthorizedOutgoingGRPCContext returns a new instance of Context with
	// authorization information set. If baseContext is valid, this method
	// will use it as the parent context, otherwise, this method will create
	// a Background context.
	AuthorizedOutgoingGRPCContext(
		baseContext context.Context,
	) context.Context
}

GRPCServiceClient is the interface specialized for GRPC.

type GRPCServiceClientServer 

type GRPCServiceClientServer interface {
	// GRPCCallContext loads authorization context from
	// gRPC call context.
	GRPCCallContext(
		grpcContext context.Context,
	) (*GRPCCallContext, error)
}

GRPCServiceClientServer is an interface which contains utilities for IAM service clients to handle requests from other clients.

type IAMService 

type IAMService interface {
	ServiceClient

	UserService

	TerminalService

	// This below is reserverd for S2S services.
	UserTerminalService
}

type JWTKeyChain 

type JWTKeyChain struct {
	// contains filtered or unexported fields
}

func NewJWTKeyChainFromFiles 

func NewJWTKeyChainFromFiles(
	privateKeyFilename string,
	publicKeyFilenamePattern string,
) (*JWTKeyChain, error)

func (JWTKeyChain) CanSign 

func (jwtKeyChain JWTKeyChain) CanSign() bool

func (JWTKeyChain) GetSignedVerifierKey 

func (jwtKeyChain JWTKeyChain) GetSignedVerifierKey(keyID string) interface{}

func (JWTKeyChain) GetSigner 

func (jwtKeyChain JWTKeyChain) GetSigner() (jose.Signer, error)

func (JWTKeyChain) JWKSet 

func (jwtKeyChain JWTKeyChain) JWKSet() jose.JSONWebKeySet

func (*JWTKeyChain) LoadVerifierKeysFromJWKSetByURL 

func (jwtKeyChain *JWTKeyChain) LoadVerifierKeysFromJWKSetByURL(jwksURL string) (int, error)

type OAuth2AuthorizePostResponse 

type OAuth2AuthorizePostResponse struct {
	RedirectURI string `json:"redirect_uri"`
}

The OAuth2AuthorizePostResponse is used for responding successful POST /authorize request.

type OAuth2TokenResponse 

type OAuth2TokenResponse struct {
	oauth2.TokenResponse

	UserID string `json:"user_id,omitempty" schema:"user_id,omitempty"`

	TerminalID     string `json:"terminal_id,omitempty" schema:"terminal_id,omitempty"`
	TerminalSecret string `json:"terminal_secret,omitempty" schema:"terminal_secret,omitempty"`
}

type PhoneNumber 

type PhoneNumber struct {
	// contains filtered or unexported fields
}

PhoneNumber represents a phone number as we need.

func NewPhoneNumber 

func NewPhoneNumber(countryCode int32, nationalNumber int64) PhoneNumber

func PhoneNumberFromString 

func PhoneNumberFromString(phoneNumberStr string) (PhoneNumber, error)

func (PhoneNumber) CountryCode 

func (phoneNumber PhoneNumber) CountryCode() int32

func (PhoneNumber) IsValid 

func (phoneNumber PhoneNumber) IsValid() bool

func (PhoneNumber) NationalNumber 

func (phoneNumber PhoneNumber) NationalNumber() int64

func (PhoneNumber) RawInput 

func (phoneNumber PhoneNumber) RawInput() string

func (PhoneNumber) String 

func (phoneNumber PhoneNumber) String() string

TODO: get E.164 string TODO: consult the standards

type ProjectID 

type ProjectID int32

ProjectID identifies a project accross the system.

type RESTRequestContext 

type RESTRequestContext struct {
	CallContext
	Request *http.Request
}

func (*RESTRequestContext) HTTPRequest 

func (reqCtx *RESTRequestContext) HTTPRequest() *http.Request

func (*RESTRequestContext) MethodName 

func (reqCtx *RESTRequestContext) MethodName() string

type RESTServiceClient 

type RESTServiceClient interface {
	// AuthorizedOutgoingHTTPRequestHeader returns a new instance of http.Header
	// with authorization information set. If baseHeader is proivded, this method
	// will merge it into the returned value.
	AuthorizedOutgoingHTTPRequestHeader(
		baseHeader http.Header,
	) http.Header
}

RESTServiceClient is the interface specialized for REST.

type RESTServiceClientServer 

type RESTServiceClientServer interface {
	// RESTRequestContext returns a RESTRequestContext instance for the request.
	// This function will always return an instance even if there's an error.
	RESTRequestContext(*http.Request) (*RESTRequestContext, error)
}

RESTServiceClientServer is an interface which contains utilities for IAM service clients to handle requests from other clients.

type RefreshTokenClaims 

type RefreshTokenClaims struct {
	ExpiresAt      int64  `json:"exp,omitempty"`
	NotBefore      int64  `json:"nbf,omitempty"`
	TerminalID     string `json:"terminal_id,omitempty"`
	TerminalSecret string `json:"terminal_secret,omitempty"`
}

func (RefreshTokenClaims) Valid 

func (claims RefreshTokenClaims) Valid() error

Valid is provided as required for claims. Do not use this method.

type ServiceClient 

type ServiceClient interface {
	ServiceClientServer

	GRPCServiceClient
	RESTServiceClient

	ServiceClientAuth

	// ServerBaseURL returns the base URL of the IAM server this client
	// will connect to.
	ServerBaseURL() string

	// TerminalID returns the terminal ID of the client instance after
	// successful authentication with IAM server.
	TerminalID() TerminalID
}

func NewServiceClient 

func NewServiceClient(
	serviceClientConfig *ServiceClientConfig,
	jwtKeyChain *JWTKeyChain,
	userAccountStateService UserAccountStateService,
) (ServiceClient, error)

func NewServiceClientSimple 

func NewServiceClientSimple(instID string, envPrefix string) (ServiceClient, error)

type ServiceClientAuth 

type ServiceClientAuth interface {
	// AuthenticateServiceClient authenticates current application as a
	// service which will grant access to S2S API as configured on the
	// IAM service server.
	AuthenticateServiceClient(
		serviceInstanceID string,
	) (terminalID TerminalID, err error)

	// AccessTokenByAuthorizationCodeGrant obtains access token by providing
	// authorization code returned from a 3-legged authorization flow
	// (the authorization code flow).
	AccessTokenByAuthorizationCodeGrant(
		authorizationCode string,
	) (accessToken string, err error)
}

type ServiceClientConfig 

type ServiceClientConfig struct {
	ServerBaseURL string                   `env:",required"`
	Credentials   ServiceClientCredentials `env:",squash"`
}

func ServiceClientConfigFromEnv 

func ServiceClientConfigFromEnv(
	prefix string, def *ServiceClientConfig,
) (*ServiceClientConfig, error)

type ServiceClientCore 

type ServiceClientCore struct {
	ServiceClientServer
	// contains filtered or unexported fields
}

func (*ServiceClientCore) AccessTokenByAuthorizationCodeGrant 

func (svcClient *ServiceClientCore) AccessTokenByAuthorizationCodeGrant(
	authorizationCode string,
) (accessToken string, err error)

AccessTokenByAuthorizationCodeGrant conforms ServiceClientAuth.

func (*ServiceClientCore) AuthenticateServiceClient 

func (svcClient *ServiceClientCore) AuthenticateServiceClient(
	serviceInstanceID string,
) (terminalID TerminalID, err error)

func (*ServiceClientCore) AuthorizedOutgoingGRPCContext 

func (svcClient *ServiceClientCore) AuthorizedOutgoingGRPCContext(
	baseContext context.Context,
) context.Context

AuthorizedOutgoingGRPCContext returns a new instance of Context with authorization information set. If baseContext is valid, this method will use it as the parent context, otherwise, this method will create a Background context.

func (*ServiceClientCore) AuthorizedOutgoingHTTPRequestHeader 

func (svcClient *ServiceClientCore) AuthorizedOutgoingHTTPRequestHeader(
	baseHeader http.Header,
) http.Header

AuthorizedOutgoingHTTPRequestHeader returns a new instance of http.Header with authorization information set. If baseHeader is proivded, this method will merge it into the returned value.

func (*ServiceClientCore) ServerBaseURL 

func (svcClient *ServiceClientCore) ServerBaseURL() string

func (*ServiceClientCore) TerminalID 

func (svcClient *ServiceClientCore) TerminalID() TerminalID

type ServiceClientCredentials 

type ServiceClientCredentials struct {
	ClientID     string `env:",required"`
	ClientSecret string
}

type ServiceClientServer 

type ServiceClientServer interface {
	// AuthorizationFromJWTString loads authorization context from a JWT
	// string.
	AuthorizationFromJWTString(
		jwtStr string,
	) (*Authorization, error)

	// JWTKeyChain returns instance of key chain used to sign JWT tokens.
	JWTKeyChain() *JWTKeyChain

	GRPCServiceClientServer
	RESTServiceClientServer
}

ServiceClientServer is an interface which contains utilities for IAM service clients to handle requests from other IAM service clients.

func NewServiceClientServer 

func NewServiceClientServer(
	jwtKeyChain *JWTKeyChain,
	userAccountStateService UserAccountStateService,
) (ServiceClientServer, error)

type ServiceClientServerCore 

type ServiceClientServerCore struct {
	// contains filtered or unexported fields
}

func (*ServiceClientServerCore) AuthorizationFromJWTString 

func (svcClServer *ServiceClientServerCore) AuthorizationFromJWTString(
	jwtStr string,
) (*Authorization, error)

func (*ServiceClientServerCore) GRPCCallContext 

func (svcClServer *ServiceClientServerCore) GRPCCallContext(
	grpcCallCtx context.Context,
) (*GRPCCallContext, error)

func (*ServiceClientServerCore) GetSignedVerifierKey 

func (svcClServer *ServiceClientServerCore) GetSignedVerifierKey(keyID string) interface{}

Shortcut

func (*ServiceClientServerCore) JWTKeyChain 

func (svcClServer *ServiceClientServerCore) JWTKeyChain() *JWTKeyChain

func (*ServiceClientServerCore) RESTRequestContext 

func (svcClServer *ServiceClientServerCore) RESTRequestContext(
	req *http.Request,
) (*RESTRequestContext, error)

type TerminalID 

type TerminalID int64

func TerminalIDFromString 

func TerminalIDFromString(s string) (TerminalID, error)

func (TerminalID) ClientID 

func (terminalID TerminalID) ClientID() ClientID

func (TerminalID) InstanceID 

func (terminalID TerminalID) InstanceID() int32

func (TerminalID) IsNotValid 

func (terminalID TerminalID) IsNotValid() bool

func (TerminalID) IsValid 

func (terminalID TerminalID) IsValid() bool

func (TerminalID) MarshalJSON 

func (terminalID TerminalID) MarshalJSON() ([]byte, error)

func (TerminalID) MarshalText 

func (terminalID TerminalID) MarshalText() ([]byte, error)

func (TerminalID) String 

func (terminalID TerminalID) String() string

func (*TerminalID) UnmarshalJSON 

func (terminalID *TerminalID) UnmarshalJSON(b []byte) error

func (*TerminalID) UnmarshalText 

func (terminalID *TerminalID) UnmarshalText(b []byte) error

type TerminalIDFirebaseInstanceToken 

type TerminalIDFirebaseInstanceToken struct {
	TerminalID   TerminalID
	PlatformType string
	Token        string
}

type TerminalInfo 

type TerminalInfo struct {
	DisplayName    string
	AcceptLanguage []language.Tag
}

type TerminalRegisterPostRequestJSONV1 

type TerminalRegisterPostRequestJSONV1 struct {
	DisplayName              string   `json:"display_name"`
	VerificationResourceType string   `json:"verification_resource_type,omitempty"`
	VerificationResourceName string   `json:"verification_resource_name"`
	VerificationMethods      []string `json:"verification_methods"`
}

func (TerminalRegisterPostRequestJSONV1) SwaggerDoc 

func (TerminalRegisterPostRequestJSONV1) SwaggerDoc() map[string]string

type TerminalRegisterPostResponseJSONV1 

type TerminalRegisterPostResponseJSONV1 struct {
	TerminalID     string     `json:"terminal_id"`
	TerminalSecret string     `json:"terminal_secret,omitempty"`
	CodeExpiry     *time.Time `json:"code_expiry,omitempty"`
}

provide user id? indicator for a new user?

func (TerminalRegisterPostResponseJSONV1) SwaggerDoc 

func (TerminalRegisterPostResponseJSONV1) SwaggerDoc() map[string]string

type TerminalSecretPostRequestJSONV1 

type TerminalSecretPostRequestJSONV1 struct {
	TerminalID string `json:"terminal_id"`
	Code       string `json:"code"`
}

func (TerminalSecretPostRequestJSONV1) SwaggerDoc 

func (TerminalSecretPostRequestJSONV1) SwaggerDoc() map[string]string

type TerminalSecretPostResponseJSONV1 

type TerminalSecretPostResponseJSONV1 struct {
	Secret string `json:"secret"`
}

func (TerminalSecretPostResponseJSONV1) SwaggerDoc 

func (TerminalSecretPostResponseJSONV1) SwaggerDoc() map[string]string

type TerminalService 

type TerminalService interface {
	GetTerminalInfo(
		callCtx CallContext,
		terminalID TerminalID,
	) (*TerminalInfo, error)
}

type UserAccountDeleteInput 

type UserAccountDeleteInput struct {
	DeletionNotes string
}

TODO: reason and comment

type UserAccountService 

type UserAccountService interface {
	// IsUserIDRegistered is to check if the user ID is trully registered to
	// system.
	IsUserIDRegistered(userID UserID) bool

	UserAccountStateService

	// DeleteUserAccount deletes an user account based identfied by userIDToDelete.
	DeleteUserAccount(
		callCtx CallContext,
		userIDToDelete UserID,
		input UserAccountDeleteInput,
	) (deleted bool, err error)
}

type UserAccountState 

type UserAccountState struct {
	Deleted bool
}

func (UserAccountState) IsAccountActive 

func (uaState UserAccountState) IsAccountActive() bool

type UserAccountStateService 

type UserAccountStateService interface {
	// GetUserAccountState checks if the provided user ID is valid and whether
	// the account is deleted.
	//
	// This method returns nil if the userID is not referencing to any valid
	// user account.
	GetUserAccountState(

		userID UserID,
	) (*UserAccountState, error)
}

type UserAccountStateServiceClientCore 

type UserAccountStateServiceClientCore struct {
}

TODO: make this struct instances connect to IAM server and manage synchronization of user account states.

func (*UserAccountStateServiceClientCore) GetUserAccountState 

func (uaStateSvcClient *UserAccountStateServiceClientCore) GetUserAccountState(
	userID UserID,
) (*UserAccountState, error)

type UserBaseProfile 

type UserBaseProfile struct {
	ID              UserID
	DisplayName     string
	ProfileImageURL string
	IsDeleted       bool
}

type UserContactListsJSONV1 

type UserContactListsJSONV1 struct {
	Items []UserJSONV1 `json:"items"`
}

type UserEmailAddressPutRequestJSONV1 

type UserEmailAddressPutRequestJSONV1 struct {
	IsPrimary bool `json:"is_primary" db:"is_primary"`
}

type UserID 

type UserID int64

UserID holds an identifier of a user account.

func UserIDFromPrimitiveValue 

func UserIDFromPrimitiveValue(v int64) UserID

func UserIDFromString 

func UserIDFromString(s string) (UserID, error)

func (UserID) IsNormalAccount 

func (userID UserID) IsNormalAccount() bool

func (UserID) IsNotValid 

func (userID UserID) IsNotValid() bool

func (UserID) IsServiceAccount 

func (userID UserID) IsServiceAccount() bool

func (UserID) IsValid 

func (userID UserID) IsValid() bool

func (UserID) MarshalJSON 

func (userID UserID) MarshalJSON() ([]byte, error)

func (UserID) MarshalText 

func (userID UserID) MarshalText() ([]byte, error)

func (UserID) PrimitiveValue 

func (userID UserID) PrimitiveValue() int64

func (UserID) String 

func (userID UserID) String() string

func (*UserID) UnmarshalJSON 

func (userID *UserID) UnmarshalJSON(b []byte) error

func (*UserID) UnmarshalText 

func (userID *UserID) UnmarshalText(b []byte) error

type UserJSONV1 

type UserJSONV1 struct {
	ID              string `json:"id"`
	DisplayName     string `json:"display_name"`
	ProfileImageURL string `json:"profile_image_url"`
	PhoneNumber     string `json:"phone_number,omitempty"`
	EmailAddress    string `json:"email_address,omitempty"`
}

func UserJSONV1FromBaseProfile 

func UserJSONV1FromBaseProfile(model *UserBaseProfile) *UserJSONV1

type UserPhoneNumber 

type UserPhoneNumber struct {
	UserID      UserID
	PhoneNumber PhoneNumber
	IsPrimary   bool
}

type UserPhoneNumberJSONV1 

type UserPhoneNumberJSONV1 struct {
	UserID      string `json:"user_id"`
	PhoneNumber string `json:"phone_number"`
}

type UserPhoneNumberListJSONV1 

type UserPhoneNumberListJSONV1 struct {
	Items []UserPhoneNumberJSONV1 `json:"items"`
}

type UserProfileService 

type UserProfileService interface {
	GetUserInfoV1(
		callCtx CallContext,
		userID UserID,
	) (*iampb.UserInfoData, error)
	GetUserBaseProfile(
		callCtx CallContext,
		userID UserID,
	) (*UserBaseProfile, error)
}

type UserService 

type UserService interface {
	UserAccountService
	UserProfileService

	GetUserPrimaryPhoneNumber(
		callCtx CallContext,
		userID UserID,
	) (*PhoneNumber, error)

	GetUserPrimaryEmailAddress(
		callCtx CallContext,
		userID UserID,
	) (*EmailAddress, error)
}

type UserTerminalService 

type UserTerminalService interface {
	ListUserTerminalIDFirebaseInstanceTokens(
		ownerUserID UserID,
	) ([]TerminalIDFirebaseInstanceToken, error)
	DeleteUserTerminalFCMRegistrationToken(
		authCtx *Authorization,
		userID UserID, terminalID TerminalID, token string,
	) error
}

TODO: this does not belong to C2S service, but only in S2S service

type WebUIURLs 

type WebUIURLs struct {
	SignIn string `env:"SIGNIN"`
}

Source Files

View all Source files

Directories

Path Synopsis
grpc
logging
rest
logging

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.