app

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 3, 2014 License: BSD-3-Clause Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Authenticators = map[string]reflect.Value{
		"test": reflect.ValueOf(NewTestAuthenticator),
		"imap": reflect.ValueOf(NewImapAuthenticator),
	}
)
View Source 
var (
	Version = "0.1.0"
)

Functions

func AuthenticationHandler 

func AuthenticationHandler(app *GorgonApp, w http.ResponseWriter, r *http.Request) (err error)

AuthenticationHandler is responsible of presenting the auth form and authenticating the user using the app Authenticator and the username/password provided by the user. If the user is successfully authenticated, the "persona-auth" cookie is updated with the username used in the authentication process.

func CheckAuthenticatedHandler 

func CheckAuthenticatedHandler(app *GorgonApp, w http.ResponseWriter, r *http.Request) (err error)

CheckAuthenticateHandler checks if the user has an active session (the user is authenticated). If the user is not authenticated returns an HTTP code 403 (Forbidden), else returns an HTTP code 200 (OK).

func CreateCertificate 

func CreateCertificate(private_key *PrivateKey, public_key *PublicKey, email string, cert_duration int, pubkey map[string]string, iss string) ([]byte, error)

CreateCertificate returns the string representation of a token signed with the given private_key. The token contains the following claims: - iat: - exp: expiry date of the certificate - iss: issuer of the certificate (the domain used by the IdP) - public-key: the public key provided by the browser - principal:

  • email : the email address of the authenticated user

func GenerateCertificateHandler 

func GenerateCertificateHandler(app *GorgonApp, w http.ResponseWriter, r *http.Request) (err error)

GenerateCertificateHandler is called via an AJAX request from the provisioning page when the user is authenticated. This handler returns a generated certificate from informations provided in the query string.

func ProvisioningHandler 

func ProvisioningHandler(app *GorgonApp, w http.ResponseWriter, r *http.Request) (err error)

ProvisioningHandler returns the content of hidden iframe. The content depends if the user have an active session or not.

func SupportDocumentHandler 

func SupportDocumentHandler(app *GorgonApp, w http.ResponseWriter, r *http.Request) (err error)

SupportDocumentHandler returns the SupportDocument in a JSON encoded response.

Types

type Authenticator 

type Authenticator interface {
	Authenticate(username, password string) error
}

Authenticator is an interface representing a method to authenticate a user. Only one function must be implemented: Authenticate(username, password string) that returns nil when the username/password pair is correct or an error.

func NewAuthenticator 

func NewAuthenticator(app GorgonApp, name string) (authenticator Authenticator, err error)

NewAuthenticator returns an Authenticator based on the provided name. The authenticator is configured from app.Config.

func NewImapAuthenticator 

func NewImapAuthenticator(app GorgonApp) (Authenticator, error)

NewImapAuthenticator returns a populated ImapAuthenticator

func NewTestAuthenticator 

func NewTestAuthenticator(app GorgonApp) (Authenticator, error)

NewTestAuthenticator returns a populated TestAuthenticator.

type ErrorKey 

type ErrorKey struct {
	// contains filtered or unexported fields
}

ErrorKey is a base error for public/private key operations

func (*ErrorKey) Error 

func (e *ErrorKey) Error() string

Error returns the error message

type GorgonApp 

type GorgonApp struct {
	Config        ini.File              // configuration read from a configuration file
	Router        *mux.Router           // routes to URL
	SessionStore  *sessions.CookieStore // users sessions (client side cookie)
	PublicKey     *PublicKey            // public key for the domain
	PrivateKey    *PrivateKey           // private key for the domain
	Templates     *template.Template    // list of all templates used by the application
	Domain        string                // domain name used for this IdP
	Authenticator Authenticator         // method to authenticate users
	ListenAddress string                // network address on which the app will listens
	Logger        *logging.Logger       // Logger for this app
}

GorgonApp represents an application used to act as a Persona IdP.

func NewApp 

func NewApp(config_file string) GorgonApp

NewApp returns a GorgonApp fully configured and initialized. Panic if the app can't be initialized.

func (*GorgonApp) GetSupportDocument 

func (app *GorgonApp) GetSupportDocument() SupportDocument

GetSupportDocument returns a SupportDocument struct for the GorgonApp.

func (GorgonApp) ListenAndServe 

func (app GorgonApp) ListenAndServe() error

ListenAndServe listens on the TCP network address provided by the app configuration and then serve requests on incoming connections.

type ImapAuthenticator 

type ImapAuthenticator struct {
	// contains filtered or unexported fields
}

ImapAuthenticator implements the Authenticator interface to authenticate users against an Imap server. The username (email) and password are passed without modification to the Imap server.

An example configuration looks like this:

[global] ... auth = imap

[auth:imap] server = imap.example.com

func (ImapAuthenticator) Authenticate 

func (a ImapAuthenticator) Authenticate(username, password string) (err error)

Authenticate uses an Imap server to authenticate users. If the Imap server advertise the STARTTLS capability, the connection switches to TLS. The username (email) and password are passed without modification to the Imap server.

type PrivateKey 

type PrivateKey struct {
	*rsa.PrivateKey // anonymous field to the read RSA private key
}

PrivateKey represents an RSA private key.

func LoadPrivateKey 

func LoadPrivateKey(filename string) (*PrivateKey, error)

LoadPrivateKey returns a PrivateKey created from the content of a PEM encoded file containing an RSA private key.

func (*PrivateKey) Sign 

func (k *PrivateKey) Sign(data []byte) ([]byte, error)

Sign returns the signature of the SHA256 hash of the given data.

type PublicKey 

type PublicKey struct {
	*rsa.PublicKey // anonymous field to the real RSA public key
}

PublicKey represents an RSA public key that implements the Marshaler interface.

func LoadPublicKey 

func LoadPublicKey(filename string) (*PublicKey, error)

LoadPublicKey returns a PublicKey created from the content of a PEM encoded file containing an RSA public key.

func (*PublicKey) MarshalJSON 

func (pub *PublicKey) MarshalJSON() ([]byte, error)

MarshalJSON returns the json representation of the RSA public key

type SupportDocument 

type SupportDocument struct {
	Authentication string     `json:"authentication""`
	Provisioning   string     `json:"provisioning"`
	PublicKey      *PublicKey `json:"public-key"`
}

SupportDocument represents the document where domains advertise their ability to act as Persona Identity Providers located at: "/.well-known/browserid".

type TestAuthenticator 

type TestAuthenticator struct {
	// contains filtered or unexported fields
}

TestAuthenticator implements the Authenticator interface and is a very simple auth method whose first goal is to test a Gorgon app. This authenticator should not be used in production.

An example configuration looks like this:

[global] ... auth = test

[auth:test] global_password = myverysecretpassword

func (TestAuthenticator) Authenticate 

func (a TestAuthenticator) Authenticate(username, password string) (err error)

Authenticate uses a global password to authenticate all users.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.