mongo

package
v0.34.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 21, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// IdxClientID provides a mongo index based on clientId
	IdxClientID = "idxClientId"

	// IdxExpires provides a mongo index based on expires
	IdxExpires = "idxExpires"

	// IdxExpiry provides a mongo index for generating ttl based record
	// expiration indices.
	IdxExpiry = "idxExpiry"

	// IdxUserID provides a mongo index based on userId
	IdxUserID = "idxUserId"

	// IdxUsername provides a mongo index based on username
	IdxUsername = "idxUsername"

	// IdxSessionID provides a mongo index based on Session
	IdxSessionID = "idxSessionId"

	// IdxSignatureID provides a mongo index based on Signature
	IdxSignatureID = "idxSignatureId"

	// IdxCompoundRequester provides a mongo compound index based on Client ID
	// and User ID for when filtering request records.
	IdxCompoundRequester = "idxCompoundRequester"
)

Variables

This section is empty.

Functions

func Connect added in v0.14.0 

func Connect(cfg *Config) (*mongo.Database, error)

Connect returns a connection to a mongo database.

func ConnectionInfo added in v0.14.0 

func ConnectionInfo(cfg *Config) *options.ClientOptions

ConnectionInfo configures options for establishing a session with a MongoDB cluster.

func ContextToSession added in v0.19.0 

func ContextToSession(ctx context.Context) (sess mongo.Session, ok bool)

ContextToSession provides a way to obtain a mongo session, if contained within the presented context.

func NewExpiryIndex added in v0.28.0 

func NewExpiryIndex(name string, key string, expireAfter int) (model mongo.IndexModel)

NewExpiryIndex generates a new index with a time to live value before the record expires in mongodb.

func NewIndex added in v0.27.0 

func NewIndex(name string, keys ...string) (model mongo.IndexModel)

NewIndex generates a new index model, ready to be saved in mongo.

Note:

  • This function assumes you are entering valid index keys and relies on mongo rejecting index operations if a bad index is created.

func NewUniqueIndex added in v0.27.0 

func NewUniqueIndex(name string, keys ...string) mongo.IndexModel

NewUniqueIndex generates a new unique index model, ready to be saved in mongo.

func SessionToContext added in v0.19.0 

func SessionToContext(ctx context.Context, session mongo.Session) context.Context

SessionToContext provides a way to push a mongo datastore session into the current context, which can then be passed on to other routes or functions.

func SetDebug added in v0.14.0 

func SetDebug(isDebug bool)

SetDebug turns on debug level logging, including debug at the driver level. If false, disables driver level logging and sets logging to info level.

func SetLogger added in v0.14.0 

func SetLogger(log *logrus.Logger)

SetLogger enables binding in your own customised logrus logger.

Types

type ClientManager added in v0.14.0 

type ClientManager struct {
	DB     *DB
	Hasher fosite.Hasher

	DeniedJTIs storage.DeniedJTIStorer
}

ClientManager provides a fosite storage implementation for Clients.

Implements: - fosite.Storage - fosite.ClientManager - storage.AuthClientMigrator - storage.ClientManager - storage.ClientStorer

func (*ClientManager) Authenticate added in v0.14.0 

func (c *ClientManager) Authenticate(ctx context.Context, clientID string, secret string) (result storage.Client, err error)

Authenticate verifies the identity of a client resource.

func (*ClientManager) AuthenticateMigration added in v0.14.0 

func (c *ClientManager) AuthenticateMigration(ctx context.Context, currentAuth storage.AuthClientFunc, clientID string, secret string) (result storage.Client, err error)

AuthenticateMigration is provided to authenticate clients that have been migrated from an another system that may use a different underlying hashing mechanism. It authenticates a Client first by using the provided AuthClientFunc which, if fails, will otherwise try to authenticate using the configured fosite.hasher.

func (*ClientManager) ClientAssertionJWTValid added in v0.21.0 

func (c *ClientManager) ClientAssertionJWTValid(ctx context.Context, jti string) error

ClientAssertionJWTValid returns an error if the JTI is known or the DB check failed and nil if the JTI is not known.

func (*ClientManager) Configure added in v0.14.0 

func (c *ClientManager) Configure(ctx context.Context) (err error)

Configure sets up the Mongo collection for OAuth 2.0 client resources.

func (*ClientManager) Create added in v0.14.0 

func (c *ClientManager) Create(ctx context.Context, client storage.Client) (result storage.Client, err error)

Create stores a new OAuth2.0 Client resource.

func (*ClientManager) Delete added in v0.14.0 

func (c *ClientManager) Delete(ctx context.Context, clientID string) (err error)

Delete removes an OAuth 2.0 Client resource.

func (*ClientManager) Get added in v0.14.0 

func (c *ClientManager) Get(ctx context.Context, clientID string) (result storage.Client, err error)

Get finds and returns an OAuth 2.0 client resource.

func (*ClientManager) GetClient added in v0.14.0 

func (c *ClientManager) GetClient(ctx context.Context, clientID string) (fosite.Client, error)

GetClient finds and returns an OAuth 2.0 client resource.

GetClient implements: - fosite.Storage - fosite.ClientManager

func (*ClientManager) GrantScopes added in v0.14.0 

func (c *ClientManager) GrantScopes(ctx context.Context, clientID string, scopes []string) (result storage.Client, err error)

GrantScopes grants the provided scopes to the specified Client resource.

func (*ClientManager) List added in v0.14.0 

func (c *ClientManager) List(ctx context.Context, filter storage.ListClientsRequest) (results []storage.Client, err error)

List filters resources to return a list of OAuth 2.0 client resources.

func (*ClientManager) Migrate added in v0.14.0 

func (c *ClientManager) Migrate(ctx context.Context, migratedClient storage.Client) (result storage.Client, err error)

Migrate is provided solely for the case where you want to migrate clients and upgrade their password using the AuthClientMigrator interface. This performs an upsert, either creating or overwriting the record with the newly provided full record. Use with caution, be secure, don't be dumb.

func (*ClientManager) RemoveScopes added in v0.14.0 

func (c *ClientManager) RemoveScopes(ctx context.Context, clientID string, scopes []string) (result storage.Client, err error)

RemoveScopes revokes the provided scopes from the specified Client resource.

func (*ClientManager) SetClientAssertionJWT added in v0.21.0 

func (c *ClientManager) SetClientAssertionJWT(ctx context.Context, jti string, exp time.Time) (err error)

SetClientAssertionJWT marks a JTI as known for the given expiry time. Before inserting the new JTI, it will clean up any existing JTIs that have expired as those tokens can not be replayed due to the expiry.

func (*ClientManager) Update added in v0.14.0 

func (c *ClientManager) Update(ctx context.Context, clientID string, updatedClient storage.Client) (result storage.Client, err error)

Update updates an OAuth 2.0 client resource.

type Config added in v0.14.0 

type Config struct {
	Hostnames    []string    `default:"localhost" envconfig:"CONNECTIONS_MONGO_HOSTNAMES"`
	Port         uint16      `default:"27017"     envconfig:"CONNECTIONS_MONGO_PORT"`
	SSL          bool        `default:"false"     envconfig:"CONNECTIONS_MONGO_SSL"`
	AuthDB       string      `default:"admin"     envconfig:"CONNECTIONS_MONGO_AUTHDB"`
	Username     string      `default:""          envconfig:"CONNECTIONS_MONGO_USERNAME"`
	Password     string      `default:""          envconfig:"CONNECTIONS_MONGO_PASSWORD"`
	DatabaseName string      `default:""          envconfig:"CONNECTIONS_MONGO_NAME"`
	Replset      string      `default:""          envconfig:"CONNECTIONS_MONGO_REPLSET"`
	Timeout      uint        `default:"10"        envconfig:"CONNECTIONS_MONGO_TIMEOUT"`
	PoolMinSize  uint64      `default:"0"         envconfig:"CONNECTIONS_MONGO_POOL_MIN_SIZE"`
	PoolMaxSize  uint64      `default:"100"       envconfig:"CONNECTIONS_MONGO_POOL_MAX_SIZE"`
	Compressors  []string    `default:""          envconfig:"CONNECTIONS_MONGO_COMPRESSORS"`
	TokenTTL     uint32      `default:"0"         envconfig:"CONNECTIONS_MONGO_TOKEN_TTL"`
	TLSConfig    *tls.Config `ignored:"true"`
}

Config defines the configuration parameters which are used by GetMongoSession.

func DefaultConfig added in v0.14.0 

func DefaultConfig() *Config

DefaultConfig returns a configuration for a locally hosted, unauthenticated mongo

type DB added in v0.24.0 

type DB struct {
	*mongo.Database
}

DB wraps the mongo database connection and the features that are enabled.

type DeniedJtiManager added in v0.21.0 

type DeniedJtiManager struct {
	DB *DB
}

DeniedJtiManager provides a mongo backed implementation for denying JSON Web Tokens (JWTs) by ID.

func (*DeniedJtiManager) Configure added in v0.21.0 

func (d *DeniedJtiManager) Configure(ctx context.Context) (err error)

Configure implements storage.Configurer.

func (*DeniedJtiManager) Create added in v0.21.0 

func (d *DeniedJtiManager) Create(ctx context.Context, deniedJTI storage.DeniedJTI) (result storage.DeniedJTI, err error)

Create creates a new User resource and returns the newly created User resource.

func (*DeniedJtiManager) Delete added in v0.21.0 

func (d *DeniedJtiManager) Delete(ctx context.Context, jti string) (err error)

func (*DeniedJtiManager) DeleteBefore added in v0.21.0 

func (d *DeniedJtiManager) DeleteBefore(ctx context.Context, expBefore int64) (err error)

DeleteExpired removes all JTIs before the given time. Returns not found if no tokens were found before the given time.

func (*DeniedJtiManager) Get added in v0.21.0 

func (d *DeniedJtiManager) Get(ctx context.Context, signature string) (result storage.DeniedJTI, err error)

Get returns the specified User resource.

type RequestManager added in v0.14.0 

type RequestManager struct {
	// DB contains the Mongo connection that holds the base session that can be
	// copied and closed.
	DB *DB

	// Clients provides access to Client entities in order to create, read,
	// update and delete resources from the clients collection.
	// A client is required when cross referencing scope access rights.
	Clients storage.ClientStorer

	// Users provides access to User entities in order to create, read, update
	// and delete resources from the user collection.
	// Users are required when the Password Credentials Grant, is implemented
	// in order to find and authenticate users.
	Users storage.UserStorer
}

RequestManager manages the main Mongo Session for a Request.

func (*RequestManager) Authenticate added in v0.14.0 

func (r *RequestManager) Authenticate(ctx context.Context, username string, secret string) (err error)

Authenticate confirms whether the specified password matches the stored hashed password within a User resource, found by username.

func (*RequestManager) Configure added in v0.14.0 

func (r *RequestManager) Configure(ctx context.Context) (err error)

Configure implements storage.Configurer.

func (*RequestManager) ConfigureExpiryWithTTL added in v0.28.0 

func (r *RequestManager) ConfigureExpiryWithTTL(ctx context.Context, ttl int) error

ConfigureExpiryWithTTL implements storage.Expirer.

func (*RequestManager) Create added in v0.14.0 

func (r *RequestManager) Create(ctx context.Context, entityName string, request storage.Request) (result storage.Request, err error)

Create creates the new Request resource and returns the newly created Request resource.

func (*RequestManager) CreateAccessTokenSession added in v0.14.0 

func (r *RequestManager) CreateAccessTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)

CreateAccessTokenSession creates a new session for an Access Token

func (*RequestManager) CreateAuthorizeCodeSession added in v0.14.0 

func (r *RequestManager) CreateAuthorizeCodeSession(ctx context.Context, code string, request fosite.Requester) (err error)

CreateAuthorizeCodeSession stores the authorization request for a given authorization code.

func (*RequestManager) CreateOpenIDConnectSession added in v0.14.0 

func (r *RequestManager) CreateOpenIDConnectSession(ctx context.Context, authorizeCode string, request fosite.Requester) (err error)

CreateOpenIDConnectSession creates an open id connect session resource for a given authorize code. This is relevant for explicit open id connect flow.

func (*RequestManager) CreatePKCERequestSession added in v0.14.0 

func (r *RequestManager) CreatePKCERequestSession(ctx context.Context, signature string, request fosite.Requester) (err error)

CreatePKCERequestSession implements fosite.PKCERequestStorage.

func (*RequestManager) CreateRefreshTokenSession added in v0.14.0 

func (r *RequestManager) CreateRefreshTokenSession(ctx context.Context, signature string, request fosite.Requester) (err error)

CreateRefreshTokenSession implements fosite.RefreshTokenStorage.

func (*RequestManager) Delete added in v0.14.0 

func (r *RequestManager) Delete(ctx context.Context, entityName string, requestID string) (err error)

Delete deletes the specified Request resource.

func (*RequestManager) DeleteAccessTokenSession added in v0.14.0 

func (r *RequestManager) DeleteAccessTokenSession(ctx context.Context, signature string) (err error)

DeleteAccessTokenSession removes an Access Token's session

func (*RequestManager) DeleteBySignature added in v0.14.0 

func (r *RequestManager) DeleteBySignature(ctx context.Context, entityName string, signature string) (err error)

DeleteBySignature deletes the specified request resource, if the presented signature returns a match.

func (*RequestManager) DeleteOpenIDConnectSession added in v0.14.0 

func (r *RequestManager) DeleteOpenIDConnectSession(ctx context.Context, authorizeCode string) (err error)

DeleteOpenIDConnectSession removes an open id connect session from mongo.

func (*RequestManager) DeletePKCERequestSession added in v0.14.0 

func (r *RequestManager) DeletePKCERequestSession(ctx context.Context, signature string) (err error)

DeletePKCERequestSession implements fosite.PKCERequestStorage.

func (*RequestManager) DeleteRefreshTokenSession added in v0.14.0 

func (r *RequestManager) DeleteRefreshTokenSession(ctx context.Context, signature string) (err error)

DeleteRefreshTokenSession implements fosite.RefreshTokenStorage.

func (*RequestManager) Get added in v0.14.0 

func (r *RequestManager) Get(ctx context.Context, entityName string, requestID string) (result storage.Request, err error)

Get returns the specified Request resource.

func (*RequestManager) GetAccessTokenSession added in v0.14.0 

func (r *RequestManager) GetAccessTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)

GetAccessTokenSession returns a session if it can be found by signature

func (*RequestManager) GetAuthorizeCodeSession added in v0.14.0 

func (r *RequestManager) GetAuthorizeCodeSession(ctx context.Context, code string, session fosite.Session) (request fosite.Requester, err error)

GetAuthorizeCodeSession hydrates the session based on the given code and returns the authorization request.

func (*RequestManager) GetBySignature added in v0.14.0 

func (r *RequestManager) GetBySignature(ctx context.Context, entityName string, signature string) (result storage.Request, err error)

GetBySignature returns a Request resource, if the presented signature returns a match.

func (*RequestManager) GetOpenIDConnectSession added in v0.14.0 

func (r *RequestManager) GetOpenIDConnectSession(ctx context.Context, authorizeCode string, requester fosite.Requester) (request fosite.Requester, err error)

GetOpenIDConnectSession gets a session resource based off the Authorize Code and returns a fosite.Requester, or an error.

func (*RequestManager) GetPKCERequestSession added in v0.14.0 

func (r *RequestManager) GetPKCERequestSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)

GetPKCERequestSession implements fosite.PKCERequestStorage.

func (*RequestManager) GetRefreshTokenSession added in v0.14.0 

func (r *RequestManager) GetRefreshTokenSession(ctx context.Context, signature string, session fosite.Session) (request fosite.Requester, err error)

GetRefreshTokenSession implements fosite.RefreshTokenStorage.

func (*RequestManager) InvalidateAuthorizeCodeSession added in v0.14.0 

func (r *RequestManager) InvalidateAuthorizeCodeSession(ctx context.Context, code string) (err error)

InvalidateAuthorizeCodeSession is called when an authorize code is being used. The state of the authorization code should be set to invalid and consecutive requests to GetAuthorizeCodeSession should return the ErrInvalidatedAuthorizeCode error.

func (*RequestManager) List added in v0.14.0 

func (r *RequestManager) List(ctx context.Context, entityName string, filter storage.ListRequestsRequest) (results []storage.Request, err error)

List returns a list of Request resources that match the provided inputs.

func (*RequestManager) RevokeAccessToken added in v0.14.0 

func (r *RequestManager) RevokeAccessToken(ctx context.Context, requestID string) (err error)

RevokeAccessToken deletes the access token session.

func (*RequestManager) RevokeRefreshToken added in v0.14.0 

func (r *RequestManager) RevokeRefreshToken(ctx context.Context, requestID string) (err error)

RevokeRefreshToken deletes the refresh token session.

func (*RequestManager) Update added in v0.14.0 

func (r *RequestManager) Update(ctx context.Context, entityName string, requestID string, updatedRequest storage.Request) (result storage.Request, err error)

Update updates the Request resource and attributes and returns the updated Request resource.

type Store added in v0.14.0 

type Store struct {
	// Internals
	DB *DB

	// Public API
	Hasher fosite.Hasher
	storage.Store
	// contains filtered or unexported fields
}

Store provides a MongoDB storage driver compatible with fosite's required storage interfaces.

func New added in v0.14.0 

func New(cfg *Config, hashee fosite.Hasher) (*Store, error)

New allows for custom mongo configuration and custom hashers.

func NewDefaultStore added in v0.14.0 

func NewDefaultStore() (*Store, error)

NewDefaultStore returns a Store configured with the default mongo configuration and default Hasher.

func (*Store) Close added in v0.14.0 

func (s *Store) Close()

Close terminates the mongo connection.

func (*Store) NewSession added in v0.14.0 

func (s *Store) NewSession(ctx context.Context) (context.Context, func(), error)

NewSession creates and returns a new mongo session. A deferrable session closer is returned in an attempt to enforce proper session handling/closing of sessions to avoid session and memory leaks.

NewSession boilerplate becomes: ``` ctx := context.Background() 

if store.DB.HasSessions {
    var closeSession func()
    ctx, closeSession, err = store.NewSession(nil)
    if err != nil {
        panic(err)
    }
    defer closeSession()
}

```

type UserManager added in v0.14.0 

type UserManager struct {
	DB     *DB
	Hasher fosite.Hasher
}

UserManager provides a mongo backed implementation for user resources.

Implements: - storage.Configurer - storage.AuthUserMigrator - storage.UserStorer - storage.UserManager

func (*UserManager) Authenticate added in v0.14.0 

func (u *UserManager) Authenticate(ctx context.Context, username string, password string) (result storage.User, err error)

Authenticate confirms whether the specified password matches the stored hashed password within the User resource. The User resource returned is matched by username.

func (*UserManager) AuthenticateByID added in v0.14.0 

func (u *UserManager) AuthenticateByID(ctx context.Context, userID string, password string) (result storage.User, err error)

AuthenticateByID confirms whether the specified password matches the stored hashed password within the User resource. The User resource returned is matched by User ID.

func (*UserManager) AuthenticateByUsername added in v0.14.0 

func (u *UserManager) AuthenticateByUsername(ctx context.Context, username string, password string) (result storage.User, err error)

AuthenticateByUsername confirms whether the specified password matches the stored hashed password within the User resource. The User resource returned is matched by username.

func (*UserManager) AuthenticateMigration added in v0.14.0 

func (u *UserManager) AuthenticateMigration(ctx context.Context, currentAuth storage.AuthUserFunc, userID string, password string) (result storage.User, err error)

AuthenticateMigration enables developers to supply your own authentication function, which in turn, if true, will migrate the secret to the Hasher implemented within fosite.

func (*UserManager) Configure added in v0.14.0 

func (u *UserManager) Configure(ctx context.Context) (err error)

Configure implements storage.Configurer.

func (*UserManager) Create added in v0.14.0 

func (u *UserManager) Create(ctx context.Context, user storage.User) (result storage.User, err error)

Create creates a new User resource and returns the newly created User resource.

func (*UserManager) Delete added in v0.14.0 

func (u *UserManager) Delete(ctx context.Context, userID string) (err error)

Delete deletes the specified User resource.

func (*UserManager) Get added in v0.14.0 

func (u *UserManager) Get(ctx context.Context, userID string) (result storage.User, err error)

Get returns the specified User resource.

func (*UserManager) GetByUsername added in v0.14.0 

func (u *UserManager) GetByUsername(ctx context.Context, username string) (result storage.User, err error)

GetByUsername returns a user resource if found by username.

func (*UserManager) GrantScopes added in v0.14.0 

func (u *UserManager) GrantScopes(ctx context.Context, userID string, scopes []string) (result storage.User, err error)

GrantScopes grants the provided scopes to the specified User resource.

func (*UserManager) List added in v0.14.0 

func (u *UserManager) List(ctx context.Context, filter storage.ListUsersRequest) (results []storage.User, err error)

List returns a list of User resources that match the provided inputs.

func (*UserManager) Migrate added in v0.14.0 

func (u *UserManager) Migrate(ctx context.Context, migratedUser storage.User) (result storage.User, err error)

Migrate is provided solely for the case where you want to migrate users and upgrade their password using the AuthUserMigrator interface. This performs an upsert, either creating or overwriting the record with the newly provided full record. Use with caution, be secure, don't be dumb.

func (*UserManager) RemoveScopes added in v0.14.0 

func (u *UserManager) RemoveScopes(ctx context.Context, userID string, scopes []string) (result storage.User, err error)

RemoveScopes revokes the provided scopes from the specified User Resource.

func (*UserManager) Update added in v0.14.0 

func (u *UserManager) Update(ctx context.Context, userID string, updatedUser storage.User) (result storage.User, err error)

Update updates the User resource and attributes and returns the updated User resource.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.