controllers

package
v0.0.0-...-0fc1b25 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 5, 2021 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	KratosPublicURL                 string
	KratosSSLoginBrowserPath        = "/self-service/login/browser"
	KratosSSRegistrationBrowserPath = "/self-service/registration/browser"
)
View Source 
var (
	ErrMissingLoginChallengeParam   = errors.New("controller: missing login challenge param")
	ErrMissingConsentChallengeParam = errors.New("controller: missing consent challenge param")
	ErrMissingLoginStateParam       = errors.New("controller: missing login state param")
	ErrMissingKratosLoginSession    = errors.New("controller: missing kratos login session")
	ErrMismatchedHydraState         = errors.New("controller: mismatched hydra state")
)
View Source 
var (
	ErrConfirmPasswordMismatched = errors.New("controller: confirm password mismatched")
)

Functions

This section is empty.

Types

type AccessTokenCustomClaims 

type AccessTokenCustomClaims struct {
	UserUUID string
	Email    string
}

AccessTokenCustomClaims defines and stores some data from Kratos session. We use it to enrich information when perform token introspection. Then, these information will be set to HTTP header by using Oathkeeper mutator.

type CallbackError 

type CallbackError struct {
	Name        string
	Description string
	Hint        string
	Debug       string
}

type CallbackForm 

type CallbackForm struct {
	Error        *CallbackError
	AccessToken  string
	RefreshToken string
	Expiry       string
	IDToken      string
}

CallbackForm stores result token after OAuth flow

type ChangePasswordForm 

type ChangePasswordForm struct {
	CurrentPassword string `schema:"current_password"`
	NewPassword     string `schema:"new_password"`
	ConfirmPassword string `schema:"confirm_password"`
}

type ConsentForm 

type ConsentForm struct {
	// TODO: implement csrf protection using gorilla csrf
	Subject                 string
	ConsentChallenge        string   `schema:"consent_challenge"`
	Scopes                  []string `schema:"scopes"`
	Remember                bool     `schema:"remember"`
	Accept                  string   `schema:"accept"`
	AccessTokenCustomClaims AccessTokenCustomClaims
}

ConsentForm stores consent form data to render consent page

type Hydra 

type Hydra struct {
	ConsentView *views.View
	// contains filtered or unexported fields
}

Hydra controller will handler flows relate to Hydra integration: login with Hydra flow, and so on It interacts with Ory Kratos, an opensource Identity Provider, and Ory Hydra, an opensource OAuth2/OIDC provider.

func NewHydra 

func NewHydra(k *kratosClient.APIClient, hCli *hydraSDK.OryHydra, hAdm *hydraSDK.OryHydra) *Hydra

func (*Hydra) GetHydraConsent 

func (h *Hydra) GetHydraConsent(w http.ResponseWriter, r *http.Request)

GetHydraConsent GET /auth/hydra/consent

func (*Hydra) GetHydraLogin 

func (h *Hydra) GetHydraLogin(w http.ResponseWriter, r *http.Request)

GetHydraLogin GET /auth/hydra/login

func (*Hydra) PostHydraConsent 

func (h *Hydra) PostHydraConsent(w http.ResponseWriter, r *http.Request)

PostHydraConsent POST /auth/hydra/consent

type LoginForm 

type LoginForm struct {
	SubmitMethod string
	Action       string
	CsrfToken    string `schema:"csrf_token"`
	FlowID       string
	Email        string `schema:"password_identifier"`
	Password     string `schema:"password"`
}

LoginForm stores data for rendering Login form and submit a Login flow

type MockAPI 

type MockAPI struct{}

MockAPI is used to test Oathkeeper mutator function

func NewMockAPI 

func NewMockAPI() *MockAPI

func (*MockAPI) GetAPI 

func (u *MockAPI) GetAPI(w http.ResponseWriter, r *http.Request)

GetAPI prints out received HTTP headers GET /mock/api

type MockSiteData 

type MockSiteData struct {
	HydraLoginURL string
}

MockSiteData stores auth code login URL

type MockUISites 

type MockUISites struct {
	Home         *views.View
	CallbackView *views.View
}

MockUISites is a list of sites that our fake UI requires.

func NewMockUISites 

func NewMockUISites() *MockUISites

func (*MockUISites) GetCallback 

func (m *MockUISites) GetCallback(w http.ResponseWriter, r *http.Request)

GetCallback receive authorization code and exchange token with Hydra, our OAuth2.0/OIDC server then it render token, and other result to viewer. GET /callback

func (*MockUISites) GetHome 

func (m *MockUISites) GetHome(w http.ResponseWriter, r *http.Request)

GetHome just contain a login button to perform login with hydra

type ProtectedSites 

type ProtectedSites struct {
	Dashboard *views.View
}

ProtectedSites is a list of sites that requires user logged in. Current we are use Oathkeeper to authenticate the session of requests coming.

func NewProtectedSites 

func NewProtectedSites() *ProtectedSites

type PublicSites 

type PublicSites struct {
	Home *views.View
}

PublicSites is a list of sites that do not require use to log in.

func NewPublicSites 

func NewPublicSites() *PublicSites

type RegistrationForm 

type RegistrationForm struct {
	RegistrationMethod string
	SubmitMethod       string
	Action             string
	CsrfToken          string `schema:"csrf_token"`
	FlowID             string
	Email              string `schema:"traits.email"`
	Password           string `schema:"password"`
}

RegistrationForm stores data for rendering Registration form and submit a Registration flow

type Users 

type Users struct {
	LoginView        *views.View
	RegistrationView *views.View
	CallbackView     *views.View
	// contains filtered or unexported fields
}

Users controller handles traditions authentication flows, includes: registration, login, logout and so on It interacts with Ory Kratos, an opensource Identity Provider.

func NewUsers 

func NewUsers(k *kratosClient.APIClient) *Users

func (*Users) GetLogin 

func (u *Users) GetLogin(w http.ResponseWriter, r *http.Request)

GetLogin requires flow params, if the flow is not set, it will redirect to Kratos to browse a new one. Kratos will create a new flow and redirect back to /auth/login with the param was set in the URL. GetLogin will use this id to fetch data from Kratos to render submit form.

GET /auth/login/?flow=<flow_id>

func (*Users) GetRegistration 

func (u *Users) GetRegistration(w http.ResponseWriter, r *http.Request)

GetRegistration requires flow params to render Registration screen if flow param is not found, it will redirect to Kratos /self-service/registration/browser to browse a new flow_id. Kratos then redirect back to this path with a flow param in the URL.

GET /auth/registration/?flow=<flow_id>

func (*Users) PostChangePassword 

func (u *Users) PostChangePassword(w http.ResponseWriter, r *http.Request)

PostChangePassword handles request from front-end app to change password of current user

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.