Documentation ¶
Index ¶
- Constants
- Variables
- func FetchCertificates(discoveryURL string) (map[string]CertificateList, error)
- func JWTValidator(certificates map[string]CertificateList, audience string) jwt.Keyfunc
- func TrimNaisTeamPrefix(team string) string
- type Azure
- type AzureGroupClient
- type CertificateList
- type EncodedCertificate
- type GoogleGroupClient
- type Group
- type Groups
- type Key
- type KeyDiscovery
- type MemberOfGroup
- type MemberOfResponse
- type Middleware
- type MiddlewareHandler
- type SessionRetriever
- type TeamProjectsMapping
- type TokenResponse
- type User
Constants ¶
View Source
const ( AzureGraphMemberOfEndpoint = "https://graph.microsoft.com/v1.0/me/memberOf/microsoft.graph.group?$select=mail,groupTypes,displayName" CacheDuration = 1 * time.Hour )
View Source
const ContextUserKey contextKey = 1
Variables ¶
View Source
var MockUser = User{ Name: "Anderson, Mock", Email: "mock.anderson@email.com", GoogleGroups: Groups{ { Name: "team", Email: "team@nav.no", }, { Name: "nada", Email: "nada@nav.no", }, { Name: "aura", Email: "aura@nav.no", }, { Name: "nais-team-nyteam", Email: "nais-team-nyteam@nav.no", }, }, AzureGroups: Groups{ { Name: "team", Email: "team@nav.no", }, }, Expiry: time.Now().Add(time.Hour * 24), }
Functions ¶
func FetchCertificates ¶
func FetchCertificates(discoveryURL string) (map[string]CertificateList, error)
func JWTValidator ¶
func JWTValidator(certificates map[string]CertificateList, audience string) jwt.Keyfunc
func TrimNaisTeamPrefix ¶
Types ¶
type Azure ¶
func (*Azure) KeyDiscoveryURL ¶
func (*Azure) Middleware ¶
func (a *Azure) Middleware(keyDiscoveryURL string, azureGroups *AzureGroupClient, googleGroups *GoogleGroupClient, sessionStore SessionRetriever) MiddlewareHandler
type AzureGroupClient ¶
type AzureGroupClient struct { Client *http.Client OAuthClientID string OAuthClientSecret string OAuthTenantID string }
func NewAzureGroups ¶
func NewAzureGroups(client *http.Client, clientID, clientSecret, tenantID string) *AzureGroupClient
func (*AzureGroupClient) GroupsForUser ¶
type CertificateList ¶
type CertificateList []*x509.Certificate
type EncodedCertificate ¶
type EncodedCertificate string
func (EncodedCertificate) Decode ¶
func (c EncodedCertificate) Decode() (*x509.Certificate, error)
Decode a base64 encoded certificate into a X509 structure.
type GoogleGroupClient ¶
type GoogleGroupClient struct {
// contains filtered or unexported fields
}
func NewGoogleGroups ¶
type Key ¶
type Key struct { Kid string `json:"kid"` X5c []EncodedCertificate `json:"x5c"` }
type KeyDiscovery ¶
type KeyDiscovery struct {
Keys []Key `json:"keys"`
}
func DiscoverURL ¶
func DiscoverURL(url string) (*KeyDiscovery, error)
func (*KeyDiscovery) Map ¶
func (k *KeyDiscovery) Map() (result map[string]CertificateList, err error)
Map transform a KeyDiscovery object into a dictionary with "kid" as key and lists of decoded X509 certificates as values.
Returns an error if any certificate does not decode.
type MemberOfGroup ¶
type MemberOfResponse ¶
type MemberOfResponse struct {
Groups []MemberOfGroup `json:"value"`
}
type Middleware ¶
type Middleware struct {
// contains filtered or unexported fields
}
type MiddlewareHandler ¶
func MockJWTValidatorMiddleware ¶
func MockJWTValidatorMiddleware() MiddlewareHandler
type SessionRetriever ¶
type TeamProjectsMapping ¶
type TeamProjectsMapping struct { TeamProjects map[string]string // contains filtered or unexported fields }
func (*TeamProjectsMapping) SetTeamProjects ¶
func (t *TeamProjectsMapping) SetTeamProjects(projects map[string]string)
type TokenResponse ¶
type TokenResponse struct {
AccessToken string `json:"access_token"`
}
Click to show internal directories.
Click to hide internal directories.