oathkeeper: github.com/ory/oathkeeper/pipeline/authn Index | Files

package authn

import "github.com/ory/oathkeeper/pipeline/authn"

Index

Package Files

authenticator.go authenticator_anonymous.go authenticator_cookie_session.go authenticator_jwt.go authenticator_noop.go authenticator_oauth2_client_credentials.go authenticator_oauth2_introspection.go authenticator_unauthorized.go registry.go

Variables

var ErrAuthenticatorNotEnabled = herodot.DefaultError{
    ErrorField:  "authenticator matching this route is misconfigured or disabled",
    CodeField:   http.StatusInternalServerError,
    StatusField: http.StatusText(http.StatusInternalServerError),
}
var ErrAuthenticatorNotResponsible = errors.New("Authenticator not responsible")

func NewErrAuthenticatorMisconfigured Uses

func NewErrAuthenticatorMisconfigured(a Authenticator, err error) *herodot.DefaultError

func NewErrAuthenticatorNotEnabled Uses

func NewErrAuthenticatorNotEnabled(a Authenticator) *herodot.DefaultError

type AuthenticationSession Uses

type AuthenticationSession struct {
    Subject string                 `json:"subject"`
    Extra   map[string]interface{} `json:"extra"`
    Header  http.Header            `json:"header"`
}

func (*AuthenticationSession) SetHeader Uses

func (a *AuthenticationSession) SetHeader(key, val string)

type Authenticator Uses

type Authenticator interface {
    Authenticate(r *http.Request, config json.RawMessage, rule pipeline.Rule) (*AuthenticationSession, error)
    GetID() string
    Validate(config json.RawMessage) error
}

type AuthenticatorAnonymous Uses

type AuthenticatorAnonymous struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorAnonymous Uses

func NewAuthenticatorAnonymous(c configuration.Provider) *AuthenticatorAnonymous

func (*AuthenticatorAnonymous) Authenticate Uses

func (a *AuthenticatorAnonymous) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorAnonymous) Config Uses

func (a *AuthenticatorAnonymous) Config(config json.RawMessage) (*AuthenticatorAnonymousConfiguration, error)

func (*AuthenticatorAnonymous) GetID Uses

func (a *AuthenticatorAnonymous) GetID() string

func (*AuthenticatorAnonymous) Validate Uses

func (a *AuthenticatorAnonymous) Validate(config json.RawMessage) error

type AuthenticatorAnonymousConfiguration Uses

type AuthenticatorAnonymousConfiguration struct {
    Subject string `json:"subject"`
}

type AuthenticatorCookieSession Uses

type AuthenticatorCookieSession struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorCookieSession Uses

func NewAuthenticatorCookieSession(c configuration.Provider) *AuthenticatorCookieSession

func (*AuthenticatorCookieSession) Authenticate Uses

func (a *AuthenticatorCookieSession) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorCookieSession) Config Uses

func (a *AuthenticatorCookieSession) Config(config json.RawMessage) (*AuthenticatorCookieSessionConfiguration, error)

func (*AuthenticatorCookieSession) GetID Uses

func (a *AuthenticatorCookieSession) GetID() string

func (*AuthenticatorCookieSession) Validate Uses

func (a *AuthenticatorCookieSession) Validate(config json.RawMessage) error

type AuthenticatorCookieSessionConfiguration Uses

type AuthenticatorCookieSessionConfiguration struct {
    Only            []string `json:"only"`
    CheckSessionURL string   `json:"check_session_url"`
}

type AuthenticatorCookieSessionFilter Uses

type AuthenticatorCookieSessionFilter struct {
}

type AuthenticatorJWT Uses

type AuthenticatorJWT struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorJWT Uses

func NewAuthenticatorJWT(
    c configuration.Provider,
    r AuthenticatorJWTRegistry,
) *AuthenticatorJWT

func (*AuthenticatorJWT) Authenticate Uses

func (a *AuthenticatorJWT) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorJWT) Config Uses

func (a *AuthenticatorJWT) Config(config json.RawMessage) (*AuthenticatorOAuth2JWTConfiguration, error)

func (*AuthenticatorJWT) GetID Uses

func (a *AuthenticatorJWT) GetID() string

func (*AuthenticatorJWT) Validate Uses

func (a *AuthenticatorJWT) Validate(config json.RawMessage) error

type AuthenticatorJWTRegistry Uses

type AuthenticatorJWTRegistry interface {
    credentials.VerifierRegistry
}

type AuthenticatorNoOp Uses

type AuthenticatorNoOp struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorNoOp Uses

func NewAuthenticatorNoOp(c configuration.Provider) *AuthenticatorNoOp

func (*AuthenticatorNoOp) Authenticate Uses

func (a *AuthenticatorNoOp) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorNoOp) GetID Uses

func (a *AuthenticatorNoOp) GetID() string

func (*AuthenticatorNoOp) Validate Uses

func (a *AuthenticatorNoOp) Validate(config json.RawMessage) error

type AuthenticatorOAuth2ClientCredentials Uses

type AuthenticatorOAuth2ClientCredentials struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorOAuth2ClientCredentials Uses

func NewAuthenticatorOAuth2ClientCredentials(c configuration.Provider) *AuthenticatorOAuth2ClientCredentials

func (*AuthenticatorOAuth2ClientCredentials) Authenticate Uses

func (a *AuthenticatorOAuth2ClientCredentials) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorOAuth2ClientCredentials) Config Uses

func (a *AuthenticatorOAuth2ClientCredentials) Config(config json.RawMessage) (*AuthenticatorOAuth2Configuration, error)

func (*AuthenticatorOAuth2ClientCredentials) GetID Uses

func (a *AuthenticatorOAuth2ClientCredentials) GetID() string

func (*AuthenticatorOAuth2ClientCredentials) Validate Uses

func (a *AuthenticatorOAuth2ClientCredentials) Validate(config json.RawMessage) error

type AuthenticatorOAuth2Configuration Uses

type AuthenticatorOAuth2Configuration struct {
    Scopes   []string `json:"required_scope"`
    TokenURL string   `json:"token_url"`
}

type AuthenticatorOAuth2Introspection Uses

type AuthenticatorOAuth2Introspection struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorOAuth2Introspection Uses

func NewAuthenticatorOAuth2Introspection(c configuration.Provider) *AuthenticatorOAuth2Introspection

func (*AuthenticatorOAuth2Introspection) Authenticate Uses

func (a *AuthenticatorOAuth2Introspection) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorOAuth2Introspection) Config Uses

func (a *AuthenticatorOAuth2Introspection) Config(config json.RawMessage) (*AuthenticatorOAuth2IntrospectionConfiguration, error)

func (*AuthenticatorOAuth2Introspection) GetID Uses

func (a *AuthenticatorOAuth2Introspection) GetID() string

func (*AuthenticatorOAuth2Introspection) Validate Uses

func (a *AuthenticatorOAuth2Introspection) Validate(config json.RawMessage) error

type AuthenticatorOAuth2IntrospectionConfiguration Uses

type AuthenticatorOAuth2IntrospectionConfiguration struct {
    Scopes              []string                                              `json:"required_scope"`
    Audience            []string                                              `json:"target_audience"`
    Issuers             []string                                              `json:"trusted_issuers"`
    PreAuth             *AuthenticatorOAuth2IntrospectionPreAuthConfiguration `json:"pre_authorization"`
    ScopeStrategy       string                                                `json:"scope_strategy"`
    IntrospectionURL    string                                                `json:"introspection_url"`
    BearerTokenLocation *helper.BearerTokenLocation                           `json:"token_from"`
}

type AuthenticatorOAuth2IntrospectionPreAuthConfiguration Uses

type AuthenticatorOAuth2IntrospectionPreAuthConfiguration struct {
    Enabled      bool     `json:"enabled"`
    ClientID     string   `json:"client_id"`
    ClientSecret string   `json:"client_secret"`
    Scope        []string `json:"scope"`
    TokenURL     string   `json:"token_url"`
}

type AuthenticatorOAuth2IntrospectionResult Uses

type AuthenticatorOAuth2IntrospectionResult struct {
    Active    bool                   `json:"active"`
    Extra     map[string]interface{} `json:"ext"`
    Subject   string                 `json:"sub,omitempty"`
    Username  string                 `json:"username"`
    Audience  []string               `json:"aud"`
    TokenType string                 `json:"token_type"`
    Issuer    string                 `json:"iss"`
    ClientID  string                 `json:"client_id,omitempty"`
    Scope     string                 `json:"scope,omitempty"`
}

type AuthenticatorOAuth2JWTConfiguration Uses

type AuthenticatorOAuth2JWTConfiguration struct {
    Scope               []string                    `json:"required_scope"`
    Audience            []string                    `json:"target_audience"`
    Issuers             []string                    `json:"trusted_issuers"`
    AllowedAlgorithms   []string                    `json:"allowed_algorithms"`
    JWKSURLs            []string                    `json:"jwks_urls"`
    ScopeStrategy       string                      `json:"scope_strategy"`
    BearerTokenLocation *helper.BearerTokenLocation `json:"token_from"`
}

type AuthenticatorUnauthorized Uses

type AuthenticatorUnauthorized struct {
    // contains filtered or unexported fields
}

func NewAuthenticatorUnauthorized Uses

func NewAuthenticatorUnauthorized(c configuration.Provider) *AuthenticatorUnauthorized

func (*AuthenticatorUnauthorized) Authenticate Uses

func (a *AuthenticatorUnauthorized) Authenticate(r *http.Request, config json.RawMessage, _ pipeline.Rule) (*AuthenticationSession, error)

func (*AuthenticatorUnauthorized) GetID Uses

func (a *AuthenticatorUnauthorized) GetID() string

func (*AuthenticatorUnauthorized) Validate Uses

func (a *AuthenticatorUnauthorized) Validate(config json.RawMessage) error

type Registry Uses

type Registry interface {
    AvailablePipelineAuthenticators() []string
    PipelineAuthenticator(string) (Authenticator, error)
}

Package authn imports 20 packages (graph) and is imported by 5 packages. Updated 2019-11-11. Refresh now. Tools for package owners.