user

package
v0.0.0-...-0119d12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNS                  = errorx.NewNamespace("error.api.user")
	ErrUnsupportedAuthType = ErrNS.NewType("unsupported_auth_type")
	ErrNSSignIn            = ErrNS.NewSubNamespace("signin")
	ErrSignInOther         = ErrNSSignIn.NewType("other")
)
View Source 
var ErrInsufficientPrivs = ErrNSSignIn.NewType("insufficient_priv")
View Source 
var Module = fx.Options(
	fx.Provide(NewAuthService),
	fx.Invoke(registerRouter),
)

Functions

func Decrypt 

func Decrypt(cipherText string, privateKey *rsa.PrivateKey) (string, error)

Decrypt by private key.

func DumpPrivateKeyBase64 

func DumpPrivateKeyBase64(privatekey *rsa.PrivateKey) (string, error)

Dump private key to base64 string

  1. Have no header/tailer line
  2. Key content is merged into one-line format

The output is: 

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2y8mEdCRE8siiI7udpge......2QIDAQAB

func DumpPublicKeyBase64 

func DumpPublicKeyBase64(publicKey *rsa.PublicKey) (string, error)

Dump public key to base64 string

  1. Have no header/tailer line
  2. Key content is merged into one-line format

The output is: 

MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2y8mEdCRE8siiI7udpge......2QIDAQAB

func Encrypt 

func Encrypt(plainText string, publicKey *rsa.PublicKey) (string, error)

Encrypt by public key.

func ExportPublicKeyAsString 

func ExportPublicKeyAsString(publicKey *rsa.PublicKey) (string, error)

Export public key to string Output format: -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67F1RPMUO4SjARRe4UfX J7ZOCbcysna0jx2Av14KteGo6AWFHhuIxZwgp83GDqFv0Dhc/be7n+9V5vfq0Ob4 fUtdjBio5ciF4pcqzVGbddfJ0R2e52DF6TI2pDgUFdN+1bmGDwZOCyrwBvVh0wW2 jAI+QfQyRimZOMqFeX97XjW32vGk7cxNYMys9ExyJcfzfLanbzOwp6kdNbPXnYtU Y2nmp+evlPKrRzBPnmO0bpZhYHklrRxLo/u/mThysMEttLkgzCare+JPQyb3z3Si Q2E7WG4yz6+6L/wB4etHDfRljMOtqEwv9z4inUfh5716Mg23Div/AbwqGPiKPZf7 cQIDAQAB -----END PUBLIC KEY-----.

func GenerateKey 

func GenerateKey() (*rsa.PrivateKey, *rsa.PublicKey, error)

Generate RSA private/public key.

func VerifySQLUser 

func VerifySQLUser(tidbClient *tidb.Client, userName, password string) (writeable bool, err error)

Types

type AuthService 

type AuthService struct {
	FeatureFlagNonRootLogin *featureflag.FeatureFlag

	RsaPublicKey  *rsa.PublicKey
	RsaPrivateKey *rsa.PrivateKey
	// contains filtered or unexported fields
}

func NewAuthService 

func NewAuthService(featureFlags *featureflag.Registry) *AuthService

func (*AuthService) GetLoginInfoHandler 

func (s *AuthService) GetLoginInfoHandler(c *gin.Context)

@ID userGetLoginInfo @Summary Get log in information, like supported authenticate types @Success 200 {object} GetLoginInfoResponse @Router /user/login_info [get]

func (*AuthService) LoginHandler 

func (s *AuthService) LoginHandler(c *gin.Context)

@ID userLogin @Summary Log in @Param message body AuthenticateForm true "Credentials" @Success 200 {object} TokenResponse @Failure 401 {object} rest.ErrorResponse @Router /user/login [post]

func (*AuthService) MWAuthRequired 

func (s *AuthService) MWAuthRequired() gin.HandlerFunc

MWAuthRequired creates a middleware that verifies the authentication token (JWT) in the request. If the token is valid, identity information will be attached in the context. If there is no authentication token, or the token is invalid, subsequent handlers will be skipped and errors will be generated.

func (*AuthService) MWRequireSharePriv 

func (s *AuthService) MWRequireSharePriv() gin.HandlerFunc

TODO: Make these MWRequireXxxPriv more general to use.

func (*AuthService) MWRequireWritePriv 

func (s *AuthService) MWRequireWritePriv() gin.HandlerFunc

func (*AuthService) RegisterAuthenticator 

func (s *AuthService) RegisterAuthenticator(typeID utils.AuthType, a Authenticator)

RegisterAuthenticator registers an authenticator in the authenticate pipeline.

type AuthenticateForm 

type AuthenticateForm struct {
	Type     utils.AuthType `json:"type" example:"0"`
	Username string         `json:"username" example:"root"` // Does not present for AuthTypeSharingCode
	Password string         `json:"password"`
	Extra    string         `json:"extra"` // FIXME: Use strong type
}

type Authenticator 

type Authenticator interface {
	IsEnabled() (bool, error)
	Authenticate(form AuthenticateForm) (*utils.SessionUser, error)
	ProcessSession(u *utils.SessionUser) bool
	SignOutInfo(u *utils.SessionUser, redirectURL string) (*SignOutInfo, error)
}

type BaseAuthenticator 

type BaseAuthenticator struct{}

func (BaseAuthenticator) IsEnabled 

func (a BaseAuthenticator) IsEnabled() (bool, error)

func (BaseAuthenticator) ProcessSession 

func (a BaseAuthenticator) ProcessSession(u *utils.SessionUser) bool

func (BaseAuthenticator) SignOutInfo 

func (a BaseAuthenticator) SignOutInfo(u *utils.SessionUser, redirectURL string) (*SignOutInfo, error)

type GetLoginInfoResponse 

type GetLoginInfoResponse struct {
	SupportedAuthTypes []int  `json:"supported_auth_types"`
	SQLAuthPublicKey   string `json:"sql_auth_public_key"`
}

type GetSignOutInfoRequest 

type GetSignOutInfoRequest struct {
	RedirectURL string `json:"redirect_url" form:"redirect_url"`
}

type SignOutInfo 

type SignOutInfo struct {
	EndSessionURL string `json:"end_session_url"`
}

type TokenResponse 

type TokenResponse struct {
	Token  string    `json:"token"`
	Expire time.Time `json:"expire"`
}

Source Files

View all Source files

Directories

Path Synopsis
codeauth
sso
ssoauth

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.