auth

package
v0.0.0-...-eccc266 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2024 License: MIT Imports: 27 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrNotAuthorized = fmt.Errorf("not authorized")
View Source 
var (
	ErrUserNotFound = fmt.Errorf("user not found")
)

Functions

This section is empty.

Types

type Auth0Provider 

type Auth0Provider struct {
	// contains filtered or unexported fields
}

func NewAuth0Provider 

func NewAuth0Provider(ctx context.Context, log logz.Logger, conf *conf.Auth0) (*Auth0Provider, error)

func (*Auth0Provider) AssignRoles 

func (a *Auth0Provider) AssignRoles(ctx context.Context, auth0UserID string, roles []RoleID) ([]RoleID, error)

func (*Auth0Provider) CreateUser 

func (a *Auth0Provider) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)

func (*Auth0Provider) GetUserByEmail 

func (a *Auth0Provider) GetUserByEmail(ctx context.Context, email string) (*User, error)

func (*Auth0Provider) IssueToken 

func (a *Auth0Provider) IssueToken(_ context.Context, _ string, _ Roles) (token string, err error)

func (*Auth0Provider) ListUsers 

func (a *Auth0Provider) ListUsers(ctx context.Context) ([]*User, int, error)

func (*Auth0Provider) ValidateToken 

func (a *Auth0Provider) ValidateToken(ctx context.Context, token string) (string, error)

type CtxKey 

type CtxKey int
const CtxUserKey CtxKey = 1

type JwtClaims 

type JwtClaims struct {
	jwt.RegisteredClaims
	// Scope holds the issuers roles. Should not be empty.
	Scope string `json:"scope"`
}

func (JwtClaims) Validate 

func (c JwtClaims) Validate(_ context.Context) error

type LocalProvider 

type LocalProvider struct {
	// contains filtered or unexported fields
}

func NewLocalProvider 

func NewLocalProvider(log logz.Logger, dao *dao.DAO, conf *conf.Auth0) *LocalProvider

func (*LocalProvider) AssignRoles 

func (p *LocalProvider) AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)

func (*LocalProvider) CheckPassword 

func (p *LocalProvider) CheckPassword(_ context.Context, usr *User, pass string) error

CheckPassword compares pass to pwdhash stored in db. Used only in LocalProvider.

func (*LocalProvider) CreateUser 

func (p *LocalProvider) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)

func (*LocalProvider) GetUserByEmail 

func (p *LocalProvider) GetUserByEmail(ctx context.Context, email string) (*User, error)

func (*LocalProvider) IssueToken 

func (p *LocalProvider) IssueToken(ctx context.Context, email string, scope Roles) (string, error)

func (*LocalProvider) ListUsers 

func (p *LocalProvider) ListUsers(ctx context.Context) ([]*User, int, error)

func (*LocalProvider) SetPassword 

func (p *LocalProvider) SetPassword(ctx context.Context, usr *User, pass string) error

SetPassword sets a users stored in db. Used only in LocalProvider. Use empty pass to prevent login.

func (*LocalProvider) ValidateToken 

func (p *LocalProvider) ValidateToken(ctx context.Context, tokenString string) (userID string, err error)

type MockProvider 

type MockProvider struct {
	Users []*User
}

MockProvider is only for test use.

func NewMockProvider 

func NewMockProvider() (*MockProvider, error)

func (*MockProvider) AssignRoles 

func (m *MockProvider) AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)

func (*MockProvider) CreateUser 

func (m *MockProvider) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)

func (*MockProvider) GetUserByEmail 

func (m *MockProvider) GetUserByEmail(_ context.Context, email string) (*User, error)

func (*MockProvider) IssueToken 

func (m *MockProvider) IssueToken(_ context.Context, email string, _ Roles) (token string, err error)

func (*MockProvider) ListUsers 

func (m *MockProvider) ListUsers(_ context.Context) ([]*User, int, error)

func (*MockProvider) ValidateToken 

func (m *MockProvider) ValidateToken(ctx context.Context, token string) (userID string, err error)

ValidateToken expects token to be in format "mocktoken:<user@email.com>".

type Provider 

type Provider interface {
	GetUserByEmail(ctx context.Context, email string) (*User, error)
	ListUsers(ctx context.Context) ([]*User, int, error)
	CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)
	AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)
	ValidateToken(ctx context.Context, token string) (userID string, err error)
	IssueToken(ctx context.Context, email string, scope Roles) (token string, err error)
}

func NewProvider 

func NewProvider(ctx context.Context, log logz.Logger, c *conf.Config, dao *dao.DAO) (Provider, error)

NewProvider builds correct provider based on config.

type RoleID 

type RoleID string
const (
	RoleUser       RoleID = "user"
	RoleAdmin      RoleID = "admin"
	RoleSuperAdmin RoleID = "super"
)

func (RoleID) StrPtr 

func (i RoleID) StrPtr() *string

func (RoleID) String 

func (i RoleID) String() string

type Roles 

type Roles []RoleID

func RolesFromString 

func RolesFromString(r string) Roles

func (Roles) Has 

func (r Roles) Has(role RoleID) bool

func (Roles) ToString 

func (r Roles) ToString() string

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func New 

func New(p Provider) *Service

func NewFromConfig 

func NewFromConfig(ctx context.Context, log *logz.Log, c *conf.Config, dbQuerier *dao.DAO) (*Service, error)

func (*Service) AssignRoles 

func (s *Service) AssignRoles(ctx context.Context, email string, roles []RoleID) ([]RoleID, error)

func (*Service) CheckPassword 

func (s *Service) CheckPassword(ctx context.Context, usr *User, pass string) error

CheckPassword compares pass to pwdhash stored in db. Used only with LocalProvider.

func (*Service) CreateUser 

func (s *Service) CreateUser(ctx context.Context, email string, name string, roles Roles) (*User, error)

func (*Service) GetUser 

func (s *Service) GetUser(ctx context.Context, userEmail string) (*User, error)

func (*Service) GetUserRoles 

func (s *Service) GetUserRoles(ctx context.Context, id string) ([]RoleID, error)

func (*Service) GetUsers 

func (s *Service) GetUsers(ctx context.Context) ([]*User, error)

func (*Service) HasRole 

func (s *Service) HasRole(ctx context.Context, _ interface{}, next graphql.Resolver, role RoleID) (res interface{}, err error)

func (*Service) IssueToken 

func (s *Service) IssueToken(ctx context.Context, usr *User) (string, error)

func (*Service) Middleware 

func (s *Service) Middleware(next http.Handler) http.Handler

func (*Service) SetPassword 

func (s *Service) SetPassword(ctx context.Context, usr *User, pass string) error

type User 

type User struct {
	// Basic data kept and fetched from auth provider
	ID          string    `json:"id"`
	DisplayName string    `json:"display_name"`
	Email       string    `json:"email"`
	Roles       []RoleID  `json:"roles"`
	CreatedAt   time.Time `json:"created_at"`

	// Extra data to support LE cert, stored in local db.
	Registration *registration.Resource
	// contains filtered or unexported fields
}

func GetCtxUser 

func GetCtxUser(ctx context.Context) *User

func (*User) GetEmail 

func (u *User) GetEmail() string

func (*User) GetPrivateKey 

func (u *User) GetPrivateKey() crypto.PrivateKey

func (*User) GetRegistration 

func (u *User) GetRegistration() *registration.Resource

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.