Documentation
¶
Index ¶
- type Config
- type IdentityServer
- func (is *IdentityServer) ApplicationRights(ctx context.Context, appIDs ttnpb.ApplicationIdentifiers) (*ttnpb.Rights, error)
- func (is *IdentityServer) ClientRights(ctx context.Context, cliIDs ttnpb.ClientIdentifiers) (*ttnpb.Rights, error)
- func (is *IdentityServer) Context() context.Context
- func (is *IdentityServer) GatewayRights(ctx context.Context, gtwIDs ttnpb.GatewayIdentifiers) (*ttnpb.Rights, error)
- func (is *IdentityServer) IsAdmin(ctx context.Context) bool
- func (is *IdentityServer) OrganizationRights(ctx context.Context, orgIDs ttnpb.OrganizationIdentifiers) (*ttnpb.Rights, error)
- func (is *IdentityServer) RegisterHandlers(s *runtime.ServeMux, conn *grpc.ClientConn)
- func (is *IdentityServer) RegisterServices(s *grpc.Server)
- func (is *IdentityServer) RequireAdmin(ctx context.Context) error
- func (is *IdentityServer) RequireAuthenticated(ctx context.Context) error
- func (is *IdentityServer) Roles() []ttnpb.ClusterRole
- func (is *IdentityServer) SendContactsEmail(ctx context.Context, ids *ttnpb.EntityIdentifiers, ...) error
- func (is *IdentityServer) SendEmail(ctx context.Context, f func(emails.Data) email.MessageData) (err error)
- func (is *IdentityServer) SendUserEmail(ctx context.Context, userIDs *ttnpb.UserIdentifiers, ...) error
- func (is *IdentityServer) SetRedisCache(redis *redis.Client)
- func (is *IdentityServer) UniversalRights(ctx context.Context) *ttnpb.Rights
- func (is *IdentityServer) UserRights(ctx context.Context, userIDs ttnpb.UserIdentifiers) (*ttnpb.Rights, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
DatabaseURI string `name:"database-uri" description:"Database connection URI"`
UserRegistration struct {
Invitation struct {
Required bool `name:"required" description:"Require invitations for new users"`
TokenTTL time.Duration `name:"token-ttl" description:"TTL of user invitation tokens"`
} `name:"invitation"`
ContactInfoValidation struct {
Required bool `name:"required" description:"Require contact info validation for new users"`
} `name:"contact-info-validation"`
AdminApproval struct {
Required bool `name:"required" description:"Require admin approval for new users"`
} `name:"admin-approval"`
PasswordRequirements struct {
MinLength int `name:"min-length" description:"Minimum password length"`
MaxLength int `name:"max-length" description:"Maximum password length"`
MinUppercase int `name:"min-uppercase" description:"Minimum number of uppercase letters"`
MinDigits int `name:"min-digits" description:"Minimum number of digits"`
MinSpecial int `name:"min-special" description:"Minimum number of special characters"`
} `name:"password-requirements"`
} `name:"user-registration"`
AuthCache struct {
MembershipTTL time.Duration `name:"membership-ttl" description:"TTL of membership caches"`
} `name:"auth-cache"`
OAuth oauth.Config `name:"oauth"`
ProfilePicture struct {
UseGravatar bool `name:"use-gravatar" description:"Use Gravatar fallback for users without profile picture"`
Bucket string `name:"bucket" description:"Bucket used for storing profile pictures"`
BucketURL string `name:"bucket-url" description:"Base URL for public bucket access"`
} `name:"profile-picture"`
EndDevicePicture struct {
Bucket string `name:"bucket" description:"Bucket used for storing end device pictures"`
BucketURL string `name:"bucket-url" description:"Base URL for public bucket access"`
} `name:"end-device-picture"`
Email struct {
email.Config `name:",squash"`
SendGrid sendgrid.Config `name:"sendgrid"`
SMTP smtp.Config `name:"smtp"`
Templates emailTemplatesConfig `name:"templates"`
} `name:"email"`
}
Config for the Identity Server
type IdentityServer ¶
IdentityServer implements the Identity Server component.
The Identity Server exposes the Registry and Access services for Applications, OAuth clients, Gateways, Organizations and Users.
func New ¶
func New(c *component.Component, config *Config) (is *IdentityServer, err error)
New returns new *IdentityServer.
func (*IdentityServer) ApplicationRights ¶
func (is *IdentityServer) ApplicationRights(ctx context.Context, appIDs ttnpb.ApplicationIdentifiers) (*ttnpb.Rights, error)
ApplicationRights returns the rights the caller has on the given application.
func (*IdentityServer) ClientRights ¶
func (is *IdentityServer) ClientRights(ctx context.Context, cliIDs ttnpb.ClientIdentifiers) (*ttnpb.Rights, error)
ClientRights returns the rights the caller has on the given client.
func (*IdentityServer) Context ¶
func (is *IdentityServer) Context() context.Context
Context returns the context of the Identity Server.
func (*IdentityServer) GatewayRights ¶
func (is *IdentityServer) GatewayRights(ctx context.Context, gtwIDs ttnpb.GatewayIdentifiers) (*ttnpb.Rights, error)
GatewayRights returns the rights the caller has on the given gateway.
func (*IdentityServer) IsAdmin ¶
func (is *IdentityServer) IsAdmin(ctx context.Context) bool
IsAdmin returns whether the caller is an admin.
func (*IdentityServer) OrganizationRights ¶
func (is *IdentityServer) OrganizationRights(ctx context.Context, orgIDs ttnpb.OrganizationIdentifiers) (*ttnpb.Rights, error)
OrganizationRights returns the rights the caller has on the given organization.
func (*IdentityServer) RegisterHandlers ¶
func (is *IdentityServer) RegisterHandlers(s *runtime.ServeMux, conn *grpc.ClientConn)
RegisterHandlers registers gRPC handlers.
func (*IdentityServer) RegisterServices ¶
func (is *IdentityServer) RegisterServices(s *grpc.Server)
RegisterServices registers services provided by is at s.
func (*IdentityServer) RequireAdmin ¶
func (is *IdentityServer) RequireAdmin(ctx context.Context) error
RequireAdmin returns an error when the caller is not an admin.
func (*IdentityServer) RequireAuthenticated ¶
func (is *IdentityServer) RequireAuthenticated(ctx context.Context) error
RequireAuthenticated checks the request context for authentication presence and returns an error if there is none.
func (*IdentityServer) Roles ¶
func (is *IdentityServer) Roles() []ttnpb.ClusterRole
Roles returns the roles that the Identity Server fulfills.
func (*IdentityServer) SendContactsEmail ¶
func (is *IdentityServer) SendContactsEmail(ctx context.Context, ids *ttnpb.EntityIdentifiers, makeMessage func(emails.Data) email.MessageData) error
SendContactsEmail sends an email to the contacts of the given entity.
func (*IdentityServer) SendEmail ¶
func (is *IdentityServer) SendEmail(ctx context.Context, f func(emails.Data) email.MessageData) (err error)
SendEmail sends an email.
func (*IdentityServer) SendUserEmail ¶
func (is *IdentityServer) SendUserEmail(ctx context.Context, userIDs *ttnpb.UserIdentifiers, makeMessage func(emails.Data) email.MessageData) error
SendUserEmail sends an email to the given user.
func (*IdentityServer) SetRedisCache ¶
func (is *IdentityServer) SetRedisCache(redis *redis.Client)
SetRedisCache configures the given redis instance for caching.
func (*IdentityServer) UniversalRights ¶
func (is *IdentityServer) UniversalRights(ctx context.Context) *ttnpb.Rights
UniversalRights returns the universal rights (that apply to any entity or outside entity scope) contained in the request context. This is used to determine admin rights.
func (*IdentityServer) UserRights ¶
func (is *IdentityServer) UserRights(ctx context.Context, userIDs ttnpb.UserIdentifiers) (*ttnpb.Rights, error)
UserRights returns the rights the caller has on the given user.
Source Files
¶
- api_key_utils.go
- application_access.go
- application_registry.go
- client_access.go
- client_registry.go
- config.go
- contact_info_registry.go
- email.go
- end_device_registry.go
- entity_access.go
- gateway_access.go
- gateway_registry.go
- identityserver.go
- invitation_registry.go
- oauth_registry.go
- organization_access.go
- organization_registry.go
- picture.go
- registry_search.go
- rights.go
- user_access.go
- user_registry.go
- utils.go
Directories
Click to show internal directories.
Click to hide internal directories.