tap

package

v0.4.0 Latest Latest Go to latest Published: Apr 9, 2018 License: MPL-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/saittalhanisanci/tyk-identity-broker

Links

Open Source Insights

Documentation ¶

Overview ¶

package tap wraps a set of interfaces and object to provide a generic interface to a delegated authentication

proxy

package tap wraps a set of interfaces and object to provide a generic interface to a delegated authentication

proxy

package tap wraps a set of interfaces and object to provide a generic interface to a delegated authentication

proxy

package tap wraps a set of interfaces and object to provide a generic interface to a delegated authentication

proxy

package tap wraps a set of interfaces and object to provide a generic interface to a delegated authentication

proxy

package tap wraps a set of interfaces and object to provide a generic interface to a delegated authentication

proxy

Index ¶

func GenerateSSOKey(user goth.User) string
type Action
type AuthRegisterBackend
type IdentityHandler
type Profile
type ProfileConstraint
type ProviderType
type TAProvider

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateSSOKey ¶

func GenerateSSOKey(user goth.User) string

GenerateSSOKey is a utility function that creates a temporary ID to identity a user from a delegated provider

Types ¶

type Action ¶

type Action string

An Action is a value that defines what a particular authentication profile will do, for example, create and log in a user to the dashboard, or to the portal. Alternatively, create a token or OAuth session

const (
	// Pass through / redirect user-based actions
	GenerateOrLoginDeveloperProfile Action = "GenerateOrLoginDeveloperProfile" // Portal
	GenerateOrLoginUserProfile      Action = "GenerateOrLoginUserProfile"      // Dashboard
	GenerateOAuthTokenForClient     Action = "GenerateOAuthTokenForClient"     // OAuth token flow

	// Direct or redirect
	GenerateTemporaryAuthToken    Action = "GenerateTemporaryAuthToken"  // Tyk Access Token
	GenerateOAuthTokenForPassword Action = "GenerateOAuthTokenForClient" // OAuth PW flow
)

type AuthRegisterBackend ¶

type AuthRegisterBackend interface {
	Init(interface{})
	SetKey(string, interface{}) error
	GetKey(string, interface{}) error
	GetAll() []interface{}
	DeleteKey(string) error
}

AuthRegisterBackend is an interface to provide storage for profiles loaded into TAP

type IdentityHandler ¶

type IdentityHandler interface {
	Init(interface{}) error
	CompleteIdentityAction(http.ResponseWriter, *http.Request, interface{}, Profile)
}

IdentityHandler provides an interface that provides a generic way to handle the creation / login of an SSO session for a specific provider, it should generate users, tokens and SSO sesisons for whatever target system is being used off the back of a delegated authentication provider such as GPlus.

type Profile ¶

type Profile struct {
	ID                    string
	OrgID                 string
	ActionType            Action
	MatchedPolicyID       string
	Type                  ProviderType
	ProviderName          string
	ProviderConfig        interface{}
	IdentityHandlerConfig interface{}
	ProviderConstraints   ProfileConstraint
	ReturnURL             string
}

Profile is the configuration objct for an authentication session, it combines an Action (what to do with the identity once confirmed, this is delegated to an IdentityHandler) with a Provider (such as Social / GPlus)

type ProfileConstraint ¶

type ProfileConstraint struct {
	Domain string
	Group  string
}

Certain providers can have constraints, this object sets out those constraints. E.g. Domain: "tyk.io" will limit social logins to only those with a tyk.io domain name

type ProviderType ¶

type ProviderType string

ProviderType is a way of identitying whether a provider passes through or redirects

const (
	PASSTHROUGH_PROVIDER ProviderType = "passthrough"
	REDIRECT_PROVIDER    ProviderType = "redirect"
)

type TAProvider ¶

type TAProvider interface {
	Init(IdentityHandler, Profile, []byte) error
	Name() string
	ProviderType() ProviderType
	UseCallback() bool
	Handle(http.ResponseWriter, *http.Request)
	HandleCallback(http.ResponseWriter, *http.Request, func(tag string, errorMsg string, rawErr error, code int, w http.ResponseWriter, r *http.Request))
}

TAProvider is an interface that defines an actual handler for a specific authentication provider. It can wrap largert libraries (such as Goth for social), or individual pass-throughs such as LDAP.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
identity-handlers package identityHandlers provides a collection of handlers for target systems, these handlers create accounts and sso tokens package identityHandlers provides a collection of handlers for target systems, these handlers create accounts and sso tokens	package identityHandlers provides a collection of handlers for target systems, these handlers create accounts and sso tokens package identityHandlers provides a collection of handlers for target systems, these handlers create accounts and sso tokens

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL