tokens

package
v0.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 4, 2024 License: MPL-2.0 Imports: 27 Imported by: 0

Documentation

Overview

Package tokens manages token authentication

Index

Constants

View Source 
const (
	// session cookie stores the session token
	SessionCookie = "session"
)

Variables

View Source 
var AuthenticatedPrefixes = []string{
	tfeapi.APIPrefixV2,
	tfeapi.APIPrefixV1,
	tfeapi.ModuleV1Prefix,
	otfapi.DefaultBasePath,
	paths.UIPrefix,
}

AuthenticatedPrefixes are those URL path prefixes requiring authentication.

Functions

func NewTestSessionJWT 

func NewTestSessionJWT(t *testing.T, username string, secret []byte, lifetime time.Duration) string

func TokenFlashMessage 

func TokenFlashMessage(renderer html.Renderer, w http.ResponseWriter, token []byte) error

TokenFlashMessage is a helper for rendering a flash message with an authentication token.

Types

type GoogleIAPConfig 

type GoogleIAPConfig struct {
	Audience string
}

type Kind 

type Kind string

the Kind of authentication token: user session, user token, agent token, etc

type NewTokenOptions 

type NewTokenOptions struct {
	Kind    Kind
	Subject string
	Expiry  *time.Time
	Claims  map[string]string
}

type Options 

type Options struct {
	logr.Logger
	GoogleIAPConfig

	Secret []byte
}

type Service 

type Service struct {
	logr.Logger
	// contains filtered or unexported fields
}

func NewService 

func NewService(opts Options) (*Service, error)

func (Service) GetOrCreateUISubject 

func (r Service) GetOrCreateUISubject(ctx context.Context, login string) (internal.Subject, error)

func (Service) GetSubject 

func (r Service) GetSubject(ctx context.Context, k Kind, jwtSubject string) (internal.Subject, error)

func (*Service) Middleware 

func (a *Service) Middleware() mux.MiddlewareFunc

Middleware returns middleware for authenticating tokens

func (Service) NewSessionToken 

func (f Service) NewSessionToken(username string, expiry time.Time) (string, error)

func (Service) NewToken 

func (f Service) NewToken(opts NewTokenOptions) ([]byte, error)

func (Service) RegisterKind 

func (r Service) RegisterKind(k Kind, fn SubjectGetter)

RegisterKind registers a kind of authentication token, providing a func that can retrieve the OTF subject indicated in the token.

func (Service) RegisterSiteToken 

func (r Service) RegisterSiteToken(token string, siteAdmin internal.Subject)

RegisterSiteToken registers a site token which the middleware, and the subject to return as the site admin upon successful authentication.

func (Service) RegisterUISubjectGetterOrCreator 

func (r Service) RegisterUISubjectGetterOrCreator(fn UISubjectGetterOrCreator)

func (*Service) StartSession 

func (a *Service) StartSession(w http.ResponseWriter, r *http.Request, opts StartSessionOptions) error

type StartSessionOptions 

type StartSessionOptions struct {
	Username *string
	Expiry   *time.Time
}

type SubjectGetter 

type SubjectGetter func(ctx context.Context, jwtSubject string) (internal.Subject, error)

SubjectGetter retrieves an OTF subject given the jwtSubject string, which is the value of the 'subject' field parsed from a JWT.

type UISubjectGetterOrCreator 

type UISubjectGetterOrCreator func(ctx context.Context, login string) (internal.Subject, error)

UISubjectGetterOrCreator retrieves the OTF subject with the given login that is attempting to access the UI. If the subject does not exist it is created.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.