gokrb5.v7: gopkg.in/jcmturner/gokrb5.v7/credentials Index | Files

package credentials

import "gopkg.in/jcmturner/gokrb5.v7/credentials"

Package credentials provides credentials management for Kerberos 5 authentication.


Package Files

ccache.go credentials.go


const (
    // AttributeKeyADCredentials assigned number for AD credentials.
    AttributeKeyADCredentials = "gokrb5AttributeKeyADCredentials"

type ADCredentials Uses

type ADCredentials struct {
    EffectiveName       string
    FullName            string
    UserID              int
    PrimaryGroupID      int
    LogOnTime           time.Time
    LogOffTime          time.Time
    PasswordLastSet     time.Time
    GroupMembershipSIDs []string
    LogonDomainName     string
    LogonDomainID       string
    LogonServer         string

ADCredentials contains information obtained from the PAC.

type CCache Uses

type CCache struct {
    Version          uint8
    Header           header
    DefaultPrincipal principal
    Credentials      []*Credential
    Path             string

CCache is the file credentials cache as define here: https://web.mit.edu/kerberos/krb5-latest/doc/formats/ccache_file_format.html

func LoadCCache Uses

func LoadCCache(cpath string) (*CCache, error)

LoadCCache loads a credential cache file into a CCache type.

func (*CCache) Contains Uses

func (c *CCache) Contains(p types.PrincipalName) bool

Contains tests if the cache contains a credential for the provided server PrincipalName

func (*CCache) GetClientCredentials Uses

func (c *CCache) GetClientCredentials() *Credentials

GetClientCredentials returns a Credentials object representing the client of the credentials cache.

func (*CCache) GetClientPrincipalName Uses

func (c *CCache) GetClientPrincipalName() types.PrincipalName

GetClientPrincipalName returns a PrincipalName type for the client the credentials cache is for.

func (*CCache) GetClientRealm Uses

func (c *CCache) GetClientRealm() string

GetClientRealm returns the reals of the client the credentials cache is for.

func (*CCache) GetEntries Uses

func (c *CCache) GetEntries() []*Credential

GetEntries filters out configuration entries an returns a slice of credentials.

func (*CCache) GetEntry Uses

func (c *CCache) GetEntry(p types.PrincipalName) (*Credential, bool)

GetEntry returns a specific credential for the PrincipalName provided.

func (*CCache) Unmarshal Uses

func (c *CCache) Unmarshal(b []byte) error

Unmarshal a byte slice of credential cache data into CCache type.

type Credential Uses

type Credential struct {
    Client       principal
    Server       principal
    Key          types.EncryptionKey
    AuthTime     time.Time
    StartTime    time.Time
    EndTime      time.Time
    RenewTill    time.Time
    IsSKey       bool
    TicketFlags  asn1.BitString
    Addresses    []types.HostAddress
    AuthData     []types.AuthorizationDataEntry
    Ticket       []byte
    SecondTicket []byte

Credential holds a Kerberos client's ccache credential information.

type Credentials Uses

type Credentials struct {
    // contains filtered or unexported fields

Credentials struct for a user. Contains either a keytab, password or both. Keytabs are used over passwords if both are defined.

func New Uses

func New(username string, realm string) *Credentials

New creates a new Credentials instance.

func NewFromPrincipalName Uses

func NewFromPrincipalName(cname types.PrincipalName, realm string) *Credentials

NewFromPrincipalName creates a new Credentials instance with the user details provides as a PrincipalName type.

func (*Credentials) AddAuthzAttribute Uses

func (c *Credentials) AddAuthzAttribute(a string)

AddAuthzAttribute adds an authorization attribute to the credential.

func (*Credentials) Attributes Uses

func (c *Credentials) Attributes() map[string]interface{}

Attributes returns the Credentials' attributes map.

func (*Credentials) AuthTime Uses

func (c *Credentials) AuthTime() time.Time

AuthTime returns the time the credential was authenticated.

func (*Credentials) Authenticated Uses

func (c *Credentials) Authenticated() bool

Authenticated indicates if the credential has been successfully authenticated or not.

func (*Credentials) Authorized Uses

func (c *Credentials) Authorized(a string) bool

Authorized indicates if the credential has the specified authorizing attribute.

func (*Credentials) AuthzAttributes Uses

func (c *Credentials) AuthzAttributes() []string

AuthzAttributes returns the credentials authorizing attributes.

func (*Credentials) CName Uses

func (c *Credentials) CName() types.PrincipalName

CName returns the credential's client principal name.

func (*Credentials) DisableAuthzAttribute Uses

func (c *Credentials) DisableAuthzAttribute(a string)

DisableAuthzAttribute toggles an authorization attribute to a disabled state on the credential.

func (*Credentials) DisplayName Uses

func (c *Credentials) DisplayName() string

DisplayName returns the credential's display name.

func (*Credentials) Domain Uses

func (c *Credentials) Domain() string

Domain returns the credential's domain.

func (*Credentials) EnableAuthzAttribute Uses

func (c *Credentials) EnableAuthzAttribute(a string)

EnableAuthzAttribute toggles an authorization attribute to an enabled state on the credential.

func (*Credentials) Expired Uses

func (c *Credentials) Expired() bool

Expired indicates if the credential has expired.

func (*Credentials) HasKeytab Uses

func (c *Credentials) HasKeytab() bool

HasKeytab queries if the Credentials has a keytab defined.

func (*Credentials) HasPassword Uses

func (c *Credentials) HasPassword() bool

HasPassword queries if the Credentials has a password defined.

func (*Credentials) Human Uses

func (c *Credentials) Human() bool

Human returns if the credential represents a human or not.

func (*Credentials) Keytab Uses

func (c *Credentials) Keytab() *keytab.Keytab

Keytab returns the credential's Keytab.

func (*Credentials) Password Uses

func (c *Credentials) Password() string

Password returns the credential's password.

func (*Credentials) Realm Uses

func (c *Credentials) Realm() string

Realm returns the credential's realm. Same as the domain.

func (*Credentials) RemoveAttribute Uses

func (c *Credentials) RemoveAttribute(k string)

RemoveAttribute deletes an attribute from the attribute map that has the key provided.

func (*Credentials) RemoveAuthzAttribute Uses

func (c *Credentials) RemoveAuthzAttribute(a string)

RemoveAuthzAttribute removes an authorization attribute from the credential.

func (*Credentials) SessionID Uses

func (c *Credentials) SessionID() string

SessionID returns the credential's session ID.

func (*Credentials) SetADCredentials Uses

func (c *Credentials) SetADCredentials(a ADCredentials)

SetADCredentials adds ADCredentials attributes to the credentials

func (*Credentials) SetAttribute Uses

func (c *Credentials) SetAttribute(k string, v interface{})

SetAttribute sets the value of an attribute.

func (*Credentials) SetAttributes Uses

func (c *Credentials) SetAttributes(a map[string]interface{})

SetAttributes replaces the attributes map with the one provided.

func (*Credentials) SetAuthTime Uses

func (c *Credentials) SetAuthTime(t time.Time)

SetAuthTime sets the time the credential was authenticated.

func (*Credentials) SetAuthenticated Uses

func (c *Credentials) SetAuthenticated(b bool)

SetAuthenticated sets the credential as having been successfully authenticated.

func (*Credentials) SetCName Uses

func (c *Credentials) SetCName(pn types.PrincipalName)

SetCName sets the client principal name on the credential.

func (*Credentials) SetDisplayName Uses

func (c *Credentials) SetDisplayName(s string)

SetDisplayName sets the display name value on the credential.

func (*Credentials) SetDomain Uses

func (c *Credentials) SetDomain(s string)

SetDomain sets the domain value on the credential.

func (*Credentials) SetHuman Uses

func (c *Credentials) SetHuman(b bool)

SetHuman sets the credential as human.

func (*Credentials) SetRealm Uses

func (c *Credentials) SetRealm(s string)

SetRealm sets the realm value on the credential. Same as the domain

func (*Credentials) SetUserName Uses

func (c *Credentials) SetUserName(s string)

SetUserName sets the username value on the credential.

func (*Credentials) SetValidUntil Uses

func (c *Credentials) SetValidUntil(t time.Time)

SetValidUntil sets the expiry time of the credentials

func (*Credentials) UserName Uses

func (c *Credentials) UserName() string

UserName returns the credential's username.

func (*Credentials) ValidUntil Uses

func (c *Credentials) ValidUntil() time.Time

ValidUntil returns the credential's valid until date

func (*Credentials) WithKeytab Uses

func (c *Credentials) WithKeytab(kt *keytab.Keytab) *Credentials

WithKeytab sets the Keytab in the Credentials struct.

func (*Credentials) WithPassword Uses

func (c *Credentials) WithPassword(password string) *Credentials

WithPassword sets the password in the Credentials struct.

Package credentials imports 12 packages (graph) and is imported by 31 packages. Updated 2020-02-07. Refresh now. Tools for package owners.