controllers

package
v0.0.0-...-0888c38 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 24, 2024 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// RefreshTokenValidDuration is duration that the refresh token is valid from current time.
	RefreshTokenValidDuration = 90 * 24 * time.Hour
	// AugmentedTokenValidDuration is the duration that the augmented token is valid from the current time.
	AugmentedTokenValidDuration = 90 * time.Minute
	// AuthConnectorTokenValidDuration is the duration that the auth connector token is valid from the current time.
	AuthConnectorTokenValidDuration = 30 * time.Minute
)

Variables

This section is empty.

Functions

This section is empty.

Types

type APIKeyMgr 

type APIKeyMgr interface {
	FetchOrgUserIDUsingAPIKey(ctx context.Context, key string) (uuid.UUID, uuid.UUID, error)
}

APIKeyMgr is the internal interface for managing API keys.

type Auth0Config 

type Auth0Config struct {
	Auth0Host               string
	Auth0MgmtAPI            string
	Auth0OAuthTokenEndpoint string
	Auth0UserInfoEndpoint   string
	Auth0ClientID           string
	Auth0ClientSecret       string
}

Auth0Config is the config data required for Auth0.

func NewAuth0Config 

func NewAuth0Config() Auth0Config

NewAuth0Config generates and Auth0Config based on env vars and flags.

type Auth0Connector 

type Auth0Connector struct {
	// contains filtered or unexported fields
}

Auth0Connector implements the AuthProvider interface for Auth0.

func NewAuth0Connector 

func NewAuth0Connector(cfg Auth0Config) (*Auth0Connector, error)

NewAuth0Connector provides an implementation of an Auth0Connector.

func (*Auth0Connector) CreateIdentity 

func (a *Auth0Connector) CreateIdentity(string) (*CreateIdentityResponse, error)

CreateIdentity implements the AuthProvider interface, but we don't support this functionatlity with Auth0 at the time. 

func (a *Auth0Connector) CreateInviteLink(authProviderID string) (*CreateInviteLinkResponse, error)

CreateInviteLink implements the AuthProvider interface, but we don't support this functionatlity with Auth0 at the time.

func (*Auth0Connector) GetUserIDFromToken 

func (a *Auth0Connector) GetUserIDFromToken(token string) (string, error)

GetUserIDFromToken returns the UserID for the particular token.

func (*Auth0Connector) GetUserInfo 

func (a *Auth0Connector) GetUserInfo(userID string) (*UserInfo, error)

GetUserInfo returns the UserInfo for this userID.

func (*Auth0Connector) GetUserInfoFromAccessToken 

func (a *Auth0Connector) GetUserInfoFromAccessToken(accessToken string) (*UserInfo, error)

GetUserInfoFromAccessToken fetches and returns the UserInfo for the given access token.

type AuthProvider 

type AuthProvider interface {
	// GetUserInfoFromAccessToken fetches and returns the UserInfo for the given access token.
	GetUserInfoFromAccessToken(accessToken string) (*UserInfo, error)
	// CreateInviteLinkForIdentity creates an invite link for the specific user, identified by the AuthProviderID.
	CreateInviteLink(authProviderID string) (*CreateInviteLinkResponse, error)
	// CreateIdentity will create an identity for the corresponding email.
	CreateIdentity(email string) (*CreateIdentityResponse, error)
}

AuthProvider interfaces the service we use for auth.

type CreateIdentityResponse 

type CreateIdentityResponse struct {
	IdentityProvider string
	AuthProviderID   string
}

CreateIdentityResponse contains relevant information about the Identity that was created.

type CreateInviteLinkResponse 

type CreateInviteLinkResponse struct {
	InviteLink string
}

CreateInviteLinkResponse contaions the InviteLink and any accompanying information.

type HydraKratosConnector 

type HydraKratosConnector struct {
	Client HydraKratosUserClient
}

HydraKratosConnector implements the AuthProvider interface for Hydra + Kratos.

func NewHydraKratosConnector 

func NewHydraKratosConnector() (*HydraKratosConnector, error)

NewHydraKratosConnector provides an implementation of an HydraKratosConnector.

func (*HydraKratosConnector) CreateIdentity 

func (a *HydraKratosConnector) CreateIdentity(email string) (*CreateIdentityResponse, error)

CreateIdentity creates an identity for the passed in email. 

func (a *HydraKratosConnector) CreateInviteLink(authProviderID string) (*CreateInviteLinkResponse, error)

CreateInviteLink takes the auth provider ID for a user and creates an Invite Link for that user.

func (*HydraKratosConnector) GetUserIDFromToken 

func (a *HydraKratosConnector) GetUserIDFromToken(token string) (string, error)

GetUserIDFromToken returns the UserID for the particular token.

func (*HydraKratosConnector) GetUserInfo 

func (a *HydraKratosConnector) GetUserInfo(userID string) (*UserInfo, error)

GetUserInfo returns the UserInfo for this userID.

func (*HydraKratosConnector) GetUserInfoFromAccessToken 

func (a *HydraKratosConnector) GetUserInfoFromAccessToken(accessToken string) (*UserInfo, error)

GetUserInfoFromAccessToken fetches and returns the UserInfo for the given access token.

type HydraKratosUserClient 

type HydraKratosUserClient interface {
	GetUserIDFromToken(ctx context.Context, token string) (string, error)
	GetUserInfo(ctx context.Context, userID string) (*idprovider.KratosUserInfo, error)
	CreateInviteLinkForIdentity(ctx context.Context, req *idprovider.CreateInviteLinkForIdentityRequest) (*idprovider.CreateInviteLinkForIdentityResponse, error)
	CreateIdentity(ctx context.Context, email string) (*idprovider.CreateIdentityResponse, error)
}

HydraKratosUserClient exposes user management for hydra and kratos.

type OIDCConnector 

type OIDCConnector struct {
	Issuer           string
	MetadataEndpoint string

	ClientID     string
	ClientSecret string

	Metadata *OIDPMetadata

	IDProviderClaim        string
	GoogleIdentityProvider string
	GoogleAccessTokenClaim string
	// contains filtered or unexported fields
}

OIDCConnector implements the AuthProvider interface for OIDC.

func NewOIDCConnector 

func NewOIDCConnector() (*OIDCConnector, error)

NewOIDCConnector provides an implementation of an OIDCConnector.

func (*OIDCConnector) CreateIdentity 

func (c *OIDCConnector) CreateIdentity(string) (*CreateIdentityResponse, error)

CreateIdentity implements the AuthProvider interface, but we don't support this functionatlity with OIDC at the time. 

func (c *OIDCConnector) CreateInviteLink(authProviderID string) (*CreateInviteLinkResponse, error)

CreateInviteLink implements the AuthProvider interface, but we don't support this functionatlity with OIDC at the time.

func (*OIDCConnector) GetUserInfoFromAccessToken 

func (c *OIDCConnector) GetUserInfoFromAccessToken(accessToken string) (*UserInfo, error)

GetUserInfoFromAccessToken returns the UserID for the particular token.

type OIDPMetadata 

type OIDPMetadata struct {
	Issuer           string `json:"issuer"`
	AuthEndpoint     string `json:"authorization_endpoint"`
	TokenEndpoint    string `json:"token_endpoint,omitempty"`
	UserinfoEndpoint string `json:"userinfo_endpoint,omitempty"`
}

OIDPMetadata is used to parse the provider metadata. See spec https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server defines an gRPC server type.

func NewServer 

func NewServer(env authenv.AuthEnv, a AuthProvider, apiKeyMgr APIKeyMgr) (*Server, error)

NewServer creates GRPC handlers.

func (*Server) CreateOrgAndInviteUser 

func (s *Server) CreateOrgAndInviteUser(ctx context.Context, req *authpb.CreateOrgAndInviteUserRequest) (*authpb.CreateOrgAndInviteUserResponse, error)

CreateOrgAndInviteUser creates an org and user, then returns an invite link for the user to set that user's password.

func (*Server) GetAugmentedToken 

func (s *Server) GetAugmentedToken(
	ctx context.Context, in *authpb.GetAugmentedAuthTokenRequest) (
	*authpb.GetAugmentedAuthTokenResponse, error)

GetAugmentedToken produces augmented tokens for the user based on passed in credentials.

func (*Server) GetAugmentedTokenForAPIKey 

func (s *Server) GetAugmentedTokenForAPIKey(ctx context.Context, in *authpb.GetAugmentedTokenForAPIKeyRequest) (*authpb.GetAugmentedTokenForAPIKeyResponse, error)

GetAugmentedTokenForAPIKey produces an augmented token for the user given a API key.

func (*Server) GetAuthConnectorToken 

func (s *Server) GetAuthConnectorToken(ctx context.Context, req *authpb.GetAuthConnectorTokenRequest) (*authpb.GetAuthConnectorTokenResponse, error)

GetAuthConnectorToken uses the AuthProvider to generate a short-lived token that can be used to authenticate as a user.

func (*Server) InviteUser 

func (s *Server) InviteUser(ctx context.Context, req *authpb.InviteUserRequest) (*authpb.InviteUserResponse, error)

InviteUser creates an invite link for the specified user.

func (*Server) Login 

func (s *Server) Login(ctx context.Context, in *authpb.LoginRequest) (*authpb.LoginReply, error)

Login uses the AuthProvider to authenticate and login the user. Errors out if their org doesn't exist.

func (*Server) RefetchToken 

func (s *Server) RefetchToken(ctx context.Context, in *authpb.RefetchTokenRequest) (*authpb.RefetchTokenResponse, error)

RefetchToken takes in a valid token updates the claims with new data then returns a new token.

func (*Server) Signup 

func (s *Server) Signup(ctx context.Context, in *authpb.SignupRequest) (*authpb.SignupReply, error)

Signup uses the AuthProvider to authenticate and sign up the user. It autocreates the org if the org doesn't exist.

type UserInfo 

type UserInfo struct {
	// The following fields are from the AuthProvider.
	Email         string
	EmailVerified bool
	FirstName     string
	LastName      string
	Name          string
	Picture       string

	// IdentityProvider is the name of the provider that the User used to Login. This is distinct
	// from AuthProviders - there might be many IdentityProviders that a single AuthProvider implements. Ie
	// google-oauth and github might both be IdentityProviders for Auth0.
	IdentityProvider string
	// AuthProviderID is the ID assigned to the user internal to the AuthProvider.
	AuthProviderID string
	// HostedDomain is the name of an org that a user belongs to according to the IdentityProvider.
	// If empty, the IdentityProvider does not consider the user as part of an org.
	HostedDomain string
}

UserInfo contains all the info about a user. It's not tied to any specific AuthProvider.

Source Files

View all Source files

Directories

Path Synopsis
Package mock_controllers is a generated GoMock package.
 Package mock_controllers is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.