Documentation
¶
Index ¶
- Variables
- func WithAuthContext(ctx context.Context, authCtx *AuthContext) context.Context
- type APIKeyFinder
- type AuthContext
- type ClientCertificateExtractor
- type CreateInput
- type Creator
- type CredentialFinder
- type Deleter
- type Finder
- type IntrospectionValidator
- type JWTValidator
- type MTLSValidator
- type Method
- type OAuth2Verifier
- type OIDCFinder
- type OIDCVerifier
- type SessionTokenVerifier
- type TokenHints
- type UpdateInput
- type Updater
- type VerifiedClaims
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrInvalidAuthRequest = errors.New("invalid auth request") ErrAmbiguousOIDCConfig = errors.New("ambiguous oidc auth config") )
Functions ¶
func WithAuthContext ¶
func WithAuthContext(ctx context.Context, authCtx *AuthContext) context.Context
Types ¶
type APIKeyFinder ¶
type APIKeyFinder interface {
FindByAPIKey(ctx context.Context, rawKey string) (*domain.Auth, error)
}
func NewAPIKeyFinder ¶
func NewAPIKeyFinder(repo domain.Repository, manager *cache.TTLMapManager, logger *slog.Logger) APIKeyFinder
type AuthContext ¶
type AuthContext struct {
Method Method
GatewayID ids.GatewayID
GatewaySlug string
ConsumerID ids.ConsumerID
AuthID ids.AuthID
Subject string
Claims map[string]any
Scopes []string
RoleIDs []ids.RoleID
}
func AuthContextFromContext ¶
func AuthContextFromContext(ctx context.Context) (*AuthContext, bool)
type ClientCertificateExtractor ¶
type ClientCertificateExtractor interface {
FromXFCC(header string) (*x509.Certificate, error)
}
type CreateInput ¶
type Creator ¶
func NewCreator ¶
func NewCreator(repo domain.Repository, manager *cache.TTLMapManager, publisher cache.EventPublisher, logger *slog.Logger) Creator
type CredentialFinder ¶
type CredentialFinder interface {
OAuth2Auths(ctx context.Context) ([]*domain.Auth, error)
OAuth2AuthsForGateway(ctx context.Context, gatewayID ids.GatewayID) ([]*domain.Auth, error)
MTLSAuths(ctx context.Context) ([]*domain.Auth, error)
}
func NewCredentialFinder ¶
func NewCredentialFinder(repo domain.Repository, manager *cache.TTLMapManager, logger *slog.Logger) CredentialFinder
type Deleter ¶
type Deleter interface {
Delete(ctx context.Context, gatewayID ids.GatewayID, id ids.AuthID) error
}
func NewDeleter ¶
func NewDeleter( repo domain.Repository, consumerRepo consumerdomain.Repository, manager *cache.TTLMapManager, publisher cache.EventPublisher, logger *slog.Logger, ) Deleter
type Finder ¶
type Finder interface {
FindByID(ctx context.Context, gatewayID ids.GatewayID, id ids.AuthID) (*domain.Auth, error)
List(ctx context.Context, filter domain.ListFilter) ([]*domain.Auth, int, error)
}
func NewFinder ¶
func NewFinder(repo domain.Repository, manager *cache.TTLMapManager, logger *slog.Logger) Finder
type IntrospectionValidator ¶
type IntrospectionValidator interface {
Validate(ctx context.Context, raw string, cfg *authdomain.OAuth2Config) (*identity.Principal, error)
}
type JWTValidator ¶
type JWTValidator interface {
Validate(ctx context.Context, raw string, cfg *authdomain.OAuth2Config) (*identity.Principal, error)
}
type MTLSValidator ¶
type MTLSValidator interface {
Validate(cert *x509.Certificate, cfg *authdomain.MTLSConfig) (*identity.Principal, error)
}
type OAuth2Verifier ¶
type OAuth2Verifier interface {
Verify(ctx context.Context, token string, cfg domain.OAuth2Config) (*VerifiedClaims, error)
}
func NewOAuth2Verifier ¶
func NewOAuth2Verifier(jwtVerifier OIDCVerifier) OAuth2Verifier
type OIDCFinder ¶
type OIDCFinder interface {
FindOIDCAuth(ctx context.Context, auths []*domain.Auth, token string) (*domain.Auth, error)
}
func NewOIDCFinder ¶
func NewOIDCFinder(verifier OIDCVerifier) OIDCFinder
type OIDCVerifier ¶
type OIDCVerifier interface {
Peek(token string) (TokenHints, error)
Verify(ctx context.Context, token string, cfg domain.OIDCConfig) (*VerifiedClaims, error)
}
type SessionTokenVerifier ¶ added in v0.2.3
type TokenHints ¶
type UpdateInput ¶
type Updater ¶
func NewUpdater ¶
func NewUpdater( repo domain.Repository, consumerRepo consumerdomain.Repository, manager *cache.TTLMapManager, publisher cache.EventPublisher, logger *slog.Logger, ) Updater
Source Files
¶
Click to show internal directories.
Click to hide internal directories.