facade

package
v0.0.0-...-0b1f6af Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2026 License: Apache-2.0 Imports: 34 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var CoordinatorLogger = slogutil.NewLogger("coordinator")
View Source 
var DependencySet = wire.NewSet(
	wire.Struct(new(Coordinator), "*"),
	wire.Struct(new(AuthenticatorFacade), "*"),
	wire.Struct(new(IdentityFacade), "*"),
	wire.Struct(new(UserFacade), "*"),
	wire.Struct(new(WorkflowVerificationFacade), "*"),
	wire.Struct(new(AdminVerificationFacade), "*"),
	wire.Struct(new(MFAFacade), "*"),
)
View Source 
var ErrMFAGracePeriodInvalid = apierrors.Invalid.WithReason("MFAGracePeriodInvalid").New("MFA grace period is invalid")
View Source 
var ErrUserIsAnonymized = apierrors.Invalid.WithReason("UserIsAnonymized").New("user is anonymized")
View Source 
var InvariantViolated = apierrors.Invalid.WithReason("InvariantViolated")

Functions

func NewInvariantViolated 

func NewInvariantViolated(cause string, msg string, data map[string]interface{}) error

Types

type AdminVerificationFacade 

type AdminVerificationFacade struct {
	Verification VerificationService
	Coordinator  *Coordinator
}

func (AdminVerificationFacade) DeleteClaim 

func (v AdminVerificationFacade) DeleteClaim(ctx context.Context, claim *verification.Claim) error

func (AdminVerificationFacade) GetClaims 

func (v AdminVerificationFacade) GetClaims(ctx context.Context, userID string) ([]*verification.Claim, error)

func (AdminVerificationFacade) MarkClaimVerified 

func (v AdminVerificationFacade) MarkClaimVerified(ctx context.Context, claim *verification.Claim) error

func (AdminVerificationFacade) NewVerifiedClaim 

func (v AdminVerificationFacade) NewVerifiedClaim(ctx context.Context, userID string, claimName string, claimValue string) *verification.Claim

type AuthenticationDetails 

type AuthenticationDetails struct {
	UserID             string
	Stage              authn.AuthenticationStage
	AuthenticationType authn.AuthenticationType
}

func NewAuthenticationDetails 

func NewAuthenticationDetails(
	userID string,
	stage authn.AuthenticationStage,
	authenticationType authn.AuthenticationType,
) *AuthenticationDetails

type AuthenticatorFacade 

type AuthenticatorFacade struct {
	Coordinator *Coordinator
}

func (AuthenticatorFacade) ClearLockoutAttempts 

func (a AuthenticatorFacade) ClearLockoutAttempts(ctx context.Context, userID string, usedMethods []config.AuthenticationLockoutMethod) error

func (AuthenticatorFacade) Create 

func (a AuthenticatorFacade) Create(ctx context.Context, authenticatorInfo *authenticator.Info, markVerified bool) error

func (AuthenticatorFacade) Delete 

func (a AuthenticatorFacade) Delete(ctx context.Context, authenticatorInfo *authenticator.Info) error

func (AuthenticatorFacade) Get 

func (a AuthenticatorFacade) Get(ctx context.Context, id string) (*authenticator.Info, error)

func (AuthenticatorFacade) List 

func (a AuthenticatorFacade) List(ctx context.Context, userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)

func (AuthenticatorFacade) MarkOOBIdentityVerified 

func (a AuthenticatorFacade) MarkOOBIdentityVerified(ctx context.Context, info *authenticator.Info) error

func (AuthenticatorFacade) New 

func (a AuthenticatorFacade) New(ctx context.Context, spec *authenticator.Spec) (*authenticator.Info, error)

func (AuthenticatorFacade) NewWithAuthenticatorID 

func (a AuthenticatorFacade) NewWithAuthenticatorID(ctx context.Context, authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)

func (AuthenticatorFacade) Update 

func (a AuthenticatorFacade) Update(ctx context.Context, authenticatorInfo *authenticator.Info) error

func (AuthenticatorFacade) UpdatePassword 

func (a AuthenticatorFacade) UpdatePassword(ctx context.Context, authenticatorInfo *authenticator.Info, options *service.UpdatePasswordOptions) (changed bool, info *authenticator.Info, err error)

func (AuthenticatorFacade) VerifyOneWithSpec 

func (a AuthenticatorFacade) VerifyOneWithSpec(ctx context.Context, userID string, authenticatorType apimodel.AuthenticatorType, infos []*authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (info *authenticator.Info, verifyResult *service.VerifyResult, err error)

func (AuthenticatorFacade) VerifyWithSpec 

func (a AuthenticatorFacade) VerifyWithSpec(ctx context.Context, info *authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (verifyResult *service.VerifyResult, err error)

type AuthenticatorService 

type AuthenticatorService interface {
	New(ctx context.Context, spec *authenticator.Spec) (*authenticator.Info, error)
	NewWithAuthenticatorID(ctx context.Context, authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)
	UpdatePassword(ctx context.Context, authenticatorInfo *authenticator.Info, options *service.UpdatePasswordOptions) (changed bool, info *authenticator.Info, err error)

	Get(ctx context.Context, id string) (*authenticator.Info, error)
	List(ctx context.Context, userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)
	Create(ctx context.Context, authenticatorInfo *authenticator.Info) error
	Update(ctx context.Context, authenticatorInfo *authenticator.Info) error
	Delete(ctx context.Context, authenticatorInfo *authenticator.Info) error
	VerifyOneWithSpec(ctx context.Context, userID string, authenticatorType model.AuthenticatorType, infos []*authenticator.Info, spec *authenticator.Spec, options *service.VerifyOptions) (info *authenticator.Info, verifyResult *service.VerifyResult, err error)
	UpdateOrphans(ctx context.Context, oldInfo *identity.Info, newInfo *identity.Info) error
	RemoveOrphans(ctx context.Context, identities []*identity.Info) error
	ClearLockoutAttempts(ctx context.Context, userID string, usedMethods []config.AuthenticationLockoutMethod) error
}

type Coordinator 

type Coordinator struct {
	Events                     EventService
	Identities                 IdentityService
	Authenticators             AuthenticatorService
	Verification               VerificationService
	MFA                        MFAService
	SendPassword               SendPasswordService
	UserCommands               UserCommands
	UserQueries                UserQueries
	RolesGroupsCommands        RolesGroupsCommands
	StdAttrsService            StdAttrsService
	PasswordHistory            PasswordHistoryStore
	OAuth                      OAuthService
	IDPSessions                IDPSessionManager
	OAuthSessions              OAuthSessionManager
	IdentityConfig             *config.IdentityConfig
	AccountDeletionConfig      *config.AccountDeletionConfig
	AccountAnonymizationConfig *config.AccountAnonymizationConfig
	AuthenticationConfig       *config.AuthenticationConfig
	Clock                      clock.Clock
	PasswordGenerator          *password.Generator
}

Coordinator represents interaction between identities, authenticators, and other high-level features (such as verification). FIXME(interaction): This is used to avoid circular dependency between 

feature implementations. We should investigate a proper
resolution, as the interactions between features will
get complicated fast.

FIXME(mfa): remove all MFA recovery code when last secondary authenticator is 

removed, so that recovery codes are re-generated when setup again.

func (*Coordinator) AuthenticatorClearLockoutAttempts 

func (c *Coordinator) AuthenticatorClearLockoutAttempts(ctx context.Context, userID string, usedMethods []config.AuthenticationLockoutMethod) error

func (*Coordinator) AuthenticatorCreate 

func (c *Coordinator) AuthenticatorCreate(ctx context.Context, authenticatorInfo *authenticator.Info, markVerified bool) error

func (*Coordinator) AuthenticatorDelete 

func (c *Coordinator) AuthenticatorDelete(ctx context.Context, authenticatorInfo *authenticator.Info) error

func (*Coordinator) AuthenticatorGet 

func (c *Coordinator) AuthenticatorGet(ctx context.Context, id string) (*authenticator.Info, error)

func (*Coordinator) AuthenticatorList 

func (c *Coordinator) AuthenticatorList(ctx context.Context, userID string, filters ...authenticator.Filter) ([]*authenticator.Info, error)

func (*Coordinator) AuthenticatorNew 

func (c *Coordinator) AuthenticatorNew(ctx context.Context, spec *authenticator.Spec) (*authenticator.Info, error)

func (*Coordinator) AuthenticatorNewWithAuthenticatorID 

func (c *Coordinator) AuthenticatorNewWithAuthenticatorID(ctx context.Context, authenticatorID string, spec *authenticator.Spec) (*authenticator.Info, error)

func (*Coordinator) AuthenticatorUpdate 

func (c *Coordinator) AuthenticatorUpdate(ctx context.Context, authenticatorInfo *authenticator.Info) error

func (*Coordinator) AuthenticatorUpdatePassword 

func (c *Coordinator) AuthenticatorUpdatePassword(ctx context.Context, authenticatorInfo *authenticator.Info, options *service.UpdatePasswordOptions) (changed bool, info *authenticator.Info, err error)

func (*Coordinator) AuthenticatorVerifyOneWithSpec 

func (c *Coordinator) AuthenticatorVerifyOneWithSpec(ctx context.Context, userID string, authenticatorType model.AuthenticatorType, infos []*authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (info *authenticator.Info, verifyResult *service.VerifyResult, err error)

func (*Coordinator) AuthenticatorVerifyWithSpec 

func (c *Coordinator) AuthenticatorVerifyWithSpec(ctx context.Context, info *authenticator.Info, spec *authenticator.Spec, options *VerifyOptions) (verifyResult *service.VerifyResult, err error)

func (*Coordinator) DeleteVerifiedClaimByAdmin 

func (c *Coordinator) DeleteVerifiedClaimByAdmin(ctx context.Context, claim *verification.Claim) error

func (*Coordinator) GetUserByLoginID 

func (c *Coordinator) GetUserByLoginID(ctx context.Context, loginIDKey string, loginIDValue string) (string, error)

func (*Coordinator) GetUserByOAuth 

func (c *Coordinator) GetUserByOAuth(ctx context.Context, oauthProviderAlias string, oauthProviderUserID string) (string, error)

func (*Coordinator) GetUserIDsByLoginIDLoginHint 

func (c *Coordinator) GetUserIDsByLoginIDLoginHint(ctx context.Context, hint *oauth.LoginHint) ([]string, error)

func (*Coordinator) GetUsersByStandardAttribute 

func (c *Coordinator) GetUsersByStandardAttribute(ctx context.Context, attributeName string, attributeValue string) ([]string, error)

func (*Coordinator) IdentityCheckDuplicated 

func (c *Coordinator) IdentityCheckDuplicated(ctx context.Context, info *identity.Info) (*identity.Info, error)

func (*Coordinator) IdentityCheckDuplicatedByUniqueKey 

func (c *Coordinator) IdentityCheckDuplicatedByUniqueKey(ctx context.Context, info *identity.Info) (*identity.Info, error)

func (*Coordinator) IdentityCreate 

func (c *Coordinator) IdentityCreate(ctx context.Context, is *identity.Info) error

func (*Coordinator) IdentityCreateByAdmin 

func (c *Coordinator) IdentityCreateByAdmin(ctx context.Context, userID string, spec *identity.Spec, password string) (*identity.Info, error)

func (*Coordinator) IdentityDelete 

func (c *Coordinator) IdentityDelete(ctx context.Context, is *identity.Info, bypassChecks bool) error

func (*Coordinator) IdentityGet 

func (c *Coordinator) IdentityGet(ctx context.Context, id string) (*identity.Info, error)

func (*Coordinator) IdentityListByClaim 

func (c *Coordinator) IdentityListByClaim(ctx context.Context, name string, value string) ([]*identity.Info, error)

func (*Coordinator) IdentityListByUser 

func (c *Coordinator) IdentityListByUser(ctx context.Context, userID string) ([]*identity.Info, error)

func (*Coordinator) IdentityListIdentitiesThatHaveStandardAttributes 

func (c *Coordinator) IdentityListIdentitiesThatHaveStandardAttributes(ctx context.Context, userID string) ([]*identity.Info, error)

func (*Coordinator) IdentityListRefsByUsers 

func (c *Coordinator) IdentityListRefsByUsers(ctx context.Context, userIDs []string, identityType *model.IdentityType) ([]*model.IdentityRef, error)

func (*Coordinator) IdentityNew 

func (c *Coordinator) IdentityNew(ctx context.Context, userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

func (*Coordinator) IdentitySearchBySpec 

func (c *Coordinator) IdentitySearchBySpec(ctx context.Context, spec *identity.Spec) (exactMatch *identity.Info, otherMatches []*identity.Info, err error)

func (*Coordinator) IdentityUpdate 

func (c *Coordinator) IdentityUpdate(ctx context.Context, oldInfo *identity.Info, newInfo *identity.Info) error

func (*Coordinator) IdentityUpdateWithSpec 

func (c *Coordinator) IdentityUpdateWithSpec(ctx context.Context, is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

func (*Coordinator) MFAConsumeRecoveryCode 

func (c *Coordinator) MFAConsumeRecoveryCode(ctx context.Context, rc *mfa.RecoveryCode) error

func (*Coordinator) MFACreateDeviceToken 

func (c *Coordinator) MFACreateDeviceToken(ctx context.Context, userID string, token string) (*mfa.DeviceToken, error)

func (*Coordinator) MFAGenerateDeviceToken 

func (c *Coordinator) MFAGenerateDeviceToken(ctx context.Context) string

func (*Coordinator) MFAGenerateRecoveryCodes 

func (c *Coordinator) MFAGenerateRecoveryCodes(ctx context.Context) []string

func (*Coordinator) MFAInvalidateAllDeviceTokens 

func (c *Coordinator) MFAInvalidateAllDeviceTokens(ctx context.Context, userID string) error

func (*Coordinator) MFAListRecoveryCodes 

func (c *Coordinator) MFAListRecoveryCodes(ctx context.Context, userID string) ([]*mfa.RecoveryCode, error)

func (*Coordinator) MFAReplaceRecoveryCodes 

func (c *Coordinator) MFAReplaceRecoveryCodes(ctx context.Context, userID string, codes []string) ([]*mfa.RecoveryCode, error)

func (*Coordinator) MFAVerifyDeviceToken 

func (c *Coordinator) MFAVerifyDeviceToken(ctx context.Context, userID string, token string) error

func (*Coordinator) MFAVerifyRecoveryCode 

func (c *Coordinator) MFAVerifyRecoveryCode(ctx context.Context, userID string, code string) (*mfa.RecoveryCode, error)

func (*Coordinator) MarkClaimVerifiedByAdmin 

func (c *Coordinator) MarkClaimVerifiedByAdmin(ctx context.Context, claim *verification.Claim) error

func (*Coordinator) MarkOOBIdentityVerified 

func (c *Coordinator) MarkOOBIdentityVerified(ctx context.Context, info *authenticator.Info) error

func (*Coordinator) UserAnonymize 

func (c *Coordinator) UserAnonymize(ctx context.Context, userID string, IsScheduledAnonymization bool) error

func (*Coordinator) UserCheckAnonymized 

func (c *Coordinator) UserCheckAnonymized(ctx context.Context, userID string) error

func (*Coordinator) UserCreatebyAdmin 

func (c *Coordinator) UserCreatebyAdmin(ctx context.Context, identitySpec *identity.Spec, opts CreatePasswordOptions) (*user.User, error)

func (*Coordinator) UserDelete 

func (c *Coordinator) UserDelete(ctx context.Context, userID string, isScheduledDeletion bool, reason string) error

func (*Coordinator) UserDisable 

func (c *Coordinator) UserDisable(ctx context.Context, options SetDisabledOptions) error

func (*Coordinator) UserReenable 

func (c *Coordinator) UserReenable(ctx context.Context, userID string) error

func (*Coordinator) UserRefreshAccountStatus 

func (c *Coordinator) UserRefreshAccountStatus(ctx context.Context, userID string) error

func (*Coordinator) UserScheduleAnonymizationByAdmin 

func (c *Coordinator) UserScheduleAnonymizationByAdmin(ctx context.Context, userID string) error

func (*Coordinator) UserScheduleDeletionByAdmin 

func (c *Coordinator) UserScheduleDeletionByAdmin(ctx context.Context, userID string, reason string) error

func (*Coordinator) UserScheduleDeletionByEndUser 

func (c *Coordinator) UserScheduleDeletionByEndUser(ctx context.Context, userID string) error

func (*Coordinator) UserSetAccountValidFrom 

func (c *Coordinator) UserSetAccountValidFrom(ctx context.Context, userID string, from *time.Time) error

func (*Coordinator) UserSetAccountValidPeriod 

func (c *Coordinator) UserSetAccountValidPeriod(ctx context.Context, userID string, from *time.Time, until *time.Time) error

func (*Coordinator) UserSetAccountValidUntil 

func (c *Coordinator) UserSetAccountValidUntil(ctx context.Context, userID string, until *time.Time) error

func (*Coordinator) UserUnscheduleAnonymizationByAdmin 

func (c *Coordinator) UserUnscheduleAnonymizationByAdmin(ctx context.Context, userID string) error

func (*Coordinator) UserUnscheduleDeletionByAdmin 

func (c *Coordinator) UserUnscheduleDeletionByAdmin(ctx context.Context, userID string) error

func (*Coordinator) UserUpdateMFAEnrollment 

func (c *Coordinator) UserUpdateMFAEnrollment(ctx context.Context, userID string, endAt *time.Time) error

type CreatePasswordOptions 

type CreatePasswordOptions struct {
	Password           *string
	SendPassword       bool
	SetPasswordExpired bool
}

type EventService 

type EventService interface {
	DispatchEventOnCommit(ctx context.Context, payload event.Payload) error
	DispatchEventImmediately(ctx context.Context, payload event.NonBlockingPayload) error
}

type IDPSessionManager 

type IDPSessionManager SessionManager

type IdentityFacade 

type IdentityFacade struct {
	Coordinator *Coordinator
}

func (IdentityFacade) CheckDuplicated 

func (i IdentityFacade) CheckDuplicated(ctx context.Context, info *identity.Info) (*identity.Info, error)

func (IdentityFacade) CheckDuplicatedByUniqueKey 

func (i IdentityFacade) CheckDuplicatedByUniqueKey(ctx context.Context, info *identity.Info) (*identity.Info, error)

func (IdentityFacade) Create 

func (i IdentityFacade) Create(ctx context.Context, is *identity.Info) error

func (IdentityFacade) CreateByAdmin 

func (i IdentityFacade) CreateByAdmin(ctx context.Context, userID string, spec *identity.Spec, password string) (*identity.Info, error)

func (IdentityFacade) Delete 

func (i IdentityFacade) Delete(ctx context.Context, is *identity.Info) error

func (IdentityFacade) DeleteByAdmin 

func (i IdentityFacade) DeleteByAdmin(ctx context.Context, is *identity.Info) error

func (IdentityFacade) Get 

func (i IdentityFacade) Get(ctx context.Context, id string) (*identity.Info, error)

func (IdentityFacade) ListByClaim 

func (i IdentityFacade) ListByClaim(ctx context.Context, name string, value string) ([]*identity.Info, error)

func (IdentityFacade) ListByUser 

func (i IdentityFacade) ListByUser(ctx context.Context, userID string) ([]*identity.Info, error)

func (IdentityFacade) ListIdentitiesThatHaveStandardAttributes 

func (i IdentityFacade) ListIdentitiesThatHaveStandardAttributes(ctx context.Context, userID string) ([]*identity.Info, error)

func (IdentityFacade) ListRefsByUsers 

func (i IdentityFacade) ListRefsByUsers(ctx context.Context, userIDs []string, identityType *apimodel.IdentityType) ([]*apimodel.IdentityRef, error)

func (IdentityFacade) New 

func (i IdentityFacade) New(ctx context.Context, userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

func (IdentityFacade) SearchBySpec 

func (i IdentityFacade) SearchBySpec(ctx context.Context, spec *identity.Spec) (exactMatch *identity.Info, otherMatches []*identity.Info, err error)

func (IdentityFacade) Update 

func (i IdentityFacade) Update(ctx context.Context, oldInfo *identity.Info, newInfo *identity.Info) error

func (IdentityFacade) UpdateWithSpec 

func (i IdentityFacade) UpdateWithSpec(ctx context.Context, is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)

type IdentityService 

type IdentityService interface {
	New(ctx context.Context, userID string, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)
	UpdateWithSpec(ctx context.Context, is *identity.Info, spec *identity.Spec, options identity.NewIdentityOptions) (*identity.Info, error)
	Normalize(ctx context.Context, typ model.LoginIDKeyType, value string) (normalized string, uniqueKey string, err error)

	Get(ctx context.Context, id string) (*identity.Info, error)
	SearchBySpec(ctx context.Context, spec *identity.Spec) (exactMatch *identity.Info, otherMatches []*identity.Info, err error)
	ListByUser(ctx context.Context, userID string) ([]*identity.Info, error)
	ListIdentitiesThatHaveStandardAttributes(ctx context.Context, userID string) ([]*identity.Info, error)
	ListByClaim(ctx context.Context, name string, value string) ([]*identity.Info, error)
	ListRefsByUsers(ctx context.Context, userIDs []string, identityType *model.IdentityType) ([]*model.IdentityRef, error)
	Create(ctx context.Context, is *identity.Info) error
	Update(ctx context.Context, info *identity.Info) error
	Delete(ctx context.Context, is *identity.Info) error
	CheckDuplicated(ctx context.Context, info *identity.Info) (*identity.Info, error)
	CheckDuplicatedByUniqueKey(ctx context.Context, info *identity.Info) (*identity.Info, error)
	AdminAPIGetByLoginIDKeyAndLoginIDValue(ctx context.Context, loginIDKey string, loginIDValue string) (*identity.Info, error)
	AdminAPIGetByOAuthAliasAndSubject(ctx context.Context, alias string, subjectID string) (*identity.Info, error)
}

type MFAFacade 

type MFAFacade struct {
	Coordinator *Coordinator
}

func (*MFAFacade) ConsumeRecoveryCode 

func (f *MFAFacade) ConsumeRecoveryCode(ctx context.Context, rc *mfa.RecoveryCode) error

func (*MFAFacade) CreateDeviceToken 

func (f *MFAFacade) CreateDeviceToken(ctx context.Context, userID string, token string) (*mfa.DeviceToken, error)

func (*MFAFacade) GenerateDeviceToken 

func (f *MFAFacade) GenerateDeviceToken(ctx context.Context) string

func (*MFAFacade) GenerateRecoveryCodes 

func (f *MFAFacade) GenerateRecoveryCodes(ctx context.Context) []string

func (*MFAFacade) InvalidateAllDeviceTokens 

func (f *MFAFacade) InvalidateAllDeviceTokens(ctx context.Context, userID string) error

func (*MFAFacade) ListRecoveryCodes 

func (f *MFAFacade) ListRecoveryCodes(ctx context.Context, userID string) ([]*mfa.RecoveryCode, error)

func (*MFAFacade) ReplaceRecoveryCodes 

func (f *MFAFacade) ReplaceRecoveryCodes(ctx context.Context, userID string, codes []string) ([]*mfa.RecoveryCode, error)

func (*MFAFacade) VerifyDeviceToken 

func (f *MFAFacade) VerifyDeviceToken(ctx context.Context, userID string, token string) error

func (*MFAFacade) VerifyRecoveryCode 

func (f *MFAFacade) VerifyRecoveryCode(ctx context.Context, userID string, code string) (*mfa.RecoveryCode, error)

type MFAService 

type MFAService interface {
	GenerateDeviceToken(ctx context.Context) string
	GenerateRecoveryCodes(ctx context.Context) []string

	InvalidateAllRecoveryCode(ctx context.Context, userID string) error
	CreateDeviceToken(ctx context.Context, userID string, token string) (*mfa.DeviceToken, error)
	VerifyDeviceToken(ctx context.Context, userID string, token string) error
	InvalidateAllDeviceTokens(ctx context.Context, userID string) error
	VerifyRecoveryCode(ctx context.Context, userID string, code string) (*mfa.RecoveryCode, error)
	ConsumeRecoveryCode(ctx context.Context, rc *mfa.RecoveryCode) error
	ReplaceRecoveryCodes(ctx context.Context, userID string, codes []string) ([]*mfa.RecoveryCode, error)
	ListRecoveryCodes(ctx context.Context, userID string) ([]*mfa.RecoveryCode, error)
}

type OAuthService 

type OAuthService interface {
	ResetAll(ctx context.Context, userID string) error
}

type OAuthSessionManager 

type OAuthSessionManager SessionManager

type PasswordHistoryStore 

type PasswordHistoryStore interface {
	ResetPasswordHistory(ctx context.Context, userID string) error
}

type RolesGroupsCommands 

type RolesGroupsCommands interface {
	DeleteUserGroup(ctx context.Context, userID string) error
	DeleteUserRole(ctx context.Context, userID string) error
}

type SendPasswordService 

type SendPasswordService interface {
	Send(ctx context.Context, userID string, password string, msgType translation.MessageType) error
}

type SessionManager 

type SessionManager interface {
	Delete(ctx context.Context, session session.ListableSession) error
	List(ctx context.Context, userID string) ([]session.ListableSession, error)
	CleanUpForDeletingUserID(ctx context.Context, userID string) error
}

type SetDisabledOptions 

type SetDisabledOptions struct {
	UserID                   string
	IsDisabled               bool
	Reason                   *string
	TemporarilyDisabledFrom  *time.Time
	TemporarilyDisabledUntil *time.Time
}

type StdAttrsService 

type StdAttrsService interface {
	PopulateIdentityAwareStandardAttributes(ctx context.Context, userID string) error
}

type UserCommands 

type UserCommands interface {
	Create(ctx context.Context, userID string) (*user.User, error)
	UpdateAccountStatus(ctx context.Context, userID string, accountStatus user.AccountStatusWithRefTime) error
	UpdateMFAEnrollment(ctx context.Context, userID string, gracePeriodEndAt *time.Time) error
	Delete(ctx context.Context, userID string) error
	Anonymize(ctx context.Context, userID string) error
	AfterCreate(
		ctx context.Context,
		user *user.User,
		identities []*identity.Info,
		authenticators []*authenticator.Info,
		isAdminAPI bool,
	) error
}

type UserFacade 

type UserFacade struct {
	UserProvider
	Clock       clock.Clock
	Coordinator *Coordinator
}

func (UserFacade) Anonymize 

func (u UserFacade) Anonymize(ctx context.Context, userID string) error

func (UserFacade) AnonymizeFromScheduledAnonymization 

func (u UserFacade) AnonymizeFromScheduledAnonymization(ctx context.Context, userID string) error

func (UserFacade) CheckUserAnonymized 

func (u UserFacade) CheckUserAnonymized(ctx context.Context, userID string) error

func (UserFacade) CreateByAdmin 

func (u UserFacade) CreateByAdmin(ctx context.Context, identitySpec *identity.Spec, opts CreatePasswordOptions) (*user.User, error)

func (UserFacade) Delete 

func (u UserFacade) Delete(ctx context.Context, userID string, reason string) error

func (UserFacade) DeleteFromScheduledDeletion 

func (u UserFacade) DeleteFromScheduledDeletion(ctx context.Context, userID string) error

func (UserFacade) Disable 

func (u UserFacade) Disable(ctx context.Context, options SetDisabledOptions) error

func (UserFacade) GetUserByLoginID 

func (u UserFacade) GetUserByLoginID(ctx context.Context, loginIDKey string, loginIDValue string) (string, error)

func (UserFacade) GetUserByOAuth 

func (u UserFacade) GetUserByOAuth(ctx context.Context, oauthProviderAlias string, oauthProviderUserID string) (string, error)

func (UserFacade) GetUserIDsByLoginIDLoginHint 

func (u UserFacade) GetUserIDsByLoginIDLoginHint(ctx context.Context, hint *oauth.LoginHint) ([]string, error)

func (UserFacade) GetUsersByStandardAttribute 

func (u UserFacade) GetUsersByStandardAttribute(ctx context.Context, attributeKey string, attributeValue string) ([]string, error)

func (UserFacade) Reenable 

func (u UserFacade) Reenable(ctx context.Context, userID string) error

func (UserFacade) RefreshAccountStatus 

func (u UserFacade) RefreshAccountStatus(ctx context.Context, userID string) error

func (UserFacade) ScheduleAnonymizationByAdmin 

func (u UserFacade) ScheduleAnonymizationByAdmin(ctx context.Context, userID string) error

func (UserFacade) ScheduleDeletionByAdmin 

func (u UserFacade) ScheduleDeletionByAdmin(ctx context.Context, userID string, reason string) error

func (UserFacade) ScheduleDeletionByEndUser 

func (u UserFacade) ScheduleDeletionByEndUser(ctx context.Context, userID string) error

func (UserFacade) SetAccountValidFrom 

func (u UserFacade) SetAccountValidFrom(ctx context.Context, userID string, from *time.Time) error

func (UserFacade) SetAccountValidPeriod 

func (u UserFacade) SetAccountValidPeriod(ctx context.Context, userID string, from *time.Time, until *time.Time) error

func (UserFacade) SetAccountValidUntil 

func (u UserFacade) SetAccountValidUntil(ctx context.Context, userID string, until *time.Time) error

func (UserFacade) UnscheduleAnonymizationByAdmin 

func (u UserFacade) UnscheduleAnonymizationByAdmin(ctx context.Context, userID string) error

func (UserFacade) UnscheduleDeletionByAdmin 

func (u UserFacade) UnscheduleDeletionByAdmin(ctx context.Context, userID string) error

func (UserFacade) UpdateMFAEnrollment 

func (u UserFacade) UpdateMFAEnrollment(ctx context.Context, userID string, endAt *time.Time) error

type UserProvider 

type UserProvider interface {
	Create(ctx context.Context, userID string) (*user.User, error)
	GetRaw(ctx context.Context, id string) (*user.User, error)
	Count(ctx context.Context) (uint64, error)
	QueryPage(ctx context.Context, listOption user.ListOptions, pageArgs graphqlutil.PageArgs) ([]apimodel.PageItemRef, error)
	AfterCreate(
		ctx context.Context,
		user *user.User,
		identities []*identity.Info,
		authenticators []*authenticator.Info,
		isAdminAPI bool,
	) error
}

type UserQueries 

type UserQueries interface {
	GetRaw(ctx context.Context, userID string) (*user.User, error)
	Get(ctx context.Context, userID string, role accesscontrol.Role) (*model.User, error)
}

type VerificationService 

type VerificationService interface {
	NewVerifiedClaim(ctx context.Context, userID string, claimName string, claimValue string) *verification.Claim

	GetClaims(ctx context.Context, userID string) ([]*verification.Claim, error)
	GetClaimStatus(ctx context.Context, userID string, claimName model.ClaimName, claimValue string) (*verification.ClaimStatus, error)
	GetIdentityVerificationStatus(ctx context.Context, i *identity.Info) ([]verification.ClaimStatus, error)
	MarkClaimVerified(ctx context.Context, claim *verification.Claim) error
	DeleteClaim(ctx context.Context, claim *verification.Claim) error
	RemoveOrphanedClaims(ctx context.Context, userID string, identities []*identity.Info, authenticators []*authenticator.Info) error
	ResetVerificationStatus(ctx context.Context, userID string) error
}

type VerifyOptions 

type VerifyOptions struct {
	OOBChannel            *apimodel.AuthenticatorOOBChannel
	UseSubmittedValue     bool
	AuthenticationDetails *AuthenticationDetails
	Form                  otp.Form
}

type WorkflowVerificationFacade 

type WorkflowVerificationFacade struct {
	Verification VerificationService
}

func (WorkflowVerificationFacade) GetClaimStatus 

func (v WorkflowVerificationFacade) GetClaimStatus(ctx context.Context, userID string, claimName model.ClaimName, claimValue string) (*verification.ClaimStatus, error)

func (WorkflowVerificationFacade) GetIdentityVerificationStatus 

func (v WorkflowVerificationFacade) GetIdentityVerificationStatus(ctx context.Context, i *identity.Info) ([]verification.ClaimStatus, error)

func (WorkflowVerificationFacade) MarkClaimVerified 

func (v WorkflowVerificationFacade) MarkClaimVerified(ctx context.Context, claim *verification.Claim) error

func (WorkflowVerificationFacade) NewVerifiedClaim 

func (v WorkflowVerificationFacade) NewVerifiedClaim(ctx context.Context, userID string, claimName string, claimValue string) *verification.Claim

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.