oauth

package

v0.750.8 Latest Latest Go to latest Published: Aug 21, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/determined-ai/determined

Links

Documentation ¶

Index ¶

Constants
Variables
func RegisterAPIHandler(e *echo.Echo, s *Service)
type OauthAuthZ
type OauthAuthZBasic
- func (a *OauthAuthZBasic) CanAdministrateOauth(_ context.Context, curUser model.User) error
type OauthAuthZPermissive
- func (a *OauthAuthZPermissive) CanAdministrateOauth(ctx context.Context, curUser model.User) error
type OauthAuthZRBAC
- func (a *OauthAuthZRBAC) CanAdministrateOauth(ctx context.Context, curUser model.User) (err error)
type Service
- func New(users *user.Service, db *db.PgDB) (*Service, error)
- func (s *Service) ValidateRequest(c echo.Context) (bool, error)

Constants ¶

View Source

const Root = "/oauth2"

Root is the root of all OAuth-related routes.

Variables ¶

View Source

var AuthZProvider authz.AuthZProviderType[OauthAuthZ]

AuthZProvider is the authz registry for experiments.

Functions ¶

func RegisterAPIHandler ¶

func RegisterAPIHandler(e *echo.Echo, s *Service)

RegisterAPIHandler registers endpoints used by OAuth.

Types ¶

type OauthAuthZ ¶

type OauthAuthZ interface {
	// CanAdministrateOauth returns an error if the user is not authorized to manage oauth.
	CanAdministrateOauth(ctx context.Context, curUser model.User) error
}

OauthAuthZ describes authz methods for experiments.

type OauthAuthZBasic ¶

type OauthAuthZBasic struct{}

OauthAuthZBasic is basic OSS controls.

func (*OauthAuthZBasic) CanAdministrateOauth ¶

func (a *OauthAuthZBasic) CanAdministrateOauth(
	_ context.Context, curUser model.User,
) error

CanAdministrateOauth returns an error if the current user is not an admin.

type OauthAuthZPermissive ¶

type OauthAuthZPermissive struct{}

OauthAuthZPermissive is the permission implementation.

func (*OauthAuthZPermissive) CanAdministrateOauth ¶

func (a *OauthAuthZPermissive) CanAdministrateOauth(ctx context.Context,
	curUser model.User,
) error

CanAdministrateOauth calls RBAC authz but enforces basic authz.

type OauthAuthZRBAC ¶

type OauthAuthZRBAC struct{}

OauthAuthZRBAC is the RBAC implementation of the OauthAuthZ interface.

func (*OauthAuthZRBAC) CanAdministrateOauth ¶

func (a *OauthAuthZRBAC) CanAdministrateOauth(
	ctx context.Context, curUser model.User,
) (err error)

CanAdministrateOauth checks if the user has permission to view and modify oauth clients and settings.

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

Service is an OAuth service capable of handling the OAuth 2.0 authorization code flow and managing clients and tokens.

func New ¶

func New(users *user.Service, db *db.PgDB) (*Service, error)

New constructs a new OAuth service.

func (*Service) ValidateRequest ¶

func (s *Service) ValidateRequest(c echo.Context) (bool, error)

ValidateRequest checks whether the given request contains valid OAuth credentials.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL