authorization

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 18, 2024 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrNoSuchAuthorization = errors.New("no such authorization")
)

Functions

This section is empty.

Types

type Authorization 

type Authorization interface {
	IsAuthorized() bool
	EnvVars() sys.EnvVars
	Flow() configuration.FlowName
	Remote() common.Remote
	FindSession() session.Session
	FindSessionsPublicKey() ssh.PublicKey
	Dispose(context.Context) (bool, error)
}

func Forbidden 

func Forbidden(remote common.Remote) Authorization

type Authorizer 

type Authorizer interface {
	AuthorizePublicKey(PublicKeyRequest) (Authorization, error)
	AuthorizePassword(PasswordRequest) (Authorization, error)
	AuthorizeInteractive(InteractiveRequest) (Authorization, error)

	// RestoreFromSession tries to restore the existing authorization from the given
	// session.Session. If the given session does not contain enough information to restore
	// the Authorization ErrNoSuchAuthorization is returned.
	RestoreFromSession(context.Context, session.Session, *RestoreOpts) (Authorization, error)
}

type AuthorizerFacade 

type AuthorizerFacade struct {
	// contains filtered or unexported fields
}

func NewAuthorizerFacade 

func NewAuthorizerFacade(ctx context.Context, flows *configuration.Flows) (*AuthorizerFacade, error)

func (*AuthorizerFacade) AuthorizeInteractive 

func (this *AuthorizerFacade) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*AuthorizerFacade) AuthorizePassword 

func (this *AuthorizerFacade) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*AuthorizerFacade) AuthorizePublicKey 

func (this *AuthorizerFacade) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*AuthorizerFacade) Close 

func (this *AuthorizerFacade) Close() (rErr error)

func (*AuthorizerFacade) RestoreFromSession 

func (this *AuthorizerFacade) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type CloseableAuthorizer 

type CloseableAuthorizer interface {
	Authorizer
	io.Closer
}

type ContextEnabled 

type ContextEnabled interface {
	Context() ssh.Context
}

type InteractiveRequest 

type InteractiveRequest interface {
	Request
	SendInfo(string) error
	SendError(string) error
	Prompt(msg string, echoOn bool) (string, error)
}

type LocalAuthorizer 

type LocalAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewLocal 

func NewLocal(ctx context.Context, flow configuration.FlowName, conf *configuration.AuthorizationLocal) (*LocalAuthorizer, error)

func (*LocalAuthorizer) AuthorizeInteractive 

func (this *LocalAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*LocalAuthorizer) AuthorizePassword 

func (this *LocalAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*LocalAuthorizer) AuthorizePublicKey 

func (this *LocalAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*LocalAuthorizer) Close 

func (this *LocalAuthorizer) Close() error

func (*LocalAuthorizer) RestoreFromSession 

func (this *LocalAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type OidcDeviceAuthAuthorizer 

type OidcDeviceAuthAuthorizer struct {
	Logger log.Logger
	// contains filtered or unexported fields
}

func NewOidcDeviceAuth 

func NewOidcDeviceAuth(ctx context.Context, flow configuration.FlowName, conf *configuration.AuthorizationOidcDeviceAuth) (*OidcDeviceAuthAuthorizer, error)

func (*OidcDeviceAuthAuthorizer) AuthorizeInteractive 

func (this *OidcDeviceAuthAuthorizer) AuthorizeInteractive(req InteractiveRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) AuthorizePassword 

func (this *OidcDeviceAuthAuthorizer) AuthorizePassword(req PasswordRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) AuthorizePublicKey 

func (this *OidcDeviceAuthAuthorizer) AuthorizePublicKey(req PublicKeyRequest) (Authorization, error)

func (*OidcDeviceAuthAuthorizer) Close 

func (this *OidcDeviceAuthAuthorizer) Close() error

func (*OidcDeviceAuthAuthorizer) RestoreFromSession 

func (this *OidcDeviceAuthAuthorizer) RestoreFromSession(ctx context.Context, sess session.Session, opts *RestoreOpts) (Authorization, error)

type OidcIdToken 

type OidcIdToken struct {
	*coidc.IDToken
	// contains filtered or unexported fields
}

func (*OidcIdToken) GetField 

func (this *OidcIdToken) GetField(name string) (_ any, _ bool, err error)

type OidcToken 

type OidcToken struct {
	*oauth2.Token
}

func (OidcToken) GetField 

func (this OidcToken) GetField(name string) (any, bool)

func (*OidcToken) SetRaw 

func (this *OidcToken) SetRaw(v *oauth2.Token) error

type OidcUserInfo 

type OidcUserInfo struct {
	*coidc.UserInfo
	// contains filtered or unexported fields
}

func (*OidcUserInfo) GetField 

func (this *OidcUserInfo) GetField(name string) (_ any, _ bool, err error)

type PasswordRequest 

type PasswordRequest interface {
	Request
	RemotePassword() string
}

type PublicKeyRequest 

type PublicKeyRequest interface {
	Request
	RemotePublicKey() gssh.PublicKey
}

type Request 

type Request interface {
	Sessions() session.Repository
	Context() ssh.Context
	Remote() common.Remote
	Logger() log.Logger
	Validate(Authorization) (bool, error)
}

type RestoreOpts 

type RestoreOpts struct {
	// AutoCleanUpAllowed tells the Authorizer to clean up everything
	// automatically while executing the search. The requester will never
	// see the requested result. This is false by default because it could
	// lead to quite performance impacts or other unwanted side effects.
	//
	// Therefore: Use with caution.
	AutoCleanUpAllowed *bool

	// Logger will be used (if any log is required) instead of the standard logger.
	Logger log.Logger
}

RestoreOpts adds some more hints what should happen when find methods of Repository are executed.

func (*RestoreOpts) GetLogger 

func (this *RestoreOpts) GetLogger(or func() log.Logger) log.Logger

func (*RestoreOpts) IsAutoCleanUpAllowed 

func (this *RestoreOpts) IsAutoCleanUpAllowed() bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.