iamserver

package
v2.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 6, 2026 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AppAuthConfig 

type AppAuthConfig struct {
	AppId     string `json:"app_id" yaml:"app_id" toml:"app_id"`
	SecretKey string `json:"secret_key" yaml:"secret_key" toml:"secret_key"`
	Endpoint  string `json:"endpoint" yaml:"endpoint" toml:"endpoint"`

	Flush func() error `json:"-" yaml:"-" toml:"-"`
}

func (*AppAuthConfig) NewAppCredential 

func (it *AppAuthConfig) NewAppCredential() (inauth.AppCredential, error)

func (*AppAuthConfig) Valid 

func (it *AppAuthConfig) Valid() error

type AuthCodeResult 

type AuthCodeResult struct {
	AccessToken   string
	IdentityToken *inauth.IdentityToken
}

ExchangeAuthCode calls IAM to exchange an auth code for access_token.

type UserAuth 

type UserAuth struct {
	*httpsrv.Controller
}

func (UserAuth) CallbackAction 

func (c UserAuth) CallbackAction()

CallbackAction handles the IAM redirect with auth code.

func (UserAuth) SessionAction 

func (c UserAuth) SessionAction()

SessionAction returns the current app configuration.

func (UserAuth) SignOutAction 

func (c UserAuth) SignOutAction()

SignOutAction clears the session cookie and notifies IAM.

type UserAuthSessionRequest 

type UserAuthSessionRequest struct {
	CurrentUrl string `json:"current_url"`
}

type UserAuthSessionResponse 

type UserAuthSessionResponse struct {
	Status inauth.ServiceStatus `json:"status"`

	AppId        string `json:"app_id,omitempty"`
	AuthEndpoint string `json:"auth_endpoint,omitempty"`

	AuthClaims    *inauth.AuthClaims    `json:"auth_claims,omitempty"`
	IdentityToken *inauth.IdentityToken `json:"identity_token,omitempty"`
}

type UserProfile added in v2.0.1 

type UserProfile struct {
	Username string `json:"username,omitempty" toml:"username,omitempty"`
	PhotoURL string `json:"photo_url,omitempty" toml:"photo_url,omitempty"`
}

type UserSession added in v2.0.1 

type UserSession interface {
	// CheckServer validates whether the IAM server connection is properly
	// configured and reachable. Returns a non-nil error if the server
	// is misconfigured or unavailable.
	CheckServer() error

	// RequireAuth verifies that the current user is authenticated.
	// If the user is not logged in, it returns the redirect URL for the
	// sign-in page and a non-nil error. Callers should redirect the user
	// to the returned URL to initiate authentication.
	RequireAuth() (redirectURL string, err error)

	// Allow checks whether the specified user is authorized to perform
	// the given operations identified by permission strings.
	// Returns true if all permissions are granted, false otherwise.
	Allow(username string, permissions ...string) bool

	// Profile retrieves the public profile information of the currently
	// authenticated user. Returns an error if no user is authenticated
	// or the profile cannot be fetched.
	Profile() (*UserProfile, error)
}

UserSession defines the interface for managing user authentication and authorization within an IAM-protected application.

type Verifier 

type Verifier interface {
	Setup(cfg *AppAuthConfig) error
	Config() *AppAuthConfig
	Ping() error
	Update(app *iamapi.AppInstance) error
	Auth(accessToken any) (*inauth.SessionToken, error)

	Session(accessToken any) UserSession
}
var AppVerifier Verifier = &verifier{
	sessions: make(map[string]*inauth.SessionToken),
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.