auth

package
v0.1.20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 23, 2026 License: AGPL-3.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const InternalSourceServiceWeb = "web"

Variables

View Source 
var ErrExpiredInternalToken = errors.New("expired internal token")
View Source 
var ErrInvalidInternalToken = errors.New("invalid internal token")

Functions

This section is empty.

Types

type BasicFeatureGate 

type BasicFeatureGate struct{}

func (BasicFeatureGate) Allow 

func (gate BasicFeatureGate) Allow(ctx context.Context, request FeatureRequest) (bool, error)

type Feature 

type Feature string
const (
	FeatureForwardingRules Feature = "forwarding_rules"
	FeatureOfflineLicense  Feature = "offline_license"
)

type FeatureGate 

type FeatureGate interface {
	Allow(ctx context.Context, request FeatureRequest) (bool, error)
}

type FeatureRequest 

type FeatureRequest struct {
	OrganizationID string
	MemberID       string
	Feature        Feature
}

type HMACInternalTokenSigner 

type HMACInternalTokenSigner struct {
	Secret                []byte
	ExpectedSourceService string
}

func (HMACInternalTokenSigner) Sign 

func (signer HMACInternalTokenSigner) Sign(claims InternalClaims) (string, error)

func (HMACInternalTokenSigner) Verify 

func (signer HMACInternalTokenSigner) Verify(token string) (InternalClaims, error)

type HMACWebUserTokenSigner 

type HMACWebUserTokenSigner struct {
	Secret                []byte
	ExpectedSourceService string
}

func (HMACWebUserTokenSigner) Sign 

func (signer HMACWebUserTokenSigner) Sign(claims WebUserClaims) (string, error)

func (HMACWebUserTokenSigner) Verify 

func (signer HMACWebUserTokenSigner) Verify(token string, expectedPurpose WebUserTokenPurpose) (WebUserClaims, error)

type InternalClaims 

type InternalClaims struct {
	UserID         string               `json:"user_id"`
	OrganizationID string               `json:"organization_id"`
	MemberID       string               `json:"member_id"`
	SourceService  string               `json:"source_service"`
	Roles          []string             `json:"roles"`
	Permissions    []string             `json:"permissions"`
	ResourceScopes []ResourceScopeClaim `json:"resource_scopes,omitempty"`
	ExpiresAt      time.Time            `json:"expires_at"`
}

type InternalTokenVerifier 

type InternalTokenVerifier interface {
	Verify(token string) (InternalClaims, error)
}

type ResourceScopeClaim 

type ResourceScopeClaim struct {
	ResourceType string `json:"resource_type"`
	ResourceID   string `json:"resource_id"`
	AccessLevel  string `json:"access_level"`
}

type WebUserClaims 

type WebUserClaims struct {
	UserID        string              `json:"user_id"`
	Email         string              `json:"email"`
	Name          string              `json:"name"`
	SourceService string              `json:"source_service"`
	Purpose       WebUserTokenPurpose `json:"purpose"`
	ExpiresAt     time.Time           `json:"expires_at"`
}

type WebUserTokenPurpose 

type WebUserTokenPurpose string
const (
	WebUserTokenPurposeBootstrap WebUserTokenPurpose = "bootstrap"
	WebUserTokenPurposeSession   WebUserTokenPurpose = "session"
)

type WebUserTokenVerifier 

type WebUserTokenVerifier interface {
	Verify(token string, expectedPurpose WebUserTokenPurpose) (WebUserClaims, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.