fs

package
v0.0.78 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 27, 2026 License: Apache-2.0 Imports: 13 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type FSAPIKeyStore

type FSAPIKeyStore struct {
	StoragePath string
	// contains filtered or unexported fields
}

FSAPIKeyStore stores API keys as JSON files

func NewFSAPIKeyStore

func NewFSAPIKeyStore(storagePath string) *FSAPIKeyStore

NewFSAPIKeyStore creates a new file-based API key store

func (*FSAPIKeyStore) CreateAPIKey

func (s *FSAPIKeyStore) CreateAPIKey(userID, name string, scopes []string, expiresAt *time.Time) (fullKey string, apiKey *core.APIKey, err error)

CreateAPIKey creates a new API key and returns the full key (only shown once) The key format is: keyID + "_" + secret

func (*FSAPIKeyStore) GetAPIKeyByID

func (s *FSAPIKeyStore) GetAPIKeyByID(keyID string) (*core.APIKey, error)

GetAPIKeyByID retrieves an API key by its public ID

func (*FSAPIKeyStore) ListUserAPIKeys

func (s *FSAPIKeyStore) ListUserAPIKeys(userID string) ([]*core.APIKey, error)

ListUserAPIKeys returns all API keys for a user (without secrets)

func (*FSAPIKeyStore) RevokeAPIKey

func (s *FSAPIKeyStore) RevokeAPIKey(keyID string) error

RevokeAPIKey marks an API key as revoked

func (*FSAPIKeyStore) UpdateAPIKeyLastUsed

func (s *FSAPIKeyStore) UpdateAPIKeyLastUsed(keyID string) error

UpdateAPIKeyLastUsed updates the last used timestamp

func (*FSAPIKeyStore) ValidateAPIKey

func (s *FSAPIKeyStore) ValidateAPIKey(fullKey string) (*core.APIKey, error)

ValidateAPIKey validates a full API key and returns the key metadata if valid The fullKey format is: keyID + "_" + secret

type FSChannelStore

type FSChannelStore struct {
	StoragePath string
}

FSChannelStore stores channels as JSON files

func NewFSChannelStore

func NewFSChannelStore(storagePath string) *FSChannelStore

func (*FSChannelStore) GetChannel

func (s *FSChannelStore) GetChannel(provider string, identityKey string, createIfMissing bool) (*core.Channel, bool, error)

func (*FSChannelStore) GetChannelsByIdentity

func (s *FSChannelStore) GetChannelsByIdentity(identityKey string) ([]*core.Channel, error)

func (*FSChannelStore) SaveChannel

func (s *FSChannelStore) SaveChannel(channel *core.Channel) error

type FSIdentityStore

type FSIdentityStore struct {
	StoragePath string
}

FSIdentityStore stores identities as JSON files

func NewFSIdentityStore

func NewFSIdentityStore(storagePath string) *FSIdentityStore

func (*FSIdentityStore) GetIdentity

func (s *FSIdentityStore) GetIdentity(identityType, identityValue string, createIfMissing bool) (*core.Identity, bool, error)

func (*FSIdentityStore) GetUserIdentities

func (s *FSIdentityStore) GetUserIdentities(userId string) ([]*core.Identity, error)

func (*FSIdentityStore) MarkIdentityVerified

func (s *FSIdentityStore) MarkIdentityVerified(identityType, identityValue string) error

func (*FSIdentityStore) SaveIdentity

func (s *FSIdentityStore) SaveIdentity(identity *core.Identity) error

func (*FSIdentityStore) SetUserForIdentity

func (s *FSIdentityStore) SetUserForIdentity(identityType, identityValue string, newUserId string) error

type FSKeyStore added in v0.0.32

type FSKeyStore struct {
	StoragePath string
	// contains filtered or unexported fields
}

FSKeyStore implements keys.KeyStorage using filesystem storage.

func NewFSKeyStore added in v0.0.32

func NewFSKeyStore(storagePath string) *FSKeyStore

NewFSKeyStore creates a new filesystem-backed KeyStore.

func (*FSKeyStore) DeleteKey added in v0.0.32

func (s *FSKeyStore) DeleteKey(clientID string) error

func (*FSKeyStore) GetCurrentKid added in v0.0.38

func (s *FSKeyStore) GetCurrentKid(clientID string) (string, error)

func (*FSKeyStore) GetExpectedAlg added in v0.0.32

func (s *FSKeyStore) GetExpectedAlg(clientID string) (string, error)

func (*FSKeyStore) GetKey added in v0.0.38

func (s *FSKeyStore) GetKey(clientID string) (*keys.KeyRecord, error)

func (*FSKeyStore) GetKeyByKid added in v0.0.38

func (s *FSKeyStore) GetKeyByKid(kid string) (*keys.KeyRecord, error)

func (*FSKeyStore) GetSigningKey added in v0.0.32

func (s *FSKeyStore) GetSigningKey(clientID string) (any, error)

func (*FSKeyStore) GetVerifyKey added in v0.0.32

func (s *FSKeyStore) GetVerifyKey(clientID string) (any, error)

func (*FSKeyStore) ListKeyIDs added in v0.0.38

func (s *FSKeyStore) ListKeyIDs() ([]string, error)

func (*FSKeyStore) ListKeys added in v0.0.32

func (s *FSKeyStore) ListKeys() ([]string, error)

func (*FSKeyStore) PutKey added in v0.0.38

func (s *FSKeyStore) PutKey(rec *keys.KeyRecord) error

func (*FSKeyStore) RegisterKey added in v0.0.32

func (s *FSKeyStore) RegisterKey(clientID string, key any, algorithm string) error

type FSRefreshTokenStore

type FSRefreshTokenStore struct {
	StoragePath string
	// contains filtered or unexported fields
}

FSRefreshTokenStore stores refresh tokens as JSON files

func NewFSRefreshTokenStore

func NewFSRefreshTokenStore(storagePath string) *FSRefreshTokenStore

NewFSRefreshTokenStore creates a new file-based refresh token store

func (*FSRefreshTokenStore) CleanupExpiredTokens

func (s *FSRefreshTokenStore) CleanupExpiredTokens() error

CleanupExpiredTokens removes expired tokens (for maintenance)

func (*FSRefreshTokenStore) CreateRefreshToken

func (s *FSRefreshTokenStore) CreateRefreshToken(userID, clientID string, deviceInfo map[string]any, scopes []string) (*core.RefreshToken, error)

CreateRefreshToken creates a new refresh token for a user

func (*FSRefreshTokenStore) GetRefreshToken

func (s *FSRefreshTokenStore) GetRefreshToken(token string) (*core.RefreshToken, error)

GetRefreshToken retrieves a refresh token by its value

func (*FSRefreshTokenStore) GetUserTokens

func (s *FSRefreshTokenStore) GetUserTokens(userID string) ([]*core.RefreshToken, error)

GetUserTokens lists all active (non-revoked, non-expired) refresh tokens for a user

func (*FSRefreshTokenStore) RevokeRefreshToken

func (s *FSRefreshTokenStore) RevokeRefreshToken(token string) error

RevokeRefreshToken marks a token as revoked

func (*FSRefreshTokenStore) RevokeTokenFamily

func (s *FSRefreshTokenStore) RevokeTokenFamily(family string) error

RevokeTokenFamily revokes all tokens in a family (theft detection)

func (*FSRefreshTokenStore) RevokeUserTokens

func (s *FSRefreshTokenStore) RevokeUserTokens(userID string) error

RevokeUserTokens revokes all refresh tokens for a user

func (*FSRefreshTokenStore) RotateRefreshToken

func (s *FSRefreshTokenStore) RotateRefreshToken(oldToken string) (*core.RefreshToken, error)

RotateRefreshToken invalidates old token and creates new one in same family Returns ErrTokenReused if the old token was already revoked (theft detection)

type FSTokenStore

type FSTokenStore struct {
	StoragePath string
}

FSTokenStore stores verification and reset tokens as JSON files

func NewFSTokenStore

func NewFSTokenStore(storagePath string) *FSTokenStore

func (*FSTokenStore) CreateToken

func (s *FSTokenStore) CreateToken(userID, email string, tokenType core.TokenType, expiryDuration time.Duration) (*core.AuthToken, error)

func (*FSTokenStore) DeleteToken

func (s *FSTokenStore) DeleteToken(token string) error

func (*FSTokenStore) DeleteUserTokens

func (s *FSTokenStore) DeleteUserTokens(userID string, tokenType core.TokenType) error

func (*FSTokenStore) GetToken

func (s *FSTokenStore) GetToken(token string) (*core.AuthToken, error)

type FSUser

type FSUser struct {
	UserId      string         `json:"user_id"`
	IsActive    bool           `json:"is_active"`
	UserProfile map[string]any `json:"profile"`
	CreatedAt   time.Time      `json:"created_at"`
	UpdatedAt   time.Time      `json:"updated_at"`
}

FSUser implements the oneauth.User interface

func (*FSUser) Id

func (u *FSUser) Id() string

func (*FSUser) Profile

func (u *FSUser) Profile() map[string]any

type FSUserStore

type FSUserStore struct {
	StoragePath string
}

FSUserStore stores users as JSON files

func NewFSUserStore

func NewFSUserStore(storagePath string) *FSUserStore

func (*FSUserStore) CreateUser

func (s *FSUserStore) CreateUser(userId string, isActive bool, profile map[string]any) (core.User, error)

func (*FSUserStore) GetUserById

func (s *FSUserStore) GetUserById(userId string) (core.User, error)

func (*FSUserStore) SaveUser

func (s *FSUserStore) SaveUser(user core.User) error

type FSUsername added in v0.0.26

type FSUsername struct {
	NormalizedUsername string    `json:"normalized_username"` // Lowercase for lookups
	Username           string    `json:"username"`            // Original case-preserved
	UserID             string    `json:"user_id"`
	Version            int       `json:"version"` // For optimistic concurrency
	CreatedAt          time.Time `json:"created_at"`
	UpdatedAt          time.Time `json:"updated_at"`
}

FSUsername represents a username reservation stored as JSON

type FSUsernameStore added in v0.0.26

type FSUsernameStore struct {
	StoragePath string
}

FSUsernameStore implements oa.UsernameStore using filesystem storage.

Purpose

Provides username uniqueness enforcement and username-based login lookup using JSON files. Each username is stored as a separate file with the normalized (lowercase) username as the filename.

File Structure

{StoragePath}/
└── usernames/
    ├── johndoe.json     # {"username": "JohnDoe", "user_id": "abc123", ...}
    ├── janedoe.json     # {"username": "JaneDoe", "user_id": "xyz789", ...}
    └── ...

Concurrency Model

Uses optimistic locking with version numbers. The atomic file write (write to temp, rename) provides basic safety, but concurrent modifications to the same username should be serialized at the application level or will result in last-write-wins behavior.

Setup

usernameStore := fs.NewFSUsernameStore("/var/data/myapp")

localAuth := &oneauth.LocalAuth{
    UsernameStore: usernameStore,
    SignupPolicy: &oneauth.SignupPolicy{
        RequireUsername:       true,
        EnforceUsernameUnique: true,
    },
}

func NewFSUsernameStore added in v0.0.26

func NewFSUsernameStore(storagePath string) *FSUsernameStore

NewFSUsernameStore creates a new filesystem-backed UsernameStore

func (*FSUsernameStore) ChangeUsername added in v0.0.26

func (s *FSUsernameStore) ChangeUsername(oldUsername, newUsername, userID string) error

ChangeUsername atomically changes a username using optimistic concurrency. Returns error if new username is already taken.

Usage

Called from a "Change Username" profile page handler.

Concurrency Note

This is not fully atomic across files. In a race condition where another process takes the new username between our check and creation, we attempt to restore the old username. For production systems with high concurrency, consider using a database-backed store instead.

func (*FSUsernameStore) GetUserByUsername added in v0.0.26

func (s *FSUsernameStore) GetUserByUsername(username string) (string, error)

GetUserByUsername looks up a userID by username (case-insensitive).

Usage

Called by NewCredentialsValidatorWithUsername during login when user enters a username instead of email.

func (*FSUsernameStore) ReleaseUsername added in v0.0.26

func (s *FSUsernameStore) ReleaseUsername(username string) error

ReleaseUsername removes a username reservation.

When to Use

Call this when:

  • User deletes their account
  • Admin removes a username (e.g., for policy violations)

func (*FSUsernameStore) ReserveUsername added in v0.0.26

func (s *FSUsernameStore) ReserveUsername(username string, userID string) error

ReserveUsername reserves a username for a user. Returns error if username is already taken by a different user.

Concurrency

Uses file system as implicit lock. The atomic write (temp file + rename) ensures no partial writes, but concurrent reservations of the same username will result in one succeeding (the last to complete the rename).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL