Documentation
¶
Overview ¶
Package identity provides unified identity resolution for ox. It determines user identity from multiple sources with the following priority:
- SageOx OAuth (verified via our auth system)
- Git provider (GitHub/GitLab/Bitbucket/AWS/GCP based on repo remotes)
- Git config (unverified, user-declared)
Privacy-first: Only probes providers that match the repo's actual remotes. We never make unnecessary API calls or leak credential presence.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
// Collection controls how many identities to collect:
// - "all": Collect all available identities (default)
// - "primary-only": Only determine and send the primary identity
// - "none": Only use git config identity (no API calls)
Collection string `yaml:"collection"`
// Disable lists providers to skip (e.g., ["bitbucket"])
Disable []string `yaml:"disable"`
}
Config controls identity collection behavior.
type Identity ¶
type Identity struct {
UserID string `json:"user_id,omitempty"` // provider-specific ID (e.g., "github:1234567")
Email string `json:"email,omitempty"` // email from provider
Name string `json:"name,omitempty"` // display name from provider
Username string `json:"username,omitempty"` // provider username (e.g., GitHub login)
Source string `json:"source"` // where this identity came from (see below)
Verified bool `json:"-"` // internal only - server must verify, not trust client claims
}
Identity represents a user identity from a specific source.
type PersonInfo ¶
type PersonInfo struct {
DisplayName string // "port8080" or "FirstName L." — team-recognizable, public-safe
Email string // original email, preserved for internal/audit use
}
PersonInfo holds a privacy-aware display identity for session rendering. DisplayName is safe for inclusion in shared ledgers (no full PII). Email is preserved for internal/audit use only.
func NewPersonInfo ¶
func NewPersonInfo(email, name, gitUsername, configDisplayName string) *PersonInfo
NewPersonInfo creates a PersonInfo with privacy-aware display name derivation.
Priority for DisplayName:
- configDisplayName — explicit user setting from config.yaml (e.g., "port8080")
- name — parsed into "FirstName L." format
- email local part — split on delimiters, same format
- gitUsername — split on delimiters, same format
- All empty — "Anonymous"
func NewPersonInfoFromAuth ¶
func NewPersonInfoFromAuth(info auth.UserInfo, configDisplayName string) *PersonInfo
NewPersonInfoFromAuth creates a PersonInfo from auth.UserInfo and a config display name.
type ProviderType ¶
type ProviderType string
ProviderType represents a git hosting provider.
const ( ProviderGitHub ProviderType = "github" ProviderGitLab ProviderType = "gitlab" ProviderBitbucket ProviderType = "bitbucket" ProviderAzureDevOps ProviderType = "azure-devops" ProviderAWS ProviderType = "aws" ProviderGCP ProviderType = "gcp" ProviderGitea ProviderType = "gitea" ProviderNone ProviderType = "" )
type ResolvedIdentities ¶
type ResolvedIdentities struct {
Primary *Identity `json:"primary"`
SageOx *Identity `json:"sageox,omitempty"`
GitHub *Identity `json:"github,omitempty"`
GitLab *Identity `json:"gitlab,omitempty"`
Bitbucket *Identity `json:"bitbucket,omitempty"`
AzureDevOps *Identity `json:"azure_devops,omitempty"`
AWS *Identity `json:"aws,omitempty"`
GCP *Identity `json:"gcp,omitempty"`
Gitea *Identity `json:"gitea,omitempty"`
Git *Identity `json:"git,omitempty"`
}
ResolvedIdentities contains all resolved identities for a user. Primary is the highest-priority verified identity found. Other fields contain identities from each source (if available).
func Resolve ¶
func Resolve() (*ResolvedIdentities, error)
Resolve determines user identity from all available sources. It follows the priority: SageOx → Provider (from remotes) → Git config. Privacy-first: only probes providers matching the repo's actual remotes.
func ResolveWithConfig ¶
func ResolveWithConfig(cfg *Config) (*ResolvedIdentities, error)
ResolveWithConfig determines user identity with custom configuration.
Source Files