Documentation
¶
Index ¶
- Constants
- Variables
- func GetApiUrlFromPAT(pat string) (string, error)
- func GetAudienceClaimFromOauthToken(oauthTokenString string) ([]string, error)
- func GetAuthHeader(config configuration.Configuration) string
- func GetOAuthToken(config configuration.Configuration) (*oauth2.Token, error)
- func IsAuthTypePAT(token string) bool
- func IsAuthTypeToken(token string) bool
- func IsKnownOAuthEndpoint(endpoint string) bool
- func IsValidAuthHost(instance string, redirectAuthHostRE string) (bool, error)
- func OpenBrowser(authUrl string)
- func RefreshToken(ctx context.Context, oauthConfig *oauth2.Config, token *oauth2.Token) (*oauth2.Token, error)
- func ShutdownServer(server *http.Server)
- type Authenticator
- type CancelableAuthenticator
- type Claims
- type GrantType
- type OAuth2AuthenticatorOption
- func WithHttpClient(httpClient *http.Client) OAuth2AuthenticatorOption
- func WithLogger(logger *zerolog.Logger) OAuth2AuthenticatorOption
- func WithOpenBrowserFunc(openBrowserFunc func(string)) OAuth2AuthenticatorOption
- func WithShutdownServerFunc(shutdownServerFunc func(server *http.Server)) OAuth2AuthenticatorOption
- func WithTokenRefresherFunc(...) OAuth2AuthenticatorOption
Constants ¶
View Source
const ( //nolint:gosec // not a token value, but a configuration key CONFIG_KEY_ALLOWED_HOST_REGEXP = "INTERNAL_OAUTH_ALLOWED_HOSTS" CONFIG_KEY_OAUTH_TOKEN string = "INTERNAL_OAUTH_TOKEN_STORAGE" OAUTH_CLIENT_ID string = "b56d4c2e-b9e1-4d27-8773-ad47eafb0956" CALLBACK_HOSTNAME string = "127.0.0.1" CALLBACK_PATH string = "/authorization-code/callback" TIMEOUT_SECONDS = 120 * time.Second AUTHENTICATED_MESSAGE = "Your account has been authenticated." PARAMETER_CLIENT_ID string = "client-id" PARAMETER_CLIENT_SECRET string = "client-secret" AUTH_TYPE_OAUTH = "oauth" )
View Source
const ( AUTH_TYPE_TOKEN = "token" AUTH_TYPE_PAT = "pat" CACHED_PAT_KEY_PREFIX = "cached_pat" CACHED_PAT_IS_VALID_KEY_PREFIX = "cached_pat_is_valid" CONFIG_KEY_TOKEN = "api" // the snyk config key for api token CONFIG_KEY_ENDPOINT = "endpoint" // the snyk config key for api endpoint PAT_REGEX = `(snyk_(?:uat|sat))\.([a-z0-9]{8}\.[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+)` )
Variables ¶
View Source
var ( // ErrAuthCanceled is returned when an auth request is canceled by the calling context. ErrAuthCanceled = errors.New("authentication failed (canceled)") // ErrAuthTimedOut is returned when an auth request times out. ErrAuthTimedOut = errors.New("authentication failed (timeout)") )
Functions ¶
func GetApiUrlFromPAT ¶
func GetAudienceClaimFromOauthToken ¶
GetAudienceClaimFromOauthToken returns the API URL specified by the audience claim in a JWT token established by a prior OAuth authentication flow.
Returns an empty string if an OAuth token is not available, cannot be parsed, or lacks such an audience claim, along with an error that may have occurred in the attempt to parse it.
func GetAuthHeader ¶
func GetAuthHeader(config configuration.Configuration) string
GetAuthHeader returns the authentication header value based on the configuration.
func GetOAuthToken ¶
func GetOAuthToken(config configuration.Configuration) (*oauth2.Token, error)
GetOAuthToken extracts an oauth2.Token from the given configuration instance if available
func IsAuthTypePAT ¶
func IsAuthTypeToken ¶
func IsKnownOAuthEndpoint ¶
func IsValidAuthHost ¶
func OpenBrowser ¶
func OpenBrowser(authUrl string)
func RefreshToken ¶
func ShutdownServer ¶
Types ¶
type Authenticator ¶
type Authenticator interface {
// Authenticate authenticates the user and returns an error if the authentication failed.
// Returns ErrAuthTimedOut if the underlying request times out.
Authenticate() error
// AddAuthenticationHeader adds the authentication header to the request.
AddAuthenticationHeader(request *http.Request) error
// IsSupported returns true if the authenticator is ready for use.
// If false is returned, it is not possible to add authentication headers/env vars.
IsSupported() bool
}
func CreateAuthenticator ¶
func CreateAuthenticator(config configuration.Configuration, httpClient *http.Client) Authenticator
func NewOAuth2AuthenticatorWithCustomFuncs
deprecated
func NewOAuth2AuthenticatorWithCustomFuncs( config configuration.Configuration, httpClient *http.Client, openBrowserFunc func(url string), shutdownServerFunc func(server *http.Server), ) Authenticator
Deprecated: use NewOAuth2AuthenticatorWithOpts instead
func NewTokenAuthenticator ¶
func NewTokenAuthenticator(tokenFunc func() string) Authenticator
type CancelableAuthenticator ¶
type CancelableAuthenticator interface {
Authenticator
// CancelableAuthenticate authenticates the user and returns an error if the authentication failed.
// Takes a context that can be used to interrupt the authentication.
// Returns ErrAuthCanceled when interrupted due to a context cancellation.
// Returns ErrAuthTimedOut if the underlying request times out.
CancelableAuthenticate(ctx context.Context) error
}
func NewOAuth2Authenticator ¶
func NewOAuth2Authenticator(config configuration.Configuration, httpClient *http.Client) CancelableAuthenticator
func NewOAuth2AuthenticatorWithOpts ¶
func NewOAuth2AuthenticatorWithOpts(config configuration.Configuration, opts ...OAuth2AuthenticatorOption) CancelableAuthenticator
type Claims ¶
type Claims struct {
// Hostname PAT is valid for
Hostname string `json:"h"`
}
Claims represents the structure of the PATs claims, it does not represent all the claims; only the ones we need
type OAuth2AuthenticatorOption ¶
type OAuth2AuthenticatorOption func(authenticator *oAuth2Authenticator)
func WithHttpClient ¶
func WithHttpClient(httpClient *http.Client) OAuth2AuthenticatorOption
func WithLogger ¶
func WithLogger(logger *zerolog.Logger) OAuth2AuthenticatorOption
func WithOpenBrowserFunc ¶
func WithOpenBrowserFunc(openBrowserFunc func(string)) OAuth2AuthenticatorOption
func WithShutdownServerFunc ¶
func WithShutdownServerFunc(shutdownServerFunc func(server *http.Server)) OAuth2AuthenticatorOption
WithShutdownServerFunc sets the function that is called on server shutdown. shutdownServerFunc must be/call a function which is race condition safe with server.Server if it is called first and will result in server.Server exiting immediately when called.
Source Files
Click to show internal directories.
Click to hide internal directories.