auth

package
v1.158.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2026 License: MIT Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AuthMiddleware 

func AuthMiddleware(cfg *config.Config, authService services.AuthService) echo.MiddlewareFunc

AuthMiddleware creates authentication middleware using internal auth service

func ExtractTokenFromHeader added in v1.0.0 

func ExtractTokenFromHeader(header string) string

ExtractTokenFromHeader extracts GitHub token from Authorization header

func GetConfigFromContext 

func GetConfigFromContext(c echo.Context) *config.Config

GetConfigFromContext retrieves config from Echo context

func GetUserFromContext 

func GetUserFromContext(c echo.Context) *entities.User

GetUserFromContext retrieves internal user entity from Echo context

func IsAWSAccessKeyID added in v1.141.0 

func IsAWSAccessKeyID(s string) bool

IsAWSAccessKeyID checks if the string is a valid AWS Access Key ID format

func RequirePermission 

func RequirePermission(permission entities.Permission, authService services.AuthService) echo.MiddlewareFunc

RequirePermission creates permission-checking middleware using internal auth service

func UserOwnsSession 

func UserOwnsSession(c echo.Context, sessionUserID string) bool

UserOwnsSession checks if the current user owns the specified session using internal auth

Types

type AWSAuthProvider added in v1.141.0 

type AWSAuthProvider struct {
	// contains filtered or unexported fields
}

AWSAuthProvider handles AWS IAM authentication

func NewAWSAuthProvider added in v1.141.0 

func NewAWSAuthProvider(cfg *config.AWSAuthConfig) (*AWSAuthProvider, error)

NewAWSAuthProvider creates a new AWS authentication provider

func (*AWSAuthProvider) Authenticate added in v1.141.0 

func (p *AWSAuthProvider) Authenticate(ctx context.Context, creds *AWSCredentials) (*UserContext, error)

Authenticate authenticates a user using AWS credentials from Basic Auth It verifies the user/role exists and has the required tag using proxy's IAM permissions

type AWSCredentials added in v1.141.0 

type AWSCredentials struct {
	AccessKeyID     string
	SecretAccessKey string
	SessionToken    string
}

AWSCredentials represents AWS credentials extracted from the request

func ExtractAWSCredentialsFromBasicAuth added in v1.141.0 

func ExtractAWSCredentialsFromBasicAuth(r *http.Request) (*AWSCredentials, bool)

ExtractAWSCredentialsFromBasicAuth extracts AWS credentials from Basic Auth header

type AWSUserCache added in v1.141.0 

type AWSUserCache struct {
	Info        *entities.AWSUserInfo
	Role        string
	Permissions []string
	EnvFile     string
}

AWSUserCache represents cached AWS user information

type GitHubAuthProvider added in v1.0.0 

type GitHubAuthProvider struct {
	// contains filtered or unexported fields
}

GitHubAuthProvider handles GitHub OAuth authentication

func NewGitHubAuthProvider added in v1.0.0 

func NewGitHubAuthProvider(cfg *config.GitHubAuthConfig) *GitHubAuthProvider

NewGitHubAuthProvider creates a new GitHub authentication provider

func (*GitHubAuthProvider) Authenticate added in v1.0.0 

func (p *GitHubAuthProvider) Authenticate(ctx context.Context, token string) (*UserContext, error)

Authenticate authenticates a user using GitHub OAuth token

type GitHubOAuthProvider added in v1.9.1 

type GitHubOAuthProvider struct {
	// contains filtered or unexported fields
}

GitHubOAuthProvider handles GitHub OAuth2 authentication flow

func NewGitHubOAuthProvider added in v1.9.1 

func NewGitHubOAuthProvider(cfg *config.GitHubOAuthConfig, githubCfg *config.GitHubAuthConfig) *GitHubOAuthProvider

NewGitHubOAuthProvider creates a new GitHub OAuth provider

func (*GitHubOAuthProvider) ExchangeCode added in v1.9.1 

func (p *GitHubOAuthProvider) ExchangeCode(ctx context.Context, code, state string) (*UserContext, error)

ExchangeCode exchanges the authorization code for an access token

func (*GitHubOAuthProvider) GenerateAuthURL added in v1.9.1 

func (p *GitHubOAuthProvider) GenerateAuthURL(redirectURI string) (string, string, error)

GenerateAuthURL generates the GitHub OAuth authorization URL

func (*GitHubOAuthProvider) RevokeToken added in v1.9.1 

func (p *GitHubOAuthProvider) RevokeToken(ctx context.Context, token string) error

RevokeToken revokes a GitHub access token

type GitHubOrganization added in v1.0.0 

type GitHubOrganization struct {
	Login string `json:"login"`
	ID    int64  `json:"id"`
}

GitHubOrganization represents GitHub organization information

type GitHubTeamMembership added in v1.0.0 

type GitHubTeamMembership struct {
	Organization string `json:"organization"`
	TeamSlug     string `json:"team_slug"`
	TeamName     string `json:"team_name"`
	Role         string `json:"role"`
}

GitHubTeamMembership represents GitHub team membership

type GitHubUserInfo added in v1.0.0 

type GitHubUserInfo struct {
	Login         string                 `json:"login"`
	ID            int64                  `json:"id"`
	Email         string                 `json:"email"`
	Name          string                 `json:"name"`
	Organizations []GitHubOrganization   `json:"organizations"`
	Teams         []GitHubTeamMembership `json:"teams"`
}

GitHubUserInfo represents GitHub user information

type OAuthState added in v1.9.1 

type OAuthState struct {
	State       string    `json:"state"`
	RedirectURI string    `json:"redirect_uri"`
	CreatedAt   time.Time `json:"created_at"`
}

OAuthState represents a pending OAuth authentication state

type OAuthTokenResponse added in v1.9.1 

type OAuthTokenResponse struct {
	AccessToken string `json:"access_token"`
	TokenType   string `json:"token_type"`
	Scope       string `json:"scope"`
}

OAuthTokenResponse represents the GitHub OAuth token response

type UserCache added in v1.9.1 

type UserCache struct {
	User        *GitHubUserInfo
	Role        string
	Permissions []string
	EnvFile     string
}

UserCache represents cached user information, role and permissions

type UserContext 

type UserContext struct {
	UserID      string
	Role        string
	Permissions []string
	APIKey      string
	AuthType    string          // "api_key" or "github_oauth"
	GitHubUser  *GitHubUserInfo // GitHub user info when using GitHub auth
	AccessToken string          // OAuth access token (not serialized)
	EnvFile     string          // Path to team-specific environment file
}

UserContext represents the authenticated user context (for legacy compatibility)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.