database

package
v0.0.0-...-535d45a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 24, 2025 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source 
const EmailKey string = "email"
View Source 
const PasskeyKey string = "passkey"
View Source 
const TOTPKey string = "totp"
View Source 
const WebAuthnKey string = "webauthn"

Variables

View Source 
var ErrObjectNotFound = errors.New("object not found")

Functions

func NewOAuth2RefreshTokenID 

func NewOAuth2RefreshTokenID() string

Types

type Driver 

type Driver interface {
	Name() string
	UpdateSchema(ctx context.Context) (SchemaVersion, SchemaVersion, error)
	InsertOAuth2AuthRequest(ctx context.Context, authRequest *OAuth2AuthRequest) error
	SelectOAuth2AuthRequest(ctx context.Context, id string) (*OAuth2AuthRequest, error)
	SelectOAuth2AuthRequestByCode(ctx context.Context, code string) (*OAuth2AuthRequest, error)
	AuthenticateOAuth2AuthRequest(ctx context.Context, id string, subject string, generateChallengeFunc GenerateChallengeFunc, remember bool) error
	VerifyAndTransformOAuth2AuthRequestToUserSessionRequest(ctx context.Context, id string, subject string, verifyChallengeResponse VerifyChallengeResponseFunc, response string) (*UserSessionRequest, error)
	DeleteOAuth2AuthRequest(ctx context.Context, id string) error
	DeleteExpiredOAuth2AuthRequests(ctx context.Context) error
	InsertOAuth2AuthCode(ctx context.Context, code string, id string) error
	InsertOAuth2Token(ctx context.Context, token *OAuth2Token) error
	SelectOAuth2Token(ctx context.Context, id string) (*OAuth2Token, error)
	DeleteOAuth2Token(ctx context.Context, id string) error
	DeleteExpiredOAuth2Tokens(ctx context.Context) error
	InsertOAuth2RefreshToken(ctx context.Context, refreshToken *OAuth2RefreshToken, token *OAuth2Token) error
	RenewOAuth2RefreshToken(ctx context.Context, id string, newToken *OAuth2Token) (*OAuth2RefreshToken, error)
	SelectOAuth2RefreshToken(ctx context.Context, id string) (*OAuth2RefreshToken, error)
	DeleteOAuth2TokensBySubject(ctx context.Context, applicationID string, subject string) error
	DeleteOAuth2RefreshToken(ctx context.Context, id string) error
	DeleteExpiredOAuth2RefreshTokens(ctx context.Context) error
	RotateSigningKeys(ctx context.Context, algorithm jose.SignatureAlgorithm, now int64, generateSigningKey GenerateSigningKeyFunc) (SigningKeys, error)
	InstanciateEncryptionKey(ctx context.Context, keyGroup string, keyType servercrypto.SymetricKeyType, generateEncryptionKey GenerateEncryptionKeyFunc) (*EncryptionKey, error)
	TransformAndDeleteUserSessionRequest(ctx context.Context, state string, token *oauth2.Token) (*UserSession, bool, error)
	DeleteExpiredUserSessionRequests(ctx context.Context) error
	SelectUserSession(ctx context.Context, id string) (*UserSession, error)
	RefreshUserSessions(ctx context.Context, expiry int64, refresh RefreshUserSession) error
	UpdateUserSession(ctx context.Context, session *UserSession) error
	DeleteExpiredUserSessions(ctx context.Context) error
	InsertOrUpdateUserVerificationLog(ctx context.Context, log *UserVerificationLog) (*UserVerificationLog, error)
	SelectUserVerificationLogs(ctx context.Context, subject string) ([]*UserVerificationLog, error)
	GenerateUserTOTPRegistrationRequest(ctx context.Context, subject string, secret string, generateChallengeFunc GenerateChallengeFunc) (*UserTOTPRegistrationRequest, error)
	SelectUserTOTPRegistrationRequest(ctx context.Context, subject string) (*UserTOTPRegistrationRequest, error)
	DeleteExpiredUserTOTPRegistrationRequests(ctx context.Context) error
	VerifyAndTransformUserTOTPRegistrationRequestToRegistration(ctx context.Context, subject string, verifyChallengeResponse VerifyChallengeResponseFunc, response string) (*UserTOTPRegistration, error)
	SelectUserTOTPRegistration(ctx context.Context, subject string) (*UserTOTPRegistration, error)
	Ping(ctx context.Context) error
	Close() error
}

func OpenMemoryDB 

func OpenMemoryDB(logger *slog.Logger) (Driver, error)

func OpenPostgresDB 

func OpenPostgresDB(url string, logger *slog.Logger) (Driver, error)

func OpenSQLite3DB 

func OpenSQLite3DB(file string, logger *slog.Logger) (Driver, error)

type EncryptionKey 

type EncryptionKey struct {
	ID         string
	KeyGroup   string
	KeyType    string
	HashKey    []byte
	BlockKey   []byte
	CreateTime int64
}

func NewEncryptionKey 

func NewEncryptionKey(keyType servercrypto.SymetricKeyType, keyGroup string) (*EncryptionKey, error)

func (*EncryptionKey) KeyData 

func (k *EncryptionKey) KeyData() servercrypto.SymetricKeyData

func (*EncryptionKey) OpCrypto 

func (k *EncryptionKey) OpCrypto() (op.Crypto, error)

type EncryptionKeys 

type EncryptionKeys []*EncryptionKey

type GenerateChallengeFunc 

type GenerateChallengeFunc func(ctx context.Context, subject string) (string, error)

type GenerateEncryptionKeyFunc 

type GenerateEncryptionKeyFunc func(keyType servercrypto.SymetricKeyType, keyGroup string) (*EncryptionKey, error)

type GenerateSigningKeyFunc 

type GenerateSigningKeyFunc func(algorithm jose.SignatureAlgorithm) (*SigningKey, error)

type OAuth2AuthRequest 

type OAuth2AuthRequest struct {
	ID            string
	ACR           string
	AMR           []string
	Audience      []string
	Expiry        int64
	AuthTime      int64
	ClientID      string
	CodeChallenge *oidc.CodeChallenge
	Nonce         string
	RedirectURL   string
	ResponseType  oidc.ResponseType
	ResponseMode  oidc.ResponseMode
	Scopes        []string
	State         string
	Subject       string
	Challenge     string
	Remember      bool
	Done          bool
}

func NewOAuth2AuthRequest 

func NewOAuth2AuthRequest(id string) *OAuth2AuthRequest

func NewOAuth2AuthRequestFromOIDCAuthRequest 

func NewOAuth2AuthRequestFromOIDCAuthRequest(oidcAuthRequest *oidc.AuthRequest, userID string) *OAuth2AuthRequest

func (*OAuth2AuthRequest) Expired 

func (r *OAuth2AuthRequest) Expired() bool

func (*OAuth2AuthRequest) OpAuthRequest 

func (r *OAuth2AuthRequest) OpAuthRequest() op.AuthRequest

type OAuth2RefreshToken 

type OAuth2RefreshToken struct {
	ID            string
	AuthTime      int64
	AMR           []string
	Audience      []string
	Subject       string
	ClientID      string
	Expiry        int64
	Scopes        []string
	AccessTokenID string
}

func NewOAuth2RefreshToken 

func NewOAuth2RefreshToken(id string) *OAuth2RefreshToken

func NewOAuth2RefreshTokenFromAuthRequest 

func NewOAuth2RefreshTokenFromAuthRequest(id string, tokenID string, request op.AuthRequest) *OAuth2RefreshToken

func NewOAuth2RefreshTokenFromRefreshToken 

func NewOAuth2RefreshTokenFromRefreshToken(id string, tokenID string, refreshToken *OAuth2RefreshToken) *OAuth2RefreshToken

func NewOAuth2RefreshTokenFromRefreshTokenRequest 

func NewOAuth2RefreshTokenFromRefreshTokenRequest(id string, tokenID string, request op.RefreshTokenRequest) *OAuth2RefreshToken

func NewOAuth2RefreshTokenFromTokenExchangeRequest 

func NewOAuth2RefreshTokenFromTokenExchangeRequest(id string, tokenID string, request op.TokenExchangeRequest) *OAuth2RefreshToken

func (*OAuth2RefreshToken) Expired 

func (t *OAuth2RefreshToken) Expired() bool

func (*OAuth2RefreshToken) OpRefreshToken 

func (t *OAuth2RefreshToken) OpRefreshToken() op.RefreshTokenRequest

type OAuth2Token 

type OAuth2Token struct {
	ID             string
	ClientID       string
	Subject        string
	RefreshTokenID string
	Audience       []string
	Expiry         int64
	Scopes         []string
}

func NewOAuth2Token 

func NewOAuth2Token(id string) *OAuth2Token

func NewOAuth2TokenFromAuthRequest 

func NewOAuth2TokenFromAuthRequest(request op.AuthRequest, refreshTokenID string) *OAuth2Token

func NewOAuth2TokenFromRefreshTokenRequest 

func NewOAuth2TokenFromRefreshTokenRequest(request op.RefreshTokenRequest, refreshTokenID string) *OAuth2Token

func NewOAuth2TokenFromTokenExchangeRequest 

func NewOAuth2TokenFromTokenExchangeRequest(request op.TokenExchangeRequest, refreshTokenID string) *OAuth2Token

func (*OAuth2Token) Expired 

func (t *OAuth2Token) Expired() bool

type OpAuthRequest 

type OpAuthRequest struct {
	// contains filtered or unexported fields
}

func (*OpAuthRequest) Done 

func (r *OpAuthRequest) Done() bool

func (*OpAuthRequest) GetACR 

func (r *OpAuthRequest) GetACR() string

func (*OpAuthRequest) GetAMR 

func (r *OpAuthRequest) GetAMR() []string

func (*OpAuthRequest) GetAudience 

func (r *OpAuthRequest) GetAudience() []string

func (*OpAuthRequest) GetAuthTime 

func (r *OpAuthRequest) GetAuthTime() time.Time

func (*OpAuthRequest) GetClientID 

func (r *OpAuthRequest) GetClientID() string

func (*OpAuthRequest) GetCodeChallenge 

func (r *OpAuthRequest) GetCodeChallenge() *oidc.CodeChallenge

func (*OpAuthRequest) GetID 

func (r *OpAuthRequest) GetID() string

func (*OpAuthRequest) GetNonce 

func (r *OpAuthRequest) GetNonce() string

func (*OpAuthRequest) GetRedirectURI 

func (r *OpAuthRequest) GetRedirectURI() string

func (*OpAuthRequest) GetResponseMode 

func (r *OpAuthRequest) GetResponseMode() oidc.ResponseMode

func (*OpAuthRequest) GetResponseType 

func (r *OpAuthRequest) GetResponseType() oidc.ResponseType

func (*OpAuthRequest) GetScopes 

func (r *OpAuthRequest) GetScopes() []string

func (*OpAuthRequest) GetState 

func (r *OpAuthRequest) GetState() string

func (*OpAuthRequest) GetSubject 

func (r *OpAuthRequest) GetSubject() string

type OpRefreshTokenRequest 

type OpRefreshTokenRequest struct {
	// contains filtered or unexported fields
}

func (*OpRefreshTokenRequest) GetAMR 

func (r *OpRefreshTokenRequest) GetAMR() []string

func (*OpRefreshTokenRequest) GetAudience 

func (r *OpRefreshTokenRequest) GetAudience() []string

func (*OpRefreshTokenRequest) GetAuthTime 

func (r *OpRefreshTokenRequest) GetAuthTime() time.Time

func (*OpRefreshTokenRequest) GetClientID 

func (r *OpRefreshTokenRequest) GetClientID() string

func (*OpRefreshTokenRequest) GetScopes 

func (r *OpRefreshTokenRequest) GetScopes() []string

func (*OpRefreshTokenRequest) GetSubject 

func (r *OpRefreshTokenRequest) GetSubject() string

func (*OpRefreshTokenRequest) SetCurrentScopes 

func (r *OpRefreshTokenRequest) SetCurrentScopes(scopes []string)

type RefreshUserSession 

type RefreshUserSession func(ctx context.Context, session *UserSession) error

type SchemaVersion 

type SchemaVersion string
const (
	SchemaNone SchemaVersion = ""
	Schema1    SchemaVersion = "1"
)

type SigningKey 

type SigningKey struct {
	ID         string
	Algorithm  string
	PrivateKey []byte
	PublicKey  []byte
	CreateTime int64
}

func NewSigningKeyForAlgorithm 

func NewSigningKeyForAlgorithm(algorithm jose.SignatureAlgorithm) (*SigningKey, error)

func (*SigningKey) IsActive 

func (k *SigningKey) IsActive(now int64) bool

func (*SigningKey) OpKey 

func (k *SigningKey) OpKey() (op.Key, error)

func (*SigningKey) OpSigningKey 

func (k *SigningKey) OpSigningKey() (op.SigningKey, error)

type SigningKeys 

type SigningKeys []*SigningKey

type UserSession 

type UserSession struct {
	ID            string
	Subject       string
	AccessToken   string
	TokenType     string
	RefreshToken  string
	TokenExpiry   int64
	SessionExpiry int64
}

func NewUserSession 

func NewUserSession(subject string, token *oauth2.Token) *UserSession

func (*UserSession) Expired 

func (s *UserSession) Expired() bool

func (*UserSession) Invalidate 

func (s *UserSession) Invalidate()

func (*UserSession) OAuth2Token 

func (s *UserSession) OAuth2Token() *oauth2.Token

func (*UserSession) Refresh 

func (s *UserSession) Refresh(token *oauth2.Token) bool

type UserSessionRequest 

type UserSessionRequest struct {
	ID       string
	Subject  string
	Remember bool
	State    string
	Expiry   int64
}

func NewUserSessionRequest 

func NewUserSessionRequest(subject string, remember bool, state string) *UserSessionRequest

func (*UserSessionRequest) Expired 

func (r *UserSessionRequest) Expired() bool

type UserTOTPRegistration 

type UserTOTPRegistration struct {
	Subject    string
	Secret     string
	CreateTime int64
}

func NewUserTOTPRegistrationFromRequest 

func NewUserTOTPRegistrationFromRequest(request *UserTOTPRegistrationRequest) *UserTOTPRegistration

type UserTOTPRegistrationRequest 

type UserTOTPRegistrationRequest struct {
	Subject   string
	Secret    string
	Challenge string
	Expiry    int64
}

func NewUserTOTPRegistrationRequest 

func NewUserTOTPRegistrationRequest(subject string, secret string, challenge string) *UserTOTPRegistrationRequest

func (*UserTOTPRegistrationRequest) Expired 

func (r *UserTOTPRegistrationRequest) Expired() bool

type UserVerificationLog 

type UserVerificationLog struct {
	Subject     string
	Method      string
	FirstUsed   int64
	LastUsed    int64
	Host        string
	Country     string
	CountryCode string
	City        string
	Lat         float64
	Lon         float64
}

func NewUserVerificationLog 

func NewUserVerificationLog(subject string, method string, location *geoip.Location) *UserVerificationLog

func (*UserVerificationLog) Update 

func (l *UserVerificationLog) Update(log *UserVerificationLog)

type UserWebAuthnIdentity 

type UserWebAuthnIdentity struct {
	WebAuthnID          []byte
	WebAuthnName        string
	WebAuthnDisplayName string
}

func (*UserWebAuthnIdentity) WebAuthnUser 

func (wai *UserWebAuthnIdentity) WebAuthnUser() webauthn.User

type VerifyChallengeResponseFunc 

type VerifyChallengeResponseFunc func(ctx context.Context, subject string, challenge string, response string) (bool, error)

type WebAuthnUser 

type WebAuthnUser struct {
	// contains filtered or unexported fields
}

func (*WebAuthnUser) WebAuthnCredentials 

func (wau *WebAuthnUser) WebAuthnCredentials() []webauthn.Credential

func (*WebAuthnUser) WebAuthnDisplayName 

func (wau *WebAuthnUser) WebAuthnDisplayName() string

func (*WebAuthnUser) WebAuthnID 

func (wau *WebAuthnUser) WebAuthnID() []byte

func (*WebAuthnUser) WebAuthnName 

func (wau *WebAuthnUser) WebAuthnName() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.