basicauthpassword

package

v3.11.0+incompatible Latest Latest Go to latest Published: Oct 9, 2018 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/lexkong/origin

Links

Open Source Insights

Documentation ¶

Overview ¶

Package basicauthpassword implements authenticator.Password by making a BasicAuth call to a remote endpoint and extracting user information from a JSON response.

Index ¶

Variables
func New(providerName string, url string, transport http.RoundTripper, ...) authenticator.Password
type Authenticator
- func (a *Authenticator) AuthenticatePassword(username, password string) (user.Info, bool, error)
type RemoteError
type RemoteUserData

Constants ¶

This section is empty.

Variables ¶

View Source

var RedirectAttemptedError = errors.New("Redirect attempted")

Functions ¶

func New ¶

func New(providerName string, url string, transport http.RoundTripper, mapper authapi.UserIdentityMapper) authenticator.Password

New returns an authenticator which will make a basic auth call to the given url. A custom transport can be provided (typically to customize TLS options like trusted roots or present a client certificate). If no transport is provided, http.DefaultTransport is used

Types ¶

type Authenticator ¶

type Authenticator struct {
	// contains filtered or unexported fields
}

Authenticator uses basic auth to make a request to a JSON-returning URL. A 401 status indicate failed auth. A non-200 status or the presence of an "error" key with a non-empty

value indicates an error:
{"error":"Error message"}

A 200 status with an "id" key indicates success:

{"id":"userid"}

A successful response may also include name and/or email:

{"id":"userid", "name": "User Name", "email":"user@example.com"}

func (*Authenticator) AuthenticatePassword ¶

func (a *Authenticator) AuthenticatePassword(username, password string) (user.Info, bool, error)

type RemoteError ¶

type RemoteError struct {
	Error string
}

RemoteError holds error data returned from a remote authentication request

type RemoteUserData ¶

type RemoteUserData struct {
	// Subject - Identifier for the End-User at the Issuer. Required.
	Subject string `json:"sub"`
	// Name is the end-User's full name in displayable form including all name parts, possibly including titles and suffixes,
	// ordered according to the End-User's locale and preferences.  Optional.
	Name string `json:"name"`
	// PreferredUsername is a shorthand name by which the End-User wishes to be referred. Optional.
	// Useful when the immutable subject is different than the login used by the user to authenticate
	PreferredUsername string `json:"preferred_username"`
	// Email is the end-User's preferred e-mail address. Optional.
	Email string `json:"email"`
}

RemoteUserData holds user data returned from a remote basic-auth protected endpoint. These field names can not be changed unless external integrators are also updated. Names are based on standard OpenID Connect claims: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL