Categorygithub.com/containerssh/authintegration
modulepackage
1.0.0
Repository: https://github.com/containerssh/authintegration.git
Documentation: pkg.go.dev
Overview
Versions
2
Dependencies
7
Dependents
0
Files
174 SLOC

# README

ContainerSSH - Launch Containers on Demand

ContainerSSH Authentication Library

Go Report Card LGTM Alerts

This library provides integration between the sshserver library and the auth library

⚠⚠⚠ Warning: This is a developer documentation. ⚠⚠⚠
The user documentation for ContainerSSH is located at containerssh.io.

Using this library

This library can be used to provide an authenticating overlay for ContainerSSH. It stacks well with other libraries. To use it you must first call the authintegration.New() method. This method has three parameters:

  • authClient is an authentication client from the auth library.
  • backend is another implementation of the Handler interface from the sshserver library.
  • behavior influences when the backend is called for authentication purposes.
    • BehaviorNoPassthrough means that the backend will not be used for authentication, only for getting further handlers.
    • BehaviorPassthroughOnFailure will give the backend an additional chance to authenticate the user if the authentication server returns a failure.
    • BehaviorPassthroughOnSuccess passes the credentials to the backend for additional checks of an already verified successful authentication.
    • BehaviorPassthroughOnUnavailable passes the authentication to the backend as a fallback if the authentication server failed to return a valid response.

For example:

handler := authintegration.New(
    auth.ClientConfig{
        URL: "http://localhost:8080"
        Password: true,
        PubKey: false,
    },
    otherHandler,
    logger,
    authintegration.BehaviorNoPassthrough,
)

You can then use the handler to launch an SSH server:

server, err := sshserver.New(
    cfg,
    handler,
    logger,
)

# Functions

New creates a new handler that authenticates the users with passwords and public keys.goland:noinspection GoUnusedExportedFunction.

# Constants

BehaviorNoPassthrough means that the authentication integration will never call the backend for authentication.
BehaviorPassthroughOnFailure will call the backend if the authentication server returned a failure.
BehaviorPassthroughOnSuccess will call the backend if the authentication server returned a success.
BehaviorPassthroughOnUnavailable will call the backend if the authentication server is not available.
No description provided by the author

# Type aliases

Behavior dictactes how when the authentication requests are passed to the backends.