Package ownership manages access to resources Copyright 2019 Portworx Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.

Package role manages roles in Kvdb and provides validation Copyright 2018 Portworx Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.

ContextSaveUserInfo saves user information in the context for other functions to consume.

Enabled returns whether auth is enabled.

IsJwtToken returns true if the provided string is a valid jwt token.

NewGuestUser creates UserInfo for the system guest user.

NewIteratingMultiAuthenticator returns Authenticator implementation that iterates over all the supplied authenticators to authenticate a token.

NewJWKSAuthenticator returns a new JWKS authenticator where the issuer must be the same host as the JWKSUrl c := &JWKSAuthConfig{ Issuer: "https://some.token.authority", JWKSUrl: "https://some.token.authority:3030/.well-known/jwks.json", } a, err := NewJWKSAuthenticator(c).

NewJWKSWithIssuerAuthenticator returns a new JWKS authenticator where the issuer can be a different host from the JWKSUrl.

New returns a JwtAuthenticator.

NewMockAuthenticator creates a new mock instance.

NewMultiAuthenticatorByClientID returns Authenticator implementation that assumes that the audience field in the token contains just the client ID, which is also the key in the authenticators map passed to this function.

NewOIDC returns a new OIDC authenticator.

NewUserInfoFromContext returns user information in the context if available.

NoAuth returns the default no auth implementation.

ParseToDuration takes in a "human" type duration and changes it to time.Duration.

Token returns a signed JWT containing the claims provided.

TokenClaims returns the claims for the raw JWT token.

TokenIssuer returns the issuer for the raw JWT token.

Day is the duration of hours in a day.

DayDef is the abbrevation for days.

HourDef is the abbrevation for hours.

Key to store in the token claims in gRPC context.

MinuteDef is the abbrevation for minutes.

SecondDef is the abbrevation for seconds.

default type is sub.

UsernameClaimTypeEmail requests to use "name" as the claims for the ID of the user.

UsernameClaimTypeName requests to use "name" as the claims for the ID of the user.

UsernameClaimTypeSubject requests to use "sub" as the claims for the ID of the user.

Year is the duration of days in a year.

YearDef is the abbrevation for years.

DayRegex is a regular expression for finding days as a duration.

HourRegex is a regular expression for finding hours as a duration.

Inst returns the instance of system token manager.

MinuteRegex is a regular expression for finding minutes as a duration.

SecondRegex is a regular expression for finding seconds as a duration.

SystemTokenManagerInst returns the systemTokenManager instance.

YearRegex is a regular expression for finding years as a duration.

Claims provides information about the claims in the token See https://openid.net/specs/openid-connect-core-1_0.html#IDToken for more information.

JWKSAuthConfig configures an JWKS connection.

JWKSAuthenticator is used to validate tokens with an JWKS.

JwtAuthConfig provides JwtAuthenticator the keys to validate the token.

JwtAuthenticator definition.

MockAuthenticator is a mock of Authenticator interface.

MockAuthenticatorMockRecorder is the mock recorder for MockAuthenticator.

OIDCAuthConfig configures an OIDC connection.

OIDCAuthenticator is used to validate tokens with an OIDC.

Options provide any options to apply to the token.

Signature describes the signature type using definitions from the jwt package.

UserInfo contains information about the user taken from the token.

Authenticator interface validates and extracts the claims from a raw token.

TokenGenerator allows for the creation of tokens.

Keys to store data in gRPC context.

UsernameClaimType holds the claims type to be used as the unique id for the user.