ykauth

package

v0.0.0-...-72724d7 Latest Latest Go to latest Published: Jun 8, 2020 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/bookingcom/yubistack

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func SyncOpt(sync ykval.SyncValue) func(auth *YKAuth)
func TimeoutOpt(timeout int) func(*YKAuth)
func VerifyPassword(password, hash string) bool
type Authentifier
type AuthentifierFunc
- func (af AuthentifierFunc) Authenticate(name, otp, password string) error
type Authorizer
type AuthorizerFunc
- func (af AuthorizerFunc) Authorize(name, otp string) error
type YKAuth
- func NewYKAuth(client *yubico.Client, options ...func(*YKAuth)) *YKAuth
- func (y *YKAuth) Authenticate(name, password, otp string) error
- func (y *YKAuth) Authorize(name, otp string) error

Constants ¶

View Source

const (
	// NonceSize is the fixed value of the nonce used during exchange of requests
	NonceSize = 20
)

Variables ¶

View Source

var (
	// ErrInvalidPassword is the error returned up the stack when password is invalid
	ErrInvalidPassword = fmt.Errorf("invalid password")
	// ErrNoUser is the error returned up the stack when no user is found
	ErrNoUser = fmt.Errorf("no matching user")
)

Functions ¶

func SyncOpt ¶

func SyncOpt(sync ykval.SyncValue) func(auth *YKAuth)

SyncOpt set the internal sync level

func TimeoutOpt ¶

func TimeoutOpt(timeout int) func(*YKAuth)

TimeoutOpt set the internal timeout

func VerifyPassword ¶

func VerifyPassword(password, hash string) bool

VerifyPassword checks a password against its potential hash

Types ¶

type Authentifier ¶

type Authentifier interface {
	Authenticate(name, password, otp string) error
}

Authentifier is an interface abstracting the Authenticate process

type AuthentifierFunc ¶

type AuthentifierFunc func(name, otp, password string) error

AuthentifierFunc is a wrapper for a function to implement the Authentifier interface

func (AuthentifierFunc) Authenticate ¶

func (af AuthentifierFunc) Authenticate(name, otp, password string) error

Authenticate wraps a function to implement Authentifier interface

type Authorizer ¶

type Authorizer interface {
	Authorize(name, otp string) error
}

Authorizer is an interface abstracting the Authorizer process

type AuthorizerFunc ¶

type AuthorizerFunc func(name, otp string) error

AuthorizerFunc is a wrapper for a function to implement the Authorizer interface

func (AuthorizerFunc) Authorize ¶

func (af AuthorizerFunc) Authorize(name, otp string) error

Authorize wraps a function to implement Authorizer interface

type YKAuth ¶

type YKAuth struct {
	zerolog.Logger
	ykval.Verifier
	yubico.UserLoader
	*yubico.Client
	NonceFunc func(int) (string, error)
	// contains filtered or unexported fields
}

YKAuth is the base structure responsible for handling YKAuth flow

func NewYKAuth ¶

func NewYKAuth(client *yubico.Client, options ...func(*YKAuth)) *YKAuth

NewYKAuth creates a new YKAuth instance

func (*YKAuth) Authenticate ¶

func (y *YKAuth) Authenticate(name, password, otp string) error

Authenticate tries to authenticate a user with password + otp

func (*YKAuth) Authorize ¶

func (y *YKAuth) Authorize(name, otp string) error

Authorize tries to authorize a user given its name and otp

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL