auth
2014-08-16
Parent:51700827b6ee
auth/config.go
Redirect unauthenticated users to the login page. Redirect unauthenticated users to the login page, and encode the current URL in the redirect_to param so that the user returns to the OAuth2 flow after they log in.
| paddy@6 | 1 package auth |
| paddy@0 | 2 |
| paddy@19 | 3 import "time" |
| paddy@19 | 4 |
| paddy@0 | 5 // AllowedAuthorizeType is a collection of allowed auth request types |
| paddy@0 | 6 type AllowedAuthorizeType []AuthorizeRequestType |
| paddy@0 | 7 |
| paddy@0 | 8 // Exists returns true if the auth type exists in the list |
| paddy@0 | 9 func (t AllowedAuthorizeType) Exists(rt AuthorizeRequestType) bool { |
| paddy@0 | 10 for _, k := range t { |
| paddy@0 | 11 if k == rt { |
| paddy@0 | 12 return true |
| paddy@0 | 13 } |
| paddy@0 | 14 } |
| paddy@0 | 15 return false |
| paddy@0 | 16 } |
| paddy@0 | 17 |
| paddy@0 | 18 // AllowedAccessType is a collection of allowed access request types |
| paddy@0 | 19 type AllowedAccessType []GrantType |
| paddy@0 | 20 |
| paddy@0 | 21 // Exists returns true if the access type exists in the list |
| paddy@0 | 22 func (t AllowedAccessType) Exists(rt GrantType) bool { |
| paddy@0 | 23 for _, k := range t { |
| paddy@0 | 24 if k == rt { |
| paddy@0 | 25 return true |
| paddy@0 | 26 } |
| paddy@0 | 27 } |
| paddy@0 | 28 return false |
| paddy@0 | 29 } |
| paddy@0 | 30 |
| paddy@0 | 31 // ServerConfig contains server configuration information |
| paddy@0 | 32 type ServerConfig struct { |
| paddy@0 | 33 // Authorization token expiration in seconds (default 5 minutes) |
| paddy@0 | 34 AuthorizationExpiration int32 |
| paddy@0 | 35 |
| paddy@0 | 36 // Access token expiration in seconds (default 1 hour) |
| paddy@0 | 37 AccessExpiration int32 |
| paddy@0 | 38 |
| paddy@0 | 39 // Token type to return |
| paddy@0 | 40 TokenType string |
| paddy@0 | 41 |
| paddy@0 | 42 // List of allowed authorize types (only CodeAuthRT by default) |
| paddy@0 | 43 AllowedAuthorizeTypes AllowedAuthorizeType |
| paddy@0 | 44 |
| paddy@0 | 45 // List of allowed access types (only AUTHORIZATION_CodeAuthRT by default) |
| paddy@0 | 46 AllowedAccessTypes AllowedAccessType |
| paddy@0 | 47 |
| paddy@0 | 48 // HTTP status code to return for errors - default 200 |
| paddy@0 | 49 // Only used if response was created from server |
| paddy@0 | 50 ErrorStatusCode int |
| paddy@0 | 51 |
| paddy@0 | 52 // If true allows client secret also in params, else only in |
| paddy@0 | 53 // Authorization header - default false |
| paddy@0 | 54 AllowClientSecretInParams bool |
| paddy@0 | 55 |
| paddy@0 | 56 // If true allows access request using GET, else only POST - default false |
| paddy@0 | 57 AllowGetAccessRequest bool |
| paddy@1 | 58 |
| paddy@1 | 59 // The base path of documentation |
| paddy@1 | 60 DocumentationDomain string |
| paddy@19 | 61 |
| paddy@21 | 62 SessionLength time.Duration |
| paddy@21 | 63 RequestIPHeader string |
| paddy@21 | 64 LoginRedirectDomain string |
| paddy@0 | 65 } |
| paddy@0 | 66 |
| paddy@0 | 67 // NewServerConfig returns a new ServerConfig with default configuration |
| paddy@0 | 68 func NewServerConfig() ServerConfig { |
| paddy@0 | 69 return ServerConfig{ |
| paddy@0 | 70 AuthorizationExpiration: 250, |
| paddy@0 | 71 AccessExpiration: 3600, |
| paddy@0 | 72 TokenType: "bearer", |
| paddy@0 | 73 AllowedAuthorizeTypes: AllowedAuthorizeType{CodeAuthRT}, |
| paddy@0 | 74 AllowedAccessTypes: AllowedAccessType{AuthorizationCodeGrant}, |
| paddy@0 | 75 ErrorStatusCode: 200, |
| paddy@0 | 76 AllowClientSecretInParams: false, |
| paddy@0 | 77 AllowGetAccessRequest: false, |
| paddy@0 | 78 } |
| paddy@0 | 79 } |