diff --git a/authenticate/config.go b/authenticate/config.go index a1f9a8ecd..3e6afcb4c 100644 --- a/authenticate/config.go +++ b/authenticate/config.go @@ -1,8 +1,8 @@ package authenticate import ( + "github.com/pomerium/pomerium/authenticate/events" "github.com/pomerium/pomerium/config" - "github.com/pomerium/pomerium/internal/authenticateflow" "github.com/pomerium/pomerium/internal/identity" identitypb "github.com/pomerium/pomerium/pkg/grpc/identity" ) @@ -10,7 +10,7 @@ import ( type authenticateConfig struct { getIdentityProvider func(options *config.Options, idpID string) (identity.Authenticator, error) profileTrimFn func(*identitypb.Profile) - authEventFn authenticateflow.AuthEventFn + authEventFn events.AuthEventFn } // An Option customizes the Authenticate config. @@ -40,7 +40,7 @@ func WithProfileTrimFn(profileTrimFn func(*identitypb.Profile)) Option { } // WithOnAuthenticationEventHook sets the authEventFn function in the config -func WithOnAuthenticationEventHook(fn authenticateflow.AuthEventFn) Option { +func WithOnAuthenticationEventHook(fn events.AuthEventFn) Option { return func(cfg *authenticateConfig) { cfg.authEventFn = fn } diff --git a/internal/authenticateflow/events.go b/authenticate/events/events.go similarity index 93% rename from internal/authenticateflow/events.go rename to authenticate/events/events.go index ca261e008..08878ce0b 100644 --- a/internal/authenticateflow/events.go +++ b/authenticate/events/events.go @@ -1,4 +1,5 @@ -package authenticateflow +// Package events defines authentication flow event types. +package events import ( "context" diff --git a/internal/authenticateflow/stateless.go b/internal/authenticateflow/stateless.go index e5b429faf..c0175098e 100644 --- a/internal/authenticateflow/stateless.go +++ b/internal/authenticateflow/stateless.go @@ -12,6 +12,7 @@ import ( "golang.org/x/oauth2" "google.golang.org/protobuf/encoding/protojson" + "github.com/pomerium/pomerium/authenticate/events" "github.com/pomerium/pomerium/config" "github.com/pomerium/pomerium/internal/encoding" "github.com/pomerium/pomerium/internal/encoding/jws" @@ -57,7 +58,7 @@ type Stateless struct { getIdentityProvider func(options *config.Options, idpID string) (identity.Authenticator, error) profileTrimFn func(*identitypb.Profile) - authEventFn AuthEventFn + authEventFn events.AuthEventFn } // NewStateless initializes the authentication flow for the given @@ -67,7 +68,7 @@ func NewStateless( sessionStore sessions.SessionStore, getIdentityProvider func(options *config.Options, idpID string) (identity.Authenticator, error), profileTrimFn func(*identitypb.Profile), - authEventFn AuthEventFn, + authEventFn events.AuthEventFn, ) (*Stateless, error) { s := &Stateless{ options: cfg.Options, @@ -295,7 +296,7 @@ func (s *Stateless) logAuthenticateEvent(r *http.Request, profile *identitypb.Pr log.Warn(ctx).Err(err).Msg("log authenticate event: failed to decrypt request params") } - evt := AuthEvent{ + evt := events.AuthEvent{ IP: httputil.GetClientIP(r), Version: params.Get(urlutil.QueryVersion), RequestUUID: params.Get(urlutil.QueryRequestUUID), @@ -310,9 +311,9 @@ func (s *Stateless) logAuthenticateEvent(r *http.Request, profile *identitypb.Pr } if evt.UID != nil { - evt.Event = AuthEventSignInComplete + evt.Event = events.AuthEventSignInComplete } else { - evt.Event = AuthEventSignInRequest + evt.Event = events.AuthEventSignInRequest } if redirectURL, err := url.Parse(params.Get(urlutil.QueryRedirectURI)); err == nil {