mirror of
https://github.com/pomerium/pomerium.git
synced 2025-07-29 22:48:15 +02:00
authenticate: make service http only
- Rename SessionState to State to avoid stutter. - Simplified option validation to use a wrapper function for base64 secrets. - Removed authenticates grpc code. - Abstracted logic to load and validate a user's authenticate session. - Removed instances of url.Parse in favor of urlutil's version. - proxy: replaces grpc refresh logic with forced deadline advancement. - internal/sessions: remove rest store; parse authorize header as part of session store. - proxy: refactor request signer - sessions: remove extend deadline (fixes #294) - remove AuthenticateInternalAddr - remove AuthenticateInternalAddrString - omit type tag.Key from declaration of vars TagKey* it will be inferred from the right-hand side - remove compatibility package xerrors - use cloned http.DefaultTransport as base transport
This commit is contained in:
Bobby DeSimone
parent
bc72d08ad4
commit
380d314404
53 changed files with 718 additions and 2280 deletions
|
|
@ -6,35 +6,6 @@ import (
|
|||
"github.com/pomerium/pomerium/internal/sessions"
|
||||
)
|
||||
|
||||
// MockAuthenticate provides a mocked implementation of the authenticator interface.
|
||||
type MockAuthenticate struct {
|
||||
RedeemError error
|
||||
RedeemResponse *sessions.SessionState
|
||||
RefreshResponse *sessions.SessionState
|
||||
RefreshError error
|
||||
ValidateResponse bool
|
||||
ValidateError error
|
||||
CloseError error
|
||||
}
|
||||
|
||||
// Redeem is a mocked authenticator client function.
|
||||
func (a MockAuthenticate) Redeem(ctx context.Context, code string) (*sessions.SessionState, error) {
|
||||
return a.RedeemResponse, a.RedeemError
|
||||
}
|
||||
|
||||
// Refresh is a mocked authenticator client function.
|
||||
func (a MockAuthenticate) Refresh(ctx context.Context, s *sessions.SessionState) (*sessions.SessionState, error) {
|
||||
return a.RefreshResponse, a.RefreshError
|
||||
}
|
||||
|
||||
// Validate is a mocked authenticator client function.
|
||||
func (a MockAuthenticate) Validate(ctx context.Context, idToken string) (bool, error) {
|
||||
return a.ValidateResponse, a.ValidateError
|
||||
}
|
||||
|
||||
// Close is a mocked authenticator client function.
|
||||
func (a MockAuthenticate) Close() error { return a.CloseError }
|
||||
|
||||
// MockAuthorize provides a mocked implementation of the authorizer interface.
|
||||
type MockAuthorize struct {
|
||||
AuthorizeResponse bool
|
||||
|
|
@ -48,11 +19,11 @@ type MockAuthorize struct {
|
|||
func (a MockAuthorize) Close() error { return a.CloseError }
|
||||
|
||||
// Authorize is a mocked authorizer client function.
|
||||
func (a MockAuthorize) Authorize(ctx context.Context, route string, s *sessions.SessionState) (bool, error) {
|
||||
func (a MockAuthorize) Authorize(ctx context.Context, route string, s *sessions.State) (bool, error) {
|
||||
return a.AuthorizeResponse, a.AuthorizeError
|
||||
}
|
||||
|
||||
// IsAdmin is a mocked IsAdmin function.
|
||||
func (a MockAuthorize) IsAdmin(ctx context.Context, s *sessions.SessionState) (bool, error) {
|
||||
func (a MockAuthorize) IsAdmin(ctx context.Context, s *sessions.State) (bool, error) {
|
||||
return a.IsAdminResponse, a.IsAdminError
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue