empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-06 17:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
261b7f916c
fleet/server/kolide/sessions.go
John Murphy 019191c36b SSO Login and Configuration Support (#1506) 
Closes issue #1456 This PR adds a single sign on option to the login form, exposes single sign on to the end user, and allows an admin user to set single sign on configuration options.
2017-05-17 10:58:40 -05:00

86 lines
3.0 KiB
Go
Raw Blame History

package kolide
import (
"context"
"time"
)
// SessionStore is the abstract interface that all session backends must
// conform to.
type SessionStore interface {
// Given a session key, find and return a session object or an error if one
// could not be found for the given key
SessionByKey(key string) (*Session, error)
// Given a session id, find and return a session object or an error if one
// could not be found for the given id
SessionByID(id uint) (*Session, error)
// Find all of the active sessions for a given user
ListSessionsForUser(id uint) ([]*Session, error)
// Store a new session struct
NewSession(session *Session) (*Session, error)
// Destroy the currently tracked session
DestroySession(session *Session) error
// Destroy all of the sessions for a given user
DestroyAllSessionsForUser(id uint) error
// Mark the currently tracked session as access to extend expiration
MarkSessionAccessed(session *Session) error
}
type Auth interface {
UserID() string
RequestID() string
}
type SessionService interface {
// InitiateSSO is used to initiate an SSO session and returns a URL that
// can be used in a redirect to the IDP.
// Arguments: redirectURL is the URL of the protected resource that the user
// was trying to access when they were promted to log in.
InitiateSSO(ctx context.Context, redirectURL string) (string, error)
// CallbackSSO handles the IDP response. The original URL the viewer attempted
// to access is returned from this function so we can redirect back to the front end and
// load the page the viewer originally attempted to access when prompted for login.
CallbackSSO(ctx context.Context, auth Auth) (*SSOSession, error)
// SSOSettings returns non sensitive single sign on information used before
// authentication
SSOSettings(ctx context.Context) (*SSOSettings, error)
Login(ctx context.Context, username, password string) (user *User, token string, err error)
Logout(ctx context.Context) (err error)
DestroySession(ctx context.Context) (err error)
GetInfoAboutSessionsForUser(ctx context.Context, id uint) (sessions []*Session, err error)
DeleteSessionsForUser(ctx context.Context, id uint) (err error)
GetInfoAboutSession(ctx context.Context, id uint) (session *Session, err error)
GetSessionByKey(ctx context.Context, key string) (session *Session, err error)
DeleteSession(ctx context.Context, id uint) (err error)
}
type SSOSession struct {
Token string
RedirectURL string
}
// SSOSettings SSO information used prior to authentication.
type SSOSettings struct {
// IDPName is a human readable name for the IDP
IDPName string `json:"idp_name"`
// IDPImageURL https link to a logo image for the IDP.
IDPImageURL string `json:"idp_image_url"`
// SSOEnabled true if single sign on is enabled.
SSOEnabled bool `json:"sso_enabled"`
}
// Session is the model object which represents what an active session is
type Session struct {
CreateTimestamp
ID uint
AccessedAt time.Time `db:"accessed_at"`
UserID uint `db:"user_id"`
Key string
}
Reference in New Issue View Git Blame Copy Permalink