auth.go 2.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package auth
  5. import (
  6. "fmt"
  7. "github.com/pkg/errors"
  8. "gogs.io/gogs/internal/errutil"
  9. )
  10. type Type int
  11. // Note: New type must append to the end of list to maintain backward compatibility.
  12. const (
  13. None Type = iota
  14. Plain // 1
  15. LDAP // 2
  16. SMTP // 3
  17. PAM // 4
  18. DLDAP // 5
  19. GitHub // 6
  20. )
  21. // Name returns the human-readable name for given authentication type.
  22. func Name(typ Type) string {
  23. return map[Type]string{
  24. LDAP: "LDAP (via BindDN)",
  25. DLDAP: "LDAP (simple auth)", // Via direct bind
  26. SMTP: "SMTP",
  27. PAM: "PAM",
  28. GitHub: "GitHub",
  29. }[typ]
  30. }
  31. var _ errutil.NotFound = (*ErrBadCredentials)(nil)
  32. type ErrBadCredentials struct {
  33. Args errutil.Args
  34. }
  35. // IsErrBadCredentials returns true if the underlying error has the type
  36. // ErrBadCredentials.
  37. func IsErrBadCredentials(err error) bool {
  38. _, ok := errors.Cause(err).(ErrBadCredentials)
  39. return ok
  40. }
  41. func (err ErrBadCredentials) Error() string {
  42. return fmt.Sprintf("bad credentials: %v", err.Args)
  43. }
  44. func (ErrBadCredentials) NotFound() bool {
  45. return true
  46. }
  47. // ExternalAccount contains queried information returned by an authenticate provider
  48. // for an external account.
  49. type ExternalAccount struct {
  50. // REQUIRED: The login to be used for authenticating against the provider.
  51. Login string
  52. // REQUIRED: The username of the account.
  53. Name string
  54. // The full name of the account.
  55. FullName string
  56. // The email address of the account.
  57. Email string
  58. // The location of the account.
  59. Location string
  60. // The website of the account.
  61. Website string
  62. // Whether the user should be prompted as a site admin.
  63. Admin bool
  64. }
  65. // Provider defines an authenticate provider which provides ability to authentication against
  66. // an external identity provider and query external account information.
  67. type Provider interface {
  68. // Authenticate performs authentication against an external identity provider
  69. // using given credentials and returns queried information of the external account.
  70. Authenticate(login, password string) (*ExternalAccount, error)
  71. // Config returns the underlying configuration of the authenticate provider.
  72. Config() any
  73. // HasTLS returns true if the authenticate provider supports TLS.
  74. HasTLS() bool
  75. // UseTLS returns true if the authenticate provider is configured to use TLS.
  76. UseTLS() bool
  77. // SkipTLSVerify returns true if the authenticate provider is configured to skip TLS verify.
  78. SkipTLSVerify() bool
  79. }