galene/token/token.go

package token

import (
	"errors"
	"os"
)

var ErrUsernameRequired = errors.New("username required")

type Token interface {
	Check(host, group string, username *string) (string, []string, error)
}

func Parse(token string, keys []map[string]interface{}) (Token, error) {
	// both getStateful and parseJWT may return nil, which we
	// shouldn't cast into an interface.  Be very careful.
	s, err1 := getStateful(token)
	if err1 == nil && s != nil {
		return s, nil
	}

	jwt, err2 := parseJWT(token, keys)
	if err2 == nil && jwt != nil {
		return jwt, nil
	}

	if err1 != nil {
		return nil, err1
	} else if err2 != nil {
		return nil, err2
	} else {
		return nil, os.ErrNotExist
	}
}
Implement token authentication. 2021-10-29 23:37:05 +02:00			`package token`

Implement stateful tokens. Stateful tokens look just like cryptographic tokens to the client. Unlike cryptographic tokens, they are stored in a file and are revokable and editable. 2023-03-22 04:04:22 +01:00			`import (`
			`"errors"`
Reliably return an error from token.Parse. We would sometimes return nil cast to an interface with no error, which would cause the server to crash with a null dereference. 2023-05-14 21:14:59 +02:00			`"os"`
Implement stateful tokens. Stateful tokens look just like cryptographic tokens to the client. Unlike cryptographic tokens, they are stored in a file and are revokable and editable. 2023-03-22 04:04:22 +01:00			`)`

			`var ErrUsernameRequired = errors.New("username required")`

Move token handling into the separate module. Tokens are now an interface, and all the token logic is encapsulated in the token module. 2023-03-22 00:07:13 +01:00			`type Token interface {`
			`Check(host, group string, username *string) (string, []string, error)`
Fix token parsing when aud is an array. 2022-02-20 01:04:16 +01:00			`}`

Move token handling into the separate module. Tokens are now an interface, and all the token logic is encapsulated in the token module. 2023-03-22 00:07:13 +01:00			`func Parse(token string, keys []map[string]interface{}) (Token, error) {`
Reliably return an error from token.Parse. We would sometimes return nil cast to an interface with no error, which would cause the server to crash with a null dereference. 2023-05-14 21:14:59 +02:00			`// both getStateful and parseJWT may return nil, which we`
			`// shouldn't cast into an interface. Be very careful.`
			`s, err1 := getStateful(token)`
			`if err1 == nil && s != nil {`
			`return s, nil`
			`}`

			`jwt, err2 := parseJWT(token, keys)`
			`if err2 == nil && jwt != nil {`
			`return jwt, nil`
			`}`

			`if err1 != nil {`
			`return nil, err1`
			`} else if err2 != nil {`
			`return nil, err2`
			`} else {`
			`return nil, os.ErrNotExist`
Implement stateful tokens. Stateful tokens look just like cryptographic tokens to the client. Unlike cryptographic tokens, they are stored in a file and are revokable and editable. 2023-03-22 04:04:22 +01:00			`}`
Implement token authentication. 2021-10-29 23:37:05 +02:00			`}`