1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-12-28 10:15:46 +01:00
Commit graph

14 commits

Author SHA1 Message Date
Juliusz Chroboczek
2f5c21d161 Implement accessors for stateful tokens. 2024-05-01 22:39:48 +02:00
Juliusz Chroboczek
8a94f4a716 Export getStateful, simplify interface.
We used to return nil, nil if the token didn't exist.
We now return os.ErrNotExist.
2024-05-01 19:25:26 +02:00
Juliusz Chroboczek
b8f7c68338 Return correct error message for invalid tokens. 2024-03-03 15:42:46 +01:00
Juliusz Chroboczek
3c0dbf5e9b Reliably return an error from token.Parse.
We would sometimes return nil cast to an interface with no error,
which would cause the server to crash with a null dereference.
2023-05-14 21:14:59 +02:00
Juliusz Chroboczek
a6314a7384 Implement stateful tokens.
Stateful tokens look just like cryptographic tokens to the client.
Unlike cryptographic tokens, they are stored in a file and are
revokable and editable.
2023-04-04 00:59:54 +02:00
Juliusz Chroboczek
c58064d923 Move token handling into the separate module.
Tokens are now an interface, and all the token logic is encapsulated
in the token module.
2023-04-03 22:58:38 +02:00
Juliusz Chroboczek
f75b964a6b Distinguish tokens with empty sub from no sub
We now distinguish between tokens that specify an empty username
(sub="") and tokens that don't specify sub.  The latter are
considered invalid for now.
2023-01-14 23:19:51 +01:00
Juliusz Chroboczek
de3a016f4d Set the username in the server when using tokens.
This avoids the need to pass the username in the URL without
requiring the client to parse tokens.
2022-02-20 15:33:11 +01:00
Juliusz Chroboczek
c4d46d20aa Add the galene-link utility. 2022-02-20 01:16:26 +01:00
Juliusz Chroboczek
37ef768ac0 Fix token parsing when aud is an array. 2022-02-20 01:05:21 +01:00
Juliusz Chroboczek
a86fb08f6c Replace ClientPermissions with a list of strings.
Now that we support external auth, the permissions list is
open-ended.  Make it a list for simplicity.
2022-02-19 23:44:57 +01:00
Juliusz Chroboczek
1d583e5367 Don't verify token issuer.
This makes it possible to use token authentication without
an authentication server.
2022-02-18 19:21:02 +01:00
Juliusz Chroboczek
947eb71328 Used named errors in token code. 2022-02-18 15:59:59 +01:00
Juliusz Chroboczek
03811db37d Implement token authentication. 2022-02-18 13:35:17 +01:00