soju/auth/auth.go

package auth

import (
	"context"
	"fmt"

	"git.sr.ht/~emersion/soju/database"
)

type Authenticator interface{}

type PlainAuthenticator interface {
	AuthPlain(ctx context.Context, db database.Database, username, password string) error
}

type OAuthBearerAuthenticator interface {
	AuthOAuthBearer(ctx context.Context, db database.Database, token string) (username string, err error)
}

func New(driver, source string) (Authenticator, error) {
	switch driver {
	case "internal":
		return NewInternal(), nil
	case "oauth2":
		return newOAuth2(source)
	case "pam":
		return newPAM()
	default:
		return nil, fmt.Errorf("unknown auth driver %q", driver)
	}
}

// Error is an authentication error.
type Error struct {
	// Internal error cause. This will not be revealed to the user.
	InternalErr error
	// Message which can safely be sent to the user without compromising
	// security.
	ExternalMsg string
}

func (err *Error) Error() string {
	return err.InternalErr.Error()
}

func (err *Error) Unwrap() error {
	return err.InternalErr
}

// newInvalidCredentialsError wraps the provided error into an Error and
// indicates to the user that the provided credentials were invalid.
func newInvalidCredentialsError(err error) *Error {
	return &Error{
		InternalErr: err,
		ExternalMsg: "Invalid credentials",
	}
}
Add infrastructure for external authentication 2022-09-11 13:45:28 +00:00			`package auth`

			`import (`
			`"context"`
			`"fmt"`

			`"git.sr.ht/~emersion/soju/database"`
			`)`

Add support for SASL OAUTHBEARER 2022-10-14 08:44:32 +00:00			`type Authenticator interface{}`

Add infrastructure for external authentication 2022-09-11 13:45:28 +00:00			`type PlainAuthenticator interface {`
			`AuthPlain(ctx context.Context, db database.Database, username, password string) error`
			`}`

Add support for SASL OAUTHBEARER 2022-10-14 08:44:32 +00:00			`type OAuthBearerAuthenticator interface {`
			`AuthOAuthBearer(ctx context.Context, db database.Database, token string) (username string, err error)`
			`}`

			`func New(driver, source string) (Authenticator, error) {`
Add infrastructure for external authentication 2022-09-11 13:45:28 +00:00			`switch driver {`
			`case "internal":`
			`return NewInternal(), nil`
Add support for external OAuth 2.0 authentication 2022-09-11 13:46:27 +00:00			`case "oauth2":`
			`return newOAuth2(source)`
Add support for PAM authentication 2023-01-27 10:44:11 +00:00			`case "pam":`
			`return newPAM()`
Add infrastructure for external authentication 2022-09-11 13:45:28 +00:00			`default:`
			`return nil, fmt.Errorf("unknown auth driver %q", driver)`
			`}`
			`}`
Move authError to auth package This allows auth backends to customize the error message displayed to the user. 2023-02-23 21:32:24 +00:00
			`// Error is an authentication error.`
			`type Error struct {`
			`// Internal error cause. This will not be revealed to the user.`
			`InternalErr error`
			`// Message which can safely be sent to the user without compromising`
			`// security.`
			`ExternalMsg string`
			`}`

			`func (err *Error) Error() string {`
			`return err.InternalErr.Error()`
			`}`

			`func (err *Error) Unwrap() error {`
			`return err.InternalErr`
			`}`

			`// newInvalidCredentialsError wraps the provided error into an Error and`
			`// indicates to the user that the provided credentials were invalid.`
			`func newInvalidCredentialsError(err error) *Error {`
			`return &Error{`
			`InternalErr: err,`
			`ExternalMsg: "Invalid credentials",`
			`}`
			`}`