Documentation
¶
Index ¶
- Constants
- Variables
- func AssertEqualTime(t *testing.T, expected, actual time.Time)
- func DefaultCSRFToken(r *http.Request) string
- func DerefUUID(id *uuid.UUID) uuid.UUID
- func EasyCookieJar(t *testing.T, o *cookiejar.Options) *cookiejar.Jar
- func EasyGet(t *testing.T, c *http.Client, url string) (*http.Response, []byte)
- func EasyGetBody(t *testing.T, c *http.Client, url string) []byte
- func FakeCSRFTokenGenerator(r *http.Request) string
- func FakeCSRFTokenGeneratorWithToken(token string) func(r *http.Request) string
- func IsJSONRequest(r *http.Request) bool
- func IsValidNumber(s string) bool
- func IsZeroUUID(id db.UUID) bool
- func MustEncodeJSON(t *testing.T, in interface{}) string
- func MustReadAll(r io.Reader) []byte
- func NewCSRFHandler(router http.Handler, writer herodot.Writer, logger logrus.FieldLogger, ...) *nosurf.CSRFHandler
- func NewTestCSRFHandler(router http.Handler, reg interface{ ... }) *nosurf.CSRFHandler
- func NewTestHTTPRequest(t *testing.T, method, url string, body io.Reader) *http.Request
- func NewUUID() db.UUID
- func ParseUUID(in string) db.UUID
- func PointToUUID(id uuid.UUID) *uuid.UUID
- func RedactInProd(d configuration.Provider, value interface{}) interface{}
- func RequestURL(r *http.Request) *url.URL
- func RequireEqualTime(t *testing.T, expected, actual time.Time)
- func RequireJSONMarshal(t *testing.T, in interface{}) []byte
- func SecureContentNegotiationRedirection(w http.ResponseWriter, r *http.Request, out interface{}, requestURL string, ...) error
- func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)
- func SessionGetString(r *http.Request, s sessions.Store, id string, key interface{}) (string, error)
- func SessionGetStringOr(r *http.Request, s sessions.Store, id, key, fallback string) string
- func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.Store, id string, ...) error
- func SessionUnset(w http.ResponseWriter, r *http.Request, s sessions.Store, id string) error
- func SessionUnsetKey(w http.ResponseWriter, r *http.Request, s sessions.Store, id, key string) error
- func TypeMap(m map[string]string) (map[string]interface{}, error)
- func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)
- type CSRFHandler
- type CSRFProvider
- type CSRFToken
- type CSRFTokenGeneratorProvider
- type CookieProvider
- type FakeCSRFHandler
- type Ider
- type LoggingProvider
- type RouterAdmin
- type RouterPublic
- type SecureRedirectOption
- func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption
- func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption
- func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption
- func SecureRedirectUseSourceURL(source string) SecureRedirectOption
- type WriterProvider
Constants ¶
View Source
const FakeCSRFToken = "nosurf"
Variables ¶
View Source
var ( ErrInvalidCSRFToken = herodot.ErrForbidden.WithReasonf("A request failed due to a missing or invalid csrf_token value.") ErrGone = herodot.DefaultError{ CodeField: http.StatusGone, StatusField: http.StatusText(http.StatusGone), ReasonField: "", DebugField: "", DetailsField: nil, ErrorField: "The requested resource is no longer available because it has expired or is otherwise invalid.", } )
View Source
var EmptyUUID db.UUID
View Source
var PseudoPanic = herodot.DefaultError{ StatusField: http.StatusText(http.StatusInternalServerError), ErrorField: "Code Bug Detected", ReasonField: "The code ended up at a place where it should not have. Please report this as an issue at https://github.com/ory/kratos", CodeField: http.StatusConflict, }
Functions ¶
func DefaultCSRFToken ¶
func FakeCSRFTokenGenerator ¶
func IsJSONRequest ¶
func IsValidNumber ¶
IsValidNumber reports whether s is a valid JSON number literal.
Taken from encoding/json
func IsZeroUUID ¶
func MustEncodeJSON ¶
func MustReadAll ¶
func NewCSRFHandler ¶
func NewTestCSRFHandler ¶
func NewTestCSRFHandler(router http.Handler, reg interface { WithCSRFHandler(CSRFHandler) WithCSRFTokenGenerator(CSRFToken) }) *nosurf.CSRFHandler
func NewTestHTTPRequest ¶
func RedactInProd ¶
func RedactInProd(d configuration.Provider, value interface{}) interface{}
func RequireJSONMarshal ¶
func SecureContentNegotiationRedirection ¶
func SecureContentNegotiationRedirection( w http.ResponseWriter, r *http.Request, out interface{}, requestURL string, writer herodot.Writer, c configuration.Provider, opts ...SecureRedirectOption, ) error
func SecureRedirectTo ¶
func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)
SecureRedirectTo implements a HTTP redirector who mitigates open redirect vulnerabilities by working with whitelisting.
func SessionGetString ¶
func SessionGetString(r *http.Request, s sessions.Store, id string, key interface{}) (string, error)
SessionGetString returns a string for the given id and key or an error if the session is invalid, the key does not exist, or the key value is not a string.
func SessionGetStringOr ¶
SessionGetStringOr returns a string for the given id and key or the fallback value if the session is invalid, the key does not exist, or the key value is not a string.
func SessionPersistValues ¶
func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.Store, id string, values map[string]interface{}) error
SessionPersistValues adds values to the session store and persists the changes.
func SessionUnset ¶
func SessionUnsetKey ¶
func UntypedMapToJSON ¶
func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)
Types ¶
type CSRFHandler ¶
type CSRFProvider ¶
type CSRFProvider interface {
CSRFHandler() CSRFHandler
}
type CookieProvider ¶
type FakeCSRFHandler ¶
type FakeCSRFHandler struct {
// contains filtered or unexported fields
}
func NewFakeCSRFHandler ¶
func NewFakeCSRFHandler(name string) *FakeCSRFHandler
func (*FakeCSRFHandler) RegenerateToken ¶
func (f *FakeCSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string
func (*FakeCSRFHandler) ServeHTTP ¶
func (f *FakeCSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type LoggingProvider ¶
type LoggingProvider interface {
Logger() logrus.FieldLogger
}
type RouterAdmin ¶
type RouterAdmin struct {
*httprouter.Router
}
func NewRouterAdmin ¶
func NewRouterAdmin() *RouterAdmin
type RouterPublic ¶
type RouterPublic struct {
*httprouter.Router
}
func NewRouterPublic ¶
func NewRouterPublic() *RouterPublic
type SecureRedirectOption ¶
type SecureRedirectOption func(*secureRedirectOptions)
func SecureRedirectAllowSelfServiceURLs ¶
func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption
SecureRedirectAllowSelfServiceURLs allows the caller to define `?return_to=` values which contain the server's URL and `/self-service` path prefix. Useful for redirecting to the login endpoint, for example.
func SecureRedirectAllowURLs ¶
func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption
SecureRedirectAllowURLs whitelists the given URLs for redirects.
func SecureRedirectOverrideDefaultReturnTo ¶
func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption
SecureRedirectOverrideDefaultReturnTo overrides the defaultReturnTo address specified as the second arg.
func SecureRedirectUseSourceURL ¶
func SecureRedirectUseSourceURL(source string) SecureRedirectOption
SecureRedirectUseSourceURL uses the given source URL (checks the `?return_to` value) instead of r.URL.
type WriterProvider ¶
Source Files
Click to show internal directories.
Click to hide internal directories.