Documentation
¶
Index ¶
- type EnterpriseIDPSync
- func (e EnterpriseIDPSync) GroupSyncEntitled() bool
- func (e EnterpriseIDPSync) OrganizationRoleSyncEnabled(ctx context.Context, db database.Store, orgID uuid.UUID) (bool, error)
- func (e EnterpriseIDPSync) OrganizationSyncEnabled(ctx context.Context, db database.Store) bool
- func (e EnterpriseIDPSync) OrganizationSyncEntitled() bool
- func (e EnterpriseIDPSync) ParseGroupClaims(ctx context.Context, mergedClaims jwt.MapClaims) (idpsync.GroupParams, *idpsync.HTTPError)
- func (e EnterpriseIDPSync) ParseOrganizationClaims(ctx context.Context, mergedClaims jwt.MapClaims) (idpsync.OrganizationParams, *idpsync.HTTPError)
- func (e EnterpriseIDPSync) ParseRoleClaims(ctx context.Context, mergedClaims jwt.MapClaims) (idpsync.RoleParams, *idpsync.HTTPError)
- func (e EnterpriseIDPSync) RoleSyncEntitled() bool
- func (e EnterpriseIDPSync) SiteRoleSyncEnabled() bool
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EnterpriseIDPSync ¶
type EnterpriseIDPSync struct {
*idpsync.AGPLIDPSync
// contains filtered or unexported fields
}
EnterpriseIDPSync enabled syncing user information from an external IDP. The sync is an enterprise feature, so this struct wraps the AGPL implementation and extends it with enterprise capabilities. These capabilities can entirely be changed in the Parsing, and leaving the "syncing" part (which holds the more complex logic) to the shared AGPL implementation.
func NewSync ¶
func NewSync(logger slog.Logger, manager *runtimeconfig.Manager, set *entitlements.Set, settings idpsync.DeploymentSyncSettings) *EnterpriseIDPSync
func (EnterpriseIDPSync) GroupSyncEntitled ¶ added in v2.18.0
func (e EnterpriseIDPSync) GroupSyncEntitled() bool
func (EnterpriseIDPSync) OrganizationRoleSyncEnabled ¶ added in v2.16.0
func (EnterpriseIDPSync) OrganizationSyncEnabled ¶
func (EnterpriseIDPSync) OrganizationSyncEntitled ¶ added in v2.18.0
func (e EnterpriseIDPSync) OrganizationSyncEntitled() bool
func (EnterpriseIDPSync) ParseGroupClaims ¶ added in v2.16.0
func (e EnterpriseIDPSync) ParseGroupClaims(ctx context.Context, mergedClaims jwt.MapClaims) (idpsync.GroupParams, *idpsync.HTTPError)
ParseGroupClaims parses the user claims and handles deployment wide group behavior. Almost all behavior is deferred since each organization configures it's own group sync settings. GroupAllowList is implemented here to prevent login by unauthorized users. TODO: GroupAllowList overlaps with the default organization group sync settings.
func (EnterpriseIDPSync) ParseOrganizationClaims ¶
func (e EnterpriseIDPSync) ParseOrganizationClaims(ctx context.Context, mergedClaims jwt.MapClaims) (idpsync.OrganizationParams, *idpsync.HTTPError)
func (EnterpriseIDPSync) ParseRoleClaims ¶ added in v2.16.0
func (e EnterpriseIDPSync) ParseRoleClaims(ctx context.Context, mergedClaims jwt.MapClaims) (idpsync.RoleParams, *idpsync.HTTPError)
func (EnterpriseIDPSync) RoleSyncEntitled ¶ added in v2.16.0
func (e EnterpriseIDPSync) RoleSyncEntitled() bool
func (EnterpriseIDPSync) SiteRoleSyncEnabled ¶ added in v2.16.0
func (e EnterpriseIDPSync) SiteRoleSyncEnabled() bool
Source Files