[−][src]Struct pachyderm::auth::SessionInfo
SessionInfo stores information associated with one OIDC authentication session (i.e. a single instance of a single user logging in). Sessions are short-lived and stored in the 'oidc-authns' collection, keyed by the OIDC 'state' token (30-character CSPRNG-generated string). 'GetOIDCLogin' generates and inserts entries, then /authorization-code/callback retrieves an access token from the ID provider and uses it to retrive the caller's email and store it in 'email', and finally Authorize() returns a Pachyderm token identified with that email address as a subject in Pachyderm.
Fields
nonce: String
nonce is used by /authorization-code/callback to validate session continuity with the IdP after a user has arrived there from GetOIDCLogin(). This is a 30-character CSPRNG-generated string.
email: String
email contains the email adddress associated with a user in their OIDC ID provider. Currently users are identified with their email address rather than their OIDC subject identifier to make switching between OIDC ID providers easier for users, and to make user identities more easily comprehensible in Pachyderm. The OIDC spec doesn't require that users' emails be present or unique, but we think this will be preferable in practice.
conversion_err: bool
conversion_err indicates whether an error was encountered while exchanging an auth code for an access token, or while obtaining a user's email (in /authorization-code/callback). Storing the error state here allows any sibling calls to Authenticate() (i.e. using the same OIDC state token) to notify their caller that an error has occurred. We avoid passing the caller any details of the error (which are logged by Pachyderm) to avoid giving information to a user who has network access to Pachyderm but not an account in the OIDC provider.
Trait Implementations
impl Clone for SessionInfo
[src]
fn clone(&self) -> SessionInfo
[src]
fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Debug for SessionInfo
[src]
impl Default for SessionInfo
[src]
fn default() -> SessionInfo
[src]
impl Message for SessionInfo
[src]
fn encode_raw<B>(&self, buf: &mut B) where
B: BufMut,
[src]
B: BufMut,
fn merge_field<B>(
&mut self,
tag: u32,
wire_type: WireType,
buf: &mut B,
ctx: DecodeContext
) -> Result<(), DecodeError> where
B: Buf,
[src]
&mut self,
tag: u32,
wire_type: WireType,
buf: &mut B,
ctx: DecodeContext
) -> Result<(), DecodeError> where
B: Buf,
fn encoded_len(&self) -> usize
[src]
fn clear(&mut self)
[src]
fn encode<B>(&self, buf: &mut B) -> Result<(), EncodeError> where
B: BufMut,
[src]
B: BufMut,
fn encode_length_delimited<B>(&self, buf: &mut B) -> Result<(), EncodeError> where
B: BufMut,
[src]
B: BufMut,
fn decode<B>(buf: B) -> Result<Self, DecodeError> where
B: Buf,
Self: Default,
[src]
B: Buf,
Self: Default,
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
B: Buf,
Self: Default,
[src]
B: Buf,
Self: Default,
fn merge<B>(&mut self, buf: B) -> Result<(), DecodeError> where
B: Buf,
[src]
B: Buf,
fn merge_length_delimited<B>(&mut self, buf: B) -> Result<(), DecodeError> where
B: Buf,
[src]
B: Buf,
impl PartialEq<SessionInfo> for SessionInfo
[src]
fn eq(&self, other: &SessionInfo) -> bool
[src]
fn ne(&self, other: &SessionInfo) -> bool
[src]
impl StructuralPartialEq for SessionInfo
[src]
Auto Trait Implementations
impl RefUnwindSafe for SessionInfo
impl Send for SessionInfo
impl Sync for SessionInfo
impl Unpin for SessionInfo
impl UnwindSafe for SessionInfo
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T> Instrument for T
[src]
fn instrument(self, span: Span) -> Instrumented<Self>
[src]
fn in_current_span(self) -> Instrumented<Self>
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> IntoRequest<T> for T
[src]
fn into_request(self) -> Request<T>
[src]
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T
[src]
fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>
[src]
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,
fn vzip(self) -> V
impl<T> WithSubscriber for T
[src]
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
[src]
S: Into<Dispatch>,