/authintegration

SSH server integration of the auth library

Primary LanguageGoApache License 2.0Apache-2.0

ContainerSSH - Launch Containers on Demand

ContainerSSH Authentication Library

⚠⚠⚠ Deprecated: ⚠⚠⚠
This repository is deprecated in favor of libcontainerssh for ContainerSSH 0.5.

This library provides integration between the sshserver library and the auth library

Using this library

This library can be used to provide an authenticating overlay for ContainerSSH. It stacks well with other libraries. To use it you must first call the authintegration.New() method. This method has three parameters:

  • authClient is an authentication client from the auth library.
  • backend is another implementation of the Handler interface from the sshserver library.
  • behavior influences when the backend is called for authentication purposes.
    • BehaviorNoPassthrough means that the backend will not be used for authentication, only for getting further handlers.
    • BehaviorPassthroughOnFailure will give the backend an additional chance to authenticate the user if the authentication server returns a failure.
    • BehaviorPassthroughOnSuccess passes the credentials to the backend for additional checks of an already verified successful authentication.
    • BehaviorPassthroughOnUnavailable passes the authentication to the backend as a fallback if the authentication server failed to return a valid response.

For example:

handler := authintegration.New(
    auth.ClientConfig{
        URL: "http://localhost:8080"
        Password: true,
        PubKey: false,
    },
    otherHandler,
    logger,
    authintegration.BehaviorNoPassthrough,
)

You can then use the handler to launch an SSH server:

server, err := sshserver.New(
    cfg,
    handler,
    logger,
)