Documentation ¶
Index ¶
- Constants
- func StreamReflectionFilter(info *grpc.StreamServerInfo) bool
- func StreamServerInterceptorWithFilter(in grpc.StreamServerInterceptor, filter func(info *grpc.StreamServerInfo) bool) grpc.StreamServerInterceptor
- func UnaryReflectionFilter(info *grpc.UnaryServerInfo) bool
- func UnaryServerInterceptorWithFilter(in grpc.UnaryServerInterceptor, filter func(info *grpc.UnaryServerInfo) bool) grpc.UnaryServerInterceptor
- type AuthConfig
- type AuthContextKeyType
- type OpenIDConnectClaim
- type ProfileClaim
- type Server
- type StartGRPCServerOption
- func WithAdditionalGRPCOpts(opts []grpc.ServerOption) StartGRPCServerOption
- func WithAssessment(svc assessment.AssessmentServer) StartGRPCServerOption
- func WithDiscovery(svc discovery.DiscoveryServer) StartGRPCServerOption
- func WithEvaluation(svc evaluation.EvaluationServer) StartGRPCServerOption
- func WithEvidenceStore(svc evidence.EvidenceStoreServer) StartGRPCServerOption
- func WithJWKS(url string) StartGRPCServerOption
- func WithOrchestrator(svc orchestrator.OrchestratorServer) StartGRPCServerOption
- func WithPublicKey(publicKey *ecdsa.PublicKey) StartGRPCServerOption
- func WithReflection() StartGRPCServerOption
Constants ¶
const AuthContextKey = AuthContextKeyType("token")
AuthContextKey is a key used in RPC context to retrieve the token info with using context.Value.
const DefaultJWKSURL = "http://localhost:8080/v1/auth/certs"
DefaultJWKSURL is the default JWKS url pointing to a local authentication server.
Variables ¶
This section is empty.
Functions ¶
func StreamReflectionFilter ¶
func StreamReflectionFilter(info *grpc.StreamServerInfo) bool
StreamReflectionFilter is a filter that ignores calls to the reflection endpoint
func StreamServerInterceptorWithFilter ¶
func StreamServerInterceptorWithFilter(in grpc.StreamServerInterceptor, filter func(info *grpc.StreamServerInfo) bool) grpc.StreamServerInterceptor
StreamServerInterceptorWithFilter wraps a grpc.StreamServerInterceptor and only invokes the interceptor, if the filter function does not return true.
func UnaryReflectionFilter ¶
func UnaryReflectionFilter(info *grpc.UnaryServerInfo) bool
UnaryReflectionFilter is a filter that ignores calls to the reflection endpoint
func UnaryServerInterceptorWithFilter ¶
func UnaryServerInterceptorWithFilter(in grpc.UnaryServerInterceptor, filter func(info *grpc.UnaryServerInfo) bool) grpc.UnaryServerInterceptor
UnaryServerInterceptorWithFilter wraps a grpc.UnaryServerInterceptor and only invokes the interceptor, if the filter function does not return true.
Types ¶
type AuthConfig ¶
type AuthConfig struct {
// contains filtered or unexported fields
}
AuthConfig contains all necessary parameters that are needed to configure an authentication middleware.
func (*AuthConfig) AuthFunc ¶
func (config *AuthConfig) AuthFunc() grpc_auth.AuthFunc
AuthFunc returns a grpc_auth.AuthFunc that authenticates incoming gRPC requests based on the configuration properties.
type AuthContextKeyType ¶
type AuthContextKeyType string
AuthContextKeyType is a key type that is used in context.WithValue to store the token info in the RPC context. It should exclusively be used with the value of AuthContextKey.
Why is this needed? To avoid conflicts, the string type should not be used directly but they should be type-aliased.
type OpenIDConnectClaim ¶
type OpenIDConnectClaim struct { *jwt.RegisteredClaims *ProfileClaim }
OpenIDConnectClaim represents a claim that supports some aspects of a token issued by an OpenID Connect provider. It contains the regular registered JWT claims as well as some specific optional claims, which are empty if Open ID Connect is not used.
type ProfileClaim ¶
type ProfileClaim struct { PreferredUsername string `json:"preferred_username"` Name string `json:"name"` GivenName string `json:"given_name"` FamilyName string `json:"family_name"` }
ProfileClaim represents claims that are contained in the profile scope of OpenID Connect.
type Server ¶
Server is a typealias for grpc.Server so that users of this package do not need to import the grpc packages directly.
func StartGRPCServer ¶
func StartGRPCServer(addr string, opts ...StartGRPCServerOption) (sock net.Listener, srv *Server, err error)
StartGRPCServer starts a gRPC server listening on the given address. The server can be configured using the supplied opts, e.g., to register various Clouditor services. The server itself is started in a separate Go routine, therefore this function will NOT block.
type StartGRPCServerOption ¶
type StartGRPCServerOption func(c *config)
StartGRPCServerOption is a type for functional style options that can configure the StartGRPCServer function.
func WithAdditionalGRPCOpts ¶
func WithAdditionalGRPCOpts(opts []grpc.ServerOption) StartGRPCServerOption
WithAdditionalGRPCOpts is an option to add an additional gRPC dial options in the REST server communication to the backend.
func WithAssessment ¶
func WithAssessment(svc assessment.AssessmentServer) StartGRPCServerOption
WithAssessment is an option for StartGRPCServer to register a assessment.AssessmentServer at start.
func WithDiscovery ¶
func WithDiscovery(svc discovery.DiscoveryServer) StartGRPCServerOption
WithDiscovery is an option for StartGRPCServer to register a discovery.DiscoveryServer at start.
func WithEvaluation ¶
func WithEvaluation(svc evaluation.EvaluationServer) StartGRPCServerOption
WithEvaluation is an option for StartGRPCServer to register a evaluation.EvaluationServer at start.
func WithEvidenceStore ¶
func WithEvidenceStore(svc evidence.EvidenceStoreServer) StartGRPCServerOption
WithEvidenceStore is an option for StartGRPCServer to register a evidence.EvidenceStoreServer at start.
func WithJWKS ¶
func WithJWKS(url string) StartGRPCServerOption
WithJWKS is an option to provide a URL that contains a JSON Web Key Set (JWKS). The JWKS will be used to validate tokens coming from RPC clients against public keys contains in the JWKS.
func WithOrchestrator ¶
func WithOrchestrator(svc orchestrator.OrchestratorServer) StartGRPCServerOption
WithOrchestrator is an option for StartGRPCServer to register a orchestrator.OrchestratorServer at start.
func WithPublicKey ¶
func WithPublicKey(publicKey *ecdsa.PublicKey) StartGRPCServerOption
WithPublicKey is an option to directly provide a ECDSA public key which is used to verify tokens coming from RPC clients.
func WithReflection ¶
func WithReflection() StartGRPCServerOption
WithReflection is an option for StartGRPCServer to enable gRPC reflection.