Documentation
¶
Overview ¶
security/access.go
security/audit.go
security/auth.go
security/crypto.go
security/types.go
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessControl ¶
type AccessControl struct {
// contains filtered or unexported fields
}
AccessControl 访问控制服务
type AuditEvent ¶
type AuditEvent struct {
ID string
Type string
Principal *Principal
Resource string
Action string
Result string
Error error
Metadata map[string]interface{}
Timestamp time.Time
Source string
}
AuditEvent 审计事件
type AuditStore ¶
type AuditStore interface {
SaveEvent(ctx context.Context, event *AuditEvent) error
QueryEvents(ctx context.Context, filter *AuditFilter) ([]*AuditEvent, error)
GetEventByID(ctx context.Context, id string) (*AuditEvent, error)
DeleteEvents(ctx context.Context, filter *AuditFilter) error
}
AuditStore 审计存储接口
type AuthProvider ¶
type AuthProvider interface {
Authenticate(ctx context.Context, credentials interface{}) (*Principal, error)
Validate(ctx context.Context, token string) (*Principal, error)
Revoke(ctx context.Context, token string) error
}
AuthProvider 认证提供者接口
type AuthService ¶
type AuthService struct {
// contains filtered or unexported fields
}
AuthService 认证服务
func (*AuthService) Authenticate ¶
func (as *AuthService) Authenticate(ctx context.Context, providerID string, credentials interface{}) (*AuthResult, error)
Authenticate 认证用户
type CryptoConfig ¶
type CryptoConfig struct {
// 默认算法
DefaultAlgorithm string
// 密钥轮换周期
KeyRotationPeriod time.Duration
// 密钥大小
KeySize int
// 加密选项
Options CryptoOptions
}
CryptoConfig 加密配置
type CryptoProvider ¶
type CryptoProvider interface {
// 加密
Encrypt(plaintext []byte, key []byte) ([]byte, error)
// 解密
Decrypt(ciphertext []byte, key []byte) ([]byte, error)
// 生成密钥
GenerateKey(size int) ([]byte, error)
}
CryptoProvider 加密提供者接口
type EffectType ¶
type EffectType string
const ( Allow EffectType = "allow" Deny EffectType = "deny" )
type Permission ¶
type Permission struct {
ID string
Resource string
Action string
Effect EffectType
Conditions []Condition
Priority int
ExpireAt time.Time
}
Permission 权限定义
type Policy ¶
type Policy struct {
ID string
Name string
Description string
Effect EffectType
Principals []string
Resources []string
Actions []string
Conditions []Condition
Priority int
Version int64
Created time.Time
Modified time.Time
}
Policy 访问策略
type PolicyStore ¶
type PolicyStore interface {
GetPolicy(ctx context.Context, id string) (*Policy, error)
ListPolicies(ctx context.Context, filter *PolicyFilter) ([]*Policy, error)
CreatePolicy(ctx context.Context, policy *Policy) error
UpdatePolicy(ctx context.Context, policy *Policy) error
DeletePolicy(ctx context.Context, id string) error
}
PolicyStore 策略存储接口
type Principal ¶
type Principal struct {
ID string
Type string
Name string
Roles []string
Groups []string
Metadata map[string]interface{}
Created time.Time
LastLogin time.Time
}
Principal 身份主体
type SecurityLevel ¶
type SecurityLevel int
SecurityLevel 安全级别
const ( LevelLow SecurityLevel = iota LevelMedium LevelHigh LevelCritical )
type Token ¶
type Token struct {
ID string
Type string
Principal *Principal
Claims map[string]interface{}
IssuedAt time.Time
ExpireAt time.Time
Metadata map[string]string
}
Token 认证令牌
type TokenManager ¶
type TokenManager struct {
// contains filtered or unexported fields
}
TokenManager 令牌管理器
Source Files
Click to show internal directories.
Click to hide internal directories.