security

package
v0.0.0-...-01b7989 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 4, 2025 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

security/access.go

security/audit.go

security/auth.go

security/crypto.go

security/types.go

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessControl

type AccessControl struct {
	// contains filtered or unexported fields
}

AccessControl 访问控制服务

func (*AccessControl) Check

func (ac *AccessControl) Check(ctx context.Context, principal *Principal, resource string, action string) (bool, error)

Check 检查访问权限

type AuditEvent

type AuditEvent struct {
	ID        string
	Type      string
	Principal *Principal
	Resource  string
	Action    string
	Result    string
	Error     error
	Metadata  map[string]interface{}
	Timestamp time.Time
	Source    string
}

AuditEvent 审计事件

type AuditStore

type AuditStore interface {
	SaveEvent(ctx context.Context, event *AuditEvent) error
	QueryEvents(ctx context.Context, filter *AuditFilter) ([]*AuditEvent, error)
	GetEventByID(ctx context.Context, id string) (*AuditEvent, error)
	DeleteEvents(ctx context.Context, filter *AuditFilter) error
}

AuditStore 审计存储接口

type Auditor

type Auditor struct {
	// contains filtered or unexported fields
}

Auditor 审计服务

func (*Auditor) Log

func (a *Auditor) Log(ctx context.Context, event *AuditEvent) error

Log 记录审计日志

type AuthProvider

type AuthProvider interface {
	Authenticate(ctx context.Context, credentials interface{}) (*Principal, error)
	Validate(ctx context.Context, token string) (*Principal, error)
	Revoke(ctx context.Context, token string) error
}

AuthProvider 认证提供者接口

type AuthService

type AuthService struct {
	// contains filtered or unexported fields
}

AuthService 认证服务

func (*AuthService) Authenticate

func (as *AuthService) Authenticate(ctx context.Context, providerID string, credentials interface{}) (*AuthResult, error)

Authenticate 认证用户

type Condition

type Condition interface {
	Evaluate(ctx context.Context, principal *Principal) bool
}

Condition 条件接口

type Crypto

type Crypto struct {
	// contains filtered or unexported fields
}

Crypto 加密服务

func (*Crypto) Encrypt

func (c *Crypto) Encrypt(ctx context.Context, data []byte, opts ...CryptoOption) ([]byte, error)

Encrypt 加密数据

type CryptoConfig

type CryptoConfig struct {
	// 默认算法
	DefaultAlgorithm string
	// 密钥轮换周期
	KeyRotationPeriod time.Duration
	// 密钥大小
	KeySize int
	// 加密选项
	Options CryptoOptions
}

CryptoConfig 加密配置

type CryptoProvider

type CryptoProvider interface {
	// 加密
	Encrypt(plaintext []byte, key []byte) ([]byte, error)
	// 解密
	Decrypt(ciphertext []byte, key []byte) ([]byte, error)
	// 生成密钥
	GenerateKey(size int) ([]byte, error)
}

CryptoProvider 加密提供者接口

type EffectType

type EffectType string
const (
	Allow EffectType = "allow"
	Deny  EffectType = "deny"
)

type Permission

type Permission struct {
	ID         string
	Resource   string
	Action     string
	Effect     EffectType
	Conditions []Condition
	Priority   int
	ExpireAt   time.Time
}

Permission 权限定义

type Policy

type Policy struct {
	ID          string
	Name        string
	Description string
	Effect      EffectType
	Principals  []string
	Resources   []string
	Actions     []string
	Conditions  []Condition
	Priority    int
	Version     int64
	Created     time.Time
	Modified    time.Time
}

Policy 访问策略

type PolicyStore

type PolicyStore interface {
	GetPolicy(ctx context.Context, id string) (*Policy, error)
	ListPolicies(ctx context.Context, filter *PolicyFilter) ([]*Policy, error)
	CreatePolicy(ctx context.Context, policy *Policy) error
	UpdatePolicy(ctx context.Context, policy *Policy) error
	DeletePolicy(ctx context.Context, id string) error
}

PolicyStore 策略存储接口

type Principal

type Principal struct {
	ID        string
	Type      string
	Name      string
	Roles     []string
	Groups    []string
	Metadata  map[string]interface{}
	Created   time.Time
	LastLogin time.Time
}

Principal 身份主体

type SecurityLevel

type SecurityLevel int

SecurityLevel 安全级别

const (
	LevelLow SecurityLevel = iota
	LevelMedium
	LevelHigh
	LevelCritical
)

type Token

type Token struct {
	ID        string
	Type      string
	Principal *Principal
	Claims    map[string]interface{}
	IssuedAt  time.Time
	ExpireAt  time.Time
	Metadata  map[string]string
}

Token 认证令牌

type TokenManager

type TokenManager struct {
	// contains filtered or unexported fields
}

TokenManager 令牌管理器

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL