Documentation
¶
Overview ¶
security/access.go
security/audit.go
security/auth.go
security/crypto.go
security/types.go
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AccessControl ¶
type AccessControl struct {
// contains filtered or unexported fields
}
AccessControl 访问控制服务
type AuditEvent ¶
type AuditEvent struct { ID string Type string Principal *Principal Resource string Action string Result string Error error Metadata map[string]interface{} Timestamp time.Time Source string }
AuditEvent 审计事件
type AuditStore ¶
type AuditStore interface { SaveEvent(ctx context.Context, event *AuditEvent) error QueryEvents(ctx context.Context, filter *AuditFilter) ([]*AuditEvent, error) GetEventByID(ctx context.Context, id string) (*AuditEvent, error) DeleteEvents(ctx context.Context, filter *AuditFilter) error }
AuditStore 审计存储接口
type AuthProvider ¶
type AuthProvider interface { Authenticate(ctx context.Context, credentials interface{}) (*Principal, error) Validate(ctx context.Context, token string) (*Principal, error) Revoke(ctx context.Context, token string) error }
AuthProvider 认证提供者接口
type AuthService ¶
type AuthService struct {
// contains filtered or unexported fields
}
AuthService 认证服务
func (*AuthService) Authenticate ¶
func (as *AuthService) Authenticate(ctx context.Context, providerID string, credentials interface{}) (*AuthResult, error)
Authenticate 认证用户
type CryptoConfig ¶
type CryptoConfig struct { // 默认算法 DefaultAlgorithm string // 密钥轮换周期 KeyRotationPeriod time.Duration // 密钥大小 KeySize int // 加密选项 Options CryptoOptions }
CryptoConfig 加密配置
type CryptoProvider ¶
type CryptoProvider interface { // 加密 Encrypt(plaintext []byte, key []byte) ([]byte, error) // 解密 Decrypt(ciphertext []byte, key []byte) ([]byte, error) // 生成密钥 GenerateKey(size int) ([]byte, error) }
CryptoProvider 加密提供者接口
type EffectType ¶
type EffectType string
const ( Allow EffectType = "allow" Deny EffectType = "deny" )
type Permission ¶
type Permission struct { ID string Resource string Action string Effect EffectType Conditions []Condition Priority int ExpireAt time.Time }
Permission 权限定义
type Policy ¶
type Policy struct { ID string Name string Description string Effect EffectType Principals []string Resources []string Actions []string Conditions []Condition Priority int Version int64 Created time.Time Modified time.Time }
Policy 访问策略
type PolicyStore ¶
type PolicyStore interface { GetPolicy(ctx context.Context, id string) (*Policy, error) ListPolicies(ctx context.Context, filter *PolicyFilter) ([]*Policy, error) CreatePolicy(ctx context.Context, policy *Policy) error UpdatePolicy(ctx context.Context, policy *Policy) error DeletePolicy(ctx context.Context, id string) error }
PolicyStore 策略存储接口
type Principal ¶
type Principal struct { ID string Type string Name string Roles []string Groups []string Metadata map[string]interface{} Created time.Time LastLogin time.Time }
Principal 身份主体
type SecurityLevel ¶
type SecurityLevel int
SecurityLevel 安全级别
const ( LevelLow SecurityLevel = iota LevelMedium LevelHigh LevelCritical )
type Token ¶
type Token struct { ID string Type string Principal *Principal Claims map[string]interface{} IssuedAt time.Time ExpireAt time.Time Metadata map[string]string }
Token 认证令牌
type TokenManager ¶
type TokenManager struct {
// contains filtered or unexported fields
}
TokenManager 令牌管理器
Click to show internal directories.
Click to hide internal directories.