plugin

package
v0.0.0-...-fb0f190 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 26, 2022 License: AGPL-3.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const (
	URL       = "url"
	AuthToken = "auth_token"

	EnvPolicyPluginURL       = "MINIO_POLICY_PLUGIN_URL"
	EnvPolicyPluginAuthToken = "MINIO_POLICY_PLUGIN_AUTH_TOKEN"
)

Authorization Plugin config and env variables

Variables

View Source
var (
	DefaultKVS = config.KVS{
		config.KV{
			Key:   URL,
			Value: "",
		},
		config.KV{
			Key:   AuthToken,
			Value: "",
		},
	}
)

DefaultKVS - default config for Authz plugin config

View Source
var (
	Help = config.HelpKVS{
		config.HelpKV{
			Key:         URL,
			Description: `plugin hook endpoint (HTTP(S)) e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"` + defaultHelpPostfix(URL),
			Type:        "url",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         AuthToken,
			Description: "authorization token for plugin hook endpoint" + defaultHelpPostfix(AuthToken),
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         config.Comment,
			Description: config.DefaultComment,
			Optional:    true,
			Type:        "sentence",
		},
	}
)

Help template for Access Management Plugin policy feature.

Functions

func Enabled

func Enabled(kvs config.KVS) bool

Enabled returns if AuthZPlugin is enabled.

Types

type Args

type Args struct {
	URL         *xnet.URL             `json:"url"`
	AuthToken   string                `json:"authToken"`
	Transport   http.RoundTripper     `json:"-"`
	CloseRespFn func(r io.ReadCloser) `json:"-"`
}

Args opa general purpose policy engine configuration.

func LookupConfig

func LookupConfig(kv config.KVS, transport *http.Transport, closeRespFn func(io.ReadCloser)) (Args, error)

LookupConfig lookup AuthZPlugin from config, override with any ENVs.

func (*Args) UnmarshalJSON

func (a *Args) UnmarshalJSON(data []byte) error

UnmarshalJSON - decodes JSON data.

func (*Args) Validate

func (a *Args) Validate() error

Validate - validate opa configuration params.

type AuthZPlugin

type AuthZPlugin struct {
	// contains filtered or unexported fields
}

AuthZPlugin - implements opa policy agent calls.

func New

func New(args Args) *AuthZPlugin

New - initializes Authorization Management Plugin.

func (*AuthZPlugin) IsAllowed

func (o *AuthZPlugin) IsAllowed(args iampolicy.Args) (bool, error)

IsAllowed - checks given policy args is allowed to continue the REST API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL