authorization

package
v0.2.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 16, 2021 License: Apache-2.0 Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const EveryoneGroup = "everyone"
View Source 
const (
	SIDAuthenticationAuthorityAssertedIdentity = "S-1-18-1"
)

Partly reimplementing github.com/jcmturner/gokrb5/v8/spnego/http.go for GRPC Copying constants as they are private

Variables

This section is empty.

Functions

func CreateMiddlewareAuthFunction 

func CreateMiddlewareAuthFunction(authServices []AuthService) grpc_auth.AuthFunc

func WithPrincipal 

func WithPrincipal(ctx context.Context, principal Principal) context.Context

Types

type AnonymousAuthService 

type AnonymousAuthService struct{}

func (AnonymousAuthService) Authenticate 

func (AnonymousAuthService) Authenticate(ctx context.Context) (Principal, error)

type AuthService 

type AuthService interface {
	Authenticate(ctx context.Context) (Principal, error)
}

type BasicAuthService 

type BasicAuthService struct {
	// contains filtered or unexported fields
}

func NewBasicAuthService 

func NewBasicAuthService(users map[string]configuration.UserInfo) *BasicAuthService

func (*BasicAuthService) Authenticate 

func (authService *BasicAuthService) Authenticate(ctx context.Context) (Principal, error)

type KerberosAuthService 

type KerberosAuthService struct {
	// contains filtered or unexported fields
}

func NewKerberosAuthService 

func NewKerberosAuthService(config *configuration.KerberosAuthenticationConfig, groupLookup groups.GroupLookup) (*KerberosAuthService, error)

func (*KerberosAuthService) Authenticate 

func (authService *KerberosAuthService) Authenticate(ctx context.Context) (Principal, error)

type OpenIdAuthService 

type OpenIdAuthService struct {
	// contains filtered or unexported fields
}

func NewOpenIdAuthService 

func NewOpenIdAuthService(verifier *oidc.IDTokenVerifier, groupsClaim string) *OpenIdAuthService

func NewOpenIdAuthServiceForProvider 

func NewOpenIdAuthServiceForProvider(ctx context.Context, config *configuration.OpenIdAuthenticationConfig) (*OpenIdAuthService, error)

func (*OpenIdAuthService) Authenticate 

func (authService *OpenIdAuthService) Authenticate(ctx context.Context) (Principal, error)

type Owned 

type Owned interface {
	GetUserOwners() []string
	GetGroupOwners() []string
}

type PermissionChecker 

type PermissionChecker interface {
	UserHasPermission(ctx context.Context, perm permission.Permission) bool
	UserOwns(ctx context.Context, obj Owned) (owned bool, ownershipGroups []string)
}

type PermissionClaimQueries 

type PermissionClaimQueries map[permission.Permission]string

type Principal 

type Principal interface {
	GetName() string
	GetGroupNames() []string
	IsInGroup(group string) bool
	HasScope(scope string) bool
	HasClaim(claim string) bool
}

func GetPrincipal 

func GetPrincipal(ctx context.Context) Principal

type PrincipalPermissionChecker 

type PrincipalPermissionChecker struct {
	// contains filtered or unexported fields
}

func NewPrincipalPermissionChecker 

func NewPrincipalPermissionChecker(
	permissionGroupMap map[permission.Permission][]string,
	permissionScopeMap map[permission.Permission][]string,
	permissionClaimMap map[permission.Permission][]string) *PrincipalPermissionChecker

func (*PrincipalPermissionChecker) UserHasPermission 

func (checker *PrincipalPermissionChecker) UserHasPermission(ctx context.Context, perm permission.Permission) bool

func (*PrincipalPermissionChecker) UserOwns 

func (checker *PrincipalPermissionChecker) UserOwns(ctx context.Context, obj Owned) (owned bool, ownershipGoups []string)

type StaticPrincipal 

type StaticPrincipal struct {
	// contains filtered or unexported fields
}

func NewStaticPrincipal 

func NewStaticPrincipal(name string, groups []string) *StaticPrincipal

func NewStaticPrincipalWithScopesAndClaims 

func NewStaticPrincipalWithScopesAndClaims(name string, groups []string, scopes []string, claims []string) *StaticPrincipal

func (*StaticPrincipal) GetGroupNames 

func (p *StaticPrincipal) GetGroupNames() []string

func (*StaticPrincipal) GetName 

func (p *StaticPrincipal) GetName() string

func (*StaticPrincipal) HasClaim 

func (p *StaticPrincipal) HasClaim(claim string) bool

func (*StaticPrincipal) HasScope 

func (p *StaticPrincipal) HasScope(scope string) bool

func (*StaticPrincipal) IsInGroup 

func (p *StaticPrincipal) IsInGroup(group string) bool

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.