gokontrol

package module
v0.0.0-...-13a25ec Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 13, 2022 License: BSD-3-Clause Imports: 8 Imported by: 0

README

go-kontrol

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var CommonError = commonerror{
	NOT_FOUND:            errors.New("not found"),
	OBJECT_NOT_FOUND:     errors.New("object not found"),
	PERMISSION_NOT_FOUND: errors.New("permission not found"),
	POLICY_NOT_FOUND:     errors.New("policy not found"),
	SERVICE_NOT_FOUND:    errors.New("service not found"),
	INVALID_TOKEN:        errors.New("invalid or expired token"),
	INVALID_SERVICE:      errors.New("invalid service"),
	INVALID_POLICY:       errors.New("invalid policy"),
	INVALID_OBJECT:       errors.New("invalid object"),
	MALFORM_PERMISSION:   errors.New("policy permission malform"),
}
View Source 
var DefaultKontrolOption = KontrolOption{
	DefaultTimeout: 1800,
	SecretKey:      "",
}

Default config for kontrol

View Source 
var ObjectPolicyStatus = objectpolicystatus{
	INIT:    "",
	ENABLE:  "enable",
	DISABLE: "disable",
	DEFAULT: "default",
}
View Source 
var ObjectStatus = objectstatus{
	INIT:    "",
	ENABLE:  "enable",
	DISABLE: "disable",
}
View Source 
var PolicyPermission = policypermission{
	ANY:   0,
	TRUE:  1,
	FALSE: 2,
}

Functions

This section is empty.

Types

type CertForSign 

type CertForSign struct {
	ID         string                     `json:"id"`
	GlobalID   string                     `json:"global_id"`
	ExternalID string                     `json:"external_id"`
	ServiceID  string                     `json:"service_id"`
	ExpiryDate int64                      `json:"expiry_date"`
	Attributes map[string]interface{}     `json:"attributes"`
	Permission map[string]map[string]bool `json:"permission"`
}

type Certificate 

type Certificate struct {
	CertForSign
	Token      string `json:"token"`
	ExpiryDate int64  `json:"expiry_date"`
}

type DefaultKontrol 

type DefaultKontrol struct {
	Option KontrolOption
	// contains filtered or unexported fields
}

DefaultKontrol simple Kontrol

func (DefaultKontrol) AddSimpleObjectWithDefaultPolicy 

func (k DefaultKontrol) AddSimpleObjectWithDefaultPolicy(ctx context.Context, externalid string, serviceid string, servicekey string) (*ObjectPermission, error)

AddSimpleObjectWithDefaultPolicy add object with default service schema

func (DefaultKontrol) CreateCert 

func (k DefaultKontrol) CreateCert(obj *Object, policy []*Policy, enforce []*Policy) (*CertForSign, string, error)

CreateCert create final cert then sign

func (DefaultKontrol) CreatePolicy 

func (k DefaultKontrol) CreatePolicy(ctx context.Context, servicekey string, policy *Policy) error

CreatePolicy create a policy

func (DefaultKontrol) IssueCertForClient 

func (k DefaultKontrol) IssueCertForClient(ctx context.Context, objID string, serID string) (*ObjectPermission, error)

IssueCertForClient issue cert for current time, does not authen, must be authen-ed beforehand

func (DefaultKontrol) IssueCertForService 

func (k DefaultKontrol) IssueCertForService(ctx context.Context, objID string, serID string) (*ObjectPermission, error)

IssueCertForService issue cert for issed time, does not authen, must be authen-ed beforehand

func (DefaultKontrol) UpdateObject 

func (k DefaultKontrol) UpdateObject(ctx context.Context, obj *Object, servicekey string) error

UpdateObject update Object info

func (DefaultKontrol) ValidateToken 

func (k DefaultKontrol) ValidateToken(c context.Context, token string, serviceid string) (*Object, error)

ValidateToken validate the given token

type Kontrol 

type Kontrol interface {
	ValidateToken(c context.Context, token string, serviceid string) (*Object, error)                                                        // validate if token existed, for tighter check, use IssueCertForService
	IssueCertForService(ctx context.Context, objID string, serID string) (*ObjectPermission, error)                                          // get client cert for service to store
	AddSimpleObjectWithDefaultPolicy(ctx context.Context, externalid string, serviceid string, servicekey string) (*ObjectPermission, error) //service create new object
	UpdateObject(ctx context.Context, obj *Object, servicekey string) error                                                                  //service update object
	CreateCert(obj *Object, policy []*Policy, enforce []*Policy) (*CertForSign, string, error)                                               // internal use, centralise function to issue permission
	CreatePolicy(ctx context.Context, servicekey string, policy *Policy) error                                                               // service create policy
	IssueCertForClient(ctx context.Context, objID string, serID string) (*ObjectPermission, error)                                           // issue cert for client when login success
}

func NewBasicKontrol 

func NewBasicKontrol(store KontrolStore) Kontrol

NewBasicKontrol simple Kontrol with default option, stores still have to be provided

type KontrolOption 

type KontrolOption struct {
	DefaultTimeout int64
	SecretKey      string
}

KontrolOption kontrol config options

type KontrolStore 

type KontrolStore interface {
	GetObjectByToken(c context.Context, token string, serviceid string, timestamp int64) (*Object, error)
	CreateObject(c context.Context, obj *Object) error
	UpdateObject(c context.Context, obj *Object) error
	GetObjectByID(c context.Context, id string) (*Object, error)
	GetObjectByExternalID(c context.Context, extid string, serviceid string) (*Object, error)
	GetPolicyByID(c context.Context, id string) (*Policy, error)
	CreatePolicy(c context.Context, policy *Policy) error
	GetServiceByID(c context.Context, id string) (*Service, error)
}

type Object 

type Object struct {
	ID          string
	GlobalID    string
	ExternalID  string
	ServiceID   string
	Status      string
	Attributes  map[string]interface{} // ignore for now, extension
	Token       string
	ExpiryDate  int64
	ApplyPolicy []*Policy
}

Object is basic entity

type ObjectPermission 

type ObjectPermission struct {
	Object     Object
	Permission map[string]map[string]bool
}

ObjectPermission Contains object and it's permission

type Policy 

type Policy struct {
	ID         string
	Name       string
	ServiceID  string
	Permission map[string]int
	Status     string
	ApplyFrom  int64
	ApplyTo    int64
}

type Service 

type Service struct {
	ID            string
	ServiceID     string
	Name          string
	Key           string
	Status        string
	ExpiryDate    int64
	DefaultPolicy []*Policy
	EnforcePolicy []*Policy
}

Service is a registered serviced

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.