security

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 7, 2018 License: Apache-2.0, BSD-3-Clause, MIT Imports: 9 Imported by: 12

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrUserNotFound = errors.New("user identity must be provided when allowing authentication")

ErrUserNotFound error when authentication passed but no user found

Functions

func Decrypt

func Decrypt(ciphertext []byte, key []byte) ([]byte, error)

Decrypt decrypts the cipher text with the provided key using AES

func Encrypt

func Encrypt(plaintext []byte, key []byte) ([]byte, error)

Encrypt encrypts the plaintext with the provided key using AES

func ForbiddenHTTPError

func ForbiddenHTTPError(description string) error

ForbiddenHTTPError returns HTTPError 403 with some description

func UnauthorizedHTTPError

func UnauthorizedHTTPError(description string) error

UnauthorizedHTTPError returns HTTPError 401 with some description

Types

type Authenticator

type Authenticator interface {
	// Authenticate returns information about the user if security is successful, a bool specifying
	// whether the authenticator ran or not and an error if one occurs
	Authenticate(req *http.Request) (*web.User, Decision, error)
}

Authenticator extracts the authenticator information from the request and returns information about the current user or an error if security was not successful

type Authorizer

type Authorizer interface {
	// Authorize returns decision specifying
	// whether the authorizer ran or not and an error if one occurs
	Authorize(req *http.Request) (Decision, error)
}

Authorizer extracts the information from the authenticated user and returns a decision if the authorization passed

type Decision

type Decision int

Decision represents a decision to allow or deny further processing or to abstain from taking a decision

const (
	// Abstain represents a decision to abstain from deciding - let another component decide
	Abstain Decision = iota

	// Allow represents decision to allow to proceed
	Allow

	// Deny represents decision to deny to proceed
	Deny
)

func (Decision) String

func (a Decision) String() string

String implements Stringer and converts the decision to human-readable value

type Encrypter

type Encrypter interface {
	Encrypt(ctx context.Context, plaintext []byte) ([]byte, error)
	Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error)
}

Encrypter provides functionality to encrypt and decrypt data

type KeyFetcher

type KeyFetcher interface {
	GetEncryptionKey(ctx context.Context) ([]byte, error)
}

KeyFetcher provides functionality to get encryption key from a remote location

type KeySetter

type KeySetter interface {
	SetEncryptionKey(ctx context.Context, key []byte) error
}

KeySetter provides functionality to set encryption key in a remote location

type TokenVerifier

type TokenVerifier interface {
	// Verify verifies that the token is valid and returns a token if so, otherwise returns an error
	Verify(ctx context.Context, token string) (web.TokenData, error)
}

TokenVerifier attempts to verify a token and returns it or an error if the verification was not successful

type TwoLayerEncrypter

type TwoLayerEncrypter struct {
	Fetcher KeyFetcher
}

TwoLayerEncrypter is an encrypter that fetches the encryption key from a remote location

func (*TwoLayerEncrypter) Decrypt

func (e *TwoLayerEncrypter) Decrypt(ctx context.Context, ciphertext []byte) ([]byte, error)

Decrypt decrypts the cipher text with a key obtained from a remote location

func (*TwoLayerEncrypter) Encrypt

func (e *TwoLayerEncrypter) Encrypt(ctx context.Context, plaintext []byte) ([]byte, error)

Encrypt encrypts the plaintext with a key obtained from a remote location

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL