auth

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 13, 2024 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Auth

type Auth struct {
	Authes []AuthApi
}

func NewAuth

func NewAuth(config *AuthConfig) *Auth

func (*Auth) Parse

func (a *Auth) Parse(ctx context.Context) (*AuthInfo, error)

func (*Auth) WithAuth

func (a *Auth) WithAuth(auth AuthApi) *Auth

type AuthApi

type AuthApi interface {
	Parse(ctx context.Context) (*AuthInfo, error)
	Enabled() bool
}

type AuthConfig

type AuthConfig struct {
	Jwt  JwtAuthConfig  `embed:"" prefix:"jwt-" help:"JWT auth config"`
	Mtls MtlsAuthConfig `embed:"" prefix:"mtls-" help:"MTLS auth config"`
}

type AuthInfo

type AuthInfo struct {
	Subject   string
	Audiences []string

	ScopeEnabled bool
	Scopes       []string

	ResourceEnabled bool
	Resources       []string

	Uuid string
}

func (*AuthInfo) FromClaims

func (auth *AuthInfo) FromClaims(claims jwt.MapClaims)

func (*AuthInfo) FromDNSName

func (auth *AuthInfo) FromDNSName(dnsName string)

func (*AuthInfo) FromDNSNames

func (auth *AuthInfo) FromDNSNames(dnsNames []string)

func (*AuthInfo) Merge

func (auth *AuthInfo) Merge(other *AuthInfo) error

func (*AuthInfo) Validate

func (auth *AuthInfo) Validate() error

func (*AuthInfo) ValidateAudience

func (auth *AuthInfo) ValidateAudience(audience string) bool

func (*AuthInfo) ValidateResource

func (auth *AuthInfo) ValidateResource(resource string) bool

func (*AuthInfo) ValidateResources

func (auth *AuthInfo) ValidateResources(resources []string) ([]string, bool)

func (*AuthInfo) ValidateScope

func (auth *AuthInfo) ValidateScope(scope string) bool

func (*AuthInfo) ValidateScopes

func (auth *AuthInfo) ValidateScopes(scopes []string) ([]string, bool)

type ClientCertFunc

type ClientCertFunc func(ctx context.Context) (*x509.Certificate, error)

type CtxKey

type CtxKey string
const CtxKeyAuthInfo CtxKey = "auth_info"

type JwtAuth

type JwtAuth struct {
	Config    *JwtAuthConfig
	TokenFunc JwtTokenFunc
}

func NewJwtAuth

func NewJwtAuth(config *JwtAuthConfig, tokenFunc JwtTokenFunc) *JwtAuth

func (*JwtAuth) Enabled

func (jwtAuth *JwtAuth) Enabled() bool

func (*JwtAuth) Parse

func (jwtAuth *JwtAuth) Parse(ctx context.Context) (*AuthInfo, error)

func (*JwtAuth) Validate

func (jwtAuth *JwtAuth) Validate(authInfo *AuthInfo) error

type JwtAuthConfig

type JwtAuthConfig struct {
	Enabled  bool   `default:"false"`
	Audience string `help:"The client name registered in the JWT provider"`

	JwtVerifyKey `embed:"" prefix:"verify-key-" validate:"required_if=Enabled true"`
}

type JwtTokenFunc

type JwtTokenFunc func(ctx context.Context) (string, error)

type JwtVerifyKey

type JwtVerifyKey struct {
	Types []string `enum:"ES256,ES384,ES512,EdDSA" help:"The type of the key to use for verification"`
	Files []string `validate:"samelen=Types" type:"file" help:"The path to the key file to use for verification"`
	// contains filtered or unexported fields
}

func (*JwtVerifyKey) LoadVerifyKey

func (k *JwtVerifyKey) LoadVerifyKey(token *jwt.Token) (interface{}, error)

func (*JwtVerifyKey) ResetKey

func (k *JwtVerifyKey) ResetKey()

type MtlsAuth

type MtlsAuth struct {
	Config         *MtlsAuthConfig
	ClientCertFunc ClientCertFunc
}

func NewMtlsAuth

func NewMtlsAuth(config *MtlsAuthConfig, clientCertFunc ClientCertFunc) *MtlsAuth

func (*MtlsAuth) Enabled

func (mtlsAuth *MtlsAuth) Enabled() bool

func (*MtlsAuth) Parse

func (mtlsAuth *MtlsAuth) Parse(ctx context.Context) (*AuthInfo, error)

func (*MtlsAuth) Validate

func (mtlsAuth *MtlsAuth) Validate(authInfo *AuthInfo) error

type MtlsAuthConfig

type MtlsAuthConfig struct {
	Enabled bool `negatable:"true" help:"Enable mutual tls auth"`
	// TrustedCA  string `name:"trusted-ca" validate:"required_if=Enabled true,omitempty,file" help:"Path to the server trusted ca certs"`
	BaseDomain string `help:"The base domain of client cert"`

	ScopeEnabled    bool `negatable:"true" help:"Should we load scopes from client cert"`
	ResourceEnabled bool `negatable:"true" help:"Should we load resources from client cert"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL