authz

package
v0.0.0-...-7d1ee88 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 28, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

Package authz exposes methods to manage authorization within gRPC.

Experimental

Notice: This package is EXPERIMENTAL and may be changed or removed in a later release.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type FileWatcherInterceptor

type FileWatcherInterceptor struct {
	// contains filtered or unexported fields
}

FileWatcherInterceptor contains details used to make authorization decisions by watching a file path that contains authorization policy in JSON format.

func NewFileWatcher

func NewFileWatcher(file string, duration time.Duration) (*FileWatcherInterceptor, error)

NewFileWatcher returns a new FileWatcherInterceptor from a policy file that contains JSON string of authorization policy and a refresh duration to specify the amount of time between policy refreshes.

func (*FileWatcherInterceptor) Close

func (i *FileWatcherInterceptor) Close()

Close cleans up resources allocated by the interceptor.

func (*FileWatcherInterceptor) StreamInterceptor

func (i *FileWatcherInterceptor) StreamInterceptor(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error

StreamInterceptor intercepts incoming Stream RPC requests. Only authorized requests are allowed to pass. Otherwise, an unauthorized error is returned to the client.

func (*FileWatcherInterceptor) UnaryInterceptor

func (i *FileWatcherInterceptor) UnaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error)

UnaryInterceptor intercepts incoming Unary RPC requests. Only authorized requests are allowed to pass. Otherwise, an unauthorized error is returned to the client.

type StaticInterceptor

type StaticInterceptor struct {
	// contains filtered or unexported fields
}

StaticInterceptor contains engines used to make authorization decisions. It either contains two engines deny engine followed by an allow engine or only one allow engine.

func NewStatic

func NewStatic(authzPolicy string) (*StaticInterceptor, error)

NewStatic returns a new StaticInterceptor from a static authorization policy JSON string.

func (*StaticInterceptor) StreamInterceptor

func (i *StaticInterceptor) StreamInterceptor(srv interface{}, ss grpc.ServerStream, _ *grpc.StreamServerInfo, handler grpc.StreamHandler) error

StreamInterceptor intercepts incoming Stream RPC requests. Only authorized requests are allowed to pass. Otherwise, an unauthorized error is returned to the client.

func (*StaticInterceptor) UnaryInterceptor

func (i *StaticInterceptor) UnaryInterceptor(ctx context.Context, req interface{}, _ *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error)

UnaryInterceptor intercepts incoming Unary RPC requests. Only authorized requests are allowed to pass. Otherwise, an unauthorized error is returned to the client.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL