stdcrpcaccess

package

v0.0.88 Latest Latest Go to latest Published: Mar 6, 2025 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/advdv/stdgo

Documentation ¶

Overview ¶

Package stdcrpcaccess implements access control for our RPC.

Index ¶

func FixedKeyServer() *httptest.Server
func PermissionsFromContext(ctx context.Context) []string
func SignToken(tok openid.Token) (string, error)
func WithFixedAuthBackend() fx.Option
func WithProcedurePermissions(ctx context.Context, procs []string) context.Context
func WithSignedToken(base connect.HTTPClient, createToken func(r *http.Request) openid.Token) connect.HTTPClient
type AccessControl
- func New(jwkEndpoint string, permMapFn PermissionToProcedure) *AccessControl
- func (ac *AccessControl) Close(context.Context) error
- func (ac *AccessControl) Wrap(next http.Handler) http.Handler
type AuthBackend
type FixedAuthBackend
- func (ap FixedAuthBackend) JWKSEndpoint() string
type PermissionToProcedure
type RealAuthBackend
- func (ap RealAuthBackend) JWKSEndpoint() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func FixedKeyServer ¶ added in v0.0.83

func FixedKeyServer() *httptest.Server

FixedKeyServer starts a server for testing that serves the key set.

func PermissionsFromContext ¶

func PermissionsFromContext(ctx context.Context) []string

PermissionsFromContext returns permissions from the context.

func SignToken ¶ added in v0.0.83

func SignToken(tok openid.Token) (string, error)

SignToken signs a valid JWT against a well-known private key for testing.

func WithFixedAuthBackend ¶ added in v0.0.83

func WithFixedAuthBackend() fx.Option

WithFixedAuthBackend injects dependencies for allowing tests to sign and validate access tokens.

func WithProcedurePermissions ¶

func WithProcedurePermissions(ctx context.Context, procs []string) context.Context

WithProcedurePermissions returns a context with permission strings.

func WithSignedToken ¶ added in v0.0.83

func WithSignedToken(base connect.HTTPClient, createToken func(r *http.Request) openid.Token) connect.HTTPClient

WithSignedToken is a http client middleware that always adds a valid (self signed) token for testing.

Types ¶

type AccessControl ¶

type AccessControl struct {
	// contains filtered or unexported fields
}

AccessControl implements a simple access control scheme.

func New ¶

func New(jwkEndpoint string, permMapFn PermissionToProcedure) *AccessControl

New inits the access control.

func (*AccessControl) Close ¶

func (ac *AccessControl) Close(context.Context) error

Close cancels the lifecycle context.

func (*AccessControl) Wrap ¶

func (ac *AccessControl) Wrap(next http.Handler) http.Handler

type AuthBackend ¶

type AuthBackend interface {
	JWKSEndpoint() string
}

AuthBackend represents what is required of an auth backend.

type FixedAuthBackend ¶ added in v0.0.83

type FixedAuthBackend struct {
	// contains filtered or unexported fields
}

FixedAuthBackend is an auth backend that is run locally and we control the signing process for.

func (FixedAuthBackend) JWKSEndpoint ¶ added in v0.0.83

func (ap FixedAuthBackend) JWKSEndpoint() string

type PermissionToProcedure ¶

type PermissionToProcedure func(perm string, _ int) string

PermissionToProcedure is used for an authorization scheme were some permission string is compared to a procedure name.

type RealAuthBackend ¶

type RealAuthBackend string

RealAuthBackend is used when actually deploying.

func (RealAuthBackend) JWKSEndpoint ¶

func (ap RealAuthBackend) JWKSEndpoint() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL