Documentation ¶
Overview ¶
Package restapi Composing authorizations This sample API demonstrates how to compose several authentication schemes and configure complex security requirements for your operations.
This API simulates a very simple market place with customers and resellers of items.
Personas:
- as a first time user, I want to see all items on sales
- as a registered customer, I want to post orders for items and consult my past orders
- as a registered reseller, I want to see all pending orders on the items I am selling on the market place
- as a reseller managing my own inventories, I want to post replenishment orders for the items I provide
- as a register user, I want to consult my personal account infos
The situation we defined on the authentication side is as follows:
- every known user is authenticated using a basic token
- resellers are authenticated using API keys - we let the option to authenticate using a header or query param
- any registered user (customer or reseller) will add a signed JWT to access more API endpoints
Obviously, there are several ways to achieve the same result. We just wanted to demonstrate here how security requirements may compose several schemes.
Note that we used the "OAuth2" declaration here but don't implement a real OAuth2 workflow: our intend here is just to be able to extract scopes from a passed JWT token (the only way to manipulate scoped authorizers with Swagger 2.0 is to declare them with type "oauth2").
Schemes: http Host: localhost BasePath: /api Version: 0.0.1 Consumes: - application/json Produces: - application/json
swagger:meta
Index ¶
- Variables
- type Server
- func (s *Server) ConfigureAPI()
- func (s *Server) ConfigureFlags()
- func (s *Server) Fatalf(f string, args ...interface{})
- func (s *Server) GetHandler() http.Handler
- func (s *Server) HTTPListener() (net.Listener, error)
- func (s *Server) Listen() error
- func (s *Server) Logf(f string, args ...interface{})
- func (s *Server) Serve() (err error)
- func (s *Server) SetAPI(api *operations.MultiAuthExampleAPI)
- func (s *Server) SetHandler(handler http.Handler)
- func (s *Server) Shutdown() error
- func (s *Server) TLSListener() (net.Listener, error)
- func (s *Server) UnixListener() (net.Listener, error)
Constants ¶
This section is empty.
Variables ¶
var ( // SwaggerJSON embedded version of the swagger document used at generation time SwaggerJSON json.RawMessage // FlatSwaggerJSON embedded flattened version of the swagger document used at generation time FlatSwaggerJSON json.RawMessage )
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct { EnabledListeners []string `long:"scheme" description:"the listeners to enable, this can be repeated and defaults to the schemes in the swagger spec"` CleanupTimeout time.Duration `long:"cleanup-timeout" description:"grace period for which to wait before killing idle connections" default:"10s"` GracefulTimeout time.Duration `long:"graceful-timeout" description:"grace period for which to wait before shutting down the server" default:"15s"` MaxHeaderSize flagext.ByteSize `` /* 231-byte string literal not displayed */ SocketPath flags.Filename `long:"socket-path" description:"the unix socket to listen on" default:"/var/run/multi-auth-example.sock"` Host string `long:"host" description:"the IP to listen on" default:"localhost" env:"HOST"` Port int `long:"port" description:"the port to listen on for insecure connections, defaults to a random value" env:"PORT"` ListenLimit int `long:"listen-limit" description:"limit the number of outstanding requests"` KeepAlive time.Duration `` /* 169-byte string literal not displayed */ ReadTimeout time.Duration `long:"read-timeout" description:"maximum duration before timing out read of the request" default:"30s"` WriteTimeout time.Duration `long:"write-timeout" description:"maximum duration before timing out write of the response" default:"60s"` TLSHost string `long:"tls-host" description:"the IP to listen on for tls, when not specified it's the same as --host" env:"TLS_HOST"` TLSPort int `long:"tls-port" description:"the port to listen on for secure connections, defaults to a random value" env:"TLS_PORT"` TLSCertificate flags.Filename `long:"tls-certificate" description:"the certificate to use for secure connections" env:"TLS_CERTIFICATE"` TLSCertificateKey flags.Filename `long:"tls-key" description:"the private key to use for secure connections" env:"TLS_PRIVATE_KEY"` TLSCACertificate flags.Filename `long:"tls-ca" description:"the certificate authority file to be used with mutual tls auth" env:"TLS_CA_CERTIFICATE"` TLSListenLimit int `long:"tls-listen-limit" description:"limit the number of outstanding requests"` TLSKeepAlive time.Duration `` /* 160-byte string literal not displayed */ TLSReadTimeout time.Duration `long:"tls-read-timeout" description:"maximum duration before timing out read of the request"` TLSWriteTimeout time.Duration `long:"tls-write-timeout" description:"maximum duration before timing out write of the response"` // contains filtered or unexported fields }
Server for the multi auth example API
func NewServer ¶
func NewServer(api *operations.MultiAuthExampleAPI) *Server
NewServer creates a new api multi auth example server but does not configure it
func (*Server) ConfigureAPI ¶
func (s *Server) ConfigureAPI()
ConfigureAPI configures the API and handlers.
func (*Server) ConfigureFlags ¶
func (s *Server) ConfigureFlags()
ConfigureFlags configures the additional flags defined by the handlers. Needs to be called before the parser.Parse
func (*Server) Fatalf ¶
Fatalf logs message either via defined user logger or via system one if no user logger is defined. Exits with non-zero status after printing
func (*Server) GetHandler ¶
GetHandler returns a handler useful for testing
func (*Server) HTTPListener ¶
HTTPListener returns the http listener
func (*Server) Logf ¶
Logf logs message either via defined user logger or via system one if no user logger is defined.
func (*Server) SetAPI ¶
func (s *Server) SetAPI(api *operations.MultiAuthExampleAPI)
SetAPI configures the server with the specified API. Needs to be called before Serve
func (*Server) SetHandler ¶
SetHandler allows for setting a http handler on this server
func (*Server) TLSListener ¶
TLSListener returns the https listener