Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetAbsPath ¶ added in v0.6.0
GetAbsPath given a URI path, normalize it and remove any relative references
@param original string - Original URI path @return the absolute path
Types ¶
type AuthBypassMatch ¶ added in v0.5.2
type AuthBypassMatch interface { /* Match checks whether a request matches against auth bypass rules @param ctxt context.Context - context calling this API @param request RequestParam - request parameters @return if a match is found or not, or an error otherwise */ Match(ctxt context.Context, request RequestParam) (bool, error) }
AuthBypassMatch check whether a request matches against auth bypass rules
func DefineAuthBypassMatch ¶ added in v0.5.2
func DefineAuthBypassMatch(config common.AuthnBypassConfig) (AuthBypassMatch, error)
DefineAuthBypassMatch defines a new AuthBypassMatch
@param config common.AuthnBypassConfig - matcher configuration @return new AuthBypassMatch instance
type RequestMatch ¶
type RequestMatch interface { /* Match checks whether a request matches against defined parameters @param ctxt context.Context - context calling this API @param request RequestParam - request parameters @return if a match, the list permissions needed to proceed, or an error otherwise */ Match(ctxt context.Context, request RequestParam) ([]string, error) /* String returns an ASCII description of the object @return an ASCII description of the object */ String() string }
RequestMatch checks whether a request matches against defined parameters
func DefineTargetGroupMatcher ¶
func DefineTargetGroupMatcher(spec TargetGroupSpec) (RequestMatch, error)
DefineTargetGroupMatcher defines a new RequestMatch for matching at host group level
@param spec TargetGroupSpec - the matcher specification @return new RequestMatch instance
type RequestParam ¶
type RequestParam struct { // Host is the request target "host" Host *string `validate:"omitempty,fqdn"` // Path is the request target Path Path string `validate:"required,uri"` // Method is the request method Method string `validate:"required,oneof=GET HEAD PUT POST PATCH DELETE OPTIONS"` }
RequestParam contains critical parameters describing a REST request
func (RequestParam) String ¶
func (p RequestParam) String() string
String returns an ASCII description of the object
@return an ASCII description of the object
type TargetGroupSpec ¶
type TargetGroupSpec struct { // AllowedHosts is the list of TargetHostSpec keyed by the host name. The host key of "*" // functions as a wildcard. If a request host is not explicitly listed here, it may match // against "*" if that key was defined AllowedHosts map[string]TargetHostSpec `validate:"required,min=1,dive"` }
TargetGroupSpec is a groups of hosts to check against
func ConvertConfigToTargetGroupSpec ¶
func ConvertConfigToTargetGroupSpec(cfg *common.AuthorizationConfig) (TargetGroupSpec, error)
ConvertConfigToTargetGroupSpec convert a common.AuthorizationConfig into TargetGroupSpec
@param cfg *common.AuthorizationConfig - the authorize config section @return the converted TargetGroupSpec
type TargetHostSpec ¶
type TargetHostSpec struct { // TargetHost is the host value the URI are associated with TargetHost string `validate:"required"` // AllowedPathsForHost is the list of paths associated with this host AllowedPathsForHost []TargetPathSpec `validate:"required,min=1,dive"` }
TargetHostSpec is a single host to check against defined by multiple associated paths
type TargetPathSpec ¶
type TargetPathSpec struct { // PathPattern is the pattern for matching against a request URI path PathPattern string `validate:"required"` // PermissionsForMethod is the DICT of required permission for each specified request // method that is allowed for this path. The method key of "*" functions as a wildcard. // If the request method is not explicitly listed here, it may match against "*" if that // key was defined. PermissionsForMethod map[string][]string `validate:"required,min=1"` }
TargetPathSpec is a single path pattern to check against