security

package
v2.9.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2024 License: Apache-2.0 Imports: 6 Imported by: 8

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EnforceToCurrentRoot

func EnforceToCurrentRoot(currentRoot, requestedPath string) (string, error)

Ensure that `requestedPath` is on the same directory or any subdirectory of `currentRoot`. Both `currentRoot` and `requestedPath` must be absolute paths. They may contain any number of `./` or `/../` dir changes.

func IsNamespaceEnabled added in v2.5.6

func IsNamespaceEnabled(namespace string, serverNamespace string, enabledNamespaces []string) bool

func NamespaceNotPermittedError added in v2.5.6

func NamespaceNotPermittedError(namespace string) error

func RBACName added in v2.8.0

func RBACName(defaultNS string, project string, namespace string, name string) string

RBACName constructs name of the app for use in RBAC checks.

func UnverifiedHasAudClaim added in v2.3.14

func UnverifiedHasAudClaim(rawIDToken string) (bool, error)

UnverifiedHasAudClaim returns whether the "aud" claim is present in the given JWT.

This function DOES NOT VERIFY THE TOKEN. You still have to verify the token to confirm that the token holder has not altered the "aud" claim.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL