Documentation ¶
Index ¶
- Constants
- Variables
- func AuthMiddleware(ps *ArmoryCloudPrincipalService) func(handler http.Handler) http.Handler
- func DangerouslyWriteUnverifiedPrincipalToContext(c *gin.Context, principal *ArmoryCloudPrincipal) context.Context
- func ExtractBearerToken(r *http.Request) (string, error)
- func GinAuthMiddleware(ps *ArmoryCloudPrincipalService, allowWithoutAuthList []string) gin.HandlerFunc
- func WithPrincipal(ctx context.Context, principal ArmoryCloudPrincipal) context.Context
- type ArmoryCloudPrincipal
- type ArmoryCloudPrincipalService
- func (a *ArmoryCloudPrincipalService) ExtractAndVerifyPrincipalFromTokenBytes(token []byte) (*ArmoryCloudPrincipal, error)
- func (a *ArmoryCloudPrincipalService) ExtractAndVerifyPrincipalFromTokenString(token string) (*ArmoryCloudPrincipal, error)
- func (a *ArmoryCloudPrincipalService) VerifyPrincipalAndSetContext(tokenOrRawHeader string, c *gin.Context) error
- type Configuration
- type JWT
- type JwtFetcher
- type JwtToken
- type PrincipalType
Constants ¶
const (
ArmoryCloudPrincipalClaimNamespace = "https://cloud.armory.io/principal"
)
Variables ¶
var (
)Functions ¶
func AuthMiddleware ¶
func AuthMiddleware(ps *ArmoryCloudPrincipalService) func(handler http.Handler) http.Handler
AuthMiddleware Deprecated: this depreciated in favor of using the authn middleware bundled in the server package that returns a serr.Error
func DangerouslyWriteUnverifiedPrincipalToContext ¶ added in v1.15.0
func DangerouslyWriteUnverifiedPrincipalToContext(c *gin.Context, principal *ArmoryCloudPrincipal) context.Context
DangerouslyWriteUnverifiedPrincipalToContext is exposed for easily injecting stub principals into context for testing
func GinAuthMiddleware ¶
func GinAuthMiddleware(ps *ArmoryCloudPrincipalService, allowWithoutAuthList []string) gin.HandlerFunc
GinAuthMiddleware Deprecated: this depreciated in favor of using the authn middleware bundled in the server package that returns a serr.Error
func WithPrincipal ¶
func WithPrincipal(ctx context.Context, principal ArmoryCloudPrincipal) context.Context
Types ¶
type ArmoryCloudPrincipal ¶
type ArmoryCloudPrincipal struct { Type PrincipalType `json:"type"` Name string `json:"name"` OrgId string `json:"orgId"` OrgName string `json:"orgName"` EnvId string `json:"envId"` ArmoryAdmin bool `json:"armoryAdmin"` Subject string `json:"sub"` Issuer string `json:"iss"` Scopes []string `json:"scopes"` Roles []string `json:"roles"` }
func ExtractPrincipalFromContext ¶
func ExtractPrincipalFromContext(ctx context.Context) (*ArmoryCloudPrincipal, error)
ExtractPrincipalFromContext can be used by any handler or downstream middleware of the ArmoryCloudPrincipalMiddleware to get the encoded principal for manual verification of scopes.
func (*ArmoryCloudPrincipal) HasScope ¶
func (p *ArmoryCloudPrincipal) HasScope(scope string) bool
func (*ArmoryCloudPrincipal) String ¶
func (p *ArmoryCloudPrincipal) String() string
func (*ArmoryCloudPrincipal) Tenant ¶
func (p *ArmoryCloudPrincipal) Tenant() string
func (*ArmoryCloudPrincipal) ToJson ¶
func (p *ArmoryCloudPrincipal) ToJson() string
func (*ArmoryCloudPrincipal) UnsafeHasScope ¶ added in v1.11.1
func (p *ArmoryCloudPrincipal) UnsafeHasScope(scope string) bool
type ArmoryCloudPrincipalService ¶
type ArmoryCloudPrincipalService struct {
JwtFetcher JwtFetcher
}
func New ¶
func New(settings Configuration) (*ArmoryCloudPrincipalService, error)
New creates an ArmoryCloudPrincipalService. It downloads JWKS from the Armory Auth Server & populates the JWK Cache for principal verification.
func (*ArmoryCloudPrincipalService) ExtractAndVerifyPrincipalFromTokenBytes ¶
func (a *ArmoryCloudPrincipalService) ExtractAndVerifyPrincipalFromTokenBytes(token []byte) (*ArmoryCloudPrincipal, error)
func (*ArmoryCloudPrincipalService) ExtractAndVerifyPrincipalFromTokenString ¶
func (a *ArmoryCloudPrincipalService) ExtractAndVerifyPrincipalFromTokenString(token string) (*ArmoryCloudPrincipal, error)
func (*ArmoryCloudPrincipalService) VerifyPrincipalAndSetContext ¶ added in v1.15.0
func (a *ArmoryCloudPrincipalService) VerifyPrincipalAndSetContext(tokenOrRawHeader string, c *gin.Context) error
type Configuration ¶ added in v1.7.1
type JwtFetcher ¶
type PrincipalType ¶
type PrincipalType string
const ( User PrincipalType = "user" Machine PrincipalType = "machine" )