Documentation
¶
Overview ¶
Package http is used to create an AuthorizerClient that communicates with the authorizer using HTTP.
AuthorizerClient is the low-level interface that exposes the raw authorization API.
Example ¶
ctx := context.Background()
// Create new authorizer client.
authorizer, err := http.New(
client.WithAPIKeyAuth("<Aserto authorizer API key"),
client.WithTenantID("<Aserto tenant ID>"),
)
if err != nil {
log.Fatal("Failed to create authorizer:", err)
}
// Make an authorization call.
result, err := authorizer.Is(
ctx,
&authz.IsRequest{
PolicyContext: &api.PolicyContext{
Id: "<Aserto Policy ID>",
Path: "<Policy path (e.g. 'peoplefinder.GET.users')",
Decisions: []string{"<authorization decisions (e.g. 'allowed')>"},
},
IdentityContext: &api.IdentityContext{
Type: api.IdentityType_IDENTITY_TYPE_SUB,
Identity: "<user id>",
},
},
)
if err != nil {
log.Fatal("Failed to make authorization call:", err)
}
// Check the authorizer's decision.
for _, decision := range result.Decisions {
if decision.Decision == "allowed" { // "allowed" is just an example. Your policy may have different rules.
if decision.Is {
fmt.Println("Access granted")
} else {
fmt.Println("Access denied")
}
}
}
Output:
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrNotSupported = errors.New("unsupported feature")
ErrNotSupported is returned when gRPC options are passed to the HTTP client.
Functions ¶
This section is empty.
Types ¶
type AuthorizerClient ¶
type AuthorizerClient = authz.AuthorizerClient
func New ¶
func New(opts ...client.ConnectionOption) (AuthorizerClient, error)
New returns a new REST authorizer with the specified options.
Source Files
Click to show internal directories.
Click to hide internal directories.