Documentation
¶
Index ¶
- type AuthorizerClient
- type Middleware
- func (m *Middleware) Handler(c *gin.Context)
- func (m *Middleware) WithNoResourceContext() *Middleware
- func (m *Middleware) WithPolicyFromURL(prefix string) *Middleware
- func (m *Middleware) WithPolicyPathMapper(mapper StringMapper) *Middleware
- func (m *Middleware) WithResourceMapper(mapper ResourceMapper) *Middleware
- type Policy
- type ResourceMapper
- type StringMapper
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthorizerClient ¶
type AuthorizerClient = authorizer.AuthorizerClient
type Middleware ¶
type Middleware struct {
// Identity determines the caller identity used in authorization calls.
Identity *httpmw.IdentityBuilder
// contains filtered or unexported fields
}
Middleware implements middleware that can be added to routes in Gin servers.
To authorize incoming requests, the middleware needs information about:
1. The user making the request.
2. The Aserto authorization policy to evaluate.
3. Optional, additional input data to the authorization policy.
The values for these parameters can be set globally or extracted dynamically from incoming messages.
func New ¶
func New(client AuthorizerClient, policy Policy) *Middleware
New creates middleware for the specified policy.
The new middleware is created with default identity and policy path mapper. Those can be overridden using `Middleware.Identity` to specify the caller's identity, or using the middleware's ".With...()" functions to set policy path and resource mappers.
func (*Middleware) Handler ¶
func (m *Middleware) Handler(c *gin.Context)
Handler is the middleware implementation. It is how an Authorizer is wired to a Gin router.
func (*Middleware) WithNoResourceContext ¶
func (m *Middleware) WithNoResourceContext() *Middleware
WithNoResourceContext causes the middleware to include no resource context in authorization request instead of the default behavior that sends all URL path parameters.
func (*Middleware) WithPolicyFromURL ¶
func (m *Middleware) WithPolicyFromURL(prefix string) *Middleware
WithPolicyFromURL instructs the middleware to construct the policy path from the path segment of the incoming request's URL.
Path separators ('/') are replaced with dots ('.'). If the request uses gorilla/mux to define path parameters, those are added to the path with two leading underscores. An optional prefix can be specified to be included in all paths.
Example ¶
Using 'WithPolicyFromURL("myapp")', the route
POST /products/{id}
becomes the policy path
"myapp.POST.products.__id"
func (*Middleware) WithPolicyPathMapper ¶
func (m *Middleware) WithPolicyPathMapper(mapper StringMapper) *Middleware
WithPolicyPathMapper sets a custom policy mapper, a function that takes an incoming request and returns the path within the policy of the package to query.
func (*Middleware) WithResourceMapper ¶
func (m *Middleware) WithResourceMapper(mapper ResourceMapper) *Middleware
WithResourceMapper sets a custom resource mapper, a function that takes an incoming request and returns the resource object to include with the authorization request as a `structpb.Struct`.
type Policy ¶
type Policy = middleware.Policy
type ResourceMapper ¶ added in v0.20.1
ResourceMapper functions are used to extract structured data from incoming requests. The optional resource mapper is a ResourceMapper.
type StringMapper ¶
StringMapper functions are used to extract string values from incoming requests. They are used to define policy mappers.
Source Files