authorizer

package
v0.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 15, 2023 License: Apache-2.0 Imports: 19 Imported by: 7

Documentation

Overview

Package authorizer is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index

Constants

View Source 
const (
	Authorizer_DecisionTree_FullMethodName = "/aserto.authorizer.authorizer.v1.Authorizer/DecisionTree"
	Authorizer_Is_FullMethodName           = "/aserto.authorizer.authorizer.v1.Authorizer/Is"
	Authorizer_Query_FullMethodName        = "/aserto.authorizer.authorizer.v1.Authorizer/Query"
)

Variables

View Source 
var (
	PathSeparator_name = map[int32]string{
		0: "PATH_SEPARATOR_UNKNOWN",
		1: "PATH_SEPARATOR_DOT",
		2: "PATH_SEPARATOR_SLASH",
	}
	PathSeparator_value = map[string]int32{
		"PATH_SEPARATOR_UNKNOWN": 0,
		"PATH_SEPARATOR_DOT":     1,
		"PATH_SEPARATOR_SLASH":   2,
	}
)

Enum value maps for PathSeparator.

View Source 
var (
	TraceLevel_name = map[int32]string{
		0: "TRACE_LEVEL_UNKNOWN",
		1: "TRACE_LEVEL_OFF",
		2: "TRACE_LEVEL_FULL",
		3: "TRACE_LEVEL_NOTES",
		4: "TRACE_LEVEL_FAILS",
	}
	TraceLevel_value = map[string]int32{
		"TRACE_LEVEL_UNKNOWN": 0,
		"TRACE_LEVEL_OFF":     1,
		"TRACE_LEVEL_FULL":    2,
		"TRACE_LEVEL_NOTES":   3,
		"TRACE_LEVEL_FAILS":   4,
	}
)

Enum value maps for TraceLevel.

View Source 
var Authorizer_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "aserto.authorizer.authorizer.v1.Authorizer",
	HandlerType: (*AuthorizerServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "DecisionTree",
			Handler:    _Authorizer_DecisionTree_Handler,
		},
		{
			MethodName: "Is",
			Handler:    _Authorizer_Is_Handler,
		},
		{
			MethodName: "Query",
			Handler:    _Authorizer_Query_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "aserto/authorizer/authorizer/v1/authorizer.proto",
}

Authorizer_ServiceDesc is the grpc.ServiceDesc for Authorizer service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var File_aserto_authorizer_authorizer_v1_authorizer_proto protoreflect.FileDescriptor

Functions

func RegisterAuthorizerHandler 

func RegisterAuthorizerHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterAuthorizerHandler registers the http handlers for service Authorizer to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterAuthorizerHandlerClient 

func RegisterAuthorizerHandlerClient(ctx context.Context, mux *runtime.ServeMux, client AuthorizerClient) error

RegisterAuthorizerHandlerClient registers the http handlers for service Authorizer to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "AuthorizerClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "AuthorizerClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "AuthorizerClient" to call the correct interceptors.

func RegisterAuthorizerHandlerFromEndpoint 

func RegisterAuthorizerHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterAuthorizerHandlerFromEndpoint is same as RegisterAuthorizerHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterAuthorizerHandlerServer 

func RegisterAuthorizerHandlerServer(ctx context.Context, mux *runtime.ServeMux, server AuthorizerServer) error

RegisterAuthorizerHandlerServer registers the http handlers for service Authorizer to "mux". UnaryRPC :call AuthorizerServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterAuthorizerHandlerFromEndpoint instead.

func RegisterAuthorizerServer 

func RegisterAuthorizerServer(s grpc.ServiceRegistrar, srv AuthorizerServer)

Types

type AuthorizerClient 

type AuthorizerClient interface {
	DecisionTree(ctx context.Context, in *DecisionTreeRequest, opts ...grpc.CallOption) (*DecisionTreeResponse, error)
	Is(ctx context.Context, in *IsRequest, opts ...grpc.CallOption) (*IsResponse, error)
	Query(ctx context.Context, in *QueryRequest, opts ...grpc.CallOption) (*QueryResponse, error)
}

AuthorizerClient is the client API for Authorizer service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewAuthorizerClient 

func NewAuthorizerClient(cc grpc.ClientConnInterface) AuthorizerClient

type AuthorizerServer 

type AuthorizerServer interface {
	DecisionTree(context.Context, *DecisionTreeRequest) (*DecisionTreeResponse, error)
	Is(context.Context, *IsRequest) (*IsResponse, error)
	Query(context.Context, *QueryRequest) (*QueryResponse, error)
}

AuthorizerServer is the server API for Authorizer service. All implementations should embed UnimplementedAuthorizerServer for forward compatibility

type Decision 

type Decision struct {
	Decision string `protobuf:"bytes,1,opt,name=decision,proto3" json:"decision,omitempty"`
	Is       bool   `protobuf:"varint,2,opt,name=is,proto3" json:"is,omitempty"`
	// contains filtered or unexported fields
}

func (*Decision) Descriptor deprecated 

func (*Decision) Descriptor() ([]byte, []int)

Deprecated: Use Decision.ProtoReflect.Descriptor instead.

func (*Decision) GetDecision 

func (x *Decision) GetDecision() string

func (*Decision) GetIs 

func (x *Decision) GetIs() bool

func (*Decision) ProtoMessage 

func (*Decision) ProtoMessage()

func (*Decision) ProtoReflect 

func (x *Decision) ProtoReflect() protoreflect.Message

func (*Decision) Reset 

func (x *Decision) Reset()

func (*Decision) String 

func (x *Decision) String() string

type DecisionTreeOptions 

type DecisionTreeOptions struct {
	PathSeparator PathSeparator `` /* 152-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*DecisionTreeOptions) Descriptor deprecated 

func (*DecisionTreeOptions) Descriptor() ([]byte, []int)

Deprecated: Use DecisionTreeOptions.ProtoReflect.Descriptor instead.

func (*DecisionTreeOptions) GetPathSeparator 

func (x *DecisionTreeOptions) GetPathSeparator() PathSeparator

func (*DecisionTreeOptions) ProtoMessage 

func (*DecisionTreeOptions) ProtoMessage()

func (*DecisionTreeOptions) ProtoReflect 

func (x *DecisionTreeOptions) ProtoReflect() protoreflect.Message

func (*DecisionTreeOptions) Reset 

func (x *DecisionTreeOptions) Reset()

func (*DecisionTreeOptions) String 

func (x *DecisionTreeOptions) String() string

type DecisionTreeRequest 

type DecisionTreeRequest struct {
	PolicyContext   *v1.PolicyContext    `protobuf:"bytes,1,opt,name=policy_context,json=policyContext,proto3" json:"policy_context,omitempty"`
	IdentityContext *v1.IdentityContext  `protobuf:"bytes,2,opt,name=identity_context,json=identityContext,proto3" json:"identity_context,omitempty"`
	Options         *DecisionTreeOptions `protobuf:"bytes,3,opt,name=options,proto3" json:"options,omitempty"`
	ResourceContext *structpb.Struct     `protobuf:"bytes,4,opt,name=resource_context,json=resourceContext,proto3" json:"resource_context,omitempty"`
	// contains filtered or unexported fields
}

func (*DecisionTreeRequest) Descriptor deprecated 

func (*DecisionTreeRequest) Descriptor() ([]byte, []int)

Deprecated: Use DecisionTreeRequest.ProtoReflect.Descriptor instead.

func (*DecisionTreeRequest) GetIdentityContext 

func (x *DecisionTreeRequest) GetIdentityContext() *v1.IdentityContext

func (*DecisionTreeRequest) GetOptions 

func (x *DecisionTreeRequest) GetOptions() *DecisionTreeOptions

func (*DecisionTreeRequest) GetPolicyContext 

func (x *DecisionTreeRequest) GetPolicyContext() *v1.PolicyContext

func (*DecisionTreeRequest) GetResourceContext 

func (x *DecisionTreeRequest) GetResourceContext() *structpb.Struct

func (*DecisionTreeRequest) ProtoMessage 

func (*DecisionTreeRequest) ProtoMessage()

func (*DecisionTreeRequest) ProtoReflect 

func (x *DecisionTreeRequest) ProtoReflect() protoreflect.Message

func (*DecisionTreeRequest) Reset 

func (x *DecisionTreeRequest) Reset()

func (*DecisionTreeRequest) String 

func (x *DecisionTreeRequest) String() string

type DecisionTreeResponse 

type DecisionTreeResponse struct {
	PathRoot string           `protobuf:"bytes,1,opt,name=path_root,json=pathRoot,proto3" json:"path_root,omitempty"`
	Path     *structpb.Struct `protobuf:"bytes,3,opt,name=path,proto3" json:"path,omitempty"`
	// contains filtered or unexported fields
}

func (*DecisionTreeResponse) Descriptor deprecated 

func (*DecisionTreeResponse) Descriptor() ([]byte, []int)

Deprecated: Use DecisionTreeResponse.ProtoReflect.Descriptor instead.

func (*DecisionTreeResponse) GetPath 

func (x *DecisionTreeResponse) GetPath() *structpb.Struct

func (*DecisionTreeResponse) GetPathRoot 

func (x *DecisionTreeResponse) GetPathRoot() string

func (*DecisionTreeResponse) ProtoMessage 

func (*DecisionTreeResponse) ProtoMessage()

func (*DecisionTreeResponse) ProtoReflect 

func (x *DecisionTreeResponse) ProtoReflect() protoreflect.Message

func (*DecisionTreeResponse) Reset 

func (x *DecisionTreeResponse) Reset()

func (*DecisionTreeResponse) String 

func (x *DecisionTreeResponse) String() string

type IsRequest 

type IsRequest struct {
	PolicyContext   *v1.PolicyContext   `protobuf:"bytes,1,opt,name=policy_context,json=policyContext,proto3" json:"policy_context,omitempty"`
	IdentityContext *v1.IdentityContext `protobuf:"bytes,2,opt,name=identity_context,json=identityContext,proto3" json:"identity_context,omitempty"`
	ResourceContext *structpb.Struct    `protobuf:"bytes,3,opt,name=resource_context,json=resourceContext,proto3" json:"resource_context,omitempty"`
	// contains filtered or unexported fields
}

func (*IsRequest) Descriptor deprecated 

func (*IsRequest) Descriptor() ([]byte, []int)

Deprecated: Use IsRequest.ProtoReflect.Descriptor instead.

func (*IsRequest) GetIdentityContext 

func (x *IsRequest) GetIdentityContext() *v1.IdentityContext

func (*IsRequest) GetPolicyContext 

func (x *IsRequest) GetPolicyContext() *v1.PolicyContext

func (*IsRequest) GetResourceContext 

func (x *IsRequest) GetResourceContext() *structpb.Struct

func (*IsRequest) ProtoMessage 

func (*IsRequest) ProtoMessage()

func (*IsRequest) ProtoReflect 

func (x *IsRequest) ProtoReflect() protoreflect.Message

func (*IsRequest) Reset 

func (x *IsRequest) Reset()

func (*IsRequest) String 

func (x *IsRequest) String() string

type IsResponse 

type IsResponse struct {
	Decisions []*Decision `protobuf:"bytes,1,rep,name=decisions,proto3" json:"decisions,omitempty"`
	// contains filtered or unexported fields
}

func (*IsResponse) Descriptor deprecated 

func (*IsResponse) Descriptor() ([]byte, []int)

Deprecated: Use IsResponse.ProtoReflect.Descriptor instead.

func (*IsResponse) GetDecisions 

func (x *IsResponse) GetDecisions() []*Decision

func (*IsResponse) ProtoMessage 

func (*IsResponse) ProtoMessage()

func (*IsResponse) ProtoReflect 

func (x *IsResponse) ProtoReflect() protoreflect.Message

func (*IsResponse) Reset 

func (x *IsResponse) Reset()

func (*IsResponse) String 

func (x *IsResponse) String() string

type PathSeparator 

type PathSeparator int32
const (
	PathSeparator_PATH_SEPARATOR_UNKNOWN PathSeparator = 0 // Value not set.
	PathSeparator_PATH_SEPARATOR_DOT     PathSeparator = 1 // Dot "." path separator
	PathSeparator_PATH_SEPARATOR_SLASH   PathSeparator = 2 // Slash "/" path separtor
)

func (PathSeparator) Descriptor 

func (PathSeparator) Descriptor() protoreflect.EnumDescriptor

func (PathSeparator) Enum 

func (x PathSeparator) Enum() *PathSeparator

func (PathSeparator) EnumDescriptor deprecated 

func (PathSeparator) EnumDescriptor() ([]byte, []int)

Deprecated: Use PathSeparator.Descriptor instead.

func (PathSeparator) Number 

func (x PathSeparator) Number() protoreflect.EnumNumber

func (PathSeparator) String 

func (x PathSeparator) String() string

func (PathSeparator) Type 

func (PathSeparator) Type() protoreflect.EnumType

type QueryOptions 

type QueryOptions struct {
	Metrics      bool       `protobuf:"varint,1,opt,name=metrics,proto3" json:"metrics,omitempty"`                                             // default false
	Instrument   bool       `protobuf:"varint,2,opt,name=instrument,proto3" json:"instrument,omitempty"`                                       // default false
	Trace        TraceLevel `protobuf:"varint,3,opt,name=trace,proto3,enum=aserto.authorizer.authorizer.v1.TraceLevel" json:"trace,omitempty"` // default ExplainOffV1
	TraceSummary bool       `protobuf:"varint,4,opt,name=trace_summary,json=traceSummary,proto3" json:"trace_summary,omitempty"`               // default false
	// contains filtered or unexported fields
}

func (*QueryOptions) Descriptor deprecated 

func (*QueryOptions) Descriptor() ([]byte, []int)

Deprecated: Use QueryOptions.ProtoReflect.Descriptor instead.

func (*QueryOptions) GetInstrument 

func (x *QueryOptions) GetInstrument() bool

func (*QueryOptions) GetMetrics 

func (x *QueryOptions) GetMetrics() bool

func (*QueryOptions) GetTrace 

func (x *QueryOptions) GetTrace() TraceLevel

func (*QueryOptions) GetTraceSummary 

func (x *QueryOptions) GetTraceSummary() bool

func (*QueryOptions) ProtoMessage 

func (*QueryOptions) ProtoMessage()

func (*QueryOptions) ProtoReflect 

func (x *QueryOptions) ProtoReflect() protoreflect.Message

func (*QueryOptions) Reset 

func (x *QueryOptions) Reset()

func (*QueryOptions) String 

func (x *QueryOptions) String() string

type QueryRequest 

type QueryRequest struct {
	IdentityContext *v1.IdentityContext `protobuf:"bytes,1,opt,name=identity_context,json=identityContext,proto3" json:"identity_context,omitempty"`
	Query           string              `protobuf:"bytes,2,opt,name=query,proto3" json:"query,omitempty"`
	Input           string              `protobuf:"bytes,3,opt,name=input,proto3" json:"input,omitempty"`
	Options         *QueryOptions       `protobuf:"bytes,4,opt,name=options,proto3" json:"options,omitempty"`
	PolicyContext   *v1.PolicyContext   `protobuf:"bytes,5,opt,name=policy_context,json=policyContext,proto3" json:"policy_context,omitempty"`
	ResourceContext *structpb.Struct    `protobuf:"bytes,6,opt,name=resource_context,json=resourceContext,proto3" json:"resource_context,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryRequest) Descriptor deprecated 

func (*QueryRequest) Descriptor() ([]byte, []int)

Deprecated: Use QueryRequest.ProtoReflect.Descriptor instead.

func (*QueryRequest) GetIdentityContext 

func (x *QueryRequest) GetIdentityContext() *v1.IdentityContext

func (*QueryRequest) GetInput 

func (x *QueryRequest) GetInput() string

func (*QueryRequest) GetOptions 

func (x *QueryRequest) GetOptions() *QueryOptions

func (*QueryRequest) GetPolicyContext 

func (x *QueryRequest) GetPolicyContext() *v1.PolicyContext

func (*QueryRequest) GetQuery 

func (x *QueryRequest) GetQuery() string

func (*QueryRequest) GetResourceContext 

func (x *QueryRequest) GetResourceContext() *structpb.Struct

func (*QueryRequest) ProtoMessage 

func (*QueryRequest) ProtoMessage()

func (*QueryRequest) ProtoReflect 

func (x *QueryRequest) ProtoReflect() protoreflect.Message

func (*QueryRequest) Reset 

func (x *QueryRequest) Reset()

func (*QueryRequest) String 

func (x *QueryRequest) String() string

type QueryResponse 

type QueryResponse struct {
	Results      []*structpb.Struct `protobuf:"bytes,1,rep,name=results,proto3" json:"results,omitempty"`
	Metrics      *structpb.Struct   `protobuf:"bytes,2,opt,name=metrics,proto3" json:"metrics,omitempty"`
	Trace        []*structpb.Struct `protobuf:"bytes,3,rep,name=trace,proto3" json:"trace,omitempty"`
	TraceSummary []string           `protobuf:"bytes,4,rep,name=trace_summary,json=traceSummary,proto3" json:"trace_summary,omitempty"`
	// contains filtered or unexported fields
}

func (*QueryResponse) Descriptor deprecated 

func (*QueryResponse) Descriptor() ([]byte, []int)

Deprecated: Use QueryResponse.ProtoReflect.Descriptor instead.

func (*QueryResponse) GetMetrics 

func (x *QueryResponse) GetMetrics() *structpb.Struct

func (*QueryResponse) GetResults 

func (x *QueryResponse) GetResults() []*structpb.Struct

func (*QueryResponse) GetTrace 

func (x *QueryResponse) GetTrace() []*structpb.Struct

func (*QueryResponse) GetTraceSummary 

func (x *QueryResponse) GetTraceSummary() []string

func (*QueryResponse) ProtoMessage 

func (*QueryResponse) ProtoMessage()

func (*QueryResponse) ProtoReflect 

func (x *QueryResponse) ProtoReflect() protoreflect.Message

func (*QueryResponse) Reset 

func (x *QueryResponse) Reset()

func (*QueryResponse) String 

func (x *QueryResponse) String() string

type TraceLevel 

type TraceLevel int32
const (
	TraceLevel_TRACE_LEVEL_UNKNOWN TraceLevel = 0 // Value not set.
	TraceLevel_TRACE_LEVEL_OFF     TraceLevel = 1 // ExplainOffV1   ExplainModeV1 = "off"
	TraceLevel_TRACE_LEVEL_FULL    TraceLevel = 2 // ExplainFullV1  ExplainModeV1 = "full"
	TraceLevel_TRACE_LEVEL_NOTES   TraceLevel = 3 // ExplainNotesV1 ExplainModeV1 = "notes"
	TraceLevel_TRACE_LEVEL_FAILS   TraceLevel = 4 // ExplainFailsV1 ExplainModeV1 = "fails"
)

func (TraceLevel) Descriptor 

func (TraceLevel) Descriptor() protoreflect.EnumDescriptor

func (TraceLevel) Enum 

func (x TraceLevel) Enum() *TraceLevel

func (TraceLevel) EnumDescriptor deprecated 

func (TraceLevel) EnumDescriptor() ([]byte, []int)

Deprecated: Use TraceLevel.Descriptor instead.

func (TraceLevel) Number 

func (x TraceLevel) Number() protoreflect.EnumNumber

func (TraceLevel) String 

func (x TraceLevel) String() string

func (TraceLevel) Type 

func (TraceLevel) Type() protoreflect.EnumType

type UnimplementedAuthorizerServer 

type UnimplementedAuthorizerServer struct {
}

UnimplementedAuthorizerServer should be embedded to have forward compatible implementations.

func (UnimplementedAuthorizerServer) DecisionTree 

func (UnimplementedAuthorizerServer) DecisionTree(context.Context, *DecisionTreeRequest) (*DecisionTreeResponse, error)

func (UnimplementedAuthorizerServer) Is 

func (UnimplementedAuthorizerServer) Is(context.Context, *IsRequest) (*IsResponse, error)

func (UnimplementedAuthorizerServer) Query 

func (UnimplementedAuthorizerServer) Query(context.Context, *QueryRequest) (*QueryResponse, error)

type UnsafeAuthorizerServer 

type UnsafeAuthorizerServer interface {
	// contains filtered or unexported methods
}

UnsafeAuthorizerServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to AuthorizerServer will result in compilation errors.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.