accesscontrol

package

v1.7.1 Latest Latest Go to latest Published: Feb 22, 2022 License: MIT Imports: 33 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/avenga/couper

Links

Open Source Insights

Documentation ¶

Index ¶

func GetKeyFromJWKS(jwks *jwk.JWKS, token *jwt.Token) (interface{}, error)
type AccessControl
type BasicAuth
- func NewBasicAuth(name, user, pass, file string) (*BasicAuth, error)
- func (ba *BasicAuth) Validate(req *http.Request) error
type JWT
- func NewJWT(options *JWTOptions) (*JWT, error)
- func NewJWTFromJWKS(options *JWTOptions) (*JWT, error)
- func (j *JWT) Validate(req *http.Request) error
type JWTOptions
type JWTSource
- func NewJWTSource(cookie, header string, value hcl.Expression) JWTSource
type JWTSourceType
type List
type ListItem
- func NewItem(nameLabel string, control AccessControl, errHandler http.Handler) *ListItem
- func (i ListItem) ErrorHandler() http.Handler
- func (i ListItem) Validate(req *http.Request) error
type Map
type OAuth2Callback
- func NewOAuth2Callback(oauth2Client oauth2.AcClient) (*OAuth2Callback, error)
- func (oa *OAuth2Callback) Validate(req *http.Request) error
type ProtectedHandler
type Saml2
- func NewSAML2ACS(metadata []byte, name string, acsUrl string, spEntityId string, ...) (*Saml2, error)
- func (s *Saml2) GetAssertionData(assertionInfo *saml2.AssertionInfo) map[string]interface{}
- func (s *Saml2) Validate(req *http.Request) error
- func (s *Saml2) ValidateAssertionInfo(assertionInfo *saml2.AssertionInfo) error
type ScopeControl
- func NewScopeControl(scopeMaps []map[string]string) *ScopeControl
- func (s *ScopeControl) Validate(req *http.Request) error
type ValidateFunc
- func (f ValidateFunc) Validate(req *http.Request) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetKeyFromJWKS ¶ added in v1.7.0

func GetKeyFromJWKS(jwks *jwk.JWKS, token *jwt.Token) (interface{}, error)

Types ¶

type AccessControl ¶

type AccessControl interface {
	Validate(req *http.Request) error
}

type BasicAuth ¶

type BasicAuth struct {
	// contains filtered or unexported fields
}

BasicAuth represents an AC-BasicAuth object

func NewBasicAuth ¶

func NewBasicAuth(name, user, pass, file string) (*BasicAuth, error)

NewBasicAuth creates a new AC-BasicAuth object

func (*BasicAuth) Validate ¶

func (ba *BasicAuth) Validate(req *http.Request) error

Validate implements the AccessControl interface

type JWT ¶

type JWT struct {
	// contains filtered or unexported fields
}

func NewJWT ¶

func NewJWT(options *JWTOptions) (*JWT, error)

NewJWT parses the key and creates Validation obj which can be referenced in related handlers.

func NewJWTFromJWKS ¶

func NewJWTFromJWKS(options *JWTOptions) (*JWT, error)

func (*JWT) Validate ¶

func (j *JWT) Validate(req *http.Request) error

Validate reading the token from configured source and validates against the key.

type JWTOptions ¶

type JWTOptions struct {
	Algorithm      string
	Claims         hcl.Expression
	ClaimsRequired []string
	Name           string // TODO: more generic (validate)
	RolesClaim     string
	RolesMap       map[string][]string
	ScopeClaim     string
	Source         JWTSource
	Key            []byte
	JWKS           *jwk.JWKS
}

type JWTSource ¶

type JWTSource struct {
	Expr hcl.Expression
	Name string
	Type JWTSourceType
}

func NewJWTSource ¶

func NewJWTSource(cookie, header string, value hcl.Expression) JWTSource

type JWTSourceType ¶

type JWTSourceType uint8

const (
	Invalid JWTSourceType = iota
	Cookie
	Header
	Value
)

type List ¶

type List []*ListItem

type ListItem ¶

type ListItem struct {
	// contains filtered or unexported fields
}

func NewItem ¶

func NewItem(nameLabel string, control AccessControl, errHandler http.Handler) *ListItem

func (ListItem) ErrorHandler ¶

func (i ListItem) ErrorHandler() http.Handler

func (ListItem) Validate ¶

func (i ListItem) Validate(req *http.Request) error

type Map ¶

type Map map[string]AccessControl

type OAuth2Callback ¶

type OAuth2Callback struct {
	// contains filtered or unexported fields
}

OAuth2Callback represents the access control for the OAuth2 authorization code flow callback.

func NewOAuth2Callback ¶

func NewOAuth2Callback(oauth2Client oauth2.AcClient) (*OAuth2Callback, error)

NewOAuth2Callback creates a new access control for the OAuth2 authorization code flow callback.

func (*OAuth2Callback) Validate ¶

func (oa *OAuth2Callback) Validate(req *http.Request) error

Validate implements the AccessControl interface

type ProtectedHandler ¶

type ProtectedHandler interface {
	Child() http.Handler
}

type Saml2 ¶

type Saml2 struct {
	// contains filtered or unexported fields
}

func NewSAML2ACS ¶

func NewSAML2ACS(metadata []byte, name string, acsUrl string, spEntityId string, arrayAttributes []string) (*Saml2, error)

func (*Saml2) GetAssertionData ¶

func (s *Saml2) GetAssertionData(assertionInfo *saml2.AssertionInfo) map[string]interface{}

func (*Saml2) Validate ¶

func (s *Saml2) Validate(req *http.Request) error

func (*Saml2) ValidateAssertionInfo ¶

func (s *Saml2) ValidateAssertionInfo(assertionInfo *saml2.AssertionInfo) error

type ScopeControl ¶

type ScopeControl struct {
	// contains filtered or unexported fields
}

func NewScopeControl ¶

func NewScopeControl(scopeMaps []map[string]string) *ScopeControl

func (*ScopeControl) Validate ¶

func (s *ScopeControl) Validate(req *http.Request) error

Validate validates the scope values provided by access controls against the required scope values.

type ValidateFunc ¶

type ValidateFunc func(*http.Request) error

func (ValidateFunc) Validate ¶

func (f ValidateFunc) Validate(req *http.Request) error

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
jwk
jwt

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL