The highest tagged major version is v22.

multitenancy

package

v21.1.0+incompatible Latest Latest Go to latest Published: Feb 1, 2021 License: GPL-3.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/baptiste-b-pegasys/quorum

Documentation ¶

Index ¶

Constants
Variables
type AccountAuthorizationProvider
type AccountStateSecurityAttribute
- func (assa *AccountStateSecurityAttribute) String() string
type AuthorizationProvider
type AuthorizeCreateFunc
type AuthorizeMessageCallFunc
type ContextAware
type ContractAction
type ContractAuthorizationProvider
type ContractSecurityAttribute
- func FullAccessContractSecurityAttributes(fromEOA common.Address, privateFrom string) []*ContractSecurityAttribute
- func (csa *ContractSecurityAttribute) String() string
type ContractSecurityAttributeBuilder
- func NewContractSecurityAttributeBuilder() *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Action(a ContractAction) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Build() *ContractSecurityAttribute
- func (csab *ContractSecurityAttributeBuilder) Create() *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) FromEOA(eoa common.Address) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Parties(tmPubKeys []string) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) PartiesOnlyIf(b bool, tmPubKeys []string) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Party(tmPubKey string) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Private() *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) PrivateFrom(tmPubKey string) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) PrivateFromOnlyIf(b bool, tmPubKey string) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) PrivateIf(b bool) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Public() *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Read() *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) ReadOnlyIf(b bool) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) ToEOA(eoa common.Address) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Visibility(v ContractVisibility) *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) Write() *ContractSecurityAttributeBuilder
- func (csab *ContractSecurityAttributeBuilder) WriteOnlyIf(b bool) *ContractSecurityAttributeBuilder
type ContractVisibility
type DefaultContractAuthorizationProvider
- func (cm *DefaultContractAuthorizationProvider) IsAuthorized(_ context.Context, authToken *proto.PreAuthenticatedAuthenticationToken, ...) (bool, error)

Constants ¶

View Source

const (
	VisibilityPublic  ContractVisibility = "public"
	VisibilityPrivate ContractVisibility = "private"
	ActionRead        ContractAction     = "read"
	ActionWrite       ContractAction     = "write"
	ActionCreate      ContractAction     = "create"

	// QueryOwnedEOA query parameter is to capture the EOA address
	// For value transfer, it represents the account owner
	// For message call, it represents the EOA that signed the contract creation transaction
	// in other words, the EOA that owns the contract
	QueryOwnedEOA = "owned.eoa"
	// QueryToEOA query parameter is to capture the EOA address which is the
	// target account in value transfer scenarios
	QueryToEOA = "to.eoa"
	// QueryFromTM query parameter is to capture the Tessera Public Key
	// which indicates the sender of a private transaction or participant of a private contract
	QueryFromTM = "from.tm"

	// AnyEOAAddress represents wild card for EOA address
	AnyEOAAddress = "0x0"
)

Variables ¶

View Source

var (
	ErrNotAuthorized               = errors.New("not authorized")
	CtxKeyAuthorizeCreateFunc      = "AUTHORIZE_CREATE_FUNC"
	CtxKeyAuthorizeMessageCallFunc = "AUTHORIZE_MESSAGE_CALL_FUNC"
)

Functions ¶

This section is empty.

Types ¶

type AccountAuthorizationProvider ¶

type AccountAuthorizationProvider interface {
	IsAuthorized(ctx context.Context, authToken *proto.PreAuthenticatedAuthenticationToken, attr *AccountStateSecurityAttribute) (bool, error)
}

AccountAuthorizationProvider performs authorization checks for Ethereum Account based on what is entitled in the proto.PreAuthenticatedAuthenticationToken and what is asked in ContractSecurityAttribute list. Note: place holder for future, this is to protect Value Transfer between accounts.

type AccountStateSecurityAttribute ¶

type AccountStateSecurityAttribute struct {
	From common.Address // Ethereum Account Address
	To   common.Address
}

AccountStateSecurityAttribute contains security configuration ask which are defined for a secure account state

func (*AccountStateSecurityAttribute) String ¶

func (assa *AccountStateSecurityAttribute) String() string

type AuthorizationProvider ¶

type AuthorizationProvider interface {
	ContextAware
	ContractAuthorizationProvider
}

AuthorizationProvider specifies APIs to be implemented to provide multitenancy capability

type AuthorizeCreateFunc ¶

type AuthorizeCreateFunc func() bool

type AuthorizeMessageCallFunc ¶

type AuthorizeMessageCallFunc func(contractAddress common.Address) (authorizedRead bool, authorizedWrite bool, err error)

AuthorizeMessageCallFunc returns if a contract is authorized to be read / write

type ContextAware ¶

type ContextAware interface {
	SupportsMultitenancy(ctx context.Context) (*proto.PreAuthenticatedAuthenticationToken, bool)
}

Multitenancy support

type ContractAction ¶

type ContractAction string

type ContractAuthorizationProvider ¶

type ContractAuthorizationProvider interface {
	IsAuthorized(ctx context.Context, authToken *proto.PreAuthenticatedAuthenticationToken, attributes ...*ContractSecurityAttribute) (bool, error)
}

ContractAuthorizationProvider performs authorization checks for contract based on what is entitled in the proto.PreAuthenticatedAuthenticationToken and what is asked in ContractSecurityAttribute list.

type ContractSecurityAttribute ¶

type ContractSecurityAttribute struct {
	*AccountStateSecurityAttribute
	Visibility  ContractVisibility // public/private
	Action      ContractAction     // create/read/write
	PrivateFrom string             // TM Key, only if Visibility is private, for write/create
	Parties     []string           // TM Keys, only if Visibility is private, for read
}

ContractSecurityAttribute contains security configuration ask which are defined for a secure contract account

func FullAccessContractSecurityAttributes ¶

func FullAccessContractSecurityAttributes(fromEOA common.Address, privateFrom string) []*ContractSecurityAttribute

FullAccessContractSecurityAttributes returns a list of contract security attributes. The attributes are used to verify ownership of a TM key which is going to be used to send a private transaction.

func (*ContractSecurityAttribute) String ¶

func (csa *ContractSecurityAttribute) String() string

type ContractSecurityAttributeBuilder ¶

type ContractSecurityAttributeBuilder struct {
	// contains filtered or unexported fields
}

func NewContractSecurityAttributeBuilder ¶

func NewContractSecurityAttributeBuilder() *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) Action ¶

func (csab *ContractSecurityAttributeBuilder) Action(a ContractAction) *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) Build ¶

func (csab *ContractSecurityAttributeBuilder) Build() *ContractSecurityAttribute

func (*ContractSecurityAttributeBuilder) Create ¶

func (csab *ContractSecurityAttributeBuilder) Create() *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) FromEOA ¶

func (csab *ContractSecurityAttributeBuilder) FromEOA(eoa common.Address) *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) Parties ¶

func (csab *ContractSecurityAttributeBuilder) Parties(tmPubKeys []string) *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) PartiesOnlyIf ¶

func (csab *ContractSecurityAttributeBuilder) PartiesOnlyIf(b bool, tmPubKeys []string) *ContractSecurityAttributeBuilder

set Parties only if b is true, ignore otherwise

func (*ContractSecurityAttributeBuilder) Party ¶

func (csab *ContractSecurityAttributeBuilder) Party(tmPubKey string) *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) Private ¶

func (csab *ContractSecurityAttributeBuilder) Private() *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) PrivateFrom ¶

func (csab *ContractSecurityAttributeBuilder) PrivateFrom(tmPubKey string) *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) PrivateFromOnlyIf ¶

func (csab *ContractSecurityAttributeBuilder) PrivateFromOnlyIf(b bool, tmPubKey string) *ContractSecurityAttributeBuilder

set privateFrom only if b is true, ignore otherwise

func (*ContractSecurityAttributeBuilder) PrivateIf ¶

func (csab *ContractSecurityAttributeBuilder) PrivateIf(b bool) *ContractSecurityAttributeBuilder

set VisibilityPrivate if b is true, VisibilityPublic otherwise

func (*ContractSecurityAttributeBuilder) Public ¶

func (csab *ContractSecurityAttributeBuilder) Public() *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) Read ¶

func (csab *ContractSecurityAttributeBuilder) Read() *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) ReadOnlyIf ¶

func (csab *ContractSecurityAttributeBuilder) ReadOnlyIf(b bool) *ContractSecurityAttributeBuilder

set ActionRead only if b is true, ignore otherwise

func (*ContractSecurityAttributeBuilder) ToEOA ¶

func (csab *ContractSecurityAttributeBuilder) ToEOA(eoa common.Address) *ContractSecurityAttributeBuilder

ethereum account destination

func (*ContractSecurityAttributeBuilder) Visibility ¶

func (csab *ContractSecurityAttributeBuilder) Visibility(v ContractVisibility) *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) Write ¶

func (csab *ContractSecurityAttributeBuilder) Write() *ContractSecurityAttributeBuilder

func (*ContractSecurityAttributeBuilder) WriteOnlyIf ¶

func (csab *ContractSecurityAttributeBuilder) WriteOnlyIf(b bool) *ContractSecurityAttributeBuilder

set ActionWrite only if b is true, ignore otherwise

type ContractVisibility ¶

type ContractVisibility string

type DefaultContractAuthorizationProvider ¶

type DefaultContractAuthorizationProvider struct {
}

func (*DefaultContractAuthorizationProvider) IsAuthorized ¶

func (cm *DefaultContractAuthorizationProvider) IsAuthorized(_ context.Context, authToken *proto.PreAuthenticatedAuthenticationToken, attributes ...*ContractSecurityAttribute) (bool, error)

IsAuthorized performs authorization check for each security attribute against the granted access inside the pre-authenticated access token.

All security attributes must pass.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL