authz

package
v0.0.0-...-794f3e4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 18, 2023 License: MIT Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Authenticate 

func Authenticate(ctx context.Context) (context.Context, error)

Authenticate checks access

func Subject 

func Subject(ctx context.Context) string

Subject returns subject from context

Types

type Authorizer 

type Authorizer interface {
	// Authorize checks permissions for access.
	Authorize(
		ctx context.Context,
		req *services.AuthRequest,
	) (*services.AuthResponse, error)

	// Check inspects constraints for access.
	Check(
		ctx context.Context,
		req *services.CheckConstraintsRequest,
	) (*services.CheckConstraintsResponse, error)
}

Authorizer interface for authorizing access requests and checking constraints.

func CreateAuthorizer 

func CreateAuthorizer(
	kind AuthorizerKind,
	config *domain.Config,
	authService service.AuthAdminService,
) (Authorizer, error)

CreateAuthorizer factory

func NewDefaultAuthorizer 

func NewDefaultAuthorizer(
	authAdminService service.AuthAdminService,
) Authorizer

NewDefaultAuthorizer constructor

func NewGrpcAuth 

func NewGrpcAuth(config *domain.Config) (Authorizer, error)

NewGrpcAuth constructor

type AuthorizerKind 

type AuthorizerKind string

AuthorizerKind defines enum for authorization implementations. 

const (
	// DefaultAuthorizerKind for authorization implementation.
	DefaultAuthorizerKind AuthorizerKind = "DEFAULT"

	// CasbinAuthorizerKind based on Casbin implementation.
	CasbinAuthorizerKind AuthorizerKind = "CASBIN"

	// NullAuthorizerKind based on NULL implementation.
	NullAuthorizerKind AuthorizerKind = "NULL"

	// NoneAuthorizerKind based on None implementation.
	NoneAuthorizerKind AuthorizerKind = "NONE"
)

type DefaultAuthorizer 

type DefaultAuthorizer struct {
	// contains filtered or unexported fields
}

DefaultAuthorizer for defining authorization rules.

func (*DefaultAuthorizer) Authorize 

func (a *DefaultAuthorizer) Authorize(
	ctx context.Context,
	req *services.AuthRequest,
) (*services.AuthResponse, error)

Authorize checks access for principal, action and resource.

func (*DefaultAuthorizer) Check 

func (a *DefaultAuthorizer) Check(
	ctx context.Context,
	req *services.CheckConstraintsRequest,
) (*services.CheckConstraintsResponse, error)

Check ensures constraints matches for the principal.

type NoAuthorizer 

type NoAuthorizer struct {
}

NoAuthorizer rejects all authorization requests.

func (NoAuthorizer) Authorize 

func (n NoAuthorizer) Authorize(
	_ context.Context,
	_ *services.AuthRequest,
) (*services.AuthResponse, error)

Authorize without any enforcement.

func (NoAuthorizer) Check 

func (n NoAuthorizer) Check(
	_ context.Context,
	_ *services.CheckConstraintsRequest) (*services.CheckConstraintsResponse, error)

Check without implementation.

type NullAuthorizer 

type NullAuthorizer struct {
}

NullAuthorizer for implementing no authorization.

func (NullAuthorizer) Authorize 

func (n NullAuthorizer) Authorize(
	_ context.Context,
	_ *services.AuthRequest,
) (*services.AuthResponse, error)

Authorize returns empty response.

func (NullAuthorizer) Check 

func (n NullAuthorizer) Check(
	_ context.Context,
	_ *services.CheckConstraintsRequest) (*services.CheckConstraintsResponse, error)

Check null implementation.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.