Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Authenticate ¶
Authenticate checks access
Types ¶
type Authorizer ¶
type Authorizer interface {
// Authorize checks permissions for access.
Authorize(
ctx context.Context,
req *services.AuthRequest,
) (*services.AuthResponse, error)
// Check inspects constraints for access.
Check(
ctx context.Context,
req *services.CheckConstraintsRequest,
) (*services.CheckConstraintsResponse, error)
}
Authorizer interface for authorizing access requests and checking constraints.
func CreateAuthorizer ¶
func CreateAuthorizer( kind AuthorizerKind, config *domain.Config, authService service.AuthAdminService, ) (Authorizer, error)
CreateAuthorizer factory
func NewDefaultAuthorizer ¶
func NewDefaultAuthorizer( authAdminService service.AuthAdminService, ) Authorizer
NewDefaultAuthorizer constructor
func NewGrpcAuth ¶
func NewGrpcAuth(config *domain.Config) (Authorizer, error)
NewGrpcAuth constructor
type AuthorizerKind ¶
type AuthorizerKind string
AuthorizerKind defines enum for authorization implementations.
const ( // DefaultAuthorizerKind for authorization implementation. DefaultAuthorizerKind AuthorizerKind = "DEFAULT" // CasbinAuthorizerKind based on Casbin implementation. CasbinAuthorizerKind AuthorizerKind = "CASBIN" // NullAuthorizerKind based on NULL implementation. NullAuthorizerKind AuthorizerKind = "NULL" // NoneAuthorizerKind based on None implementation. NoneAuthorizerKind AuthorizerKind = "NONE" )
type DefaultAuthorizer ¶
type DefaultAuthorizer struct {
// contains filtered or unexported fields
}
DefaultAuthorizer for defining authorization rules.
func (*DefaultAuthorizer) Authorize ¶
func (a *DefaultAuthorizer) Authorize( ctx context.Context, req *services.AuthRequest, ) (*services.AuthResponse, error)
Authorize checks access for principal, action and resource.
func (*DefaultAuthorizer) Check ¶
func (a *DefaultAuthorizer) Check( ctx context.Context, req *services.CheckConstraintsRequest, ) (*services.CheckConstraintsResponse, error)
Check ensures constraints matches for the principal.
type NoAuthorizer ¶
type NoAuthorizer struct {
}
NoAuthorizer rejects all authorization requests.
func (NoAuthorizer) Authorize ¶
func (n NoAuthorizer) Authorize( _ context.Context, _ *services.AuthRequest, ) (*services.AuthResponse, error)
Authorize without any enforcement.
func (NoAuthorizer) Check ¶
func (n NoAuthorizer) Check( _ context.Context, _ *services.CheckConstraintsRequest) (*services.CheckConstraintsResponse, error)
Check without implementation.
type NullAuthorizer ¶
type NullAuthorizer struct {
}
NullAuthorizer for implementing no authorization.
func (NullAuthorizer) Authorize ¶
func (n NullAuthorizer) Authorize( _ context.Context, _ *services.AuthRequest, ) (*services.AuthResponse, error)
Authorize returns empty response.
func (NullAuthorizer) Check ¶
func (n NullAuthorizer) Check( _ context.Context, _ *services.CheckConstraintsRequest) (*services.CheckConstraintsResponse, error)
Check null implementation.
Source Files
Click to show internal directories.
Click to hide internal directories.