middleware

package

v0.0.0-...-be2ef80 Latest Latest Go to latest Published: Nov 21, 2024 License: Apache-2.0 Imports: 23 Imported by: 6

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chef/automate

Links

Open Source Insights

Documentation ¶

Index ¶

func CertificatePasser(_ context.Context, req *http.Request) metadata.MD
type AuthorizationHandler
type AuthorizationInterceptor
- func NewAuthInterceptor(authn authn.AuthenticationServiceClient, authz GRPCAuthorizationHandler) AuthorizationInterceptor
type DeploymentCertAuthOnly
type GRPCAuthorizationHandler
type HTTPAuthorizationHandler
type ILicenseInterceptor
- func NewLicenseInterceptor(licenseInterserviceClient license_control.LicenseControlServiceClient) ILicenseInterceptor
type IntrospectionHandler
type LicenseStatus

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CertificatePasser ¶

func CertificatePasser(_ context.Context, req *http.Request) metadata.MD

CertificatePasser takes the certificates from the requesting client and stores them in the x-client-cert header for use for cert auth.

Types ¶

type AuthorizationHandler ¶

type AuthorizationHandler interface {
	HTTPAuthorizationHandler
	GRPCAuthorizationHandler
	IntrospectionHandler
}

type AuthorizationInterceptor ¶

type AuthorizationInterceptor interface {
	UnaryServerInterceptor() grpc.UnaryServerInterceptor
	StreamServerInterceptor() grpc.StreamServerInterceptor
}

AuthorizationInterceptor abstracts the common logic that can be used for both interceptor types.

func NewAuthInterceptor ¶

func NewAuthInterceptor(
	authn authn.AuthenticationServiceClient,
	authz GRPCAuthorizationHandler,
) AuthorizationInterceptor

NewAuthInterceptor returns an AuthInterceptor that performs authentication and authorization for incoming requests. The return function uses the incoming request metadata (from its context), and constructs an authentication request to authn-service's authentication service that uses this metadata as outgoing metadata. If the inquiry's result is an error, it is returned as-is. If it's not, this function returns only the context, and allows for further request processing.

type DeploymentCertAuthOnly ¶

type DeploymentCertAuthOnly interface {
	MustUseDeploymentCertAuth()
}

type GRPCAuthorizationHandler ¶

type GRPCAuthorizationHandler interface {
	Handle(ctx context.Context, subjects []string, projects []string, req interface{}) (context.Context, error)
}

type HTTPAuthorizationHandler ¶

type HTTPAuthorizationHandler interface {
	IsAuthorized(ctx context.Context, subjects []string, resource, action string, projects []string) (context.Context, bool, error)
}

type ILicenseInterceptor ¶

type ILicenseInterceptor interface {
	UnaryServerInterceptor() grpc.UnaryServerInterceptor
	StreamServerInterceptor() grpc.StreamServerInterceptor
}

func NewLicenseInterceptor ¶

func NewLicenseInterceptor(licenseInterserviceClient license_control.LicenseControlServiceClient) ILicenseInterceptor

type IntrospectionHandler ¶

type IntrospectionHandler interface {
	FilterAuthorizedPairs(ctx context.Context, subjects []string, pairs []*pairs.Pair) ([]*pairs.Pair, error)
}

type LicenseStatus ¶

type LicenseStatus struct {
	//LicenseDetails information regarding license
	LicenseDetails *license_middleware.LicenseDetails
	//Till When the details are valid
	DetailsValidity time.Time
	//LicenseDetailsRefresh hard refresh details even if the DetailsValidity is valid
	LicenseDetailsRefresh bool
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
authz
license

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL