Documentation
¶
Index ¶
- Variables
- func AddLdapConfiguration(ldapConfiguration *types.LdapConfiguration) error
- func AddLocalUser(user *types.LocalUser) error
- func DeleteAuthorization(ID string) error
- func DeleteAuthorizationsByClaim(claim string) error
- func DeleteAuthorizationsByPrincipal(pName string) error
- func DeleteLdapConfiguration() error
- func DeleteLocalUser(username string) error
- func GetAuthorization(UUID string) (types.Authorization, error)
- func GetLdapConfiguration() (*types.LdapConfiguration, error)
- func GetLocalUser(username string) (*types.LocalUser, error)
- func GetLocalUsers() ([]*types.LocalUser, error)
- func GetPath(strs ...string) string
- func InsertAuthorization(a *types.Authorization) error
- func ListAuthorizations() ([]types.Authorization, error)
- func ListAuthorizationsByClaim(claim string) ([]types.Authorization, error)
- func ListAuthorizationsByClaimAndPrincipal(claim string, principal string) ([]types.Authorization, error)
- func ListAuthorizationsByPrincipal(pName string) ([]types.Authorization, error)
- func UpdateLdapConfiguration(ldapConfiguration *types.LdapConfiguration, existingPassword string) error
- func UpdateLocalUser(username string, user *types.LocalUser) error
Constants ¶
This section is empty.
Variables ¶
var ( RootLocalUsers = "local_users" RootLdapConfiguration = "ldap_configuration" RootTokenSigningKey = "token_signing_key" )
various data store paths.
Functions ¶
func AddLdapConfiguration ¶
func AddLdapConfiguration(ldapConfiguration *types.LdapConfiguration) error
AddLdapConfiguration adds the given LDAP configuration to the data store (/auth_proxy/ldap_configuration). params:
ldapConfiguration: representation of the LDAP configuration to be added to data store
return values:
error: nil on successful insertion of `ldapConfiguration` into the store
otherwise auth_errors.ErrKeyExists or any relevant custom error
func AddLocalUser ¶
AddLocalUser adds a new user entry to /auth_proxy/local_users/. params:
user: *types.LocalUser object that should be added to the data store
return Values:
error: auth_errors.ErrKeyExists if the user already exists or any relevant error from state driver
func DeleteAuthorization ¶
DeleteAuthorization is a convenience function to remove an authz from the authz dir
func DeleteAuthorizationsByClaim ¶
DeleteAuthorizationsByClaim deletes all authorizations in the authz dir in the KV store that contain the chosen claim
Parameters:
claim: claim string (object) for which authorizations are being searched.
Return Values:
error: Errors encountered when reading and deleting from the authz dir
nil if operation is successful
func DeleteAuthorizationsByPrincipal ¶
DeleteAuthorizationsByPrincipal deletes all authorizations in in the KV store for the specific principal (subject).
Parameters:
ID: of the principal whose authorizations need to be removed
Return Values:
error: Any errors encountered when reading or deleting
from the KV store
func DeleteLdapConfiguration ¶
func DeleteLdapConfiguration() error
DeleteLdapConfiguration deletes LDAP configuration from the data store. return values:
error: nil on successful deletion of `/auth_proxy/ldap_configuration`
otherwise any error as returned by consecutive function calls or relevant custom error
func DeleteLocalUser ¶
DeleteLocalUser removes a local user from `/auth_proxy/local_users` Built-in admin and ops local users cannot be deleted. params:
username: string; user to be removed from the system
return values:
error: auth_errors.ErrIllegalOperation or any relevant error from the consecutive func calls
func GetAuthorization ¶
func GetAuthorization(UUID string) (types.Authorization, error)
GetAuthorization is a convenience function to look up an authorization entry by its UUID.
func GetLdapConfiguration ¶
func GetLdapConfiguration() (*types.LdapConfiguration, error)
GetLdapConfiguration retrieves LDAP configuration from the data store. return values:
*types.LdapConfiguration: reference to the LDAP configuration fetched from data store error: as returned by `state.GetStateDriver/getLdapConfiguration`
func GetLocalUser ¶
GetLocalUser looks up a user entry in `/auth_proxy/local_users` path. params:
username:string; name of the user to be fetched
return values:
*types.LocalUser: reference to local user object fetched from data store error: as returned by getLocalUser(..)
func GetLocalUsers ¶
GetLocalUsers returns all defined local users. return values:
[]types.InternalLocalUser: slice of local users error: as returned by consecutive func calls
func GetPath ¶
GetPath joins the given list of strings using path separator with `root` data store path.
func InsertAuthorization ¶
func InsertAuthorization(a *types.Authorization) error
InsertAuthorization is a convenience function to add a new entry to the authz dir
func ListAuthorizations ¶
func ListAuthorizations() ( []types.Authorization, error)
ListAuthorizations looks up all authorizations in authz dir
Return Values:
[]types.Authorization: slice containing authorization instances
error: Error when reading from KV store
nil if operation is successful
func ListAuthorizationsByClaim ¶
func ListAuthorizationsByClaim(claim string) ( []types.Authorization, error)
ListAuthorizationsByClaim looks up all authorizations in the authz dir that contains a claim key
Parameters:
claim: claim string (object) for which authorizations are being searched.
Return Values:
[]types.Authorization: slice containing authorizations
error: Any error encountered when reading from the KV store
nil if operation is successful
func ListAuthorizationsByClaimAndPrincipal ¶
func ListAuthorizationsByClaimAndPrincipal(claim string, principal string) ( []types.Authorization, error)
ListAuthorizationsByClaimAndPrincipal looks up all authorizations in the KV store for a specific claim and principal
Parameters:
claim: claim string for which authorizations are being searched. ID: of the principal for whom authorizations need to be returned
Return Values:
[]types.Authorization: slice containing authorizations.
error: Any error encountered when reading from the KV store
nil if operation is successful
func ListAuthorizationsByPrincipal ¶
func ListAuthorizationsByPrincipal(pName string) ( []types.Authorization, error)
ListAuthorizationsByPrincipal looks up all authorizations in authz dir for the specific principal (subject).
Parameters:
ID: of the principal for whom authorizations need to be returned
Return Values:
[]types.Authorization: slice containing authorization instances
error: Error when reading from KV store
nil if operation is successful
func UpdateLdapConfiguration ¶
func UpdateLdapConfiguration(ldapConfiguration *types.LdapConfiguration, existingPassword string) error
UpdateLdapConfiguration updates the existing LDAP configuration with the new configuration given. params:
ldapConfiguration: representation of the LDAP configuration to be updated to data store existingPassword: existing LDAP password (encrypted) from the data store
return values:
error: nil on successful update, otherwise anything as returned
by the consecutive function calls or any relevant custom error
func UpdateLocalUser ¶
UpdateLocalUser updates an existing entry in /auth_proxy/local_users/<username>. params:
username: string; of the user that requires update user: local user object to be updated in the data store
return values:
error: as returned by state.state.GetStateDriver, any consecutive function call or relevant custom error
Types ¶
This section is empty.
Source Files