clcedard

package
v0.30.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 16, 2024 License: MIT Imports: 17 Imported by: 0

Documentation

Overview

Package clcedard provides components for the cedard authorization service.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Provide 

func Provide() fx.Option

Provide dependencies.

Types

type BatchInput added in v0.27.1 

type BatchInput struct {
	Policies string         `json:"policies"`
	Entities []any          `json:"entities"`
	Schema   map[string]any `json:"schema"`
	Items    []InputItem    `json:"items"`
}

BatchInput describes a set of inputs to all be checked at the same time.

type BatchOutput added in v0.27.1 

type BatchOutput struct {
	Items []Output `json:"items"`
}

BatchOutput describes the output of batching a set of authorization checks.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client implements a client for the cedard authorization service.

func NewClient 

func NewClient(cfg Config, logs *zap.Logger, htcl *http.Client) *Client

NewClient inits the client.

func (*Client) Authorize 

func (c *Client) Authorize(ctx context.Context, in *Input) (out *Output, err error)

Authorize asks the cedard service authorizes the given input.

func (*Client) BatchAuthorize added in v0.27.1 

func (c *Client) BatchAuthorize(ctx context.Context, in *BatchInput) (out *BatchOutput, err error)

Authorize asks the cedard service authorizes the given input.

func (Client) BatchIsAuthorized added in v0.27.1 

func (c Client) BatchIsAuthorized(ctx context.Context, in *BatchInput) (ress []bool, err error)

BatchIsAuthorized returns a list of booleans indicating whether each input is authorized. Any errors are gathered and returned as a single error.

func (*Client) IsAuthorized 

func (c *Client) IsAuthorized(ctx context.Context, in *Input) (bool, error)

IsAuthorized returns true the authorization returned an Allow decision without errors. Otherwise, it returns false.

type Config 

type Config struct {
	// BaseURL configures the base url of the cedard service.
	BaseURL string `env:"BASE_URL" envDefault:"https://authz.crewlinker.com"`
	// JWTSigningSecret configures the secret for signing JWTs.
	JWTSigningSecret string `env:"JWT_SIGNING_SECRET" envDefault:"some-secret-for-testing"`
	// BackoffMaxElapsedTime configures the max elapsed time for the retry mechanism.
	BackoffMaxElapsedTime time.Duration `env:"BACKOFF_MAX_ELAPSED_TIME" envDefault:"3s"`
}

Config configures the package.

type Input 

type Input struct {
	InputItem
	Policies string         `json:"policies"`
	Schema   map[string]any `json:"schema"`
	Entities []any          `json:"entities"`
}

Input for authorzation.

type InputItem added in v0.27.1 

type InputItem struct {
	Principal string         `json:"principal"`
	Action    string         `json:"action"`
	Resource  string         `json:"resource"`
	Context   map[string]any `json:"context"`
}

InputItem represents the input for a single authorization check.

type Output 

type Output struct {
	Decision      string   `json:"decision"`
	PolicyIDs     []string `json:"policy_ids"`
	ErrorMessages []string `json:"error_messages"`
}

Output from authorization.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.