Documentation
¶
Overview ¶
Package authz contains the code that authorizes space operations
Index ¶
- func Authorize(ctx context.Context, spaceID string) (bool, error)
- func InjectAuthzService(service AuthzService) goa.Middleware
- type AuthorizationPayload
- type AuthzConfiguration
- type AuthzService
- type AuthzServiceManager
- type KeycloakAuthzService
- type KeycloakAuthzServiceManager
- type Permissions
- type TokenPayload
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Authorize ¶
Authorize returns true and the corresponding Requesting Party Token if the current user is among the space collaborators
func InjectAuthzService ¶
func InjectAuthzService(service AuthzService) goa.Middleware
InjectAuthzService is a middleware responsible for setting up AuthzService in the context for every request.
Types ¶
type AuthorizationPayload ¶
type AuthorizationPayload struct {
Permissions []Permissions `json:"permissions"`
}
AuthorizationPayload represents an authz payload in the rpt token
type AuthzConfiguration ¶
type AuthzConfiguration interface {
GetKeycloakEndpointEntitlement(*goa.RequestData) (string, error)
}
AuthzConfiguration represents a Keycloak entitlement endpoint configuration
type AuthzService ¶
type AuthzService interface {
Authorize(ctx context.Context, entitlementEndpoint string, spaceID string) (bool, error)
Configuration() AuthzConfiguration
}
AuthzService represents a space authorization service
type AuthzServiceManager ¶
type AuthzServiceManager interface {
AuthzService() AuthzService
EntitlementEndpoint() string
}
AuthzServiceManager represents a space autharizarion service
type KeycloakAuthzService ¶
type KeycloakAuthzService struct {
// contains filtered or unexported fields
}
KeycloakAuthzService implements AuthzService interface
func NewAuthzService ¶
func NewAuthzService(config AuthzConfiguration, db application.DB) *KeycloakAuthzService
NewAuthzService constructs a new KeycloakAuthzService
func (*KeycloakAuthzService) Authorize ¶
func (s *KeycloakAuthzService) Authorize(ctx context.Context, entitlementEndpoint string, spaceID string) (bool, error)
Authorize returns true and the corresponding Requesting Party Token if the current user is among the space collaborators
func (*KeycloakAuthzService) Configuration ¶
func (s *KeycloakAuthzService) Configuration() AuthzConfiguration
Configuration returns authz service configuration
type KeycloakAuthzServiceManager ¶
type KeycloakAuthzServiceManager struct {
Service AuthzService
// contains filtered or unexported fields
}
KeycloakAuthzServiceManager is a keyaloak implementation of a space autharizarion service
func (*KeycloakAuthzServiceManager) AuthzService ¶
func (m *KeycloakAuthzServiceManager) AuthzService() AuthzService
AuthzService returns a space autharizarion service
func (*KeycloakAuthzServiceManager) EntitlementEndpoint ¶
func (m *KeycloakAuthzServiceManager) EntitlementEndpoint() string
EntitlementEndpoint returns a keyclaok entitlement endpoint URL
type Permissions ¶
type Permissions struct {
ResourceSetName *string `json:"resource_set_name"`
ResourceSetID *string `json:"resource_set_id"`
}
Permissions represents an permissions and the AuthorizationPayload
type TokenPayload ¶
type TokenPayload struct {
jwt.StandardClaims
Authorization *AuthorizationPayload `json:"authorization"`
}
TokenPayload represents an rpt token
Source Files