accesscontrol

package
v0.0.0-...-ef7a112 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2024 License: MIT Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CreatePolicyRequest 

type CreatePolicyRequest struct {
	PresentationDefinitionID *model.GetPresentationDefinitionRequest `json:"presentation_definition_id"`
	Verifier                 PolicyVerifier                          `json:"verifier"`
}

func (CreatePolicyRequest) IsValid 

func (cpr CreatePolicyRequest) IsValid() bool

type CreatePolicyResponse 

type CreatePolicyResponse struct {
	// Address of the created policy contract
	PolicyContract string       `json:"policy_contract"`
	URIs           PolicyURISet `json:"uris"`
}

type CreateSessionInput 

type CreateSessionInput struct {
	SessionJWE []byte `json:"jwe,omitempty" validate:"required"`
}

func (CreateSessionInput) IsValid 

func (in CreateSessionInput) IsValid() bool

type PolicyURISet 

type PolicyURISet struct {
	PresentationDefinition string `json:"presentation_definition"`
	ProofProgram           string `json:"proof_program"`
	ProvingKey             string `json:"proving_key"`
	VerificationKey        string `json:"verification_key,omitempty"`
}

type PolicyVerifier 

type PolicyVerifier struct {
	ContractAddress string `json:"contract_address"`
	ProvingKey      byte   `json:"proving_key"`
	VerificationKey byte   `json:"verification_key"`
}

type RegisterResourceInput 

type RegisterResourceInput struct {
	Role           string `json:"role"`
	PolicyContract string `json:"policy_contract"`
	Resource       string `json:"resource"`
}

func (RegisterResourceInput) IsValid 

func (in RegisterResourceInput) IsValid() bool

type RegisterResourceOutput 

type RegisterResourceOutput struct {
	Role       string  `json:"role"`
	Policy     string  `json:"policy"`
	Permission string  `json:"permission"`
	Resource   string  `json:"resource"`
	Operations []uint8 `json:"operations"`
	DID        string  `json:"did"`
}

type RegisterResourceValue 

type RegisterResourceValue struct {
	Role       persist.Role   `json:"role"`
	Policy     persist.Policy `json:"policy"`
	Permission string         `json:"permission"`
	Resource   string         `json:"resource"`
	Operations []uint8        `json:"operations"`
	DID        string         `json:"did"`
}

type Service 

type Service struct {
	// contains filtered or unexported fields
}

func NewAccessControlService 

func NewAccessControlService(config config.AuthServiceConfig, s storage.ServiceStorage, p *presentation.Service, r resolution.Resolver, k *keystore.Service, rpcService *rpc.Service, ipfsClient *shell.Shell) (*Service, error)

func (Service) CreateAccessContext 

func (s Service) CreateAccessContext(ctx context.Context) (*StoredAccessContext, error)

CreateAccessContext creates an access context

func (Service) CreatePolicy 

func (s Service) CreatePolicy(ctx context.Context, request CreatePolicyRequest) (*CreatePolicyResponse, error)

CreatePolicy uploads required policy artifacts to ipfs and deploys and registers an access policy on-chain.

func (Service) CreateSession 

func (s Service) CreateSession(ctx context.Context, request CreateSessionInput) (*StoredSession, error)

CreateSession houses the main service logic for session token storage. It accepts only requests from trusted parties that are indexing the blockchain state, validates the input, and stores a session entry.

func (Service) RegisterResource 

func (s Service) RegisterResource(ctx context.Context, request RegisterResourceInput) (*RegisterResourceOutput, error)

RegisterResource registers a resource on-chain

func (Service) Status 

func (s Service) Status() framework.Status

func (Service) Type 

func (s Service) Type() framework.Type

func (Service) VerifySession 

func (s Service) VerifySession(ctx context.Context, request VerifySessionInput) (*VerifySessionOutput, error)

type ServiceFactory 

type ServiceFactory func(storage.Tx) (*Service, error)

func NewAccessControlServiceFactory 

func NewAccessControlServiceFactory(s storage.ServiceStorage, p *presentation.Service, r resolution.Resolver, k *keystore.Service, encrypter encryption.Encrypter, decrypter encryption.Decrypter, rpcService *rpc.Service, ipfsClient *shell.Shell) ServiceFactory

type Storage 

type Storage struct {
	// contains filtered or unexported fields
}

func NewAccessControlStorage 

func NewAccessControlStorage(db storage.ServiceStorage, e encryption.Encrypter, d encryption.Decrypter, writer storage.Tx) (*Storage, error)

func (*Storage) CheckAccessContextExists 

func (s *Storage) CheckAccessContextExists(ctx context.Context, id string) (bool, error)

func (*Storage) GetAccessContext 

func (s *Storage) GetAccessContext(ctx context.Context, id string) (*StoredAccessContext, error)

func (*Storage) GetSession 

func (s *Storage) GetSession(ctx context.Context, id string) (*StoredSession, error)

func (*Storage) InsertAccessContext 

func (s *Storage) InsertAccessContext(ctx context.Context, access StoredAccessContext) error

func (*Storage) InsertSession 

func (s *Storage) InsertSession(ctx context.Context, session StoredSession) error

type StoredAccessContext 

type StoredAccessContext struct {
	ID      common.Hash     `json:"id"`
	Address persist.Address `json:"address,omitempty"`
}

type StoredSession 

type StoredSession struct {
	ID         string        `json:"id"`
	SessionJWT keyaccess.JWT `json:"token,omitempty"`
	Issuer     string        `json:"issuer"`
	Audience   []string      `json:"audience"`
	Subject    string        `json:"subject"`
	CreatedAt  time.Time     `json:"createdAt"`
	Revoked    bool          `json:"revoked"`
	RevokedAt  string        `json:"revokedAt"`
	Expired    bool          `json:"expired"`
	ExpiresAt  time.Time     `json:"expiresAt"`
}

type VerifySessionInput 

type VerifySessionInput struct {
	RoleID       string        `json:"role"`
	SessionToken keyaccess.JWT `json:"jwt,omitempty" validate:"required"`
}

type VerifySessionOutput 

type VerifySessionOutput struct {
	// Whether the Session was verified.
	Verified bool `json:"verified"`

	// The session token that was checked against.
	SessionJWT keyaccess.JWT `json:"jwt"`

	// When Verified == false, the reason why it wasn't verified.
	Reason string `json:"reason,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.