grpc_auth

package
v0.1.252 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 24, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	TypeIAuthFuncAccessor = di.GetInterfaceReflectType((*IAuthFuncAccessor)(nil))
)

Functions

func AuthFromMD

func AuthFromMD(ctx context.Context, expectedScheme string) (string, error)

AuthFromMD is a helper function for extracting the :authorization header from the gRPC metadata of the request.

It expects the `:authorization` header to be of a certain scheme (e.g. `basic`, `bearer`), in a case-insensitive format (see rfc2617, sec 1.2). If no such authorization is found, or the token is of wrong scheme, an error with gRPC status `Unauthenticated` is returned.

func StreamServerInterceptor

func StreamServerInterceptor(authFuncAccessor IAuthFuncAccessor) grpc.StreamServerInterceptor

StreamServerInterceptor returns a new unary server interceptors that performs per-request auth.

func UnaryServerInterceptor

func UnaryServerInterceptor(authFuncAccessor IAuthFuncAccessor) grpc.UnaryServerInterceptor

UnaryServerInterceptor returns a new unary server interceptors that performs per-request auth.

Types

type AuthFuncStream

type AuthFuncStream func(ctx context.Context, fullMethodName string) (context.Context, error)

AuthFunc is the pluggable function that performs authentication.

The passed in `Context` will contain the gRPC metadata.MD object (for header-based authentication) and the peer.Peer information that can contain transport-based credentials (e.g. `credentials.AuthInfo`).

The returned context will be propagated to handlers, allowing user changes to `Context`. However, please make sure that the `Context` returned is a child `Context` of the one passed in.

If error is returned, its `grpc.Code()` will be returned to the user as well as the verbatim message. Please make sure you use `codes.Unauthenticated` (lacking auth) and `codes.PermissionDenied` (authed, but lacking perms) appropriately.

type AuthFuncUnary

type AuthFuncUnary func(ctx context.Context, fullMethodName string) (context.Context, interface{}, error)

type IAuthFuncAccessor

type IAuthFuncAccessor interface {
	GetAuthFuncStream() AuthFuncStream
	GetAuthFuncUnary() AuthFuncUnary
}

func GetAuthFuncAccessorFromContainer

func GetAuthFuncAccessorFromContainer(ctn di.Container) IAuthFuncAccessor

GetAuthFuncAccessorFromContainer from the Container

type ServiceAuthFuncOverride

type ServiceAuthFuncOverride interface {
	AuthFuncOverrideUnary(ctx context.Context, fullMethodName string) (context.Context, interface{}, error)
	AuthFuncOverrideStream(ctx context.Context, fullMethodName string) (context.Context, error)
}

ServiceAuthFuncOverride allows a given gRPC service implementation to override the global `AuthFunc`.

If a service implements the AuthFuncOverride method, it takes precedence over the `AuthFunc` method, and will be called instead of AuthFunc for all method invocations within that service.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL