Documentation
¶
Index ¶
Constants ¶
View Source
const ( CredentialTypeBasic = CredentialType("BASIC") CredentialTypeAPIKey = CredentialType("BEARER") CredentialTypeJWT = CredentialType("JWT") )
View Source
const ( NativeRealmName = "native_realm" JWTRealmName = "jwt" FileRealmName = "file_realm" NoopRealmName = "noop_realm" )
View Source
const ( RoleSuperUser = RoleType("super_user") RoleAdmin = RoleType("admin") RoleAPI = RoleType("api") )
Variables ¶
View Source
var ErrCredentialNotFound = errors.New("credential not found")
Functions ¶
This section is empty.
Types ¶
type AuthenticatedUser ¶
type AuthenticatedUser struct {
AuthenticatedByRealm string `json:"-"` // Name of realm that authenticated this user
Credential Credential `json:"credential"`
Role Role `json:"role"`
Metadata interface{} `json:"-"` // Additional data set by the realm that authenticated the user, see the jwt realm for an example
// TODO(subomi): This are set to interfaces temporarily to work around import cycles.
User interface{} `json:"user"`
APIKey interface{} `json:"api_key"`
}
type Credential ¶
type Credential struct {
Type CredentialType `json:"type"`
Username string `json:"username"`
Password string `json:"password"`
APIKey string `json:"api_key"`
Token string `json:"token"`
}
func (*Credential) String ¶
func (c *Credential) String() string
type CredentialType ¶
type CredentialType string
func (CredentialType) String ¶
func (c CredentialType) String() string
type Realm ¶
type Realm interface {
GetName() string
Authenticate(ctx context.Context, cred *Credential) (*AuthenticatedUser, error)
}
type Role ¶
type Role struct {
Type RoleType `json:"type"`
Project string `json:"project"`
Endpoint string `json:"endpoint,omitempty"`
}
Role represents the permission a user is given, if the Type is RoleSuperUser, Then the user will have access to everything regardless of the value of Project.
func (*Role) HasEndpoint ¶
func (*Role) HasProject ¶
Source Files
Click to show internal directories.
Click to hide internal directories.