restapi

package
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 7, 2018 License: Apache-2.0 Imports: 28 Imported by: 19

Documentation

Overview

Package restapi Composing authorizations This sample API demonstrates how to compose several authentication schemes and configure complex security requirements for your operations.

This API simulates a very simple market place with customers and resellers of items.

Personas:

  • as a first time user, I want to see all items on sales
  • as a registered customer, I want to post orders for items and consult my past orders
  • as a registered reseller, I want to see all pending orders on the items I am selling on the market place
  • as a reseller managing my own inventories, I want to post replenishment orders for the items I provide
  • as a register user, I want to consult my personal account infos

The situation we defined on the authentication side is as follows:

  • every known user is authenticated using a basic token
  • resellers are authenticated using API keys - we let the option to authenticate using a header or query param
  • any registered user (customer or reseller) will add a signed JWT to access more API endpoints

Obviously, there are several ways to achieve the same result. We just wanted to demonstrate here how security requirements may compose several schemes.

Note that we used the "OAuth2" declaration here but don't implement a real OAuth2 workflow: our intend here is just to be able to extract scopes from a passed JWT token (the only way to manipulate scoped authorizers with Swagger 2.0 is to declare them with type "oauth2").

Schemes:
  http
Host: localhost
BasePath: /api
Version: 0.0.1

Consumes:
- application/json

Produces:
- application/json

swagger:meta

Index

Constants

This section is empty.

Variables

View Source
var (
	// SwaggerJSON embedded version of the swagger document used at generation time
	SwaggerJSON json.RawMessage
	// FlatSwaggerJSON embedded flattened version of the swagger document used at generation time
	FlatSwaggerJSON json.RawMessage
)

Functions

This section is empty.

Types

type Server

type Server struct {
	EnabledListeners []string         `long:"scheme" description:"the listeners to enable, this can be repeated and defaults to the schemes in the swagger spec"`
	CleanupTimeout   time.Duration    `long:"cleanup-timeout" description:"grace period for which to wait before killing idle connections" default:"10s"`
	GracefulTimeout  time.Duration    `long:"graceful-timeout" description:"grace period for which to wait before shutting down the server" default:"15s"`
	MaxHeaderSize    flagext.ByteSize `` /* 231-byte string literal not displayed */

	SocketPath flags.Filename `long:"socket-path" description:"the unix socket to listen on" default:"/var/run/multi-auth-example.sock"`

	Host         string        `long:"host" description:"the IP to listen on" default:"localhost" env:"HOST"`
	Port         int           `long:"port" description:"the port to listen on for insecure connections, defaults to a random value" env:"PORT"`
	ListenLimit  int           `long:"listen-limit" description:"limit the number of outstanding requests"`
	KeepAlive    time.Duration `` /* 169-byte string literal not displayed */
	ReadTimeout  time.Duration `long:"read-timeout" description:"maximum duration before timing out read of the request" default:"30s"`
	WriteTimeout time.Duration `long:"write-timeout" description:"maximum duration before timing out write of the response" default:"60s"`

	TLSHost           string         `long:"tls-host" description:"the IP to listen on for tls, when not specified it's the same as --host" env:"TLS_HOST"`
	TLSPort           int            `long:"tls-port" description:"the port to listen on for secure connections, defaults to a random value" env:"TLS_PORT"`
	TLSCertificate    flags.Filename `long:"tls-certificate" description:"the certificate to use for secure connections" env:"TLS_CERTIFICATE"`
	TLSCertificateKey flags.Filename `long:"tls-key" description:"the private key to use for secure conections" env:"TLS_PRIVATE_KEY"`
	TLSCACertificate  flags.Filename `long:"tls-ca" description:"the certificate authority file to be used with mutual tls auth" env:"TLS_CA_CERTIFICATE"`
	TLSListenLimit    int            `long:"tls-listen-limit" description:"limit the number of outstanding requests"`
	TLSKeepAlive      time.Duration  `` /* 160-byte string literal not displayed */
	TLSReadTimeout    time.Duration  `long:"tls-read-timeout" description:"maximum duration before timing out read of the request"`
	TLSWriteTimeout   time.Duration  `long:"tls-write-timeout" description:"maximum duration before timing out write of the response"`
	// contains filtered or unexported fields
}

Server for the multi auth example API

func NewServer

func NewServer(api *operations.MultiAuthExampleAPI) *Server

NewServer creates a new api multi auth example server but does not configure it

func (*Server) ConfigureAPI

func (s *Server) ConfigureAPI()

ConfigureAPI configures the API and handlers.

func (*Server) ConfigureFlags

func (s *Server) ConfigureFlags()

ConfigureFlags configures the additional flags defined by the handlers. Needs to be called before the parser.Parse

func (*Server) Fatalf

func (s *Server) Fatalf(f string, args ...interface{})

Fatalf logs message either via defined user logger or via system one if no user logger is defined. Exits with non-zero status after printing

func (*Server) GetHandler

func (s *Server) GetHandler() http.Handler

GetHandler returns a handler useful for testing

func (*Server) HTTPListener

func (s *Server) HTTPListener() (net.Listener, error)

HTTPListener returns the http listener

func (*Server) Listen

func (s *Server) Listen() error

Listen creates the listeners for the server

func (*Server) Logf

func (s *Server) Logf(f string, args ...interface{})

Logf logs message either via defined user logger or via system one if no user logger is defined.

func (*Server) Serve

func (s *Server) Serve() (err error)

Serve the api

func (*Server) SetAPI

func (s *Server) SetAPI(api *operations.MultiAuthExampleAPI)

SetAPI configures the server with the specified API. Needs to be called before Serve

func (*Server) SetHandler

func (s *Server) SetHandler(handler http.Handler)

SetHandler allows for setting a http handler on this server

func (*Server) Shutdown

func (s *Server) Shutdown() error

Shutdown server and clean up resources

func (*Server) TLSListener

func (s *Server) TLSListener() (net.Listener, error)

TLSListener returns the https listener

func (*Server) UnixListener

func (s *Server) UnixListener() (net.Listener, error)

UnixListener returns the domain socket listener

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL