opafiber

package module
v2.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 3, 2024 License: MIT Imports: 6 Imported by: 1

README

id: opafiber

Opafiber

Release Discord Test Security Linter

Open Policy Agent support for Fiber.

Note: Requires Go 1.19 and above

Install

go get -u github.com/gofiber/fiber/v2
go get -u github.com/gofiber/contrib/opafiber/v2

Signature

opafiber.New(config opafiber.Config) fiber.Handler

Config

Property Type Description Default
RegoQuery string Required - Rego query -
RegoPolicy io.Reader Required - Rego policy -
IncludeQueryString bool Include query string as input to rego policy false
DeniedStatusCode int Http status code to return when policy denies request 400
DeniedResponseMessage string Http response body text to return when policy denies request ""
IncludeHeaders []string Include headers as input to rego policy -
InputCreationMethod InputCreationFunc Use your own function to provide input for OPA func defaultInput(ctx *fiber.Ctx) (map[string]interface{}, error)

Types

type InputCreationFunc func(c *fiber.Ctx) (map[string]interface{}, error)

Usage

OPA Fiber middleware sends the following example data to the policy engine as input:

{
  "method": "GET",
  "path": "/somePath",
  "query": {
    "name": ["John Doe"]
  },
  "headers": {
    "Accept": "application/json",
    "Content-Type": "application/json"
  }
}

package main

import (
	"github.com/gofiber/fiber/v2"
	"github.com/gofiber/contrib/opafiber/v2"
)

func main() {
	app := fiber.New()
	module := `
package example.authz

default allow := false

allow {
	input.method == "GET"
}
`

	cfg := opafiber.Config{
		RegoQuery:             "data.example.authz.allow",
		RegoPolicy:            bytes.NewBufferString(module),
		IncludeQueryString:    true,
		DeniedStatusCode:      fiber.StatusForbidden,
		DeniedResponseMessage: "status forbidden",
		IncludeHeaders:        []string{"Authorization"},
		InputCreationMethod:   func (ctx *fiber.Ctx) (map[string]interface{}, error) {
            return map[string]interface{}{
                "method": ctx.Method(),
                "path": ctx.Path(),
            }, nil
        },
	}
	app.Use(opafiber.New(cfg))

	app.Get("/", func(ctx *fiber.Ctx) error {
		return ctx.SendStatus(200)
	})

	app.Listen(":8080")
}

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func New 

func New(cfg Config) fiber.Handler

Types

type Config 

type Config struct {
	RegoPolicy            io.Reader
	RegoQuery             string
	IncludeHeaders        []string
	IncludeQueryString    bool
	DeniedStatusCode      int
	DeniedResponseMessage string
	InputCreationMethod   InputCreationFunc
}

type InputCreationFunc 

type InputCreationFunc func(c *fiber.Ctx) (map[string]interface{}, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.