authorization

package
v0.1.2-alpha Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 21, 2018 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package authorization contains the authorization module implementation.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func StreamServerInterceptor 

func StreamServerInterceptor(authFuncs map[string]AuthPair) grpc.StreamServerInterceptor

StreamServerInterceptor returns a new stream server interceptor that performs per-request auth.

func UnaryServerInterceptor 

func UnaryServerInterceptor(authFuncs map[string]AuthPair) grpc.UnaryServerInterceptor

UnaryServerInterceptor returns a new unary server interceptor that performs per-request auth.

Types

type AuthPair 

type AuthPair struct {
	AuthnFunc grpc_auth.AuthFunc
	AuthzFunc AuthzFunc
}

AuthPair defines an authentication and authorization pair.

type AuthzFunc 

type AuthzFunc func(context.Context, interface{}) error

AuthzFunc performs authorization using the embedded SecurityContext on a message.

type AuthzPolicy 

type AuthzPolicy struct {
	Policy *authzpb.AuthorizationPolicy
}

AuthzPolicy contains the authorization policy.

func (*AuthzPolicy) Authorize 

func (a *AuthzPolicy) Authorize(ctx context.Context, m interface{}) error

Authorize verifies that the identity issuing the call. ctx must contain an authentication.SecurityContext. A call is authorized if:

  1. userID matches SecurityContext.Email,
  2. or, SecurityContext.Email is authorized to do the action in directories/directoryID.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.