Documentation
¶
Overview ¶
Package validators provides basic validation for splice requests and exposes an interface for additional validators.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Basic ¶
type Basic struct {
}
Basic implements Validator and performs basic checking of a request.
type GCEChecker ¶
type GCEChecker struct {
ProjectAllowlist map[string]bool
ExpandedCheck func(context.Context, string, map[string]bool) error
}
GCEChecker implements validators.Validator and checks if the request includes a GCE projectID that is on the allowlist. If ExpandedCheck is not nil, it can be used for secondary checks.
func NewGCE ¶
func NewGCE(allowed []string) (GCEChecker, error)
NewGCE returns a GCE validator initialized with a sanitized allowlist. The permitted resource types can be overidden by the 'allowed' parameter.
func (GCEChecker) Check ¶
func (g GCEChecker) Check(ctx context.Context, req *models.Request) (server.StatusCode, error)
Check returns StatusSuccess if request metadata includes a GCE project ID that is on the allowlist. If the ExpandedCheck member is available, it is called to perform additional allowlist checks for the project.
type VMIDClaims ¶
type VMIDClaims struct {
jwt.Claims
Google struct {
ComputeEngine struct {
ProjectID string `json:"project_id"`
} `json:"compute_engine"`
} `json:"google"`
}
VMIDClaims contains the claims provided by a GCE VM ID JWT.
type Validator ¶
type Validator interface {
// Check returns a status code and an error if the check failed. Check
// should perform its own cleanup (defer or otherwise) prior to returning.
Check(context.Context, *models.Request) (server.StatusCode, error)
}
Validator performs metadata checking for requests.
func NewUnattended ¶
NewUnattended returns a slice containing all validators required for unattended requests.
Source Files