authmethod

package
v1.7.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 16, 2020 License: MPL-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsRegisteredType

func IsRegisteredType(typeName string) bool

func ParseConfig

func ParseConfig(rawConfig map[string]interface{}, out interface{}) error

ParseConfig parses the config block for a auth method.

func Register

func Register(name string, factory ValidatorFactory)

Register makes an auth method with the given type available for use. If Register is called twice with the same name or if validator is nil, it panics.

func Types

func Types() []string

Types returns a sorted list of the names of the registered types.

Types

type Cache added in v1.7.0

type Cache interface {
	// GetValidator retrieves the Validator from the cache.
	// It returns the modify index of struct that the validator was created from,
	// the validator and a boolean indicating whether the value was found
	GetValidator(method *structs.ACLAuthMethod) (uint64, Validator, bool)

	// PutValidatorIfNewer inserts a new validator into the cache if the index is greater
	// than the modify index of any existing entry in the cache. This method will return
	// the newest validator which may or may not be the one from the method parameter
	PutValidatorIfNewer(method *structs.ACLAuthMethod, validator Validator, idx uint64) Validator

	// Purge removes all cached validators
	Purge()
}

func NewCache added in v1.7.0

func NewCache() Cache

type Validator

type Validator interface {
	// Name returns the name of the auth method backing this validator.
	Name() string

	// ValidateLogin takes raw user-provided auth method metadata and ensures
	// it is sane, provably correct, and currently valid. Relevant identifying
	// data is extracted and returned for immediate use by the role binding
	// process.
	//
	// Depending upon the method, it may make sense to use these calls to
	// continue to extend the life of the underlying token.
	//
	// Returns auth method specific metadata suitable for the Role Binding
	// process as well as the desired enterprise meta for the token to be
	// created.
	ValidateLogin(loginToken string) (map[string]string, *structs.EnterpriseMeta, error)

	// AvailableFields returns a slice of all fields that are returned as a
	// result of ValidateLogin. These are valid fields for use in any
	// BindingRule tied to this auth method.
	AvailableFields() []string

	// MakeFieldMapSelectable converts a field map as returned by ValidateLogin
	// into a structure suitable for selection with a binding rule.
	MakeFieldMapSelectable(fieldMap map[string]string) interface{}
}

func NewValidator

func NewValidator(method *structs.ACLAuthMethod) (Validator, error)

NewValidator instantiates a new Validator for the given auth method configuration. If no auth method is registered with the provided type an error is returned.

type ValidatorFactory

type ValidatorFactory func(method *structs.ACLAuthMethod) (Validator, error)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL