authorization

package

v0.20.0 Latest Latest Go to latest Published: Nov 21, 2024 License: Apache-2.0 Imports: 30 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kuadrant/authorino

Links

Open Source Insights

Documentation ¶

Index ¶

type Authzed
- func (a *Authzed) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)
type JSONPatternMatching
- func (j *JSONPatternMatching) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)
type KubernetesAuthz
- func NewKubernetesAuthz(user expressions.Value, authorizationGroups expressions.Value, ...) (*KubernetesAuthz, error)
- func (k *KubernetesAuthz) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)
type KubernetesAuthzResourceAttributes
type OPA
- func NewOPAAuthorization(policyName string, rego string, externalSource *OPAExternalSource, ...) (*OPA, error)
- func (opa *OPA) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)
- func (opa *OPA) Clean(_ context.Context) error
type OPAExternalSource

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authzed ¶ added in v0.12.0

type Authzed struct {
	Endpoint     string
	Insecure     bool
	SharedSecret string

	Subject      expressions.Value
	SubjectKind  expressions.Value
	Resource     expressions.Value
	ResourceKind expressions.Value
	Permission   expressions.Value
}

func (*Authzed) Call ¶ added in v0.12.0

func (a *Authzed) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)

type JSONPatternMatching ¶

type JSONPatternMatching struct {
	Rules jsonexp.Expression
}

func (*JSONPatternMatching) Call ¶

func (j *JSONPatternMatching) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)

type KubernetesAuthz ¶

type KubernetesAuthz struct {
	User                expressions.Value
	AuthorizationGroups expressions.Value
	ResourceAttributes  *KubernetesAuthzResourceAttributes
	// contains filtered or unexported fields
}

func NewKubernetesAuthz ¶

func NewKubernetesAuthz(user expressions.Value, authorizationGroups expressions.Value, resourceAttributes *KubernetesAuthzResourceAttributes) (*KubernetesAuthz, error)

func (*KubernetesAuthz) Call ¶

func (k *KubernetesAuthz) Call(pipeline auth.AuthPipeline, ctx gocontext.Context) (interface{}, error)

type KubernetesAuthzResourceAttributes ¶

type KubernetesAuthzResourceAttributes struct {
	Namespace   expressions.Value
	Group       expressions.Value
	Resource    expressions.Value
	Name        expressions.Value
	SubResource expressions.Value
	Verb        expressions.Value
}

type OPA ¶

type OPA struct {
	Rego           string `yaml:"rego"`
	ExternalSource *OPAExternalSource
	AllValues      bool
	// contains filtered or unexported fields
}

func NewOPAAuthorization ¶

func NewOPAAuthorization(policyName string, rego string, externalSource *OPAExternalSource, allValues bool, nonce int, ctx context.Context) (*OPA, error)

func (*OPA) Call ¶

func (opa *OPA) Call(pipeline auth.AuthPipeline, ctx context.Context) (interface{}, error)

func (*OPA) Clean ¶

func (opa *OPA) Clean(_ context.Context) error

Clean ensures the goroutine started by ExternalSource.setupRefresher is cleaned up

type OPAExternalSource ¶

type OPAExternalSource struct {
	Endpoint     string
	SharedSecret string
	auth.AuthCredentials
	TTL int
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL