Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExtractChannelHeaderCertHash ¶ added in v1.2.0
ExtractChannelHeaderCertHash extracts the TLS cert hash from a channel header.
Types ¶
type Chain ¶ added in v1.2.0
type Chain interface {
// Sequence returns the current config sequence number, can be used to detect config changes
Sequence() uint64
// PolicyManager returns the current policy manager as specified by the chain configuration
PolicyManager() policies.Manager
// Reader returns the chain Reader for the chain
Reader() blockledger.Reader
// Errored returns a channel which closes when the backing consenter has errored
Errored() <-chan struct{}
}
Chain encapsulates chain operations and data.
type ChainManager ¶ added in v1.2.0
ChainManager provides a way for the Handler to look up the Chain.
type ConfigSequencer ¶ added in v1.2.0
type ConfigSequencer interface {
Sequence() uint64
}
ConfigSequencer provides the sequence number of the current config block.
type ExpiresAtFunc ¶ added in v1.2.0
ExpiresAtFunc is used to extract the time at which an identity expires.
type Handler ¶
type Handler struct {
ChainManager ChainManager
TimeWindow time.Duration
BindingInspector Inspector
}
Handler handles server requests.
func NewHandler ¶ added in v1.2.0
func NewHandler(cm ChainManager, timeWindow time.Duration, mutualTLS bool) *Handler
NewHandler creates an implementation of the Handler interface.
type Inspector ¶ added in v1.2.0
Inspector verifies an appropriate binding between the message and the context.
type InspectorFunc ¶ added in v1.2.0
The InspectorFunc is an adapter that allows the use of an ordinary function as an Inspector.
type PolicyChecker ¶
PolicyChecker checks the envelope against the policy logic supplied by the function.
type PolicyCheckerFunc ¶ added in v1.2.0
The PolicyCheckerFunc is an adapter that allows the use of an ordinary function as a PolicyChecker.
func (PolicyCheckerFunc) CheckPolicy ¶ added in v1.2.0
func (pcf PolicyCheckerFunc) CheckPolicy(envelope *cb.Envelope, channelID string) error
CheckPolicy calls pcf(envelope, channelID)
type ResponseSender ¶ added in v1.2.0
type ResponseSender interface {
SendStatusResponse(status cb.Status) error
SendBlockResponse(block *cb.Block) error
}
ResponseSender defines the interface a handler must implement to send responses.
type Server ¶ added in v1.2.0
type Server struct {
Receiver
PolicyChecker
ResponseSender
}
Server is a polymorphic structure to support generalization of this handler to be able to deliver different type of responses.
type SessionAccessControl ¶ added in v1.2.0
type SessionAccessControl struct {
// contains filtered or unexported fields
}
SessionAccessControl holds access control related data for a common Envelope that is used to determine if a request is allowed for the identity associated with the request envelope.
func NewSessionAC ¶ added in v1.2.0
func NewSessionAC(chain ConfigSequencer, env *common.Envelope, policyChecker PolicyChecker, channelID string, expiresAt ExpiresAtFunc) (*SessionAccessControl, error)
NewSessionAC creates an instance of SessionAccessControl. This constructor will return an error if a signature header cannot be extracted from the envelope.
func (*SessionAccessControl) Evaluate ¶ added in v1.2.0
func (ac *SessionAccessControl) Evaluate() error
Evaluate uses the PolicyChecker to determine if a request should be allowed. The decision is cached until the identity expires or the chain configuration changes.
Source Files
Directories