auth

package
v0.0.0-...-2efaa0c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 10, 2018 License: Apache-2.0 Imports: 9 Imported by: 1

README

Auth GoDoc

Provides a high level pluggable abstraction for authentication and authorisation.

Interface

Simplify authentication with an interface that just returns true or false based on the current RPC context or session id. Optionally returns the session information for further examination.

Granular role based authorisation and control is needed at large scale for access management. Goes beyond just, does this person have an authenticated session. Should they be allowed to access the given resource.

Management of auth/roles should be offloaded to a service to minimise code changes in each individual service. Should ideally be embedded as middleware in requests handlers and initialised when registering a handler.

// Auth handles client side validation of authentication
// The client does not actually handle authentication itself.
// This could be an oauth2 provider, openid, basic auth, etc.
type Auth interface {
	Authorized(ctx context.Context, req Request) (*Token, error)
	Introspect(ctx context.Context) (*Token, error)
	Revoke(t *Token) error
	Token() (*Token, error)
	String() string
}

func NewAuth(opts ...Option) Auth {
	return newOS(opts...)
}

## Supported Backends

Documentation

Overview

Package auth is an interface for authentication and authorization.

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidToken = errors.New("invalid token")
)

Functions

func ClientWrapper

func ClientWrapper(a Auth) client.Wrapper

func ContextWithToken

func ContextWithToken(ctx context.Context, t *Token) context.Context

func HandlerWrapper

func HandlerWrapper(a Auth) server.HandlerWrapper

func HeaderWithToken

func HeaderWithToken(hd map[string]string, t *Token) map[string]string

func NewContext

func NewContext(ctx context.Context, c Auth) context.Context

Types

type Auth

type Auth interface {
	// Check if authorised
	Authorized(ctx context.Context, req Request) (*Token, error)
	// Retrieve token from context
	Introspect(ctx context.Context) (*Token, error)
	// Revoke a token
	Revoke(t *Token) error
	// Retrieve client token
	Token() (*Token, error)
	String() string
}

Auth handles client side validation of authentication The client does not actually handle authentication itself. This could be an oauth2 provider, openid, basic auth, etc.

func FromContext

func FromContext(ctx context.Context) (Auth, bool)

func NewAuth

func NewAuth(opts ...Option) Auth

type Option

type Option func(*Options)

func Client

func Client(c client.Client) Option

func Id

func Id(id string) Option

func Secret

func Secret(s string) Option

type Options

type Options struct {
	Id     string
	Secret string
	Client client.Client
	// Used for alternative options
	Context context.Context
}

type Request

type Request interface {
	Service() string
	Method() string
}

Client or server request

type Token

type Token struct {
	AccessToken  string
	RefreshToken string
	TokenType    string
	ExpiresAt    time.Time
	Scopes       []string
	Metadata     map[string]string
}

Basically identical to oauth token

func TokenFromContext

func TokenFromContext(ctx context.Context) (*Token, bool)

func TokenFromHeader

func TokenFromHeader(hd map[string]string) (*Token, bool)

Directories

Path Synopsis
Package go_micro_os_auth is a generated protocol buffer package.
Package go_micro_os_auth is a generated protocol buffer package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL