Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Middleware ¶
func Middleware(a Authenticator) func(http.Handler) http.Handler
Middleware checks each request for authentication. If successful, the user's information is appended to the log context and request context. If not, an error is returned and the inner handler is skipped.
Types ¶
type AuthMetadata ¶
type Authenticator ¶
type CertificateAuth ¶
CertificateAuth requires all callers have a client certificate that either has its fingerprint explicitly configured with access, or is signed by a configured CA.
func (*CertificateAuth) Authenticate ¶
func (a *CertificateAuth) Authenticate(req *http.Request) (UserInfo, error)
type CertificateInfo ¶
func (*CertificateInfo) AuditContext ¶
func (c *CertificateInfo) AuditContext(info *audit.Info)
type Metadata ¶
type Metadata struct { Hosts []string `json:"hosts"` Auth []AuthMetadata `json:"auth"` }
type PolicyAuth ¶
type PolicyAuth struct {
// contains filtered or unexported fields
}
func (*PolicyAuth) Authenticate ¶
func (a *PolicyAuth) Authenticate(req *http.Request) (UserInfo, error)
type PolicyInfo ¶
type PolicyInfo struct { Subject string Roles []string AllowedKeys []string Claims map[string]interface{} DecisionID string }
func (*PolicyInfo) Allowed ¶
func (i *PolicyInfo) Allowed(keyConf *config.KeyConfig) bool
Allowed checks whether the named key is visible to the current user
func (*PolicyInfo) AuditContext ¶
func (i *PolicyInfo) AuditContext(info *audit.Info)
AuditContext amends an audit record with the authenticated user's name and other relevant details
type UserInfo ¶
type UserInfo interface { // Allowed checks whether the named key is visible to the current user Allowed(*config.KeyConfig) bool // AuditContext amends an audit record with the authenticated user's name // and other relevant details AuditContext(info *audit.Info) }
func RequestInfo ¶
RequestInfo returns information about the calling user
Click to show internal directories.
Click to hide internal directories.