http

Documentation

Index

• func AuditLog(logger *log.Logger, roles *auth.Roles, f http.HandlerFunc) http.HandlerFunc
• func EnforcePolicies(roles *auth.Roles, f http.HandlerFunc) http.HandlerFunc
• func Error(w http.ResponseWriter, err error) error
• func HandleAssignIdentity(roles *auth.Roles) http.HandlerFunc
• func HandleCreateKey(store *secret.Store) http.HandlerFunc
• func HandleDecryptKey(store *secret.Store) http.HandlerFunc
• func HandleDeleteKey(store *secret.Store) http.HandlerFunc
• func HandleDeletePolicy(roles *auth.Roles) http.HandlerFunc
• func HandleForgetIdentity(roles *auth.Roles) http.HandlerFunc
• func HandleGenerateKey(store *secret.Store) http.HandlerFunc
• func HandleImportKey(store *secret.Store) http.HandlerFunc
• func HandleListIdentities(roles *auth.Roles) http.HandlerFunc
• func HandleListPolicies(roles *auth.Roles) http.HandlerFunc
• func HandleReadPolicy(roles *auth.Roles) http.HandlerFunc
• func HandleTraceAuditLog(log *xlog.SystemLog) http.HandlerFunc
• func HandleTraceErrorLog(log *xlog.SystemLog) http.HandlerFunc
• func HandleVersion(version string) http.HandlerFunc
• func HandleWritePolicy(roles *auth.Roles) http.HandlerFunc
• func LimitRequestBody(n int64, f http.HandlerFunc) http.HandlerFunc
• func RequireMethod(method string, f http.HandlerFunc) http.HandlerFunc
• func TLSProxy(proxy *auth.TLSProxy, f http.HandlerFunc) http.HandlerFunc
• func ValidatePath(apiPattern string, f http.HandlerFunc) http.HandlerFunc

Functions

func AuditLog

func AuditLog(logger *log.Logger, roles *auth.Roles, f http.HandlerFunc) http.HandlerFunc

AuditLog returns a handler function that wraps f and logs the HTTP request and response before sending the response status code back to the client.

func EnforcePolicies

func EnforcePolicies(roles *auth.Roles, f http.HandlerFunc) http.HandlerFunc

func Error

func Error(w http.ResponseWriter, err error) error

Error sends the given err as JSON error responds to w.

If err has a 'Status() int' method then Error sets the response status code to err.Status(). Otherwise, it will send 500 (internal server error).

If err is nil then Error will send the status code 500 and an empty JSON response body - i.e. '{}'.

func HandleAssignIdentity

func HandleAssignIdentity(roles *auth.Roles) http.HandlerFunc

func HandleCreateKey

func HandleCreateKey(store *secret.Store) http.HandlerFunc

HandleCreateKey returns a handler function that generates a new random Secret and stores in the Store under the request name, if it doesn't exist.

It infers the name of the new Secret from the request URL - in particular from the URL's path base. See: https://golang.org/pkg/path/#Base

func HandleDecryptKey

func HandleDecryptKey(store *secret.Store) http.HandlerFunc

func HandleDeleteKey

func HandleDeleteKey(store *secret.Store) http.HandlerFunc

func HandleDeletePolicy

func HandleDeletePolicy(roles *auth.Roles) http.HandlerFunc

func HandleForgetIdentity

func HandleForgetIdentity(roles *auth.Roles) http.HandlerFunc

func HandleGenerateKey

func HandleGenerateKey(store *secret.Store) http.HandlerFunc

func HandleImportKey

func HandleImportKey(store *secret.Store) http.HandlerFunc

HandleImportKey returns a handler function that reads a secret value from the request body and stores in the Store under the request name, if it doesn't exist.

It infers the name of the new Secret from the request URL - in particular from the URL's path base. See: https://golang.org/pkg/path/#Base

func HandleListIdentities

func HandleListIdentities(roles *auth.Roles) http.HandlerFunc

func HandleListPolicies

func HandleListPolicies(roles *auth.Roles) http.HandlerFunc

func HandleReadPolicy

func HandleReadPolicy(roles *auth.Roles) http.HandlerFunc

func HandleTraceAuditLog

func HandleTraceAuditLog(log *xlog.SystemLog) http.HandlerFunc

HandleTraceAuditLog returns a HTTP handler that writes whatever log logs to the client.

The returned handler is a long-running server task that will wait for the client to close the connection resp. until the request context is done. Therefore, it will not work properly with (write) timeouts.

func HandleTraceErrorLog

func HandleTraceErrorLog(log *xlog.SystemLog) http.HandlerFunc

HandleTraceErrorLog returns an HTTP handler that writes whatever log logs to the client.

The returned handler is a long-running server task that will wait for the client to close the connection resp. until the request context is done. Therefore, it will not work properly with (write) timeouts.

In contrast to HandleTraceAuditLog, HandleTraceErrorLog wraps the http.ResponseWriter such that whatever log logs gets converted to the JSON:

{
  "message":"<log-output>",
}

func HandleVersion

func HandleVersion(version string) http.HandlerFunc

HandleVersion returns a handler function that returns the given version as JSON. In particular, it returns a JSON object:

{
  "version": "<version>"
}

func HandleWritePolicy

func HandleWritePolicy(roles *auth.Roles) http.HandlerFunc

func LimitRequestBody

func LimitRequestBody(n int64, f http.HandlerFunc) http.HandlerFunc

func RequireMethod

func RequireMethod(method string, f http.HandlerFunc) http.HandlerFunc

func TLSProxy

func TLSProxy(proxy *auth.TLSProxy, f http.HandlerFunc) http.HandlerFunc

TLSProxy returns a handler function that checks if the request has been forwarded by a TLS proxy and, if so, verifies and adjusts the request such that handlers further down the stack can treat it as sent by the actual client.

Therefore, it replaces the proxy certificate in the TLS connection state with the client certificate forwarded by the proxy as part of the request headers.

func ValidatePath

func ValidatePath(apiPattern string, f http.HandlerFunc) http.HandlerFunc

ValidatePath returns an handler function that verifies that the request URL.Path matches apiPattern before calling f. If the path does not match the apiPattern it returns the bad request status code (400) to the client.

ValidatePath uses the standard library path glob matching for pattern matching.