Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrAuthenticationNotFound = errors.New("authentication service not found in context") ErrInvalidToken = errors.New("invalid token") ErrInvalidSource = errors.New("invalid source") ErrInvalidSignature = errors.New("invalid signature") ErrInvalidPermissions = errors.New("invalid permissions") ErrTokenExpired = errors.New("token expired") )
var (
ErrMalformedToken = errors.New("malformed token")
)
Functions ¶
Types ¶
type AuthenticationResult ¶
type AuthenticationResult struct { // Authenticated is true if the token was authenticated. Authenticated bool // Token is the token that was authenticated. Token *Token }
AuthenticationResult is the result of authenticating a token.
type Authorization ¶
type Authorization struct { // Type is the type of authorization, either action or receiver. Type AuthorizationType // Operations is the set of authorized operations. Operations []AuthorizedOperation // Name is the name of the action or receiver. Name string }
Authorization is a set of authorized operations.
type AuthorizationRequest ¶
type AuthorizationRequest struct { // Type is the type of authorization. Type AuthorizationType // Operation is the operation to check. Operation AuthorizedOperation // Name is the name of the action or receiver. Name string }
AuthorizationRequest is a request to check authorization.
type AuthorizationType ¶
type AuthorizationType int
AuthorizationType is the type of authorization.
const ( Action AuthorizationType = iota Receiver )
type AuthorizedOperation ¶
type AuthorizedOperation int
AuthorizedOperation is an operation that is authorized.
const ( Run AuthorizedOperation = iota Publish Subscribe Notify )
type Claims ¶
type Claims struct { AuthorizedNetwork net.IPNet Permitted int32 Authorizations []Authorization Expiry time.Time }
Claims is a set of claims that can be used to issue a token.
func (Claims) IsAuthorized ¶
func (c Claims) IsAuthorized(req AuthorizationRequest) bool
IsAuthorized checks if the claims are authorized for the provided request.
func (Claims) Permissions ¶
func (c Claims) Permissions() permission.Permissions
Permissions returns the permissions of the claims.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
func GetService ¶
GetService returns the authentication service from the context.
func (*Service) Authenticate ¶
func (s *Service) Authenticate(ctx context.Context, tokenStr string, source net.IP) (*AuthenticationResult, error)
Authenticate authenticates a token.
type Token ¶
type Token struct { // Claims is the claims of the token. Claims // Signature is the signature of the token. Signature []byte }
Token is a token that can be used to authenticate a peer.
func CreateToken ¶ added in v0.0.3
CreateToken creates a token with the provided claims and key.
func NewTokenFromString ¶
NewTokenFromString creates a new token from the provided string.
func (*Token) MarshalString ¶
MarshalString marshals the token into a string.
func (*Token) VerifySignature ¶
VerifySignature verifies the signature of the token.