authorize

package
v1.14.2-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 9, 2024 License: Apache-2.0 Imports: 15 Imported by: 27

README

We need a RemoveAuthz (to delete authz tokens before sending downstream) and an AddAuthz (to set authz tokens before returning upstream)

Documentation

Overview

Package authorize provides authz checks for incoming or returning connections.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewClient

func NewClient(opts ...Option) networkservice.NetworkServiceClient

NewClient - returns a new authorization networkservicemesh.NetworkServiceClient Authorize client checks rigiht side of path.

func NewServer

func NewServer(opts ...Option) networkservice.NetworkServiceServer

NewServer - returns a new authorization networkservicemesh.NetworkServiceServers Authorize server checks left side of Path.

Types

type Option

type Option func(*options)

Option is authorization option for network service server

func Any

func Any() Option

Any authorizes any call of request/close

func WithPolicies

func WithPolicies(policyPaths ...string) Option

WithPolicies sets custom policies for networkservice. policyPaths can be combination of both policy files and dirs with policies

func WithSpiffeIDConnectionMap added in v1.5.0

func WithSpiffeIDConnectionMap(s *genericsync.Map[spiffeid.ID, *genericsync.Map[string, struct{}]]) Option

WithSpiffeIDConnectionMap sets map to keep spiffeIDConnectionMap to authorize connections with MonitorConnectionServer

type Policy

type Policy interface {
	// Name returns policy name
	Name() string
	// Check checks authorization
	Check(ctx context.Context, input interface{}) error
}

Policy represents authorization policy for network service.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL