opa

package
v1.4.0-rc.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 3, 2022 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package opa provides of utilities for using OPA

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PreparedOpaInput

func PreparedOpaInput(ctx context.Context, model interface{}) (map[string]interface{}, error)

PreparedOpaInput - converts model to map. It also puts auth_info in root of the map if it is presented in context.

Types

type AuthorizationPolicy

type AuthorizationPolicy struct {
	// contains filtered or unexported fields
}

AuthorizationPolicy checks that passed tokens are valid

func WithNextTokenSignedPolicy added in v1.1.0

func WithNextTokenSignedPolicy() *AuthorizationPolicy

WithNextTokenSignedPolicy returns default policy for checking that last token in path is signed.

func WithPolicyFromFile

func WithPolicyFromFile(path, query string, checkQuery CheckQueryFunc) *AuthorizationPolicy

WithPolicyFromFile creates custom policy based on rego source file

func WithPolicyFromSource

func WithPolicyFromSource(source, query string, checkQuery CheckQueryFunc) *AuthorizationPolicy

WithPolicyFromSource creates custom policy based on rego source code

func WithPrevTokenSignedPolicy added in v1.1.0

func WithPrevTokenSignedPolicy() *AuthorizationPolicy

WithPrevTokenSignedPolicy returns default policy for checking that last token in path is signed.

func WithTokenChainPolicy

func WithTokenChainPolicy() *AuthorizationPolicy

WithTokenChainPolicy returns default policy for checking tokens chain in path

func WithTokensExpiredPolicy

func WithTokensExpiredPolicy() *AuthorizationPolicy

WithTokensExpiredPolicy returns default policy for checking tokens expiration

func WithTokensValidPolicy added in v1.1.0

func WithTokensValidPolicy() *AuthorizationPolicy

WithTokensValidPolicy returns default policy for checking that all tokens in the path can be decoded.

func (*AuthorizationPolicy) Check

func (d *AuthorizationPolicy) Check(ctx context.Context, model interface{}) error

Check returns nil if passed tokens are valid

type CheckAccessFunc

type CheckAccessFunc func(result rego.ResultSet) (bool, error)

CheckAccessFunc checks rego result. Returns bool flag that means access. Returns error if something was wrong

func False

func False(query string) CheckAccessFunc

False is default access checker, returns true if in the result set of rego exist query and it has false value

func True

func True(query string) CheckAccessFunc

True is default access checker, returns true if in the result set of rego exist query and it has true value

type CheckQueryFunc

type CheckQueryFunc func(string) CheckAccessFunc

CheckQueryFunc converts query string to CheckAccessFunc function

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL