auth

package
v0.2200.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package auth implements gRPC authentication server interceptors.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NoAuth 

func NoAuth(ctx context.Context, fullMethodName string, req interface{}) error

NoAuth is a function that does no authentication.

func StreamServerInterceptor 

func StreamServerInterceptor(authFunc AuthenticationFunction) grpc.StreamServerInterceptor

StreamServerInterceptor returns an authentication stream server interceptor.

StreamServerInterceptor wraps the incoming server stream and authenticates all received messages.

func UnaryServerInterceptor 

func UnaryServerInterceptor(authFunc AuthenticationFunction) grpc.UnaryServerInterceptor

UnaryServerInterceptor returns an authentication unary server interceptor.

Types

type AuthenticationFunction 

type AuthenticationFunction func(ctx context.Context, fullMethodName string, req interface{}) error

AuthenticationFunction defines the gRPC server default authentication function. This can be overridden per service by implementing AuthFunc on the gRPC service.

type PeerCertAuthenticator 

type PeerCertAuthenticator struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

PeerCertAuthenticator is a server side gRPC authentication function that restricts access to all methods based on the hash of the DER representation of the client certificate presented in the TLS handshake.

func NewPeerCertAuthenticator 

func NewPeerCertAuthenticator() *PeerCertAuthenticator

NewPeerCertAuthenticator creates a new (empty) PeerCertAuthenticator.

func (*PeerCertAuthenticator) AllowPeerCertificate 

func (auth *PeerCertAuthenticator) AllowPeerCertificate(cert *x509.Certificate)

AllowPeerCertificate allows a peer certificate access.

func (*PeerCertAuthenticator) AuthFunc 

func (auth *PeerCertAuthenticator) AuthFunc(ctx context.Context, fullMethodName string, req interface{}) error

AuthFunc is an AuthenticationFunction backed by the PeerCertAuthenticator.

type PeerPubkeyAuthenticator 

type PeerPubkeyAuthenticator struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

PeerPubkeyAuthenticator is a server side gRPC authentication function that restricts access to all methods based on the public keys of the client certificate presented in the TLS handshake.

func NewPeerPubkeyAuthenticator 

func NewPeerPubkeyAuthenticator() *PeerPubkeyAuthenticator

NewPeerPubkeyAuthenticator creates a new (empty) PeerPubkeyAuthenticator.

func (*PeerPubkeyAuthenticator) AllowPeerPublicKey 

func (auth *PeerPubkeyAuthenticator) AllowPeerPublicKey(key signature.PublicKey)

AllowPeerPublicKey allows a peer public key access.

func (*PeerPubkeyAuthenticator) AuthFunc 

func (auth *PeerPubkeyAuthenticator) AuthFunc(ctx context.Context, fullMethodName string, req interface{}) error

AuthFunc is an AuthenticationFunction backed by the PeerPubkeyAuthenticator.

type ServerAuth 

type ServerAuth interface {
	// AuthFunc is the authentication function. The authentication can be done
	// on the method name, metadata (can be obtained from ctx) and incoming
	// request.
	//
	// Make sure to error with `codes.Unauthenticated` and
	// `codes.PermissionDenied` appropriately.
	AuthFunc(ctx context.Context, fullMethodName string, req interface{}) error
}

ServerAuth interface defines gRPC server authentication interface.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.