auth

package
v0.2202.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 7, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Overview

Package auth implements gRPC authentication server interceptors.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NoAuth

func NoAuth(ctx context.Context, fullMethodName string, req interface{}) error

NoAuth is a function that does no authentication.

func StreamServerInterceptor

func StreamServerInterceptor(authFunc AuthenticationFunction) grpc.StreamServerInterceptor

StreamServerInterceptor returns an authentication stream server interceptor.

StreamServerInterceptor wraps the incoming server stream and authenticates all received messages.

func UnaryServerInterceptor

func UnaryServerInterceptor(authFunc AuthenticationFunction) grpc.UnaryServerInterceptor

UnaryServerInterceptor returns an authentication unary server interceptor.

Types

type AuthenticationFunction

type AuthenticationFunction func(ctx context.Context, fullMethodName string, req interface{}) error

AuthenticationFunction defines the gRPC server default authentication function. This can be overridden per service by implementing AuthFunc on the gRPC service.

type PeerCertAuthenticator

type PeerCertAuthenticator struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

PeerCertAuthenticator is a server side gRPC authentication function that restricts access to all methods based on the hash of the DER representation of the client certificate presented in the TLS handshake.

func NewPeerCertAuthenticator

func NewPeerCertAuthenticator() *PeerCertAuthenticator

NewPeerCertAuthenticator creates a new (empty) PeerCertAuthenticator.

func (*PeerCertAuthenticator) AllowPeerCertificate

func (auth *PeerCertAuthenticator) AllowPeerCertificate(cert *x509.Certificate)

AllowPeerCertificate allows a peer certificate access.

func (*PeerCertAuthenticator) AuthFunc

func (auth *PeerCertAuthenticator) AuthFunc(ctx context.Context, fullMethodName string, req interface{}) error

AuthFunc is an AuthenticationFunction backed by the PeerCertAuthenticator.

type PeerPubkeyAuthenticator

type PeerPubkeyAuthenticator struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

PeerPubkeyAuthenticator is a server side gRPC authentication function that restricts access to all methods based on the public keys of the client certificate presented in the TLS handshake.

func NewPeerPubkeyAuthenticator

func NewPeerPubkeyAuthenticator() *PeerPubkeyAuthenticator

NewPeerPubkeyAuthenticator creates a new (empty) PeerPubkeyAuthenticator.

func (*PeerPubkeyAuthenticator) AllowPeerPublicKey

func (auth *PeerPubkeyAuthenticator) AllowPeerPublicKey(key signature.PublicKey)

AllowPeerPublicKey allows a peer public key access.

func (*PeerPubkeyAuthenticator) AuthFunc

func (auth *PeerPubkeyAuthenticator) AuthFunc(ctx context.Context, fullMethodName string, req interface{}) error

AuthFunc is an AuthenticationFunction backed by the PeerPubkeyAuthenticator.

type ServerAuth

type ServerAuth interface {
	// AuthFunc is the authentication function. The authentication can be done
	// on the method name, metadata (can be obtained from ctx) and incoming
	// request.
	//
	// Make sure to error with `codes.Unauthenticated` and
	// `codes.PermissionDenied` appropriately.
	AuthFunc(ctx context.Context, fullMethodName string, req interface{}) error
}

ServerAuth interface defines gRPC server authentication interface.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL