Documentation ¶
Overview ¶
Package security implements the functions, types, and interfaces for the module.
Package security implements the functions, types, and interfaces for the module.
Package security implements the functions, types, and interfaces for the module.
Package security implements the functions, types, and interfaces for the module.
Package security implements the functions, types, and interfaces for the module.
Package security implements the functions, types, and interfaces for the module.
Index ¶
- Constants
- Variables
- func ClaimFromTokenTypeContext(ctx context.Context, tokenType security.TokenType) (security.Claims, error)
- func ClaimsFromContext(ctx context.Context) security.Claims
- func FromMetaData(key string) func(ctx context.Context) string
- func FromMetaDataKey(ctx context.Context, key string) string
- func FromTransportClient(authorize string, scheme string) func(ctx context.Context) string
- func FromTransportServer(authorize string, scheme string) func(ctx context.Context) string
- func IsSkipped(ctx context.Context, key string) bool
- func NewAuthN(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
- func NewAuthNClient(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
- func NewAuthNServer(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
- func NewAuthZ(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
- func NewAuthZClient(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
- func NewAuthZServer(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
- func NewClaimsContext(ctx context.Context, claims security.Claims) context.Context
- func NewSkipContext(ctx context.Context) context.Context
- func NewTokenContext(ctx context.Context, token string) context.Context
- func NewUserClaimsContext(ctx context.Context, claims security.UserClaims) context.Context
- func SkipFromContext(ctx context.Context) bool
- func SkipperServer(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, bool)
- func TokenFromContext(ctx context.Context) string
- func TokenFromTypeContext(ctx context.Context, tokenType security.TokenType, scheme string) (string, error)
- func TokenToTypeContext(ctx context.Context, tokenType security.TokenType, scheme string, token string) context.Context
- func UserClaimsFromContext(ctx context.Context) security.UserClaims
- func UserClaimsFromMetaData(ctx context.Context, key string) string
- func UserClaimsToMetaData(ctx context.Context, key string, value string) context.Context
- func WithSkipContextClient(ctx context.Context, key string) context.Context
- func WithSkipContextServer(ctx context.Context, key string) context.Context
- type Option
- type OptionSetting
- func WithAuthenticator(authenticator security.Authenticator) OptionSetting
- func WithAuthorizer(authorizer security.Authorizer) OptionSetting
- func WithConfig(cfg *configv1.Security) OptionSetting
- func WithSkipKey(key string) OptionSetting
- func WithSkipper(paths ...string) OptionSetting
- func WithTokenKey(key string) OptionSetting
- func WithTokenParser(parser func(ctx context.Context) string) OptionSetting
- type ResponseWriter
- type TokenParser
Constants ¶
const ( MetadataAuthZ = "x-md-global-security-authz" MetadataAuthN = "x-md-global-security-authn" )
const ( // MetadataSecurityTokenKey is the default token key. MetadataSecurityTokenKey = "x-md-global-security-token-key" // MetadataSecuritySkipKey is the default skip key. MetadataSecuritySkipKey = "x-md-global-security-skip-key" )
const ( StringBoolTrue = "true" StringBoolFalse = "false" )
const (
ErrorCreateOptionNil = errors.String("authenticator middleware create failed: option is nil")
)
Variables ¶
var ( ErrInvalidToken = securityv1.ErrorSecurityErrorReasonBearerTokenMissing("bearer token missing") ErrInvalidClaims = securityv1.ErrorSecurityErrorReasonInvalidClaims("invalid bearer token") ErrMissingClaims = securityv1.ErrorSecurityErrorReasonInvalidClaims("missing scheme") ErrMissingToken = securityv1.ErrorSecurityErrorReasonBearerTokenMissing("bearer token missing") ErrInvalidAuthentication = securityv1.ErrorSecurityErrorReasonInvalidAuthentication("unauthenticated") ErrInvalidAuthorization = securityv1.ErrorSecurityErrorReasonInvalidAuthorization("unauthorized") )
Functions ¶
func FromTransportClient ¶
func FromTransportServer ¶
func NewAuthN ¶
func NewAuthN(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
NewAuthN is a server authenticator middleware.
func NewAuthNClient ¶
func NewAuthNClient(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
NewAuthNClient is a client authenticator middleware.
func NewAuthNServer ¶
func NewAuthNServer(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
NewAuthNServer is a server authenticator middleware.
func NewAuthZ ¶
func NewAuthZ(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
NewAuthZ returns a new server middleware.
func NewAuthZClient ¶
func NewAuthZClient(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
NewAuthZClient returns a new server middleware.
func NewAuthZServer ¶
func NewAuthZServer(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, error)
NewAuthZServer returns a new server middleware.
func NewClaimsContext ¶
func NewUserClaimsContext ¶
func SkipFromContext ¶
func SkipperServer ¶ added in v0.1.26
func SkipperServer(cfg *configv1.Security, ss ...OptionSetting) (middleware.Middleware, bool)
SkipperServer returns a middleware that skips certain operations based on the provided configuration. It takes a Security configuration and a variable number of OptionSettings. If the Skipper is not configured, it returns nil and false.
func TokenFromContext ¶
func TokenFromTypeContext ¶
func TokenFromTypeContext(ctx context.Context, tokenType security.TokenType, scheme string) (string, error)
TokenFromTypeContext .
func TokenToTypeContext ¶
func TokenToTypeContext(ctx context.Context, tokenType security.TokenType, scheme string, token string) context.Context
TokenToTypeContext .
func UserClaimsFromContext ¶
func UserClaimsFromContext(ctx context.Context) security.UserClaims
func UserClaimsToMetaData ¶
func WithSkipContextClient ¶
Types ¶
type Option ¶
type Option struct { // Authorizer is the authorizer used to authorize the request. Authorizer security.Authorizer // Authenticator is the authenticator used to authenticate the request. Authenticator security.Authenticator // Serializer is the serializer used to serialize the claims. Serializer security.Serializer // TokenKey is the key used to store the token in the context. TokenKey string // Scheme is the scheme used for the authorization header. Scheme string // HeaderAuthorize is the name of the authorization header. HeaderAuthorize string // SkipKey is the key used to skip authentication. SkipKey string // PublicPaths are the public paths that do not require authentication. PublicPaths []string // TokenParser is the parser used to parse the token from the context. TokenParser func(ctx context.Context) string // Parser is the parser used to parse the user claims. Parser security.UserClaimsParser // Skipper is the function used to skip authentication. Skipper func(string) bool // IsRoot is the function used to check if the request is root. IsRoot func(ctx context.Context, claims security.Claims) bool }
Option is a struct that contains the settings for the security middleware.
func (*Option) ApplyDefaults ¶
func (o *Option) ApplyDefaults()
ApplyDefaults applies the default settings to the option.
func (*Option) ParserUserClaims ¶
func (o *Option) ParserUserClaims(ctx context.Context, claims security.Claims) (security.UserClaims, error)
ParserUserClaims parses the user claims from the context.
type OptionSetting ¶
type OptionSetting = func(option *Option)
OptionSetting is a function that sets an option.
func WithAuthenticator ¶
func WithAuthenticator(authenticator security.Authenticator) OptionSetting
WithAuthenticator sets the authenticator.
func WithAuthorizer ¶
func WithAuthorizer(authorizer security.Authorizer) OptionSetting
WithAuthorizer sets the authorizer.
func WithConfig ¶
func WithConfig(cfg *configv1.Security) OptionSetting
WithConfig sets the configuration.
func WithSkipper ¶
func WithSkipper(paths ...string) OptionSetting
WithSkipper sets the public paths.
func WithTokenParser ¶
func WithTokenParser(parser func(ctx context.Context) string) OptionSetting
WithTokenParser sets the token parser.
type ResponseWriter ¶
ResponseWriter is a function that writes a response to the http.ResponseWriter.