security

package
v0.1.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2024 License: MIT Imports: 9 Imported by: 5

Documentation

Overview

Package security implements the functions, types, and interfaces for the module.

Package security implements the functions, types, and interfaces for the module.

Package security is a toolkit for security check and authorization

Package security implements the functions, types, and interfaces for the module.

Package security implements the functions, types, and interfaces for the module.

Package security implements the functions, types, and interfaces for the module.

Package security is a toolkit for security check and authorization

Index

Constants

View Source 
const (
	// HeaderAuthorize is the name of the authorization header.
	HeaderAuthorize = "Authorization"
	// HeaderContentType is the name of the content type header.
	HeaderContentType = "Content-Type"
	// HeaderContentLength is the name of the content length header.
	HeaderContentLength = "Content-Length"
	// HeaderUserAgent is the name of the user agent header.
	HeaderUserAgent = "User-Agent"
	// HeaderReferer is the name of the referer header.
	HeaderReferer = "Referer"
	// HeaderOrigin is the name of the origin header.
	HeaderOrigin = "Origin"
)
View Source 
const (
	// SchemeNTLM represents an NTLM authorization.
	SchemeNTLM = SchemeNegotiate
)
View Source 
const (
	TokenCacheNS = "security:token"
)

Variables

This section is empty.

Functions

func FromToken added in v0.1.8 

func FromToken(ctx context.Context) string

func NewMapCache added in v0.1.10 

func NewMapCache() cache.Cache

func NewToken added in v0.1.8 

func NewToken(ctx context.Context, token string) context.Context

Types

type Authenticator added in v0.1.7 

type Authenticator interface {
	// AuthenticateToken returns a nil error and the AuthClaims info (if available).
	AuthenticateToken(context.Context, string) (Claims, error)
	// AuthenticateTokenContext returns a nil error and the AuthClaims info (if available).
	// if the subject is authenticated or a non-nil error with an appropriate error cause otherwise.
	AuthenticateTokenContext(context.Context, TokenType) (Claims, error)
	// Authenticate validates if a token is valid.
	Authenticate(context.Context, string) (bool, error)
	// AuthenticateContext validates if a token is valid.
	AuthenticateContext(context.Context, TokenType) (bool, error)
	// CreateToken inject user claims into token string.
	CreateToken(context.Context, Claims) (string, error)
	// CreateTokenContext inject user claims into context.
	CreateTokenContext(context.Context, TokenType, Claims) (context.Context, error)
	// DestroyToken invalidate a token by removing it from the token store.
	DestroyToken(context.Context, string) error
	// DestroyTokenContext invalidate a token by removing it from the token store.
	DestroyTokenContext(context.Context, TokenType) error
	// Close Cleans up the authenticator.
	Close()
}

Authenticator interface

type Authorizer added in v0.1.7 

type Authorizer interface {
	Authorized(context.Context, Policy) (bool, error)
}

type Claims added in v0.0.42 

type Claims interface {
	// GetSubject returns the subject of the security
	GetSubject() string
	// GetIssuer returns the issuer of the security
	GetIssuer() string
	// GetAudience returns the audience of the security
	GetAudience() []string
	// GetExpiration returns the expiration time of the security
	GetExpiration() time.Time
	// GetNotBefore returns the time before which the security cannot be accepted
	GetNotBefore() time.Time
	// GetIssuedAt returns the time at which the security was issued
	GetIssuedAt() time.Time
	// GetJWTID returns the unique identifier for the security
	GetJWTID() string
	// GetScopes returns the scopes associated with the security
	GetScopes() map[string]bool
	// GetExtra returns any additional data associated with the security
	GetExtra() map[string]string
}

Claims is an interface that defines the methods that a security claims object should have

type Policy added in v0.1.7 

type Policy interface {
	// GetSubject returns the subject of the policy
	GetSubject() string
	// GetObject returns the object of the policy
	GetObject() string
	// GetAction returns the action of the policy
	GetAction() string
	// GetDomain returns the domain of the policy
	GetDomain() []string
	// GetExtra returns the extra information of the policy
	GetExtra() map[string]string
}

Policy is an interface that defines the methods for a policy

type PolicyChecker added in v0.1.7 

type PolicyChecker interface {
	// CheckPolicy checks if the policy for a given subject, object, action, domain and extra is allowed
	CheckPolicy(Policy) bool
	// CheckPolicyContext checks if the policy for a given subject, object, action
	CheckPolicyContext(context.Context, TokenType, Policy) bool
}

PolicyChecker is an interface that defines the methods for a policy checker

type PolicyManager added in v0.1.7 

type PolicyManager interface {
	// AddPolicy adds a policy for a given subject, object, action, domain and extra
	AddPolicy(sec string, pt string, rule []string) error
	// RemovePolicy removes a policy for a given subject, object, action, domain and extra
	RemovePolicy(sec string, pt string, rule []string) error
	// GetPolicy returns the policy for a given subject, object, action, domain and extra
	GetPolicy(subject string, object string, action string, domain []string, extra map[string]string) Policy
	// SetPolicy sets the policy for a given subject, object, action, domain and extra
	SetPolicy(subject string, object string, action string, domain []string, extra map[string]string)
	// SetPolicies sets the policies for a given context
	SetPolicies(context.Context, map[string]Policy) error
}

PolicyManager is an interface that defines the methods for a policy manager

type Scheme 

type Scheme int

Scheme represents the type of authorization. 

const (
	// SchemeAnonymous represents an anonymous authorization.
	SchemeAnonymous Scheme = iota
	// SchemeBasic represents a basic authorization.
	SchemeBasic
	// SchemeBearer represents a bearer authorization.
	SchemeBearer
	// SchemeDigest represents a digest authorization.
	SchemeDigest
	// SchemeHOBA represents a HTTP Origin-Bound Authentication (HOBA) authorization.
	SchemeHOBA
	// SchemeMutual represents a mutual authentication.
	SchemeMutual
	// SchemeNegotiate represents a negotiate authorization.
	SchemeNegotiate
	// SchemeVapid represents a VAPID authorization.
	SchemeVapid
	// SchemeSCRAM represents a SCRAM authorization.
	SchemeSCRAM
	// SchemeAWS4HMAC256 represents an AWS4-HMAC-SHA256 authorization.
	SchemeAWS4HMAC256
	// SchemeDPoP represents a DPoP authorization.
	SchemeDPoP
	// SchemeGNAP represents a GNAP authorization.
	SchemeGNAP
	// SchemePrivate represents a private authorization.
	SchemePrivate
	// SchemeOAuth represents an OAuth authorization.
	SchemeOAuth
	// SchemeUnknown represents an unknown authorization.
	SchemeUnknown
	SchemeMax
)

func (Scheme) Equal added in v0.1.9 

func (t Scheme) Equal(other string) bool

func (Scheme) Lower added in v0.1.9 

func (t Scheme) Lower() string

Lower returns the lowercase string representation of the Type.

func (Scheme) String 

func (i Scheme) String() string

type Serializer added in v0.1.7 

type Serializer interface {
	// Serialize serializes the given data into a byte slice
	Serialize(ctx context.Context, data Claims) ([]byte, error)
	// Deserialize deserializes the given byte slice into the given data
	Deserialize(ctx context.Context, data []byte) (Claims, error)
}

Serializer is an interface that defines the methods for a serializer

type StorageSetting added in v0.0.42 

type StorageSetting = func(*tokenCacheService)

func WithCache added in v0.0.42 

func WithCache(c cache.Cache) StorageSetting

func WithNamespace added in v0.0.42 

func WithNamespace(ns string) StorageSetting

type TokenCacheService added in v0.1.10 

type TokenCacheService interface {
	// Store stores the token with a specific expiration time to TokenCacheService
	Store(context.Context, string, time.Duration) error
	// Validate checks if the token exists in the TokenCacheService
	Validate(context.Context, string) (bool, error)
	// Remove deletes the token from the TokenCacheService
	Remove(context.Context, string) error
	// Close closes the TokenCacheService
	Close(context.Context) error
}

TokenCacheService is the interface that TokenCacheService the token.

func DefaultTokenCacheService added in v0.1.10 

func DefaultTokenCacheService(ss ...StorageSetting) TokenCacheService

DefaultTokenCacheService creates a new tokenCacheService with a c and optional StoreOptions

type TokenType 

type TokenType int

TokenType represents the type of token. 

const (
	// ContextTypeContext represents the context type for the context.
	ContextTypeContext TokenType = iota
	// ContextTypeHeader represents the context type for the header.
	ContextTypeHeader
	// ContentTypeMetadata represents the context type for the metadata.
	ContentTypeMetadata
	// ContextTypeQuery represents the context type for the query.
	ContextTypeQuery
	// ContextTypeCookie represents the context type for the cookie.
	ContextTypeCookie
	// ContextTypeParam represents the context type for the parameter.
	ContextTypeParam
	// ContextTypeForm represents the context type for the form.
	ContextTypeForm
	// ContextTypeBody represents the context type for the body.
	ContextTypeBody
	// ContextTypeSession represents the context type for the session.
	ContextTypeSession
	// ContextTypeUnknown represents an unknown context type.
	ContextTypeUnknown
)

ContextType constants represent the different types of context.

type UnimplementedClaims added in v0.1.7 

type UnimplementedClaims struct {
}

UnimplementedClaims is a struct that implements the Claims interface

func (UnimplementedClaims) GetAudience added in v0.1.7 

func (u UnimplementedClaims) GetAudience() []string

GetAudience returns an empty slice

func (UnimplementedClaims) GetExpiration added in v0.1.7 

func (u UnimplementedClaims) GetExpiration() time.Time

GetExpiration returns the current time

func (UnimplementedClaims) GetExtra added in v0.1.7 

func (u UnimplementedClaims) GetExtra() map[string]string

GetExtra returns an empty map

func (UnimplementedClaims) GetIssuedAt added in v0.1.7 

func (u UnimplementedClaims) GetIssuedAt() time.Time

GetIssuedAt returns the current time

func (UnimplementedClaims) GetIssuer added in v0.1.7 

func (u UnimplementedClaims) GetIssuer() string

GetIssuer returns an empty string

func (UnimplementedClaims) GetJwtID added in v0.1.7 

func (u UnimplementedClaims) GetJwtID() string

GetJwtID returns an empty string

func (UnimplementedClaims) GetNotBefore added in v0.1.7 

func (u UnimplementedClaims) GetNotBefore() time.Time

GetNotBefore returns the current time

func (UnimplementedClaims) GetScopes added in v0.1.7 

func (u UnimplementedClaims) GetScopes() map[string]bool

GetScopes returns an empty map

func (UnimplementedClaims) GetSubject added in v0.1.7 

func (u UnimplementedClaims) GetSubject() string

GetSubject returns an empty string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.