Documentation
¶
Overview ¶
Package security implements the functions, types, and interfaces for the module.
Package security implements the functions, types, and interfaces for the module.
Package security is a toolkit for security check and authorization ¶
Package security implements the functions, types, and interfaces for the module.
Package security is a package that provides security-related functions and types.
Package security provides interfaces and types for security-related operations ¶
Package security implements the functions, types, and interfaces for the module.
Package security is a toolkit for security check and authorization
Index ¶
- Constants
- func ContextIsRoot(ctx context.Context) bool
- func FromToken(ctx context.Context) string
- func NewToken(ctx context.Context, token string) context.Context
- func WithRootContext(ctx context.Context) context.Context
- type Authenticator
- type Authorizer
- type Claims
- type PolicyManager
- type Scheme
- type Serializer
- type StorageSetting
- type TokenService
- type TokenType
- type UnimplementedClaims
- func (u UnimplementedClaims) GetAudience() []string
- func (u UnimplementedClaims) GetExpiration() time.Time
- func (u UnimplementedClaims) GetExtra() map[string]string
- func (u UnimplementedClaims) GetIssuedAt() time.Time
- func (u UnimplementedClaims) GetIssuer() string
- func (u UnimplementedClaims) GetJWTID() string
- func (u UnimplementedClaims) GetJwtID() string
- func (u UnimplementedClaims) GetNotBefore() time.Time
- func (u UnimplementedClaims) GetScopes() map[string]bool
- func (u UnimplementedClaims) GetSubject() string
- type UnimplementedUserClaims
- func (u UnimplementedUserClaims) GetAction() string
- func (u UnimplementedUserClaims) GetClaims() Claims
- func (u UnimplementedUserClaims) GetDomain() string
- func (u UnimplementedUserClaims) GetExtra() map[string]string
- func (u UnimplementedUserClaims) GetObject() string
- func (u UnimplementedUserClaims) GetSubject() string
- func (u UnimplementedUserClaims) IsRoot() bool
- type UserClaims
- type UserClaimsParser
Constants ¶
View Source
const ( // HeaderAuthorize is the name of the authorization header. HeaderAuthorize = "Authorization" // HeaderContentType is the name of the content type header. HeaderContentType = "Content-Type" // HeaderContentLength is the name of the content length header. HeaderContentLength = "Content-Length" // HeaderUserAgent is the name of the user agent header. HeaderUserAgent = "User-Agent" // HeaderReferer is the name of the referer header. HeaderReferer = "Referer" // HeaderOrigin is the name of the origin header. HeaderOrigin = "Origin" )
View Source
const ( // SchemeNTLM represents an NTLM authorization. SchemeNTLM = SchemeNegotiate )
View Source
const (
TokenCacheNS = "security:token"
)
Variables ¶
This section is empty.
Functions ¶
func ContextIsRoot ¶ added in v0.1.23
Types ¶
type Authenticator ¶ added in v0.1.7
type Authenticator interface {
// CreateIdentityClaims creates a new identity claims. bool true is for refresh token
CreateIdentityClaims(context.Context, string, bool) (Claims, error)
// CreateIdentityClaimsContext creates a new identity.It should be used when a new user is created.
CreateIdentityClaimsContext(context.Context, TokenType, string) (context.Context, error)
// Authenticate returns a nil error and the AuthClaims info (if available).
Authenticate(context.Context, string) (Claims, error)
// AuthenticateContext returns a nil error and the AuthClaims info (if available).
// if the subject is authenticated or a non-nil error with an appropriate error cause otherwise.
AuthenticateContext(context.Context, TokenType) (Claims, error)
// Verify validates if a token is valid.
Verify(context.Context, string) (bool, error)
// VerifyContext validates if a token is valid.
VerifyContext(context.Context, TokenType) (bool, error)
// CreateToken inject user claims into token string.
CreateToken(context.Context, Claims) (string, error)
// CreateTokenContext inject user claims into context.
CreateTokenContext(context.Context, TokenType, Claims) (context.Context, error)
// DestroyToken invalidate a token by removing it from the token store.
DestroyToken(context.Context, string) error
// DestroyTokenContext invalidate a token by removing it from the token store.
DestroyTokenContext(context.Context, TokenType) error
// Close Cleans up the authenticator.
Close(context.Context) error
}
Authenticator interface
type Authorizer ¶ added in v0.1.7
type Authorizer interface {
// SetPolicies sets the policies for a given context.
// It takes a context, a map of policies, and a map of roles as input.
// It returns an error if the policies cannot be set.
SetPolicies(ctx context.Context, policies map[string]any, roles map[string]any) error
// Authorized checks if a user is authorized to perform an action.
// It takes a context and a UserClaims object as input.
// It returns a boolean indicating whether the user is authorized and an error if the check fails.
Authorized(ctx context.Context, claims UserClaims) (bool, error)
}
Authorizer is an interface that defines the methods for an authorizer. It is used to manage policies and check authorization.
type Claims ¶ added in v0.0.42
type Claims interface {
// GetSubject returns the subject of the security
GetSubject() string
// GetIssuer returns the issuer of the security
GetIssuer() string
// GetAudience returns the audience of the security
GetAudience() []string
// GetExpiration returns the expiration time of the security
GetExpiration() time.Time
// GetNotBefore returns the time before which the security cannot be accepted
GetNotBefore() time.Time
// GetIssuedAt returns the time at which the security was issued
GetIssuedAt() time.Time
// GetJWTID returns the unique identifier for the security
GetJWTID() string
// GetScopes returns the scopes associated with the security
GetScopes() map[string]bool
// GetExtra returns any additional data associated with the security
GetExtra() map[string]string
}
Claims is an interface that defines the methods that a security claims object should have
type PolicyManager ¶ added in v0.1.7
type PolicyManager interface {
// AddPolicy adds a policy for a given subject, object, action, domain
AddPolicy(sec string, pt string, rule []string) error
// RemovePolicy removes a policy for a given subject, object, action, domain
RemovePolicy(sec string, pt string, rule []string) error
// SetPolicies sets the policies for a given context
SetPolicies(context.Context, map[string]any) error
}
PolicyManager is an interface that defines the methods for a policy manager
type Scheme ¶
type Scheme int
Scheme represents the type of authorization.
const ( // SchemeAnonymous represents an anonymous authorization. SchemeAnonymous Scheme = iota // SchemeBasic represents a basic authorization. SchemeBasic // SchemeBearer represents a bearer authorization. SchemeBearer // SchemeDigest represents a digest authorization. SchemeDigest // SchemeHOBA represents a HTTP Origin-Bound Authentication (HOBA) authorization. SchemeHOBA // SchemeMutual represents a mutual authentication. SchemeMutual // SchemeNegotiate represents a negotiate authorization. SchemeNegotiate // SchemeVapid represents a VAPID authorization. SchemeVapid // SchemeSCRAM represents a SCRAM authorization. SchemeSCRAM // SchemeAWS4HMAC256 represents an AWS4-HMAC-SHA256 authorization. SchemeAWS4HMAC256 // SchemeDPoP represents a DPoP authorization. SchemeDPoP // SchemeGNAP represents a GNAP authorization. SchemeGNAP // SchemePrivate represents a private authorization. SchemePrivate // SchemeOAuth represents an OAuth authorization. SchemeOAuth // SchemeUnknown represents an unknown authorization. SchemeUnknown SchemeMax )
type Serializer ¶ added in v0.1.7
type Serializer interface {
// Serialize serializes the given data into a byte slice
Serialize(ctx context.Context, data Claims) ([]byte, error)
// Deserialize deserializes the given byte slice into the given data
Deserialize(ctx context.Context, data []byte) (Claims, error)
}
Serializer is an interface that defines the methods for a serializer
type StorageSetting ¶ added in v0.0.42
type StorageSetting = func(*tokenService)
func WithCache ¶ added in v0.0.42
func WithCache(c cache.Cache) StorageSetting
func WithNamespace ¶ added in v0.0.42
func WithNamespace(ns string) StorageSetting
type TokenService ¶ added in v0.1.28
type TokenService interface {
// Store stores the token with a specific expiration time to TokenService
Store(context.Context, string, time.Duration) error
// Validate checks if the token exists in the TokenService
Validate(context.Context, string) (bool, error)
// Remove deletes the token from the TokenService
Remove(context.Context, string) error
// Close closes the TokenService
Close(context.Context) error
}
TokenService is the interface that TokenService the token.
func DefaultTokenService ¶ added in v0.1.28
func DefaultTokenService(ss ...StorageSetting) TokenService
DefaultTokenService creates a new tokenService with a c and optional StoreOptions
type TokenType ¶
type TokenType int
TokenType represents the type of token.
const ( // ContextTypeContext represents the context type for the context. ContextTypeContext TokenType = iota // ContextTypeHeader represents the context type for the header. ContextTypeHeader // ContextTypeMetadata represents the context type for the metadata. ContextTypeMetadata // ContextTypeQuery represents the context type for the query. ContextTypeQuery // ContextTypeCookie represents the context type for the cookie. ContextTypeCookie // ContextTypeParam represents the context type for the parameter. ContextTypeParam // ContextTypeForm represents the context type for the form. ContextTypeForm // ContextTypeBody represents the context type for the body. ContextTypeBody // ContextTypeSession represents the context type for the session. ContextTypeSession // ContextTypeUnknown represents an unknown context type. ContextTypeUnknown )
ContextType constants represent the different types of context.
type UnimplementedClaims ¶ added in v0.1.7
type UnimplementedClaims struct {
}
UnimplementedClaims is a struct that implements the Claims interface
func (UnimplementedClaims) GetAudience ¶ added in v0.1.7
func (u UnimplementedClaims) GetAudience() []string
GetAudience returns an empty slice
func (UnimplementedClaims) GetExpiration ¶ added in v0.1.7
func (u UnimplementedClaims) GetExpiration() time.Time
GetExpiration returns the current time
func (UnimplementedClaims) GetExtra ¶ added in v0.1.7
func (u UnimplementedClaims) GetExtra() map[string]string
GetExtra returns an empty map
func (UnimplementedClaims) GetIssuedAt ¶ added in v0.1.7
func (u UnimplementedClaims) GetIssuedAt() time.Time
GetIssuedAt returns the current time
func (UnimplementedClaims) GetIssuer ¶ added in v0.1.7
func (u UnimplementedClaims) GetIssuer() string
GetIssuer returns an empty string
func (UnimplementedClaims) GetJWTID ¶ added in v0.1.23
func (u UnimplementedClaims) GetJWTID() string
func (UnimplementedClaims) GetJwtID ¶ added in v0.1.7
func (u UnimplementedClaims) GetJwtID() string
GetJwtID returns an empty string
func (UnimplementedClaims) GetNotBefore ¶ added in v0.1.7
func (u UnimplementedClaims) GetNotBefore() time.Time
GetNotBefore returns the current time
func (UnimplementedClaims) GetScopes ¶ added in v0.1.7
func (u UnimplementedClaims) GetScopes() map[string]bool
GetScopes returns an empty map
func (UnimplementedClaims) GetSubject ¶ added in v0.1.7
func (u UnimplementedClaims) GetSubject() string
GetSubject returns an empty string
type UnimplementedUserClaims ¶ added in v0.1.23
type UnimplementedUserClaims struct {
}
func (UnimplementedUserClaims) GetAction ¶ added in v0.1.23
func (u UnimplementedUserClaims) GetAction() string
func (UnimplementedUserClaims) GetClaims ¶ added in v0.1.23
func (u UnimplementedUserClaims) GetClaims() Claims
func (UnimplementedUserClaims) GetDomain ¶ added in v0.1.23
func (u UnimplementedUserClaims) GetDomain() string
func (UnimplementedUserClaims) GetExtra ¶ added in v0.1.23
func (u UnimplementedUserClaims) GetExtra() map[string]string
func (UnimplementedUserClaims) GetObject ¶ added in v0.1.23
func (u UnimplementedUserClaims) GetObject() string
func (UnimplementedUserClaims) GetSubject ¶ added in v0.1.23
func (u UnimplementedUserClaims) GetSubject() string
func (UnimplementedUserClaims) IsRoot ¶ added in v0.1.23
func (u UnimplementedUserClaims) IsRoot() bool
type UserClaims ¶ added in v0.1.14
type UserClaims interface {
// GetSubject returns the subject of the casbin policy
GetSubject() string
// GetObject returns the object of the casbin policy
GetObject() string
// GetAction returns the action of the casbin policy
GetAction() string
// GetDomain returns the domain of the casbin policy
GetDomain() string
// GetClaims returns the claims of the casbin policy
GetClaims() Claims
// GetExtra returns the extra information of the casbin policy
GetExtra() map[string]string
}
UserClaims is an interface that defines the methods for a casbin policy
type UserClaimsParser ¶ added in v0.1.14
type UserClaimsParser func(ctx context.Context, claims Claims) (UserClaims, error)
UserClaimsParser is an interface that defines the methods for a user claims parser
Source Files
Click to show internal directories.
Click to hide internal directories.