auth

package
v1.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 4, 2023 License: Apache-2.0, BSD-2-Clause, BSD-3-Clause, + 3 more Imports: 9 Imported by: 9

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// Slots store slots
	Slots = map[string]AuthServer{}
)

Functions

func Initialize

func Initialize(ctx context.Context, authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error

Initialize 初始化

func RegisterAuthServer

func RegisterAuthServer(s AuthServer) error

RegisterAuthServer 注册一个新的 AuthManager

Types

type AuthChecker

type AuthChecker interface {
	// Initialize 执行初始化动作
	Initialize(options *Config, storage store.Store, cacheMgn *cache.CacheManager) error
	// VerifyCredential 验证令牌
	VerifyCredential(preCtx *model.AcquireContext) error
	// CheckClientPermission 执行检查客户端动作判断是否有权限,并且对 RequestContext 注入操作者数据
	CheckClientPermission(preCtx *model.AcquireContext) (bool, error)
	// CheckConsolePermission 执行检查控制台动作判断是否有权限,并且对 RequestContext 注入操作者数据
	CheckConsolePermission(preCtx *model.AcquireContext) (bool, error)
	// IsOpenConsoleAuth 返回是否开启了操作鉴权,可以用于前端查询
	IsOpenConsoleAuth() bool
	// IsOpenClientAuth
	IsOpenClientAuth() bool
}

AuthChecker 权限管理通用接口定义

type AuthServer

type AuthServer interface {
	// Initialize 初始化
	Initialize(authOpt *Config, storage store.Store, cacheMgn *cache.CacheManager) error

	// Name 获取服务名称
	Name() string

	// GetAuthChecker 获取鉴权检查器
	GetAuthChecker() AuthChecker

	// AfterResourceOperation 操作完资源的后置处理逻辑
	AfterResourceOperation(afterCtx *model.AcquireContext) error

	// Login 登录动作
	Login(req *apisecurity.LoginRequest) *apiservice.Response

	// UserOperator 用户操作
	UserOperator

	// GroupOperator 组操作
	GroupOperator

	// StrategyOperator 策略操作
	StrategyOperator
}

AuthServer 鉴权 Server

func GetAuthServer

func GetAuthServer() (AuthServer, error)

GetAuthServer 获取一个 AuthManager

func TestInitialize

func TestInitialize(_ context.Context, authOpt *Config, storage store.Store,
	cacheMgn *cache.CacheManager) (AuthServer, error)

TestInitialize 包裹了初始化函数,在 Initialize 的时候会在自动调用,全局初始化一次

type Config

type Config struct {
	Name   string
	Option map[string]interface{}
}

Config 鉴权能力的相关配置参数

type GroupOperator

type GroupOperator interface {
	// CreateGroup 创建用户组
	CreateGroup(ctx context.Context, group *apisecurity.UserGroup) *apiservice.Response

	// UpdateGroups 更新用户组
	UpdateGroups(ctx context.Context, groups []*apisecurity.ModifyUserGroup) *apiservice.BatchWriteResponse

	// DeleteGroups 批量删除用户组
	DeleteGroups(ctx context.Context, group []*apisecurity.UserGroup) *apiservice.BatchWriteResponse

	// GetGroups 查询用户组列表(不带用户详细信息)
	GetGroups(ctx context.Context, query map[string]string) *apiservice.BatchQueryResponse

	// GetGroup 根据用户组信息,查询该用户组下的用户相信
	GetGroup(ctx context.Context, req *apisecurity.UserGroup) *apiservice.Response

	// GetGroupToken 获取用户组的 token
	GetGroupToken(ctx context.Context, group *apisecurity.UserGroup) *apiservice.Response

	// UpdateGroupToken 取消用户组的 token 使用
	UpdateGroupToken(ctx context.Context, group *apisecurity.UserGroup) *apiservice.Response

	// ResetGroupToken 重置用户组的 token
	ResetGroupToken(ctx context.Context, group *apisecurity.UserGroup) *apiservice.Response
}

GroupOperator 用户组相关操作

type StrategyOperator

type StrategyOperator interface {

	// CreateStrategy 创建策略
	CreateStrategy(ctx context.Context, strategy *apisecurity.AuthStrategy) *apiservice.Response

	// UpdateStrategies 批量更新策略
	UpdateStrategies(ctx context.Context, reqs []*apisecurity.ModifyAuthStrategy) *apiservice.BatchWriteResponse

	// DeleteStrategies 删除策略
	DeleteStrategies(ctx context.Context, reqs []*apisecurity.AuthStrategy) *apiservice.BatchWriteResponse

	// GetStrategies 获取资源列表
	// support 1. 支持按照 principal-id + principal-role 进行查询
	// support 2. 支持普通的鉴权策略查询
	GetStrategies(ctx context.Context, query map[string]string) *apiservice.BatchQueryResponse

	// GetStrategy 获取策略详细
	GetStrategy(ctx context.Context, strategy *apisecurity.AuthStrategy) *apiservice.Response

	// GetPrincipalResources 获取某个 principal 的所有可操作资源列表
	GetPrincipalResources(ctx context.Context, query map[string]string) *apiservice.Response
}

StrategyOperator 策略相关操作

type UserOperator

type UserOperator interface {

	// CreateUsers 批量创建用户
	CreateUsers(ctx context.Context, users []*apisecurity.User) *apiservice.BatchWriteResponse

	// UpdateUser 更新用户信息
	UpdateUser(ctx context.Context, user *apisecurity.User) *apiservice.Response

	// UpdateUserPassword 更新用户密码
	UpdateUserPassword(ctx context.Context, req *apisecurity.ModifyUserPassword) *apiservice.Response

	// DeleteUsers 批量删除用户
	DeleteUsers(ctx context.Context, users []*apisecurity.User) *apiservice.BatchWriteResponse

	// GetUsers 查询用户列表
	GetUsers(ctx context.Context, query map[string]string) *apiservice.BatchQueryResponse

	// GetUserToken 获取用户的 token
	GetUserToken(ctx context.Context, user *apisecurity.User) *apiservice.Response

	// UpdateUserToken 禁止用户的token使用
	UpdateUserToken(ctx context.Context, user *apisecurity.User) *apiservice.Response

	// ResetUserToken 重置用户的token
	ResetUserToken(ctx context.Context, user *apisecurity.User) *apiservice.Response
}

UserOperator 用户数据管理 server

Directories

Path Synopsis
Package mock is a generated GoMock package.
Package mock is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL