Documentation
¶
Overview ¶
Package auth defines standard interface for authentication.
Index ¶
- Constants
- Variables
- func HTTPInterceptor(a Authenticator) func(h http.Handler) http.Handler
- func StreamInterceptor(auth Authenticator) grpc.StreamServerInterceptor
- func UnaryInterceptor(auth Authenticator) grpc.UnaryServerInterceptor
- type Authenticator
- type AuthenticatorFunc
- type MapAuthenticator
- type MultiAuthenticator
- type SimpleWhiteListAuthenticator
- type WhiteListAuthenticator
- type WhiteListFunc
Constants ¶
const ( // AuthorizationMD authorization metadata name. AuthorizationMD = "authorization" // GrpcGWCookieMD is cookie metadata name of GRPC in gRPC GateWay Request. GrpcGWCookieMD = "grpcgateway-cookie" )
Variables ¶
var ( // ErrMetadataMissing reports that metadata is missing in the incoming context. ErrMetadataMissing = errors.New("auth: could not locate request metadata") // ErrAuthorizationMissing reports that authorization metadata is missing in the incoming context. ErrAuthorizationMissing = errors.New("auth: could not locate authorization metadata") //ErrInvalidToken reports that the token is invalid. ErrInvalidToken = errors.New("auth: invalid token") // ErrMultipleAuthFound reports that too many authorization entries were found. ErrMultipleAuthFound = errors.New("auth: too many authorization entries") )
Functions ¶
func HTTPInterceptor ¶ added in v0.1.8
func HTTPInterceptor(a Authenticator) func(h http.Handler) http.Handler
HTTPInterceptor return a HTTP interceptor that perform an authentication check for each request using the given authenticator.
func StreamInterceptor ¶
func StreamInterceptor(auth Authenticator) grpc.StreamServerInterceptor
StreamInterceptor returns a grpc.StreamServerInterceptor that performs an authentication check for each request by using Authenticator.Authenticate(ctx context.Context).
func UnaryInterceptor ¶
func UnaryInterceptor(auth Authenticator) grpc.UnaryServerInterceptor
UnaryInterceptor returns a grpc.UnaryServerInterceptor that performs an authentication check for each request by using Authenticator.Authenticate(ctx context.Context).
Types ¶
type Authenticator ¶
Authenticator defines the interface to perform the actual authentication of the request. Implementations should fetch the required data from the context.Context object. GRPC specific data like `metadata` and `peer` is available on the context. Should return a new `context.Context` that is a child of `ctx` or `codes.Unauthenticated` when auth is lacking or `codes.PermissionDenied` when lacking permissions.
type AuthenticatorFunc ¶
AuthenticatorFunc defines a pluggable function to perform authentication of requests. Should return a new `context.Context` that is a child of `ctx` or `codes.Unauthenticated` when auth is lacking or `codes.PermissionDenied` when lacking permissions.
func (AuthenticatorFunc) Authenticate ¶
Authenticate implements the Authenticator interface
type MapAuthenticator ¶ added in v0.1.3
type MapAuthenticator map[string]Authenticator
MapAuthenticator chains multiple Authenticators, allowing multiple authentication types to be used with a single interceptor. Key of the map wil be used to match with authorization type in metadata.
func (MapAuthenticator) Authenticate ¶ added in v0.1.3
Authenticate implements the Authenticator interface.
type MultiAuthenticator ¶
type MultiAuthenticator []Authenticator
MultiAuthenticator chains a series of Authenticators, allowing multiple authentication types to be used with a single interceptor.
func (MultiAuthenticator) Authenticate ¶
Authenticate implements the Authenticator interface.
type SimpleWhiteListAuthenticator ¶ added in v0.1.4
type SimpleWhiteListAuthenticator struct {
// contains filtered or unexported fields
}
SimpleWhiteListAuthenticator is simple implementation of WhiteListAuthenticator.
func NewWhiteListAuthenticator ¶ added in v0.1.3
func NewWhiteListAuthenticator(auth Authenticator, funcs ...WhiteListFunc) *SimpleWhiteListAuthenticator
NewWhiteListAuthenticator return a new WhiteListAuthenticator.
func (*SimpleWhiteListAuthenticator) Authenticate ¶ added in v0.1.4
Authenticate implements the Authenticator interface.
func (*SimpleWhiteListAuthenticator) IsWhiteListed ¶ added in v0.1.4
func (a *SimpleWhiteListAuthenticator) IsWhiteListed(path string) bool
IsWhiteListed implements WhitelistAuthenticator interface.
type WhiteListAuthenticator ¶ added in v0.1.3
type WhiteListAuthenticator interface {
Authenticator
// IsWhiteListed tell the handler if a path should be ignored in the authentication process.
// For gRPC request the path will be fullMethod, i.e... /helloworld.Greeter/SayHello.
// For HTTP request the path will be URL.Path.
IsWhiteListed(path string) bool
}
WhiteListAuthenticator is a special authenticator that support ignoring a list of methods/paths during the authentication process.
type WhiteListFunc ¶ added in v0.1.8
WhiteListFunc is a function that used for matching whitelist item.
func WhiteListInList ¶ added in v0.1.8
func WhiteListInList(wl ...string) WhiteListFunc
WhiteListInList is a simple white list func simply compare the path with the given list.
func WhiteListNot ¶ added in v0.1.8
func WhiteListNot(f WhiteListFunc) WhiteListFunc
WhiteListNot is a helper function that simply reverse the inner white list func.
func WhiteListRegexp ¶ added in v0.1.8
func WhiteListRegexp(patterns ...string) WhiteListFunc
WhiteListRegexp is white list function that ignore authentication process for a request if its path matchs one of the provided regular expressions. This function panic if the regular expressions failed to compile.
Source Files
Directories