auth

package

v0.0.0-...-d9b5379 Latest Latest Go to latest Published: Nov 26, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/safedep/gateway

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type AuthenticatedIdentity
- func AnonymousIdentity() AuthenticatedIdentity
type AuthenticationCredential
type AuthenticationCredentialApplier
type AuthenticationCredentialProvider
- func NewEnvoyIngressAuthAdapter(req *envoy_service_auth_v3.AttributeContext_HttpRequest) AuthenticationCredentialProvider
type AuthenticationProvider
- func NewAuthenticationProvider() AuthenticationProvider
type EgressAuthenticationService
type IngressAuthenticationService
- func NewIngressBasicAuthService(cfg *config_api.GatewayAuthenticatorBasicAuth) (IngressAuthenticationService, error)
- func NewIngressNoAuthService() (IngressAuthenticationService, error)

Constants ¶

View Source

const (
	// PDP will lookup ingress authenticators
	AuthStageIngress = "ingress" // Gateway Auth

	// Tap will lookup egress authenticators
	AuthStageEgress = "egress" // Upstream Auth

	AuthIdentityTypeAnonymous = "Anonymous"
	AuthIdentityTypeBasicAuth = "BasicAuth"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AuthenticatedIdentity ¶

type AuthenticatedIdentity interface {
	Type() string
	OrgId() string
	ProjectId() string
	UserId() string
	Name() string
}

Authenticated identity used in Ingress auth

func AnonymousIdentity ¶

func AnonymousIdentity() AuthenticatedIdentity

type AuthenticationCredential ¶

type AuthenticationCredential interface {
	ProjectId() string
	OrgId() string
	UserId() string
	UserSecret() string
}

A provided or obtained credential for authentication

type AuthenticationCredentialApplier ¶

type AuthenticationCredentialApplier interface {
	Apply(AuthenticationCredential) error
}

Apply credentials to outgoing request to repo

type AuthenticationCredentialProvider ¶

type AuthenticationCredentialProvider interface {
	Credential() (AuthenticationCredential, error)
}

Adapter to wrap Envoy request to get credentials

func NewEnvoyIngressAuthAdapter ¶

func NewEnvoyIngressAuthAdapter(req *envoy_service_auth_v3.AttributeContext_HttpRequest) AuthenticationCredentialProvider

type AuthenticationProvider ¶

type AuthenticationProvider interface {
	IngressAuthService(common_models.ArtefactUpStream) (IngressAuthenticationService, error)
	EgressAuthService(common_models.ArtefactRepository) (EgressAuthenticationService, error)
}

func NewAuthenticationProvider ¶

func NewAuthenticationProvider() AuthenticationProvider

type EgressAuthenticationService ¶

type EgressAuthenticationService interface {
	Authenticate(context.Context, AuthenticationCredentialApplier) error
}

Authenticate upstream repo request

type IngressAuthenticationService ¶

type IngressAuthenticationService interface {
	Authenticate(context.Context, AuthenticationCredentialProvider) (AuthenticatedIdentity, error)
}

Authentication for gateway users

func NewIngressBasicAuthService ¶

func NewIngressBasicAuthService(cfg *config_api.GatewayAuthenticatorBasicAuth) (IngressAuthenticationService, error)

func NewIngressNoAuthService ¶

func NewIngressNoAuthService() (IngressAuthenticationService, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL