keystone

package
v1.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 25, 2019 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// StatusNotAvailable means that the user could not be authenticated because the identity service is not available
	StatusNotAvailable = 1
	// StatusMissingCredentials means that the user provided invalid credentials and thus cannot be authenticated
	StatusMissingCredentials = 2
	// StatusWrongCredentials means that the user provided invalid credentials and thus cannot be authenticated
	StatusWrongCredentials = 3
	// StatusNoPermission means that the user could be authenticated but does not have access to the requested scope (no roles)
	StatusNoPermission = 4
	// StatusInternalError means that some internal error occured. Retry makes sense
	StatusInternalError = 5
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthenticationError 

type AuthenticationError interface {
	// error - embedding breaks mockgen
	// Error returns the error as string
	Error() string
	// StatusCode returns a machine-readable reason for the error (values correspond to http status codes)
	StatusCode() int
}

AuthenticationError extends the error interface with a status code

func NewAuthenticationError 

func NewAuthenticationError(statusCode int, format string, args ...interface{}) AuthenticationError

NewAuthenticationError creates a new error instance

type Driver 

type Driver interface {
	// AuthenticateRequest authenticates a user using authOptionsFromRequest passed in the HTTP request header.
	// After successful authentication, additional context information is added to the request header
	// In addition a Context object is returned for policy evaluation.
	// When guessScope is set to true, the method will try to find a suitible project when the scope is not defined (basic auth. only)
	AuthenticateRequest(req *http.Request, guessScope bool) (*policy.Context, AuthenticationError)

	// Authenticate authenticates a user using the provided authOptions.
	// It returns a context for policy evaluation and the public endpoint retrieved from the service catalog
	Authenticate(options gophercloud.AuthOptions) (*policy.Context, string, AuthenticationError)

	// ChildProjects returns the IDs of all child-projects of the project denoted by projectID
	ChildProjects(projectID string) ([]string, error)

	// UserProjects returns the project IDs and name of all projects where the current user has a monitoring role
	UserProjects(userID string) ([]tokens.Scope, error)

	// ServiceURL returns the service's global catalog entry
	// The result is empty when called from a client
	ServiceURL() string
}

Driver is an interface that wraps the authentication of the service user and token checking of API users. Because it is an interface, the real implementation can be mocked away in unit tests.

func Keystone 

func Keystone() Driver

Keystone creates a real keystone authentication and authorization driver

func NewKeystoneDriver 

func NewKeystoneDriver() Driver

NewKeystoneDriver is a factory method which chooses the right driver implementation based on configuration settings

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.