http

package
v0.0.0-...-a4452f2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 17, 2024 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DefaultUserRole is the default role to assign to a user
	DefaultUserRole = "admin"
)

Variables

View Source 
var (
	// ErrWrongCredentials error wrong credentials
	ErrWrongCredentials = errors.New("Wrong credentials")
)

Functions

func AuthCookie 

func AuthCookie(token, path string) *http.Cookie

AuthCookie returns a authentication cookie

func Authenticate 

func Authenticate(backend AuthenticationBackend, w http.ResponseWriter, username, password string) (string, []rbac.Permission, error)

Authenticate checks a couple of username and password against an authentication backend. If it succeeds, it set a token as a HTTP cookie. It then retrieves the roles for the authenticated user from the backend.

func MakeURL 

func MakeURL(protocol string, addr string, port int, path string, useTLS bool) (*url.URL, error)

MakeURL creates an URL for the specified protocol, address, port and path, whether TLS is required or not

func NoAuthenticationWrap 

func NoAuthenticationWrap(wrapped auth.AuthenticatedHandlerFunc) http.HandlerFunc

NoAuthenticationWrap wraps a handler with no authentication

func SetAuthHeaders 

func SetAuthHeaders(headers *http.Header, authOpts *AuthenticationOpts)

SetAuthHeaders apply all the cookie used for authentication to the header

func SetTLSHeader 

func SetTLSHeader(w http.ResponseWriter, r *http.Request)

SetTLSHeader set TLS specific headers in the response

func Unauthorized 

func Unauthorized(w http.ResponseWriter, r *http.Request, err error)

Unauthorized returns a 401 response

Types

type AuthenticationBackend 

type AuthenticationBackend interface {
	Name() string
	DefaultUserRole(user string) string
	SetDefaultUserRole(role string)
	Authenticate(username string, password string) (string, error)
	Wrap(wrapped auth.AuthenticatedHandlerFunc) http.HandlerFunc
}

AuthenticationBackend is the interface of a authentication backend

type AuthenticationOpts 

type AuthenticationOpts struct {
	Username string
	Password string
	Token    string
	Cookie   map[string]string
}

AuthenticationOpts describes the elements used by a client to authenticate to an HTTP server. It can be either a username/password couple or a token

type BasicAuthenticationBackend 

type BasicAuthenticationBackend struct {
	*auth.BasicAuth
	// contains filtered or unexported fields
}

BasicAuthenticationBackend implements HTTP BasicAuth authentication

func NewBasicAuthenticationBackend 

func NewBasicAuthenticationBackend(name string, provider auth.SecretProvider, role string) (*BasicAuthenticationBackend, error)

NewBasicAuthenticationBackend returns a new BasicAuth authentication backend

func (*BasicAuthenticationBackend) Authenticate 

func (b *BasicAuthenticationBackend) Authenticate(username string, password string) (string, error)

Authenticate the user and its password

func (*BasicAuthenticationBackend) DefaultUserRole 

func (b *BasicAuthenticationBackend) DefaultUserRole(user string) string

DefaultUserRole returns the default user role

func (*BasicAuthenticationBackend) Name 

func (b *BasicAuthenticationBackend) Name() string

Name returns the name of the backend

func (*BasicAuthenticationBackend) SetDefaultUserRole 

func (b *BasicAuthenticationBackend) SetDefaultUserRole(role string)

SetDefaultUserRole defines the default user role

func (*BasicAuthenticationBackend) Wrap 

func (b *BasicAuthenticationBackend) Wrap(wrapped auth.AuthenticatedHandlerFunc) http.HandlerFunc

Wrap an HTTP handler with BasicAuth authentication

type CreateOptions 

type CreateOptions struct {
	TTL time.Duration
}

CreateOptions describes the options available when creating a resource

type CrudClient 

type CrudClient struct {
	*RestClient
}

CrudClient describes a REST API client to issue CRUD commands

func NewCrudClient 

func NewCrudClient(restClient *RestClient) *CrudClient

NewCrudClient returns a new REST client that is able to issue CRUD requests

func (*CrudClient) Create 

func (c *CrudClient) Create(resource string, value interface{}, opts *CreateOptions) error

Create does a POST request to create a new resource

func (*CrudClient) Delete 

func (c *CrudClient) Delete(resource string, id string) error

Delete removes a resource using a DELETE call to the API

func (*CrudClient) Get 

func (c *CrudClient) Get(resource string, id string, value interface{}) error

Get fills the passed value with the resource with the specified ID

func (*CrudClient) List 

func (c *CrudClient) List(resource string, values interface{}) error

List returns all the resources for a type

func (*CrudClient) Update 

func (c *CrudClient) Update(resource string, id string, value interface{}, result interface{}) (bool, error)

Update modify a resource using a PUT call to the API Server JSON response is unmarshalled into "ret"

type HtpasswdMapProvider 

type HtpasswdMapProvider struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

HtpasswdMapProvider defines a basic auth secret provider

func NewHtpasswdMapProvider 

func NewHtpasswdMapProvider(users map[string]string) *HtpasswdMapProvider

NewHtpasswdMapProvider creates a new htpassword provider based on a map

func (*HtpasswdMapProvider) AddUser 

func (h *HtpasswdMapProvider) AddUser(user, password string)

AddUser add a new user with the given password

func (*HtpasswdMapProvider) SecretProvider 

func (h *HtpasswdMapProvider) SecretProvider() auth.SecretProvider

SecretProvider returns a SecretProvider

type KeystoneAuthenticationBackend 

type KeystoneAuthenticationBackend struct {
	AuthURL string
	Tenant  string
	Domain  string
	// contains filtered or unexported fields
}

KeystoneAuthenticationBackend describes a Keystone based authentication backend. It authenticates user against either V2 or V3 Keystone server.

func NewKeystoneBackend 

func NewKeystoneBackend(name string, authURL string, tenant string, domain string, role string) (*KeystoneAuthenticationBackend, error)

NewKeystoneBackend returns a new Keystone authentication backend

func (*KeystoneAuthenticationBackend) Authenticate 

func (b *KeystoneAuthenticationBackend) Authenticate(username string, password string) (string, error)

Authenticate the user and its password

func (*KeystoneAuthenticationBackend) CheckUser 

func (b *KeystoneAuthenticationBackend) CheckUser(token string) (string, error)

CheckUser returns the user authenticated by a token

func (*KeystoneAuthenticationBackend) DefaultUserRole 

func (b *KeystoneAuthenticationBackend) DefaultUserRole(user string) string

DefaultUserRole return the default user role

func (*KeystoneAuthenticationBackend) Name 

func (b *KeystoneAuthenticationBackend) Name() string

Name returns the name of the backend

func (*KeystoneAuthenticationBackend) SetDefaultUserRole 

func (b *KeystoneAuthenticationBackend) SetDefaultUserRole(role string)

SetDefaultUserRole defines the default user role

func (*KeystoneAuthenticationBackend) Wrap 

func (b *KeystoneAuthenticationBackend) Wrap(wrapped auth.AuthenticatedHandlerFunc) http.HandlerFunc

Wrap an HTTP handler with Keystone authentication

type NoAuthenticationBackend 

type NoAuthenticationBackend struct {
}

NoAuthenticationBackend describes an authenticate backed that allows everyone to do anything

func NewNoAuthenticationBackend 

func NewNoAuthenticationBackend() *NoAuthenticationBackend

NewNoAuthenticationBackend returns a new authentication backend that allows everyone to do anything

func (*NoAuthenticationBackend) Authenticate 

func (n *NoAuthenticationBackend) Authenticate(username string, password string) (string, error)

Authenticate the user and its password

func (*NoAuthenticationBackend) DefaultUserRole 

func (n *NoAuthenticationBackend) DefaultUserRole(user string) string

DefaultUserRole returns the name of the backend

func (*NoAuthenticationBackend) Name 

func (n *NoAuthenticationBackend) Name() string

Name returns the name of the backend

func (*NoAuthenticationBackend) SetDefaultUserRole 

func (n *NoAuthenticationBackend) SetDefaultUserRole(role string)

SetDefaultUserRole defines the default user role

func (*NoAuthenticationBackend) Wrap 

func (n *NoAuthenticationBackend) Wrap(wrapped auth.AuthenticatedHandlerFunc) http.HandlerFunc

Wrap an HTTP handler with no authentication backend

type PathPrefix 

type PathPrefix string

PathPrefix describes the prefix of the path of an URL

type RestClient 

type RestClient struct {
	// contains filtered or unexported fields
}

RestClient describes a REST API client with a URL and authentication information

func NewRestClient 

func NewRestClient(url *url.URL, authOpts *AuthenticationOpts, tlsConfig *tls.Config) *RestClient

NewRestClient returns a new REST API client. It takes a URL to the HTTP point, authentication information and TLS configuration

func (*RestClient) Request 

func (c *RestClient) Request(method, path string, body io.Reader, header http.Header) (*http.Response, error)

Request issues a request to the API

type Route 

type Route struct {
	Name        string
	Method      string
	Path        interface{}
	HandlerFunc auth.AuthenticatedHandlerFunc
}

Route describes an HTTP route with a name, a HTTP verb, a path protected by an authentication backend

type Server 

type Server struct {
	sync.RWMutex
	http.Server
	Host        string
	ServiceType service.Type
	Router      *mux.Router
	Addr        string
	Port        int
	// contains filtered or unexported fields
}

Server describes a HTTP server for a service that dispatches requests to routes

func NewServer 

func NewServer(host string, serviceType service.Type, addr string, port int, tlsConfig *tls.Config, logger logging.Logger) *Server

NewServer returns a new HTTP service for a service

func (*Server) HandleFunc 

func (s *Server) HandleFunc(path string, f auth.AuthenticatedHandlerFunc, authBackend AuthenticationBackend)

HandleFunc specifies the handler function and the authentication backend used for a given path

func (*Server) Listen 

func (s *Server) Listen() error

Listen starts listening for TCP requests

func (*Server) RegisterRoutes 

func (s *Server) RegisterRoutes(routes []Route, auth AuthenticationBackend)

RegisterRoutes registers a set of routes protected by an authentication backend

func (*Server) Serve 

func (s *Server) Serve()

Serve HTTP request

func (*Server) Start 

func (s *Server) Start() error

Start listening and serving HTTP requests

func (*Server) Stop 

func (s *Server) Stop()

Stop the server

type User 

type User struct {
	ID   string `mapstructure:"id"`
	Name string `mapstructure:"name"`
}

User describes the 'user' structure returned by the Keystone API

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.