README
¶
Identity and Access Management (IAM)
A go library for interacting with OpenFGA - it is comprised of 2 packages, fgax
and entfga
.
- fgax: wrapper to interact with the OpenFGA go-sdk and client libraries
- entfga: an ent extension to create relationship tuples using ent Hooks
install
You can install fgax
by running the following command:
go get github.com/theopenlane/fgax@latest
fgax
This package includes helper functions used heavily in OpenLane.
For example, you can easily check for Read
access of an organization using
// create client
fgaClient, err := fgax.Client("https://fga-host.example.com")
if err != nil {
return false
}
// create access check
req := fgax.AccessCheck{
SubjectID: "user-id",
SubjectType: "user",
ObjectID: "organization-id",
}
allow, err := fgaClient.CheckOrgReadAccess(ctx, req)
if err != nil {
return false
}
entfga
See the README for details
Contributing
Please read the contributing guide.
Directories
¶
Path | Synopsis |
---|---|
Package auth handles auth
|
Package auth handles auth |
Package entfga is an ent extension that creates hooks for OpenFGA relationships
|
Package entfga is an ent extension that creates hooks for OpenFGA relationships |
_examples/basic/ent
Code generated by entfga, DO NOT EDIT.
|
Code generated by entfga, DO NOT EDIT. |
_examples/basic/ent/enums
Package enums has enums
|
Package enums has enums |
Package fgax includes client libraries to interact with openfga authorization credit to https://github.com/canonical/ofga/blob/main/tuples.go
|
Package fgax includes client libraries to interact with openfga authorization credit to https://github.com/canonical/ofga/blob/main/tuples.go |
providers
|
|
github
Package github provides GitHub OAuth2 login and callback handlers.
|
Package github provides GitHub OAuth2 login and callback handlers. |
google
Package google provides Google OAuth2 login and callback handlers.
|
Package google provides Google OAuth2 login and callback handlers. |
oauth2
Package oauth2 provides handlers for OAuth2 login and callback requests.
|
Package oauth2 provides handlers for OAuth2 login and callback requests. |
oidc
Package oidc provides oidc authentication helpers and flow
|
Package oidc provides oidc authentication helpers and flow |
webauthn
Package webauthn is a provider package offering Passkey login functionality
|
Package webauthn is a provider package offering Passkey login functionality |
Package sessions manages users sessions
|
Package sessions manages users sessions |
Package tokens creates tokenmanager, responsible for signing, issuing, and validating tokens
|
Package tokens creates tokenmanager, responsible for signing, issuing, and validating tokens |
Package totp provides code generation for TOTP (RFC 6238) and HOTP (RFC 4226)
|
Package totp provides code generation for TOTP (RFC 6238) and HOTP (RFC 4226) |
Click to show internal directories.
Click to hide internal directories.