Documentation ¶
Index ¶
- Constants
- Variables
- func ConvertDBID(id int64) string
- func CreateID() string
- func CredentialPath(userName string, accessKeyID string) []byte
- func DecryptSecret(s crypt.SecretStore, value []byte) (string, error)
- func EncryptSecret(s crypt.SecretStore, secretAccessKey string) ([]byte, error)
- func ExpiredTokenPath(tokenID string) []byte
- func ExpiredTokensPath() []byte
- func GroupPath(displayName string) []byte
- func GroupPolicyPath(groupDisplayName string, policyDisplayName string) []byte
- func GroupUserPath(groupDisplayName string, userName string) []byte
- func HashPassword(password string) ([]byte, error)
- func MetadataKeyPath(key string) string
- func PolicyPath(displayName string) []byte
- func UserPath(userName string) []byte
- func UserPolicyPath(userName string, policyDisplayName string) []byte
- func ValidateActionName(name string) error
- func ValidateArn(name string) error
- func ValidateAuthEntityID(name string) error
- func ValidateStatementEffect(effect string) error
- type BaseCredential
- type Credential
- type CredentialData
- func (*CredentialData) Descriptor() ([]byte, []int)deprecated
- func (x *CredentialData) GetAccessKeyId() string
- func (x *CredentialData) GetIssuedDate() *timestamppb.Timestamp
- func (x *CredentialData) GetSecretAccessKeyEncryptedBytes() []byte
- func (x *CredentialData) GetUserId() []byte
- func (*CredentialData) ProtoMessage()
- func (x *CredentialData) ProtoReflect() protoreflect.Message
- func (x *CredentialData) Reset()
- func (x *CredentialData) String() string
- type CredentialKeys
- type DBCredential
- type DBGroup
- type DBPolicy
- type DBUser
- type Group
- type GroupData
- func (*GroupData) Descriptor() ([]byte, []int)deprecated
- func (x *GroupData) GetCreatedAt() *timestamppb.Timestamp
- func (x *GroupData) GetDisplayName() string
- func (*GroupData) ProtoMessage()
- func (x *GroupData) ProtoReflect() protoreflect.Message
- func (x *GroupData) Reset()
- func (x *GroupData) String() string
- type PaginationParams
- type Paginator
- type Policy
- type PolicyData
- func (*PolicyData) Descriptor() ([]byte, []int)deprecated
- func (x *PolicyData) GetCreatedAt() *timestamppb.Timestamp
- func (x *PolicyData) GetDisplayName() string
- func (x *PolicyData) GetStatements() []*StatementData
- func (*PolicyData) ProtoMessage()
- func (x *PolicyData) ProtoReflect() protoreflect.Message
- func (x *PolicyData) Reset()
- func (x *PolicyData) String() string
- type Statement
- type StatementData
- func (*StatementData) Descriptor() ([]byte, []int)deprecated
- func (x *StatementData) GetAction() []string
- func (x *StatementData) GetEffect() string
- func (x *StatementData) GetResource() string
- func (*StatementData) ProtoMessage()
- func (x *StatementData) ProtoReflect() protoreflect.Message
- func (x *StatementData) Reset()
- func (x *StatementData) String() string
- type Statements
- type SuperuserConfiguration
- type TokenData
- func (*TokenData) Descriptor() ([]byte, []int)deprecated
- func (x *TokenData) GetExpiredAt() *timestamppb.Timestamp
- func (x *TokenData) GetTokenId() string
- func (*TokenData) ProtoMessage()
- func (x *TokenData) ProtoReflect() protoreflect.Message
- func (x *TokenData) Reset()
- func (x *TokenData) String() string
- type User
- type UserData
- func (*UserData) Descriptor() ([]byte, []int)deprecated
- func (x *UserData) GetCreatedAt() *timestamppb.Timestamp
- func (x *UserData) GetEmail() string
- func (x *UserData) GetEncryptedPassword() []byte
- func (x *UserData) GetExternalId() string
- func (x *UserData) GetFriendlyName() string
- func (x *UserData) GetSource() string
- func (x *UserData) GetUsername() string
- func (*UserData) ProtoMessage()
- func (x *UserData) ProtoReflect() protoreflect.Message
- func (x *UserData) Reset()
- func (x *UserData) String() string
Constants ¶
const ( StatementEffectAllow = "allow" StatementEffectDeny = "deny" PartitionKey = "auth" PackageName = "auth" )
Variables ¶
var ErrInvalidStatementSrcFormat = errors.New("invalid statements src format")
var (
ErrValidationError = errors.New("validation error")
)
var File_model_proto protoreflect.FileDescriptor
Functions ¶
func ConvertDBID ¶ added in v0.67.0
func CredentialPath ¶ added in v0.68.0
func DecryptSecret ¶ added in v0.68.0
func DecryptSecret(s crypt.SecretStore, value []byte) (string, error)
func EncryptSecret ¶ added in v0.68.0
func EncryptSecret(s crypt.SecretStore, secretAccessKey string) ([]byte, error)
func ExpiredTokenPath ¶ added in v0.68.0
func ExpiredTokensPath ¶ added in v0.70.0
func ExpiredTokensPath() []byte
func GroupPolicyPath ¶ added in v0.68.0
func GroupUserPath ¶ added in v0.68.0
func HashPassword ¶ added in v0.63.0
HashPassword generates a hashed password from a plaintext string
func MetadataKeyPath ¶ added in v0.69.0
func PolicyPath ¶ added in v0.67.0
func UserPolicyPath ¶ added in v0.68.0
func ValidateActionName ¶
func ValidateArn ¶
func ValidateAuthEntityID ¶
func ValidateStatementEffect ¶
Types ¶
type BaseCredential ¶ added in v0.67.0
type Credential ¶
type Credential struct { Username string BaseCredential }
func ConvertCredDataList ¶ added in v0.68.0
func ConvertCredDataList(s crypt.SecretStore, creds []proto.Message) ([]*Credential, error)
func ConvertCredList ¶ added in v0.67.0
func ConvertCredList(creds []*DBCredential, username string) []*Credential
func CredentialFromProto ¶ added in v0.68.0
func CredentialFromProto(s crypt.SecretStore, pb *CredentialData) (*Credential, error)
type CredentialData ¶ added in v0.67.0
type CredentialData struct { AccessKeyId string `protobuf:"bytes,1,opt,name=access_key_id,json=accessKeyId,proto3" json:"access_key_id,omitempty"` SecretAccessKeyEncryptedBytes []byte `` /* 154-byte string literal not displayed */ IssuedDate *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=issued_date,json=issuedDate,proto3" json:"issued_date,omitempty"` UserId []byte `protobuf:"bytes,4,opt,name=user_id,json=userId,proto3" json:"user_id,omitempty"` // contains filtered or unexported fields }
message data model for model.Credential struct
func ProtoFromCredential ¶ added in v0.68.0
func ProtoFromCredential(c *Credential) *CredentialData
func (*CredentialData) Descriptor
deprecated
added in
v0.67.0
func (*CredentialData) Descriptor() ([]byte, []int)
Deprecated: Use CredentialData.ProtoReflect.Descriptor instead.
func (*CredentialData) GetAccessKeyId ¶ added in v0.67.0
func (x *CredentialData) GetAccessKeyId() string
func (*CredentialData) GetIssuedDate ¶ added in v0.67.0
func (x *CredentialData) GetIssuedDate() *timestamppb.Timestamp
func (*CredentialData) GetSecretAccessKeyEncryptedBytes ¶ added in v0.67.0
func (x *CredentialData) GetSecretAccessKeyEncryptedBytes() []byte
func (*CredentialData) GetUserId ¶ added in v0.67.0
func (x *CredentialData) GetUserId() []byte
func (*CredentialData) ProtoMessage ¶ added in v0.67.0
func (*CredentialData) ProtoMessage()
func (*CredentialData) ProtoReflect ¶ added in v0.67.0
func (x *CredentialData) ProtoReflect() protoreflect.Message
func (*CredentialData) Reset ¶ added in v0.67.0
func (x *CredentialData) Reset()
func (*CredentialData) String ¶ added in v0.67.0
func (x *CredentialData) String() string
type CredentialKeys ¶
type CredentialKeys struct { AccessKeyID string `json:"access_key_id"` SecretAccessKey string `json:"secret_access_key"` }
CredentialKeys - For JSON serialization:
type DBCredential ¶ added in v0.67.0
type DBCredential struct { UserID int64 `db:"user_id"` BaseCredential }
type Group ¶
type Group struct { CreatedAt time.Time `db:"created_at"` DisplayName string `db:"display_name" json:"display_name"` }
func ConvertGroupDataList ¶ added in v0.68.0
func ConvertGroupList ¶ added in v0.67.0
func GroupFromProto ¶ added in v0.68.0
type GroupData ¶ added in v0.67.0
type GroupData struct { CreatedAt *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` DisplayName string `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"` // contains filtered or unexported fields }
message data model for model.Group struct
func ProtoFromGroup ¶ added in v0.68.0
func (*GroupData) Descriptor
deprecated
added in
v0.67.0
func (*GroupData) GetCreatedAt ¶ added in v0.67.0
func (x *GroupData) GetCreatedAt() *timestamppb.Timestamp
func (*GroupData) GetDisplayName ¶ added in v0.67.0
func (*GroupData) ProtoMessage ¶ added in v0.67.0
func (*GroupData) ProtoMessage()
func (*GroupData) ProtoReflect ¶ added in v0.67.0
func (x *GroupData) ProtoReflect() protoreflect.Message
type PaginationParams ¶
type Policy ¶
type Policy struct { CreatedAt time.Time `db:"created_at"` DisplayName string `db:"display_name" json:"display_name"` Statement Statements `db:"statement"` }
func ConvertPolicyDataList ¶ added in v0.68.0
func PolicyFromProto ¶ added in v0.68.0
func PolicyFromProto(pb *PolicyData) *Policy
type PolicyData ¶ added in v0.67.0
type PolicyData struct { CreatedAt *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` DisplayName string `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"` Statements []*StatementData `protobuf:"bytes,3,rep,name=statements,proto3" json:"statements,omitempty"` // contains filtered or unexported fields }
message data model for model.Policy struct
func ProtoFromPolicy ¶ added in v0.68.0
func ProtoFromPolicy(p *Policy) *PolicyData
func (*PolicyData) Descriptor
deprecated
added in
v0.67.0
func (*PolicyData) Descriptor() ([]byte, []int)
Deprecated: Use PolicyData.ProtoReflect.Descriptor instead.
func (*PolicyData) GetCreatedAt ¶ added in v0.67.0
func (x *PolicyData) GetCreatedAt() *timestamppb.Timestamp
func (*PolicyData) GetDisplayName ¶ added in v0.67.0
func (x *PolicyData) GetDisplayName() string
func (*PolicyData) GetStatements ¶ added in v0.67.0
func (x *PolicyData) GetStatements() []*StatementData
func (*PolicyData) ProtoMessage ¶ added in v0.67.0
func (*PolicyData) ProtoMessage()
func (*PolicyData) ProtoReflect ¶ added in v0.67.0
func (x *PolicyData) ProtoReflect() protoreflect.Message
func (*PolicyData) Reset ¶ added in v0.67.0
func (x *PolicyData) Reset()
func (*PolicyData) String ¶ added in v0.67.0
func (x *PolicyData) String() string
type StatementData ¶ added in v0.67.0
type StatementData struct { Effect string `protobuf:"bytes,1,opt,name=effect,proto3" json:"effect,omitempty"` Action []string `protobuf:"bytes,2,rep,name=action,proto3" json:"action,omitempty"` Resource string `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"` // contains filtered or unexported fields }
message data model for model.Statement struct
func (*StatementData) Descriptor
deprecated
added in
v0.67.0
func (*StatementData) Descriptor() ([]byte, []int)
Deprecated: Use StatementData.ProtoReflect.Descriptor instead.
func (*StatementData) GetAction ¶ added in v0.67.0
func (x *StatementData) GetAction() []string
func (*StatementData) GetEffect ¶ added in v0.67.0
func (x *StatementData) GetEffect() string
func (*StatementData) GetResource ¶ added in v0.67.0
func (x *StatementData) GetResource() string
func (*StatementData) ProtoMessage ¶ added in v0.67.0
func (*StatementData) ProtoMessage()
func (*StatementData) ProtoReflect ¶ added in v0.67.0
func (x *StatementData) ProtoReflect() protoreflect.Message
func (*StatementData) Reset ¶ added in v0.67.0
func (x *StatementData) Reset()
func (*StatementData) String ¶ added in v0.67.0
func (x *StatementData) String() string
type Statements ¶
type Statements []Statement
func (*Statements) Scan ¶
func (s *Statements) Scan(src interface{}) error
type SuperuserConfiguration ¶
SuperuserConfiguration requests a particular configuration for a superuser.
type TokenData ¶ added in v0.68.0
type TokenData struct { TokenId string `protobuf:"bytes,1,opt,name=token_id,json=tokenId,proto3" json:"token_id,omitempty"` ExpiredAt *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=expired_at,json=expiredAt,proto3" json:"expired_at,omitempty"` // contains filtered or unexported fields }
message data model for rest password token
func (*TokenData) Descriptor
deprecated
added in
v0.68.0
func (*TokenData) GetExpiredAt ¶ added in v0.68.0
func (x *TokenData) GetExpiredAt() *timestamppb.Timestamp
func (*TokenData) GetTokenId ¶ added in v0.68.0
func (*TokenData) ProtoMessage ¶ added in v0.68.0
func (*TokenData) ProtoMessage()
func (*TokenData) ProtoReflect ¶ added in v0.68.0
func (x *TokenData) ProtoReflect() protoreflect.Message
type User ¶
type User struct { CreatedAt time.Time `db:"created_at"` // Username is a unique identifier for the user. In password-based authentication, it is the email. Username string `db:"display_name" json:"display_name"` // FriendlyName, if set, is a shorter name for the user than // Username. Unlike Username it does not identify the user (it // might not be unique); use it in the user's GUI rather than in // backend code. FriendlyName *string `db:"friendly_name" json:"friendly_name"` Email *string `db:"email" json:"email"` EncryptedPassword []byte `db:"encrypted_password" json:"encrypted_password"` Source string `db:"source" json:"source"` ExternalID *string `db:"external_id" json:"external_id"` }
func ConvertUsersDataList ¶ added in v0.68.0
func ConvertUsersList ¶ added in v0.67.0
func UserFromProto ¶ added in v0.68.0
func (*User) Authenticate ¶ added in v0.62.0
Authenticate a user from a password Returns nil on success, or an error on failure.
func (*User) UpdatePassword ¶ added in v0.62.0
type UserData ¶ added in v0.67.0
type UserData struct { CreatedAt *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=created_at,json=createdAt,proto3" json:"created_at,omitempty"` Username string `protobuf:"bytes,2,opt,name=username,proto3" json:"username,omitempty"` FriendlyName string `protobuf:"bytes,3,opt,name=friendly_name,json=friendlyName,proto3" json:"friendly_name,omitempty"` Email string `protobuf:"bytes,4,opt,name=email,proto3" json:"email,omitempty"` EncryptedPassword []byte `protobuf:"bytes,5,opt,name=encrypted_password,json=encryptedPassword,proto3" json:"encrypted_password,omitempty"` Source string `protobuf:"bytes,6,opt,name=source,proto3" json:"source,omitempty"` ExternalId string `protobuf:"bytes,7,opt,name=external_id,json=externalId,proto3" json:"external_id,omitempty"` // contains filtered or unexported fields }
message data model for model.User struct
func ProtoFromUser ¶ added in v0.68.0
func (*UserData) Descriptor
deprecated
added in
v0.67.0
func (*UserData) GetCreatedAt ¶ added in v0.67.0
func (x *UserData) GetCreatedAt() *timestamppb.Timestamp
func (*UserData) GetEncryptedPassword ¶ added in v0.67.0
func (*UserData) GetExternalId ¶ added in v0.69.0
func (*UserData) GetFriendlyName ¶ added in v0.67.0
func (*UserData) GetUsername ¶ added in v0.67.0
func (*UserData) ProtoMessage ¶ added in v0.67.0
func (*UserData) ProtoMessage()
func (*UserData) ProtoReflect ¶ added in v0.67.0
func (x *UserData) ProtoReflect() protoreflect.Message