authorization

package
v0.23.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 2, 2021 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

Package authorization is a generated GoMock package.

Index

Constants

This section is empty.

Variables

View Source
var SHA256 scram.HashGeneratorFcn = func() hash.Hash { return sha256.New() }

SHA256 algorithm

View Source
var SHA512 scram.HashGeneratorFcn = func() hash.Hash { return sha512.New() }

SHA512 algorithm

Functions

This section is empty.

Types

type Attributes

type Attributes struct {
	Actor        string
	APIName      string
	DomainName   string
	WorkflowType *types.WorkflowType
	TaskList     *types.TaskList
	Permission   Permission
}

Attributes is input for authority to make decision. It can be extended in future if required auth on resources like WorkflowType and TaskList

type Authorizer

type Authorizer interface {
	Authorize(ctx context.Context, attributes *Attributes) (Result, error)
}

Authorizer is an interface for authorization

func NewAuthorizer added in v0.23.1

func NewAuthorizer(authorization config.Authorization, logger log.Logger, domainCache cache.DomainCache) Authorizer

func NewNopAuthorizer

func NewNopAuthorizer() Authorizer

NewNopAuthorizer creates a no-op authority

func NewOAuthAuthorizer added in v0.23.1

func NewOAuthAuthorizer(
	authorizationCfg config.OAuthAuthorizer,
	log log.Logger,
	domainCache cache.DomainCache,
) Authorizer

NewOAuthAuthorizer creates a oauth authority

type Decision

type Decision int

Decision is enum type for auth decision

const (
	// DecisionDeny means auth decision is deny
	DecisionDeny Decision = iota + 1
	// DecisionAllow means auth decision is allow
	DecisionAllow
)

type JWTClaims added in v0.23.1

type JWTClaims struct {
	Sub    string
	Name   string
	Groups string // separated by space
	Admin  bool
	Iat    int64
	TTL    int64
}

type MockAuthorizer added in v0.12.0

type MockAuthorizer struct {
	// contains filtered or unexported fields
}

MockAuthorizer is a mock of Authorizer interface

func NewMockAuthorizer added in v0.12.0

func NewMockAuthorizer(ctrl *gomock.Controller) *MockAuthorizer

NewMockAuthorizer creates a new mock instance

func (*MockAuthorizer) Authorize added in v0.12.0

func (m *MockAuthorizer) Authorize(ctx context.Context, attributes *Attributes) (Result, error)

Authorize mocks base method

func (*MockAuthorizer) EXPECT added in v0.12.0

EXPECT returns an object that allows the caller to indicate expected use

type MockAuthorizerMockRecorder added in v0.12.0

type MockAuthorizerMockRecorder struct {
	// contains filtered or unexported fields
}

MockAuthorizerMockRecorder is the mock recorder for MockAuthorizer

func (*MockAuthorizerMockRecorder) Authorize added in v0.12.0

func (mr *MockAuthorizerMockRecorder) Authorize(ctx, attributes interface{}) *gomock.Call

Authorize indicates an expected call of Authorize

type Permission added in v0.23.1

type Permission int

Permission is enum type for auth permission

const (
	// PermissionRead means the user can write on the domain level APIs
	PermissionRead Permission = iota + 1
	// PermissionWrite means the user can write on the domain level APIs
	PermissionWrite
	// PermissionAdmin means the user can read+write on the domain level APIs
	PermissionAdmin
)

func NewPermission added in v0.23.1

func NewPermission(permission string) Permission

type Result

type Result struct {
	Decision Decision
}

Result is result from authority.

type XDGSCRAMClient added in v0.21.0

type XDGSCRAMClient struct {
	*scram.Client
	*scram.ClientConversation
	scram.HashGeneratorFcn
}

XDGSCRAMClient is the scram client

func (*XDGSCRAMClient) Begin added in v0.21.0

func (x *XDGSCRAMClient) Begin(userName, password, authzID string) (err error)

Begin creates new client

func (*XDGSCRAMClient) Done added in v0.21.0

func (x *XDGSCRAMClient) Done() bool

Done stops the client

func (*XDGSCRAMClient) Step added in v0.21.0

func (x *XDGSCRAMClient) Step(challenge string) (response string, err error)

Step takes a string provided from a server (or just an empty string for the very first conversation step) and attempts to move the authentication conversation forward. It returns a string to be sent to the server or an error if the server message is invalid. Calling Step after a conversation completes is also an error.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL