Documentation ¶
Overview ¶
Package authorization is a generated GoMock package.
Index ¶
- Variables
- func GetAuthProviderClient(privateKey string) (clientworker.AuthorizationProvider, error)
- type Attributes
- type Authorizer
- type Decision
- type FilteredRequestBody
- type JWTClaims
- type MockAuthorizer
- type MockAuthorizerMockRecorder
- type MockFilteredRequestBody
- type MockFilteredRequestBodyMockRecorder
- type Permission
- type Result
- type XDGSCRAMClient
Constants ¶
This section is empty.
Variables ¶
var SHA256 scram.HashGeneratorFcn = func() hash.Hash { return sha256.New() }
SHA256 algorithm
var SHA512 scram.HashGeneratorFcn = func() hash.Hash { return sha512.New() }
SHA512 algorithm
Functions ¶
func GetAuthProviderClient ¶ added in v0.24.0
func GetAuthProviderClient(privateKey string) (clientworker.AuthorizationProvider, error)
Types ¶
type Attributes ¶
type Attributes struct { Actor string APIName string DomainName string WorkflowType *types.WorkflowType TaskList *types.TaskList Permission Permission RequestBody FilteredRequestBody // request object except for data inputs (PII) }
Attributes is input for authority to make decision. It can be extended in future if required auth on resources like WorkflowType and TaskList
type Authorizer ¶
type Authorizer interface {
Authorize(ctx context.Context, attributes *Attributes) (Result, error)
}
Authorizer is an interface for authorization
func NewAuthorizer ¶ added in v0.23.1
func NewAuthorizer(authorization config.Authorization, logger log.Logger, domainCache cache.DomainCache) (Authorizer, error)
func NewNopAuthorizer ¶
func NewNopAuthorizer() (Authorizer, error)
NewNopAuthorizer creates a no-op authority
func NewOAuthAuthorizer ¶ added in v0.23.1
func NewOAuthAuthorizer( authorizationCfg config.OAuthAuthorizer, log log.Logger, domainCache cache.DomainCache, ) (Authorizer, error)
NewOAuthAuthorizer creates a oauth authority
type FilteredRequestBody ¶ added in v1.2.1
FilteredRequestBody request object except for data inputs (PII)
type JWTClaims ¶ added in v0.23.1
type JWTClaims struct { jwt.RegisteredClaims Name string Groups string // separated by space Admin bool TTL int64 // TODO should be removed. ExpiresAt should be used }
JWTClaims is a Cadence specific claim with embeded Claims defined https://datatracker.ietf.org/doc/html/rfc7519#section-4.1
type MockAuthorizer ¶ added in v0.12.0
type MockAuthorizer struct {
// contains filtered or unexported fields
}
MockAuthorizer is a mock of Authorizer interface.
func NewMockAuthorizer ¶ added in v0.12.0
func NewMockAuthorizer(ctrl *gomock.Controller) *MockAuthorizer
NewMockAuthorizer creates a new mock instance.
func (*MockAuthorizer) Authorize ¶ added in v0.12.0
func (m *MockAuthorizer) Authorize(ctx context.Context, attributes *Attributes) (Result, error)
Authorize mocks base method.
func (*MockAuthorizer) EXPECT ¶ added in v0.12.0
func (m *MockAuthorizer) EXPECT() *MockAuthorizerMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
type MockAuthorizerMockRecorder ¶ added in v0.12.0
type MockAuthorizerMockRecorder struct {
// contains filtered or unexported fields
}
MockAuthorizerMockRecorder is the mock recorder for MockAuthorizer.
func (*MockAuthorizerMockRecorder) Authorize ¶ added in v0.12.0
func (mr *MockAuthorizerMockRecorder) Authorize(ctx, attributes interface{}) *gomock.Call
Authorize indicates an expected call of Authorize.
type MockFilteredRequestBody ¶ added in v1.2.1
type MockFilteredRequestBody struct {
// contains filtered or unexported fields
}
MockFilteredRequestBody is a mock of FilteredRequestBody interface.
func NewMockFilteredRequestBody ¶ added in v1.2.1
func NewMockFilteredRequestBody(ctrl *gomock.Controller) *MockFilteredRequestBody
NewMockFilteredRequestBody creates a new mock instance.
func (*MockFilteredRequestBody) EXPECT ¶ added in v1.2.1
func (m *MockFilteredRequestBody) EXPECT() *MockFilteredRequestBodyMockRecorder
EXPECT returns an object that allows the caller to indicate expected use.
func (*MockFilteredRequestBody) SerializeForLogging ¶ added in v1.2.1
func (m *MockFilteredRequestBody) SerializeForLogging() (string, error)
SerializeForLogging mocks base method.
type MockFilteredRequestBodyMockRecorder ¶ added in v1.2.1
type MockFilteredRequestBodyMockRecorder struct {
// contains filtered or unexported fields
}
MockFilteredRequestBodyMockRecorder is the mock recorder for MockFilteredRequestBody.
func (*MockFilteredRequestBodyMockRecorder) SerializeForLogging ¶ added in v1.2.1
func (mr *MockFilteredRequestBodyMockRecorder) SerializeForLogging() *gomock.Call
SerializeForLogging indicates an expected call of SerializeForLogging.
type Permission ¶ added in v0.23.1
type Permission int
Permission is enum type for auth permission
const ( // PermissionRead means the user can write on the domain level APIs PermissionRead Permission = iota + 1 // PermissionWrite means the user can write on the domain level APIs PermissionWrite // PermissionAdmin means the user can read+write on the domain level APIs PermissionAdmin )
func NewPermission ¶ added in v0.23.1
func NewPermission(permission string) Permission
type XDGSCRAMClient ¶ added in v0.21.0
type XDGSCRAMClient struct { *scram.Client *scram.ClientConversation scram.HashGeneratorFcn }
XDGSCRAMClient is the scram client
func (*XDGSCRAMClient) Begin ¶ added in v0.21.0
func (x *XDGSCRAMClient) Begin(userName, password, authzID string) (err error)
Begin creates new client
func (*XDGSCRAMClient) Done ¶ added in v0.21.0
func (x *XDGSCRAMClient) Done() bool
Done stops the client
func (*XDGSCRAMClient) Step ¶ added in v0.21.0
func (x *XDGSCRAMClient) Step(challenge string) (response string, err error)
Step takes a string provided from a server (or just an empty string for the very first conversation step) and attempts to move the authentication conversation forward. It returns a string to be sent to the server or an error if the server message is invalid. Calling Step after a conversation completes is also an error.