security

package
v2.2.4+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 20, 2020 License: MIT Imports: 3 Imported by: 0

Documentation

Overview

Package security contains the types used by the code generators to secure goa endpoint. It supports the following security schemes:

  • Basic security using usernames and passwords.
  • API key security using keys.
  • JWT security using JWT tokens.
  • OAuth2 security using OAuth2 tokens.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type APIKeyScheme

type APIKeyScheme struct {
	// Name is the scheme name defined in the design.
	Name string
	// Scopes holds a list of scopes for the scheme.
	Scopes []string
	// RequiredScopes holds a list of scopes which are required
	// by the scheme. It is a subset of Scopes field.
	RequiredScopes []string
}

APIKeyScheme represents the API key security scheme. It consists of a key which is used in authentication.

func (*APIKeyScheme) Validate

func (s *APIKeyScheme) Validate(scopes []string) error

Validate returns a non-nil error if scopes does not contain all of APIKey scheme's required scopes.

type AuthAPIKeyFunc

type AuthAPIKeyFunc func(ctx context.Context, key string, s *APIKeyScheme) (context.Context, error)

AuthAPIKeyFunc is the function type that implements the API key scheme of using an API key.

type AuthBasicFunc

type AuthBasicFunc func(ctx context.Context, user, pass string, s *BasicScheme) (context.Context, error)

AuthBasicFunc is the function type that implements the basic auth scheme of using username and password.

type AuthJWTFunc

type AuthJWTFunc func(ctx context.Context, token string, s *JWTScheme) (context.Context, error)

AuthJWTFunc is the function type that implements the JWT scheme of using a JWT token.

type AuthOAuth2Func

type AuthOAuth2Func func(ctx context.Context, token string, s *OAuth2Scheme) (context.Context, error)

AuthOAuth2Func is the function type that implements the OAuth2 scheme of using an OAuth2 token.

type BasicScheme

type BasicScheme struct {
	// Name is the scheme name defined in the design.
	Name string
	// Scopes holds a list of scopes for the scheme.
	Scopes []string
	// RequiredScopes holds a list of scopes which are required
	// by the scheme. It is a subset of Scopes field.
	RequiredScopes []string
}

BasicScheme represents the BasicAuth security scheme. It consists of a simple username and password.

func (*BasicScheme) Validate

func (s *BasicScheme) Validate(scopes []string) error

Validate returns a non-nil error if scopes does not contain all of Basic scheme's required scopes.

type JWTScheme

type JWTScheme struct {
	// Name is the scheme name defined in the design.
	Name string
	// Scopes holds a list of scopes for the scheme.
	Scopes []string
	// RequiredScopes holds a list of scopes which are required
	// by the scheme. It is a subset of Scopes field.
	RequiredScopes []string
}

JWTScheme represents an API key based scheme with support for scopes.

func (*JWTScheme) Validate

func (s *JWTScheme) Validate(scopes []string) error

Validate returns a non-nil error if scopes does not contain all of JWT scheme's required scopes.

type OAuth2Scheme

type OAuth2Scheme struct {
	// Name is the scheme name defined in the design.
	Name string
	// Scopes holds a list of scopes for the scheme.
	Scopes []string
	// RequiredScopes holds a list of scopes which are required
	// by the scheme. It is a subset of Scopes field.
	RequiredScopes []string
	// Flows determine the oauth2 flows.
	Flows []*OAuthFlow
}

OAuth2Scheme represents the oauth2 security scheme.

func (*OAuth2Scheme) Validate

func (s *OAuth2Scheme) Validate(scopes []string) error

Validate returns a non-nil error if scopes does not contain all of OAuth2 scheme's required scopes.

type OAuthFlow

type OAuthFlow struct {
	// Type is the type of grant.
	Type string
	// AuthorizationURL to be used for implicit or authorizationCode flows.
	AuthorizationURL string
	// TokenURL to be used for password, clientCredentials or authorizationCode flows.
	TokenURL string
	// RefreshURL to be used for obtaining refresh token.
	RefreshURL string
}

OAuthFlow represents the OAuth2 flow defined by the scheme.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL