warden

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 9, 2016 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package warden decides if access requests should be allowed or denied. In a scientific taxonomy, the warden is classified as a Policy Decision Point. THe warden's primary goal is to implement `github.com/ory-am/hydra/firewall.Firewall`.

This package is structured as follows: * handler.go: A HTTP handler capable of validating access tokens. * warden_http.go: A Go API using HTTP to validate access tokens. * warden_local.go: A Go API using storage managers to validate access tokens. * warden_test.go: Functional tests all of the above.

Index

Constants

View Source
const (
	TokenValidHandlerPath   = "/warden/token/valid"
	TokenAllowedHandlerPath = "/warden/token/allowed"
	AllowedHandlerPath      = "/warden/allowed"
	IntrospectPath          = "/oauth2/introspect"
)

Variables

This section is empty.

Functions

func TokenFromRequest

func TokenFromRequest(r *http.Request) string

Types

type HTTPWarden

type HTTPWarden struct {
	Client   *http.Client
	Dry      bool
	Endpoint *url.URL
}

func (*HTTPWarden) InspectToken

func (w *HTTPWarden) InspectToken(ctx context.Context, token string, scopes ...string) (*firewall.Context, error)

func (*HTTPWarden) IntrospectToken

func (w *HTTPWarden) IntrospectToken(ctx context.Context, token string) (*firewall.Introspection, error)

func (*HTTPWarden) IsAllowed

func (w *HTTPWarden) IsAllowed(ctx context.Context, a *ladon.Request) error

func (*HTTPWarden) SetClient

func (w *HTTPWarden) SetClient(c *clientcredentials.Config)

func (*HTTPWarden) TokenAllowed

func (w *HTTPWarden) TokenAllowed(ctx context.Context, token string, a *ladon.Request, scopes ...string) (*firewall.Context, error)

func (*HTTPWarden) TokenFromRequest

func (w *HTTPWarden) TokenFromRequest(r *http.Request) string

type LocalWarden

type LocalWarden struct {
	Warden ladon.Warden
	OAuth2 fosite.OAuth2Provider

	AccessTokenLifespan time.Duration
	Issuer              string
}

func (*LocalWarden) InspectToken

func (w *LocalWarden) InspectToken(ctx context.Context, token string, scopes ...string) (*firewall.Context, error)

func (*LocalWarden) IntrospectToken

func (w *LocalWarden) IntrospectToken(ctx context.Context, token string) (*firewall.Introspection, error)

func (*LocalWarden) IsAllowed

func (w *LocalWarden) IsAllowed(ctx context.Context, a *ladon.Request) error

func (*LocalWarden) TokenAllowed

func (w *LocalWarden) TokenAllowed(ctx context.Context, token string, a *ladon.Request, scopes ...string) (*firewall.Context, error)

func (*LocalWarden) TokenFromRequest

func (w *LocalWarden) TokenFromRequest(r *http.Request) string

type WardenAccessRequest

type WardenAccessRequest struct {
	*ladon.Request
	*WardenAuthorizedRequest
}

type WardenAuthorizedRequest

type WardenAuthorizedRequest struct {
	Scopes []string `json:"scopes"`
	Token  string   `json:"token"`
}

type WardenHandler

type WardenHandler struct {
	H      herodot.Herodot
	Warden firewall.Firewall
}

func NewHandler

func NewHandler(c *config.Config, router *httprouter.Router) *WardenHandler

func (*WardenHandler) Allowed

func (*WardenHandler) Introspect

func (h *WardenHandler) Introspect(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*WardenHandler) SetRoutes

func (h *WardenHandler) SetRoutes(r *httprouter.Router)

func (*WardenHandler) TokenAllowed

func (h *WardenHandler) TokenAllowed(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

func (*WardenHandler) TokenValid

func (h *WardenHandler) TokenValid(w http.ResponseWriter, r *http.Request, _ httprouter.Params)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL