auth

package
v1.7.0-6f456f1e02272f5... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 6, 2018 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package auth is a generated protocol buffer package.

It is generated from these files:

client/auth/auth.proto

It has these top-level messages:

ActivateRequest
ActivateResponse
DeactivateRequest
DeactivateResponse
GetAdminsRequest
GetAdminsResponse
ModifyAdminsRequest
ModifyAdminsResponse
TokenInfo
AuthenticateRequest
AuthenticateResponse
WhoAmIRequest
WhoAmIResponse
ACL
AuthorizeRequest
AuthorizeResponse
GetScopeRequest
GetScopeResponse
SetScopeRequest
SetScopeResponse
GetACLRequest
ACLEntry
GetACLResponse
SetACLRequest
SetACLResponse
GetAuthTokenRequest
GetAuthTokenResponse
RevokeAuthTokenRequest
RevokeAuthTokenResponse

Index

Constants

View Source
const (
	// ContextTokenKey is the key of the auth token in an
	// authenticated context
	ContextTokenKey = "authn-token"
)

Variables

View Source
var (
	ErrInvalidLengthAuth = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowAuth   = fmt.Errorf("proto: integer overflow")
)
View Source
var Scope_name = map[int32]string{
	0: "NONE",
	1: "READER",
	2: "WRITER",
	3: "OWNER",
}
View Source
var Scope_value = map[string]int32{
	"NONE":   0,
	"READER": 1,
	"WRITER": 2,
	"OWNER":  3,
}
View Source
var TokenInfo_TokenSource_name = map[int32]string{
	0: "INVALID",
	1: "AUTHENTICATE",
	2: "GET_TOKEN",
}
View Source
var TokenInfo_TokenSource_value = map[string]int32{
	"INVALID":      0,
	"AUTHENTICATE": 1,
	"GET_TOKEN":    2,
}

Functions

func In2Out added in v1.5.2

func In2Out(ctx context.Context) context.Context

In2Out converts an incoming context containing auth information into an outgoing context containing auth information, stripping other keys (e.g. for metrics) in the process. If the incoming context doesn't have any auth information, then the returned context won't either.

func IsBadTokenError

func IsBadTokenError(err error) bool

IsBadTokenError returns true if 'err' is a BadTokenError

func IsInvalidPrincipalError

func IsInvalidPrincipalError(err error) bool

IsInvalidPrincipalError returns true if 'err' is an InvalidPrincipalError

func IsNotActivatedError

func IsNotActivatedError(err error) bool

IsNotActivatedError checks if an error is a NotActivatedError

func IsNotAuthorizedError added in v1.5.3

func IsNotAuthorizedError(err error) bool

IsNotAuthorizedError checks if an error is a NotAuthorizedError

func IsNotSignedInError added in v1.6.0

func IsNotSignedInError(err error) bool

IsNotSignedInError returns true if 'err' is a NotSignedInError

func RegisterAPIServer

func RegisterAPIServer(s *grpc.Server, srv APIServer)

Types

type ACL

type ACL struct {
	// principal -> scope. All principals are the default principal of a Pachyderm
	// subject (i.e. all keys in this map are strings prefixed with either
	// "github:" or "robot:", followed by the name of a GitHub user, all of whom
	// are Pachyderm subjects, or a Pachyderm robot user)
	Entries map[string]Scope `` /* 165-byte string literal not displayed */
}

func (*ACL) Descriptor

func (*ACL) Descriptor() ([]byte, []int)

func (*ACL) GetEntries

func (m *ACL) GetEntries() map[string]Scope

func (*ACL) Marshal

func (m *ACL) Marshal() (dAtA []byte, err error)

func (*ACL) MarshalTo

func (m *ACL) MarshalTo(dAtA []byte) (int, error)

func (*ACL) ProtoMessage

func (*ACL) ProtoMessage()

func (*ACL) Reset

func (m *ACL) Reset()

func (*ACL) Size

func (m *ACL) Size() (n int)

func (*ACL) String

func (m *ACL) String() string

func (*ACL) Unmarshal

func (m *ACL) Unmarshal(dAtA []byte) error

type ACLEntry

type ACLEntry struct {
	// username is the principal posessing this level of access to this ACL's
	// repo (despite the name, this principal may be for a human github user or a
	// pachyderm robot)
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	// scope is the level of access that the owner of 'principal' has to this
	// ACL's repo (actually a role in typical security terminology)
	Scope Scope `protobuf:"varint,2,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"`
}

func (*ACLEntry) Descriptor

func (*ACLEntry) Descriptor() ([]byte, []int)

func (*ACLEntry) GetScope

func (m *ACLEntry) GetScope() Scope

func (*ACLEntry) GetUsername

func (m *ACLEntry) GetUsername() string

func (*ACLEntry) Marshal

func (m *ACLEntry) Marshal() (dAtA []byte, err error)

func (*ACLEntry) MarshalTo

func (m *ACLEntry) MarshalTo(dAtA []byte) (int, error)

func (*ACLEntry) ProtoMessage

func (*ACLEntry) ProtoMessage()

func (*ACLEntry) Reset

func (m *ACLEntry) Reset()

func (*ACLEntry) Size

func (m *ACLEntry) Size() (n int)

func (*ACLEntry) String

func (m *ACLEntry) String() string

func (*ACLEntry) Unmarshal

func (m *ACLEntry) Unmarshal(dAtA []byte) error

type APIClient

type APIClient interface {
	// Activate/Deactivate the auth API. 'Activate' sets an initial set of admins
	// for the Pachyderm cluster, and 'Deactivate' removes all ACLs, tokens, and
	// admins from the Pachyderm cluster, making all data publicly accessable
	Activate(ctx context.Context, in *ActivateRequest, opts ...grpc.CallOption) (*ActivateResponse, error)
	Deactivate(ctx context.Context, in *DeactivateRequest, opts ...grpc.CallOption) (*DeactivateResponse, error)
	// GetAdmins returns the current list of cluster admins
	GetAdmins(ctx context.Context, in *GetAdminsRequest, opts ...grpc.CallOption) (*GetAdminsResponse, error)
	// ModifyAdmins adds or removes admins from the cluster
	ModifyAdmins(ctx context.Context, in *ModifyAdminsRequest, opts ...grpc.CallOption) (*ModifyAdminsResponse, error)
	Authenticate(ctx context.Context, in *AuthenticateRequest, opts ...grpc.CallOption) (*AuthenticateResponse, error)
	Authorize(ctx context.Context, in *AuthorizeRequest, opts ...grpc.CallOption) (*AuthorizeResponse, error)
	WhoAmI(ctx context.Context, in *WhoAmIRequest, opts ...grpc.CallOption) (*WhoAmIResponse, error)
	GetScope(ctx context.Context, in *GetScopeRequest, opts ...grpc.CallOption) (*GetScopeResponse, error)
	SetScope(ctx context.Context, in *SetScopeRequest, opts ...grpc.CallOption) (*SetScopeResponse, error)
	GetACL(ctx context.Context, in *GetACLRequest, opts ...grpc.CallOption) (*GetACLResponse, error)
	SetACL(ctx context.Context, in *SetACLRequest, opts ...grpc.CallOption) (*SetACLResponse, error)
	GetAuthToken(ctx context.Context, in *GetAuthTokenRequest, opts ...grpc.CallOption) (*GetAuthTokenResponse, error)
	RevokeAuthToken(ctx context.Context, in *RevokeAuthTokenRequest, opts ...grpc.CallOption) (*RevokeAuthTokenResponse, error)
}

func NewAPIClient

func NewAPIClient(cc *grpc.ClientConn) APIClient

type APIServer

type APIServer interface {
	// Activate/Deactivate the auth API. 'Activate' sets an initial set of admins
	// for the Pachyderm cluster, and 'Deactivate' removes all ACLs, tokens, and
	// admins from the Pachyderm cluster, making all data publicly accessable
	Activate(context.Context, *ActivateRequest) (*ActivateResponse, error)
	Deactivate(context.Context, *DeactivateRequest) (*DeactivateResponse, error)
	// GetAdmins returns the current list of cluster admins
	GetAdmins(context.Context, *GetAdminsRequest) (*GetAdminsResponse, error)
	// ModifyAdmins adds or removes admins from the cluster
	ModifyAdmins(context.Context, *ModifyAdminsRequest) (*ModifyAdminsResponse, error)
	Authenticate(context.Context, *AuthenticateRequest) (*AuthenticateResponse, error)
	Authorize(context.Context, *AuthorizeRequest) (*AuthorizeResponse, error)
	WhoAmI(context.Context, *WhoAmIRequest) (*WhoAmIResponse, error)
	GetScope(context.Context, *GetScopeRequest) (*GetScopeResponse, error)
	SetScope(context.Context, *SetScopeRequest) (*SetScopeResponse, error)
	GetACL(context.Context, *GetACLRequest) (*GetACLResponse, error)
	SetACL(context.Context, *SetACLRequest) (*SetACLResponse, error)
	GetAuthToken(context.Context, *GetAuthTokenRequest) (*GetAuthTokenResponse, error)
	RevokeAuthToken(context.Context, *RevokeAuthTokenRequest) (*RevokeAuthTokenResponse, error)
}

type ActivateRequest

type ActivateRequest struct {
	// If set, Pachyderm will compare this username to the GitHub account that
	// issued the access token 'github_token'. For now, this is not required
	// (if unset, your GitHub username will be looked up using 'github_token')
	GitHubUsername string `protobuf:"bytes,2,opt,name=github_username,json=githubUsername,proto3" json:"github_username,omitempty"`
	// This is the token returned by GitHub and used to authenticate the caller.
	// In dev mode, the caller may set "github_username" without setting this to
	// simulate logins
	GitHubToken string `protobuf:"bytes,1,opt,name=github_token,json=githubToken,proto3" json:"github_token,omitempty"`
}

ActivateRequest mirrors AuthenticateRequest. The caller is authenticated via GitHub OAuth, and then promoted to the cluster's first Admin. Afterwards, the caller can promote other users to Admin and remove themselves

func (*ActivateRequest) Descriptor

func (*ActivateRequest) Descriptor() ([]byte, []int)

func (*ActivateRequest) GetGitHubToken added in v1.7.0

func (m *ActivateRequest) GetGitHubToken() string

func (*ActivateRequest) GetGitHubUsername

func (m *ActivateRequest) GetGitHubUsername() string

func (*ActivateRequest) Marshal

func (m *ActivateRequest) Marshal() (dAtA []byte, err error)

func (*ActivateRequest) MarshalTo

func (m *ActivateRequest) MarshalTo(dAtA []byte) (int, error)

func (*ActivateRequest) ProtoMessage

func (*ActivateRequest) ProtoMessage()

func (*ActivateRequest) Reset

func (m *ActivateRequest) Reset()

func (*ActivateRequest) Size

func (m *ActivateRequest) Size() (n int)

func (*ActivateRequest) String

func (m *ActivateRequest) String() string

func (*ActivateRequest) Unmarshal

func (m *ActivateRequest) Unmarshal(dAtA []byte) error

type ActivateResponse

type ActivateResponse struct {
	// pach_token authenticates the caller with Pachyderm (if you want to perform
	// Pachyderm operations after auth has been activated as themselves, you must
	// present this token along with your regular request)
	PachToken string `protobuf:"bytes,1,opt,name=pach_token,json=pachToken,proto3" json:"pach_token,omitempty"`
}

func (*ActivateResponse) Descriptor

func (*ActivateResponse) Descriptor() ([]byte, []int)

func (*ActivateResponse) GetPachToken added in v1.6.0

func (m *ActivateResponse) GetPachToken() string

func (*ActivateResponse) Marshal

func (m *ActivateResponse) Marshal() (dAtA []byte, err error)

func (*ActivateResponse) MarshalTo

func (m *ActivateResponse) MarshalTo(dAtA []byte) (int, error)

func (*ActivateResponse) ProtoMessage

func (*ActivateResponse) ProtoMessage()

func (*ActivateResponse) Reset

func (m *ActivateResponse) Reset()

func (*ActivateResponse) Size

func (m *ActivateResponse) Size() (n int)

func (*ActivateResponse) String

func (m *ActivateResponse) String() string

func (*ActivateResponse) Unmarshal

func (m *ActivateResponse) Unmarshal(dAtA []byte) error

type AuthenticateRequest

type AuthenticateRequest struct {
	// If set, Pachyderm will compare this username to the GitHub account that
	// issued the access token 'github_token'. For now, this is not required
	// (if unset, your GitHub username will be looked up using 'github_token')
	GitHubUsername string `protobuf:"bytes,2,opt,name=github_username,json=githubUsername,proto3" json:"github_username,omitempty"`
	// This is the token returned by GitHub and used to authenticate the caller.
	// In dev mode, the caller may set "github_username" without setting this to
	// simulate logins
	GitHubToken string `protobuf:"bytes,1,opt,name=github_token,json=githubToken,proto3" json:"github_token,omitempty"`
}

func (*AuthenticateRequest) Descriptor

func (*AuthenticateRequest) Descriptor() ([]byte, []int)

func (*AuthenticateRequest) GetGitHubToken added in v1.7.0

func (m *AuthenticateRequest) GetGitHubToken() string

func (*AuthenticateRequest) GetGitHubUsername

func (m *AuthenticateRequest) GetGitHubUsername() string

func (*AuthenticateRequest) Marshal

func (m *AuthenticateRequest) Marshal() (dAtA []byte, err error)

func (*AuthenticateRequest) MarshalTo

func (m *AuthenticateRequest) MarshalTo(dAtA []byte) (int, error)

func (*AuthenticateRequest) ProtoMessage

func (*AuthenticateRequest) ProtoMessage()

func (*AuthenticateRequest) Reset

func (m *AuthenticateRequest) Reset()

func (*AuthenticateRequest) Size

func (m *AuthenticateRequest) Size() (n int)

func (*AuthenticateRequest) String

func (m *AuthenticateRequest) String() string

func (*AuthenticateRequest) Unmarshal

func (m *AuthenticateRequest) Unmarshal(dAtA []byte) error

type AuthenticateResponse

type AuthenticateResponse struct {
	// pach_token authenticates the caller with Pachyderm (if you want to perform
	// Pachyderm operations after auth has been activated as themselves, you must
	// present this token along with your regular request)
	PachToken string `protobuf:"bytes,1,opt,name=pach_token,json=pachToken,proto3" json:"pach_token,omitempty"`
}

func (*AuthenticateResponse) Descriptor

func (*AuthenticateResponse) Descriptor() ([]byte, []int)

func (*AuthenticateResponse) GetPachToken

func (m *AuthenticateResponse) GetPachToken() string

func (*AuthenticateResponse) Marshal

func (m *AuthenticateResponse) Marshal() (dAtA []byte, err error)

func (*AuthenticateResponse) MarshalTo

func (m *AuthenticateResponse) MarshalTo(dAtA []byte) (int, error)

func (*AuthenticateResponse) ProtoMessage

func (*AuthenticateResponse) ProtoMessage()

func (*AuthenticateResponse) Reset

func (m *AuthenticateResponse) Reset()

func (*AuthenticateResponse) Size

func (m *AuthenticateResponse) Size() (n int)

func (*AuthenticateResponse) String

func (m *AuthenticateResponse) String() string

func (*AuthenticateResponse) Unmarshal

func (m *AuthenticateResponse) Unmarshal(dAtA []byte) error

type AuthorizeRequest

type AuthorizeRequest struct {
	// repo is the object that the caller wants to access
	Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
	// scope is the access level that the caller needs to perform an action
	Scope Scope `protobuf:"varint,2,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"`
}

func (*AuthorizeRequest) Descriptor

func (*AuthorizeRequest) Descriptor() ([]byte, []int)

func (*AuthorizeRequest) GetRepo

func (m *AuthorizeRequest) GetRepo() string

func (*AuthorizeRequest) GetScope

func (m *AuthorizeRequest) GetScope() Scope

func (*AuthorizeRequest) Marshal

func (m *AuthorizeRequest) Marshal() (dAtA []byte, err error)

func (*AuthorizeRequest) MarshalTo

func (m *AuthorizeRequest) MarshalTo(dAtA []byte) (int, error)

func (*AuthorizeRequest) ProtoMessage

func (*AuthorizeRequest) ProtoMessage()

func (*AuthorizeRequest) Reset

func (m *AuthorizeRequest) Reset()

func (*AuthorizeRequest) Size

func (m *AuthorizeRequest) Size() (n int)

func (*AuthorizeRequest) String

func (m *AuthorizeRequest) String() string

func (*AuthorizeRequest) Unmarshal

func (m *AuthorizeRequest) Unmarshal(dAtA []byte) error

type AuthorizeResponse

type AuthorizeResponse struct {
	// authorized is true if the caller has at least
	// 'AuthorizeRequest.scope'-level access to 'AuthorizeRequest.repo', and false
	// otherwise
	Authorized bool `protobuf:"varint,1,opt,name=authorized,proto3" json:"authorized,omitempty"`
}

func (*AuthorizeResponse) Descriptor

func (*AuthorizeResponse) Descriptor() ([]byte, []int)

func (*AuthorizeResponse) GetAuthorized

func (m *AuthorizeResponse) GetAuthorized() bool

func (*AuthorizeResponse) Marshal

func (m *AuthorizeResponse) Marshal() (dAtA []byte, err error)

func (*AuthorizeResponse) MarshalTo

func (m *AuthorizeResponse) MarshalTo(dAtA []byte) (int, error)

func (*AuthorizeResponse) ProtoMessage

func (*AuthorizeResponse) ProtoMessage()

func (*AuthorizeResponse) Reset

func (m *AuthorizeResponse) Reset()

func (*AuthorizeResponse) Size

func (m *AuthorizeResponse) Size() (n int)

func (*AuthorizeResponse) String

func (m *AuthorizeResponse) String() string

func (*AuthorizeResponse) Unmarshal

func (m *AuthorizeResponse) Unmarshal(dAtA []byte) error

type BadTokenError

type BadTokenError struct{}

BadTokenError is returned by the Auth API if the caller's token is corruped or has expired.

func (BadTokenError) Error

func (e BadTokenError) Error() string

type DeactivateRequest added in v1.6.0

type DeactivateRequest struct {
}

func (*DeactivateRequest) Descriptor added in v1.6.0

func (*DeactivateRequest) Descriptor() ([]byte, []int)

func (*DeactivateRequest) Marshal added in v1.6.0

func (m *DeactivateRequest) Marshal() (dAtA []byte, err error)

func (*DeactivateRequest) MarshalTo added in v1.6.0

func (m *DeactivateRequest) MarshalTo(dAtA []byte) (int, error)

func (*DeactivateRequest) ProtoMessage added in v1.6.0

func (*DeactivateRequest) ProtoMessage()

func (*DeactivateRequest) Reset added in v1.6.0

func (m *DeactivateRequest) Reset()

func (*DeactivateRequest) Size added in v1.6.0

func (m *DeactivateRequest) Size() (n int)

func (*DeactivateRequest) String added in v1.6.0

func (m *DeactivateRequest) String() string

func (*DeactivateRequest) Unmarshal added in v1.6.0

func (m *DeactivateRequest) Unmarshal(dAtA []byte) error

type DeactivateResponse added in v1.6.0

type DeactivateResponse struct {
}

func (*DeactivateResponse) Descriptor added in v1.6.0

func (*DeactivateResponse) Descriptor() ([]byte, []int)

func (*DeactivateResponse) Marshal added in v1.6.0

func (m *DeactivateResponse) Marshal() (dAtA []byte, err error)

func (*DeactivateResponse) MarshalTo added in v1.6.0

func (m *DeactivateResponse) MarshalTo(dAtA []byte) (int, error)

func (*DeactivateResponse) ProtoMessage added in v1.6.0

func (*DeactivateResponse) ProtoMessage()

func (*DeactivateResponse) Reset added in v1.6.0

func (m *DeactivateResponse) Reset()

func (*DeactivateResponse) Size added in v1.6.0

func (m *DeactivateResponse) Size() (n int)

func (*DeactivateResponse) String added in v1.6.0

func (m *DeactivateResponse) String() string

func (*DeactivateResponse) Unmarshal added in v1.6.0

func (m *DeactivateResponse) Unmarshal(dAtA []byte) error

type GetACLRequest

type GetACLRequest struct {
	Repo string `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
}

func (*GetACLRequest) Descriptor

func (*GetACLRequest) Descriptor() ([]byte, []int)

func (*GetACLRequest) GetRepo

func (m *GetACLRequest) GetRepo() string

func (*GetACLRequest) Marshal

func (m *GetACLRequest) Marshal() (dAtA []byte, err error)

func (*GetACLRequest) MarshalTo

func (m *GetACLRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetACLRequest) ProtoMessage

func (*GetACLRequest) ProtoMessage()

func (*GetACLRequest) Reset

func (m *GetACLRequest) Reset()

func (*GetACLRequest) Size

func (m *GetACLRequest) Size() (n int)

func (*GetACLRequest) String

func (m *GetACLRequest) String() string

func (*GetACLRequest) Unmarshal

func (m *GetACLRequest) Unmarshal(dAtA []byte) error

type GetACLResponse

type GetACLResponse struct {
	// entries contains all [user principal] -> [role] mappings. This is separate
	// from robot_entries to avoid migration pain the Pachyderm dashboard
	Entries []*ACLEntry `protobuf:"bytes,1,rep,name=entries" json:"entries,omitempty"`
	// robot_entries contains all [robot principal] -> [role] mappings. This is
	// separate from entries to be unambiguous (all keys are robot principals, but
	// have no prefixes) while avoiding migration pain in the Pachyderm dashboard.
	RobotEntries []*ACLEntry `protobuf:"bytes,2,rep,name=robot_entries,json=robotEntries" json:"robot_entries,omitempty"`
}

GetACLReponse contains the list of entries on a Pachyderm ACL.

To avoid migration pain with the Pachyderm dash the list of user principal entries and robot principal entries are separate. This way, no prefix or other disambiguating device is needed in 'entries' to separate user principals from robot principals (which would confuse the dash). Instead, the dash can simply ignore robot principals.

func (*GetACLResponse) Descriptor

func (*GetACLResponse) Descriptor() ([]byte, []int)

func (*GetACLResponse) GetEntries added in v1.6.0

func (m *GetACLResponse) GetEntries() []*ACLEntry

func (*GetACLResponse) GetRobotEntries added in v1.7.0

func (m *GetACLResponse) GetRobotEntries() []*ACLEntry

func (*GetACLResponse) Marshal

func (m *GetACLResponse) Marshal() (dAtA []byte, err error)

func (*GetACLResponse) MarshalTo

func (m *GetACLResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetACLResponse) ProtoMessage

func (*GetACLResponse) ProtoMessage()

func (*GetACLResponse) Reset

func (m *GetACLResponse) Reset()

func (*GetACLResponse) Size

func (m *GetACLResponse) Size() (n int)

func (*GetACLResponse) String

func (m *GetACLResponse) String() string

func (*GetACLResponse) Unmarshal

func (m *GetACLResponse) Unmarshal(dAtA []byte) error

type GetAdminsRequest added in v1.6.0

type GetAdminsRequest struct {
}

Get the current list of cluster admins

func (*GetAdminsRequest) Descriptor added in v1.6.0

func (*GetAdminsRequest) Descriptor() ([]byte, []int)

func (*GetAdminsRequest) Marshal added in v1.6.0

func (m *GetAdminsRequest) Marshal() (dAtA []byte, err error)

func (*GetAdminsRequest) MarshalTo added in v1.6.0

func (m *GetAdminsRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetAdminsRequest) ProtoMessage added in v1.6.0

func (*GetAdminsRequest) ProtoMessage()

func (*GetAdminsRequest) Reset added in v1.6.0

func (m *GetAdminsRequest) Reset()

func (*GetAdminsRequest) Size added in v1.6.0

func (m *GetAdminsRequest) Size() (n int)

func (*GetAdminsRequest) String added in v1.6.0

func (m *GetAdminsRequest) String() string

func (*GetAdminsRequest) Unmarshal added in v1.6.0

func (m *GetAdminsRequest) Unmarshal(dAtA []byte) error

type GetAdminsResponse added in v1.6.0

type GetAdminsResponse struct {
	// admins contains the list of cluster admins
	Admins []string `protobuf:"bytes,1,rep,name=admins" json:"admins,omitempty"`
}

func (*GetAdminsResponse) Descriptor added in v1.6.0

func (*GetAdminsResponse) Descriptor() ([]byte, []int)

func (*GetAdminsResponse) GetAdmins added in v1.6.0

func (m *GetAdminsResponse) GetAdmins() []string

func (*GetAdminsResponse) Marshal added in v1.6.0

func (m *GetAdminsResponse) Marshal() (dAtA []byte, err error)

func (*GetAdminsResponse) MarshalTo added in v1.6.0

func (m *GetAdminsResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetAdminsResponse) ProtoMessage added in v1.6.0

func (*GetAdminsResponse) ProtoMessage()

func (*GetAdminsResponse) Reset added in v1.6.0

func (m *GetAdminsResponse) Reset()

func (*GetAdminsResponse) Size added in v1.6.0

func (m *GetAdminsResponse) Size() (n int)

func (*GetAdminsResponse) String added in v1.6.0

func (m *GetAdminsResponse) String() string

func (*GetAdminsResponse) Unmarshal added in v1.6.0

func (m *GetAdminsResponse) Unmarshal(dAtA []byte) error

type GetAuthTokenRequest added in v1.7.0

type GetAuthTokenRequest struct {
	// The returned token will allow the caller to access resources as this
	// subject
	Subject string `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
}

func (*GetAuthTokenRequest) Descriptor added in v1.7.0

func (*GetAuthTokenRequest) Descriptor() ([]byte, []int)

func (*GetAuthTokenRequest) GetSubject added in v1.7.0

func (m *GetAuthTokenRequest) GetSubject() string

func (*GetAuthTokenRequest) Marshal added in v1.7.0

func (m *GetAuthTokenRequest) Marshal() (dAtA []byte, err error)

func (*GetAuthTokenRequest) MarshalTo added in v1.7.0

func (m *GetAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetAuthTokenRequest) ProtoMessage added in v1.7.0

func (*GetAuthTokenRequest) ProtoMessage()

func (*GetAuthTokenRequest) Reset added in v1.7.0

func (m *GetAuthTokenRequest) Reset()

func (*GetAuthTokenRequest) Size added in v1.7.0

func (m *GetAuthTokenRequest) Size() (n int)

func (*GetAuthTokenRequest) String added in v1.7.0

func (m *GetAuthTokenRequest) String() string

func (*GetAuthTokenRequest) Unmarshal added in v1.7.0

func (m *GetAuthTokenRequest) Unmarshal(dAtA []byte) error

type GetAuthTokenResponse added in v1.7.0

type GetAuthTokenResponse struct {
	// A new auth token for the user in 'GetAuthTokenRequest.Subject' token
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
}

func (*GetAuthTokenResponse) Descriptor added in v1.7.0

func (*GetAuthTokenResponse) Descriptor() ([]byte, []int)

func (*GetAuthTokenResponse) GetToken added in v1.7.0

func (m *GetAuthTokenResponse) GetToken() string

func (*GetAuthTokenResponse) Marshal added in v1.7.0

func (m *GetAuthTokenResponse) Marshal() (dAtA []byte, err error)

func (*GetAuthTokenResponse) MarshalTo added in v1.7.0

func (m *GetAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetAuthTokenResponse) ProtoMessage added in v1.7.0

func (*GetAuthTokenResponse) ProtoMessage()

func (*GetAuthTokenResponse) Reset added in v1.7.0

func (m *GetAuthTokenResponse) Reset()

func (*GetAuthTokenResponse) Size added in v1.7.0

func (m *GetAuthTokenResponse) Size() (n int)

func (*GetAuthTokenResponse) String added in v1.7.0

func (m *GetAuthTokenResponse) String() string

func (*GetAuthTokenResponse) Unmarshal added in v1.7.0

func (m *GetAuthTokenResponse) Unmarshal(dAtA []byte) error

type GetScopeRequest

type GetScopeRequest struct {
	// username is the principal (some of which belong to robots rather than
	// users, but the name is preserved for now to provide compatibility with the
	// pachyderm dash) whose access level is queried. To query the access level
	// of a robot user, the caller must prefix username with "robot:". If
	// 'username' has no prefix (i.e. no ":"), then it's assumed to be a github
	// user's principal.
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	// repos are the objects to which 'username's access level is being queried
	Repos []string `protobuf:"bytes,2,rep,name=repos" json:"repos,omitempty"`
}

func (*GetScopeRequest) Descriptor

func (*GetScopeRequest) Descriptor() ([]byte, []int)

func (*GetScopeRequest) GetRepos added in v1.5.3

func (m *GetScopeRequest) GetRepos() []string

func (*GetScopeRequest) GetUsername

func (m *GetScopeRequest) GetUsername() string

func (*GetScopeRequest) Marshal

func (m *GetScopeRequest) Marshal() (dAtA []byte, err error)

func (*GetScopeRequest) MarshalTo

func (m *GetScopeRequest) MarshalTo(dAtA []byte) (int, error)

func (*GetScopeRequest) ProtoMessage

func (*GetScopeRequest) ProtoMessage()

func (*GetScopeRequest) Reset

func (m *GetScopeRequest) Reset()

func (*GetScopeRequest) Size

func (m *GetScopeRequest) Size() (n int)

func (*GetScopeRequest) String

func (m *GetScopeRequest) String() string

func (*GetScopeRequest) Unmarshal

func (m *GetScopeRequest) Unmarshal(dAtA []byte) error

type GetScopeResponse

type GetScopeResponse struct {
	// scopes (actually a "role"--see "Scope") are the access level that
	// 'GetScopeRequest.username' has to each repo in 'GetScopeRequest.repos', in
	// the same order that repos appeared in 'repos'.
	Scopes []Scope `protobuf:"varint,1,rep,packed,name=scopes,enum=auth.Scope" json:"scopes,omitempty"`
}

func (*GetScopeResponse) Descriptor

func (*GetScopeResponse) Descriptor() ([]byte, []int)

func (*GetScopeResponse) GetScopes added in v1.5.3

func (m *GetScopeResponse) GetScopes() []Scope

func (*GetScopeResponse) Marshal

func (m *GetScopeResponse) Marshal() (dAtA []byte, err error)

func (*GetScopeResponse) MarshalTo

func (m *GetScopeResponse) MarshalTo(dAtA []byte) (int, error)

func (*GetScopeResponse) ProtoMessage

func (*GetScopeResponse) ProtoMessage()

func (*GetScopeResponse) Reset

func (m *GetScopeResponse) Reset()

func (*GetScopeResponse) Size

func (m *GetScopeResponse) Size() (n int)

func (*GetScopeResponse) String

func (m *GetScopeResponse) String() string

func (*GetScopeResponse) Unmarshal

func (m *GetScopeResponse) Unmarshal(dAtA []byte) error

type InvalidPrincipalError

type InvalidPrincipalError struct {
	Principal string
}

InvalidPrincipalError indicates that a an argument to e.g. GetScope, SetScope, or SetACL is invalid

func (*InvalidPrincipalError) Error

func (e *InvalidPrincipalError) Error() string

type ModifyAdminsRequest added in v1.6.0

type ModifyAdminsRequest struct {
	Add    []string `protobuf:"bytes,1,rep,name=add" json:"add,omitempty"`
	Remove []string `protobuf:"bytes,2,rep,name=remove" json:"remove,omitempty"`
}

Add or remove cluster admins

func (*ModifyAdminsRequest) Descriptor added in v1.6.0

func (*ModifyAdminsRequest) Descriptor() ([]byte, []int)

func (*ModifyAdminsRequest) GetAdd added in v1.6.0

func (m *ModifyAdminsRequest) GetAdd() []string

func (*ModifyAdminsRequest) GetRemove added in v1.6.0

func (m *ModifyAdminsRequest) GetRemove() []string

func (*ModifyAdminsRequest) Marshal added in v1.6.0

func (m *ModifyAdminsRequest) Marshal() (dAtA []byte, err error)

func (*ModifyAdminsRequest) MarshalTo added in v1.6.0

func (m *ModifyAdminsRequest) MarshalTo(dAtA []byte) (int, error)

func (*ModifyAdminsRequest) ProtoMessage added in v1.6.0

func (*ModifyAdminsRequest) ProtoMessage()

func (*ModifyAdminsRequest) Reset added in v1.6.0

func (m *ModifyAdminsRequest) Reset()

func (*ModifyAdminsRequest) Size added in v1.6.0

func (m *ModifyAdminsRequest) Size() (n int)

func (*ModifyAdminsRequest) String added in v1.6.0

func (m *ModifyAdminsRequest) String() string

func (*ModifyAdminsRequest) Unmarshal added in v1.6.0

func (m *ModifyAdminsRequest) Unmarshal(dAtA []byte) error

type ModifyAdminsResponse added in v1.6.0

type ModifyAdminsResponse struct {
}

func (*ModifyAdminsResponse) Descriptor added in v1.6.0

func (*ModifyAdminsResponse) Descriptor() ([]byte, []int)

func (*ModifyAdminsResponse) Marshal added in v1.6.0

func (m *ModifyAdminsResponse) Marshal() (dAtA []byte, err error)

func (*ModifyAdminsResponse) MarshalTo added in v1.6.0

func (m *ModifyAdminsResponse) MarshalTo(dAtA []byte) (int, error)

func (*ModifyAdminsResponse) ProtoMessage added in v1.6.0

func (*ModifyAdminsResponse) ProtoMessage()

func (*ModifyAdminsResponse) Reset added in v1.6.0

func (m *ModifyAdminsResponse) Reset()

func (*ModifyAdminsResponse) Size added in v1.6.0

func (m *ModifyAdminsResponse) Size() (n int)

func (*ModifyAdminsResponse) String added in v1.6.0

func (m *ModifyAdminsResponse) String() string

func (*ModifyAdminsResponse) Unmarshal added in v1.6.0

func (m *ModifyAdminsResponse) Unmarshal(dAtA []byte) error

type NotActivatedError

type NotActivatedError struct{}

NotActivatedError is returned by an Auth API if the Auth service has not been activated.

func (NotActivatedError) Error

func (e NotActivatedError) Error() string

type NotAuthorizedError added in v1.5.3

type NotAuthorizedError struct {
	Repo     string
	Required Scope
}

NotAuthorizedError is returned if the user is not authorized to perform a certain operation on the repo 'Repo' (to do so, they would need to have the authorization scope in 'Required').

func (*NotAuthorizedError) Error added in v1.5.3

func (e *NotAuthorizedError) Error() string

type NotSignedInError added in v1.6.0

type NotSignedInError struct{}

NotSignedInError indicates that the caller isn't signed in

func (NotSignedInError) Error added in v1.6.0

func (e NotSignedInError) Error() string

type RevokeAuthTokenRequest

type RevokeAuthTokenRequest struct {
	Token string `protobuf:"bytes,1,opt,name=token,proto3" json:"token,omitempty"`
}

func (*RevokeAuthTokenRequest) Descriptor

func (*RevokeAuthTokenRequest) Descriptor() ([]byte, []int)

func (*RevokeAuthTokenRequest) GetToken

func (m *RevokeAuthTokenRequest) GetToken() string

func (*RevokeAuthTokenRequest) Marshal

func (m *RevokeAuthTokenRequest) Marshal() (dAtA []byte, err error)

func (*RevokeAuthTokenRequest) MarshalTo

func (m *RevokeAuthTokenRequest) MarshalTo(dAtA []byte) (int, error)

func (*RevokeAuthTokenRequest) ProtoMessage

func (*RevokeAuthTokenRequest) ProtoMessage()

func (*RevokeAuthTokenRequest) Reset

func (m *RevokeAuthTokenRequest) Reset()

func (*RevokeAuthTokenRequest) Size

func (m *RevokeAuthTokenRequest) Size() (n int)

func (*RevokeAuthTokenRequest) String

func (m *RevokeAuthTokenRequest) String() string

func (*RevokeAuthTokenRequest) Unmarshal

func (m *RevokeAuthTokenRequest) Unmarshal(dAtA []byte) error

type RevokeAuthTokenResponse

type RevokeAuthTokenResponse struct {
}

func (*RevokeAuthTokenResponse) Descriptor

func (*RevokeAuthTokenResponse) Descriptor() ([]byte, []int)

func (*RevokeAuthTokenResponse) Marshal

func (m *RevokeAuthTokenResponse) Marshal() (dAtA []byte, err error)

func (*RevokeAuthTokenResponse) MarshalTo

func (m *RevokeAuthTokenResponse) MarshalTo(dAtA []byte) (int, error)

func (*RevokeAuthTokenResponse) ProtoMessage

func (*RevokeAuthTokenResponse) ProtoMessage()

func (*RevokeAuthTokenResponse) Reset

func (m *RevokeAuthTokenResponse) Reset()

func (*RevokeAuthTokenResponse) Size

func (m *RevokeAuthTokenResponse) Size() (n int)

func (*RevokeAuthTokenResponse) String

func (m *RevokeAuthTokenResponse) String() string

func (*RevokeAuthTokenResponse) Unmarshal

func (m *RevokeAuthTokenResponse) Unmarshal(dAtA []byte) error

type Scope

type Scope int32

Scope (actually a "role" in canonical security nomenclature) represents a rough level of access that a principal has to a repo

const (
	// To remove a user's scope from a repo, set their scope to NONE
	Scope_NONE   Scope = 0
	Scope_READER Scope = 1
	Scope_WRITER Scope = 2
	Scope_OWNER  Scope = 3
)

func ParseScope

func ParseScope(s string) (Scope, error)

ParseScope parses the string 's' to a scope (for example, parsing a command- line argument.

func (Scope) EnumDescriptor

func (Scope) EnumDescriptor() ([]byte, []int)

func (Scope) String

func (x Scope) String() string

type SetACLRequest added in v1.5.3

type SetACLRequest struct {
	Repo    string      `protobuf:"bytes,1,opt,name=repo,proto3" json:"repo,omitempty"`
	Entries []*ACLEntry `protobuf:"bytes,2,rep,name=entries" json:"entries,omitempty"`
}

func (*SetACLRequest) Descriptor added in v1.5.3

func (*SetACLRequest) Descriptor() ([]byte, []int)

func (*SetACLRequest) GetEntries added in v1.6.0

func (m *SetACLRequest) GetEntries() []*ACLEntry

func (*SetACLRequest) GetRepo added in v1.5.3

func (m *SetACLRequest) GetRepo() string

func (*SetACLRequest) Marshal added in v1.5.3

func (m *SetACLRequest) Marshal() (dAtA []byte, err error)

func (*SetACLRequest) MarshalTo added in v1.5.3

func (m *SetACLRequest) MarshalTo(dAtA []byte) (int, error)

func (*SetACLRequest) ProtoMessage added in v1.5.3

func (*SetACLRequest) ProtoMessage()

func (*SetACLRequest) Reset added in v1.5.3

func (m *SetACLRequest) Reset()

func (*SetACLRequest) Size added in v1.5.3

func (m *SetACLRequest) Size() (n int)

func (*SetACLRequest) String added in v1.5.3

func (m *SetACLRequest) String() string

func (*SetACLRequest) Unmarshal added in v1.5.3

func (m *SetACLRequest) Unmarshal(dAtA []byte) error

type SetACLResponse added in v1.5.3

type SetACLResponse struct {
}

func (*SetACLResponse) Descriptor added in v1.5.3

func (*SetACLResponse) Descriptor() ([]byte, []int)

func (*SetACLResponse) Marshal added in v1.5.3

func (m *SetACLResponse) Marshal() (dAtA []byte, err error)

func (*SetACLResponse) MarshalTo added in v1.5.3

func (m *SetACLResponse) MarshalTo(dAtA []byte) (int, error)

func (*SetACLResponse) ProtoMessage added in v1.5.3

func (*SetACLResponse) ProtoMessage()

func (*SetACLResponse) Reset added in v1.5.3

func (m *SetACLResponse) Reset()

func (*SetACLResponse) Size added in v1.5.3

func (m *SetACLResponse) Size() (n int)

func (*SetACLResponse) String added in v1.5.3

func (m *SetACLResponse) String() string

func (*SetACLResponse) Unmarshal added in v1.5.3

func (m *SetACLResponse) Unmarshal(dAtA []byte) error

type SetScopeRequest

type SetScopeRequest struct {
	// username is the principal (some of which belong to robots rather than
	// users, but the name is preserved for now to provide compatibility with the
	// pachyderm dash) whose access is being granted/revoked. As with
	// GetScopeRequest, to set the access level of a robot user, the caller must
	// prefix username with "robot:". If 'username' has no prefix (i.e. no ":"),
	// then it's assumed to be a github user's principal.
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	// repo is the object to which access is being granted/revoked
	Repo string `protobuf:"bytes,2,opt,name=repo,proto3" json:"repo,omitempty"`
	// scope (actually a "role"--see "Scope") is the access level that the owner
	// of 'principal' will now have
	Scope Scope `protobuf:"varint,3,opt,name=scope,proto3,enum=auth.Scope" json:"scope,omitempty"`
}

func (*SetScopeRequest) Descriptor

func (*SetScopeRequest) Descriptor() ([]byte, []int)

func (*SetScopeRequest) GetRepo

func (m *SetScopeRequest) GetRepo() string

func (*SetScopeRequest) GetScope

func (m *SetScopeRequest) GetScope() Scope

func (*SetScopeRequest) GetUsername

func (m *SetScopeRequest) GetUsername() string

func (*SetScopeRequest) Marshal

func (m *SetScopeRequest) Marshal() (dAtA []byte, err error)

func (*SetScopeRequest) MarshalTo

func (m *SetScopeRequest) MarshalTo(dAtA []byte) (int, error)

func (*SetScopeRequest) ProtoMessage

func (*SetScopeRequest) ProtoMessage()

func (*SetScopeRequest) Reset

func (m *SetScopeRequest) Reset()

func (*SetScopeRequest) Size

func (m *SetScopeRequest) Size() (n int)

func (*SetScopeRequest) String

func (m *SetScopeRequest) String() string

func (*SetScopeRequest) Unmarshal

func (m *SetScopeRequest) Unmarshal(dAtA []byte) error

type SetScopeResponse

type SetScopeResponse struct {
}

func (*SetScopeResponse) Descriptor

func (*SetScopeResponse) Descriptor() ([]byte, []int)

func (*SetScopeResponse) Marshal

func (m *SetScopeResponse) Marshal() (dAtA []byte, err error)

func (*SetScopeResponse) MarshalTo

func (m *SetScopeResponse) MarshalTo(dAtA []byte) (int, error)

func (*SetScopeResponse) ProtoMessage

func (*SetScopeResponse) ProtoMessage()

func (*SetScopeResponse) Reset

func (m *SetScopeResponse) Reset()

func (*SetScopeResponse) Size

func (m *SetScopeResponse) Size() (n int)

func (*SetScopeResponse) String

func (m *SetScopeResponse) String() string

func (*SetScopeResponse) Unmarshal

func (m *SetScopeResponse) Unmarshal(dAtA []byte) error

type TokenInfo added in v1.7.0

type TokenInfo struct {
	// Subject (i.e. Pachyderm account) that a given token authorizes. Prefixed
	// with "github:" or "robot:" to distinguish the two classes of
	// Subject in Pachyderm
	Subject string                `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	Source  TokenInfo_TokenSource `protobuf:"varint,2,opt,name=source,proto3,enum=auth.TokenInfo_TokenSource" json:"source,omitempty"`
}

TokenInfo is the 'value' of an auth token 'key' in the 'tokens' collection

func (*TokenInfo) Descriptor added in v1.7.0

func (*TokenInfo) Descriptor() ([]byte, []int)

func (*TokenInfo) GetSource added in v1.7.0

func (m *TokenInfo) GetSource() TokenInfo_TokenSource

func (*TokenInfo) GetSubject added in v1.7.0

func (m *TokenInfo) GetSubject() string

func (*TokenInfo) Marshal added in v1.7.0

func (m *TokenInfo) Marshal() (dAtA []byte, err error)

func (*TokenInfo) MarshalTo added in v1.7.0

func (m *TokenInfo) MarshalTo(dAtA []byte) (int, error)

func (*TokenInfo) ProtoMessage added in v1.7.0

func (*TokenInfo) ProtoMessage()

func (*TokenInfo) Reset added in v1.7.0

func (m *TokenInfo) Reset()

func (*TokenInfo) Size added in v1.7.0

func (m *TokenInfo) Size() (n int)

func (*TokenInfo) String added in v1.7.0

func (m *TokenInfo) String() string

func (*TokenInfo) Unmarshal added in v1.7.0

func (m *TokenInfo) Unmarshal(dAtA []byte) error

type TokenInfo_TokenSource added in v1.7.0

type TokenInfo_TokenSource int32
const (
	TokenInfo_INVALID      TokenInfo_TokenSource = 0
	TokenInfo_AUTHENTICATE TokenInfo_TokenSource = 1
	TokenInfo_GET_TOKEN    TokenInfo_TokenSource = 2
)

func (TokenInfo_TokenSource) EnumDescriptor added in v1.7.0

func (TokenInfo_TokenSource) EnumDescriptor() ([]byte, []int)

func (TokenInfo_TokenSource) String added in v1.7.0

func (x TokenInfo_TokenSource) String() string

type WhoAmIRequest

type WhoAmIRequest struct {
}

func (*WhoAmIRequest) Descriptor

func (*WhoAmIRequest) Descriptor() ([]byte, []int)

func (*WhoAmIRequest) Marshal

func (m *WhoAmIRequest) Marshal() (dAtA []byte, err error)

func (*WhoAmIRequest) MarshalTo

func (m *WhoAmIRequest) MarshalTo(dAtA []byte) (int, error)

func (*WhoAmIRequest) ProtoMessage

func (*WhoAmIRequest) ProtoMessage()

func (*WhoAmIRequest) Reset

func (m *WhoAmIRequest) Reset()

func (*WhoAmIRequest) Size

func (m *WhoAmIRequest) Size() (n int)

func (*WhoAmIRequest) String

func (m *WhoAmIRequest) String() string

func (*WhoAmIRequest) Unmarshal

func (m *WhoAmIRequest) Unmarshal(dAtA []byte) error

type WhoAmIResponse

type WhoAmIResponse struct {
	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
	IsAdmin  bool   `protobuf:"varint,2,opt,name=is_admin,json=isAdmin,proto3" json:"is_admin,omitempty"`
}

func (*WhoAmIResponse) Descriptor

func (*WhoAmIResponse) Descriptor() ([]byte, []int)

func (*WhoAmIResponse) GetIsAdmin added in v1.6.0

func (m *WhoAmIResponse) GetIsAdmin() bool

func (*WhoAmIResponse) GetUsername

func (m *WhoAmIResponse) GetUsername() string

func (*WhoAmIResponse) Marshal

func (m *WhoAmIResponse) Marshal() (dAtA []byte, err error)

func (*WhoAmIResponse) MarshalTo

func (m *WhoAmIResponse) MarshalTo(dAtA []byte) (int, error)

func (*WhoAmIResponse) ProtoMessage

func (*WhoAmIResponse) ProtoMessage()

func (*WhoAmIResponse) Reset

func (m *WhoAmIResponse) Reset()

func (*WhoAmIResponse) Size

func (m *WhoAmIResponse) Size() (n int)

func (*WhoAmIResponse) String

func (m *WhoAmIResponse) String() string

func (*WhoAmIResponse) Unmarshal

func (m *WhoAmIResponse) Unmarshal(dAtA []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL