Documentation
¶
Overview ¶
Package authsec contains service specific code for the Authentication Security Collection Module
Index ¶
- func CheckAPIAccess(endpoint url.URL, method string, token *oauth2.Token) (bool, error)
- func NewServer(opts ...service.ServiceOption[Server]) collection.CollectionServer
- func WithAdditionalGRPCOpts(opts ...grpc.DialOption) service.ServiceOption[Server]
- func WithOAuth2Authorizer(config *clientcredentials.Config) service.ServiceOption[Server]
- type APIOAuthProtected
- type OAuthGrantTypes
- type Server
- func (srv *Server) Authorizer() clapi.Authorizer
- func (srv *Server) SetAuthorizer(auth clapi.Authorizer)
- func (s *Server) StartCollecting(_ context.Context, req *collection.StartCollectingRequest) (*collection.StartCollectingResponse, error)
- func (s *Server) StopCollecting(_ context.Context, _ *collection.StopCollectingRequest) (*emptypb.Empty, error)
- type Value
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckAPIAccess ¶
CheckAPIAccess calls a REST API endpoint, optionally using an OAuth Access token according to RFC 6750 Returns whether the request was sucessful, determined by the response code
func NewServer ¶
func NewServer(opts ...service.ServiceOption[Server]) collection.CollectionServer
func WithAdditionalGRPCOpts ¶
func WithAdditionalGRPCOpts(opts ...grpc.DialOption) service.ServiceOption[Server]
WithAdditionalGRPCOpts is an option to configure additional gRPC options.
func WithOAuth2Authorizer ¶ added in v0.2.0
func WithOAuth2Authorizer(config *clientcredentials.Config) service.ServiceOption[Server]
WithOAuth2Authorizer is an option to use an OAuth 2.0 authorizer
Types ¶
type APIOAuthProtected ¶ added in v0.2.0
type OAuthGrantTypes ¶
type OAuthGrantTypes struct {
GrantTypes []string `json:"grantTypes"`
IDTokenSigningAlgValuesSupported []string `json:"idTokenSigningAlgValuesSupported"`
UserinfoSigningAlgValuesSupported []string `json:"userinfoSigningAlgValuesSupported"`
RequestObjectSigningAlgValuesSupported []string `json:"requestObjectSigningAlgValuesSupported"`
TokenEndpointAuthSigningAlgValuesSupported []string `json:"tokenEndpointAuthSigningAlgValuesSupported"`
RevocationEndpointAuthSigningAlgValuesSupported []string `json:"revocationEndpointAuthSigningAlgValuesSupported"`
IntrospectionEndpointAuthSigningAlgValuesSupported []string `json:"introspectionEndpointAuthSigningAlgValuesSupported"`
IDTokenEncryptionAlgValuesSupported []string `json:"idTokenEncryptionAlgValuesSupported"`
IDTokenEncryptionEncValuesSupported []string `json:"idTokenEncryptionEncValuesSupported"`
UserinfoEncryptionAlgValuesSupported []string `json:"userinfoEncryptionAlgValuesSupported"`
UserinfoEncryptionEncValuesSupported []string `json:"userinfoEncryptionEncValuesSupported"`
RequestObjectEncryptionAlgValuesSupported []string `json:"requestObjectEncryptionAlgValuesSupported"`
RequestObjectEncryptionEncValuesSupported []string `json:"requestObjectEncryptionEncValuesSupported"`
}
type Server ¶ added in v0.2.0
type Server struct {
collection.UnimplementedCollectionServer
// contains filtered or unexported fields
}
func (*Server) Authorizer ¶ added in v0.2.0
func (srv *Server) Authorizer() clapi.Authorizer
Authorizer implements UsesAuthorizer
func (*Server) SetAuthorizer ¶ added in v0.2.0
func (srv *Server) SetAuthorizer(auth clapi.Authorizer)
SetAuthorizer implements UsesAuthorizer
func (*Server) StartCollecting ¶ added in v0.2.0
func (s *Server) StartCollecting(_ context.Context, req *collection.StartCollectingRequest) (*collection.StartCollectingResponse, error)
func (*Server) StopCollecting ¶ added in v0.2.0
func (s *Server) StopCollecting(_ context.Context, _ *collection.StopCollectingRequest) (*emptypb.Empty, error)
type Value ¶
type Value struct {
// Clouditor's Resource properties ID and Types have to be set that Evaluation will not fail
voc.Resource
// OAuthGrantTypes metric properties
OAuthGrantTypes `json:"oAuth"`
// APIOAuthProtected metric properties
APIOAuthProtected `json:"apiOAuthProtected"`
}
Value represents the Value of an evidence in the case of the Authentication Security CM
Source Files
Click to show internal directories.
Click to hide internal directories.