Documentation ¶
Overview ¶
Package identity defines Identity type and related types and constants. Identity represents a caller that makes requests.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var KnownKinds = map[Kind]*regexp.Regexp{ Anonymous: regexp.MustCompile(`^anonymous$`), Bot: regexp.MustCompile(`^[0-9a-zA-Z_\-\.@]+$`), Project: regexp.MustCompile(`^[a-z0-9\-_]+$`), Service: regexp.MustCompile(`^[0-9a-zA-Z_\-\:\.]+$`), User: regexp.MustCompile(`^[0-9a-zA-Z_\-\.\+\%]+@[0-9a-zA-Z_\-\.]+$`), }
KnownKinds is mapping between Kind and regexp for identity values.
See also appengine/components/components/auth/model.py in luci-py.
Functions ¶
This section is empty.
Types ¶
type Glob ¶
type Glob string
Glob is glob like pattern that matches identity strings of some kind.
It is a string of the form "kind:<pattern>" where 'kind' is one of Kind constants and 'pattern' is a wildcard pattern to apply to identity name.
The only supported glob syntax is '*', which matches zero or more characters.
Case sensitive. Doesn't support multi-line strings or patterns. There's no way to match '*' itself.
func MakeGlob ¶
MakeGlob ensures 'glob' string looks like a valid identity glob and returns it as Glob value.
func (Glob) Kind ¶
Kind returns identity glob kind. If identity glob string is invalid returns Anonymous.
func (Glob) Match ¶
Match returns true if glob matches an identity. If identity string or identity glob string are invalid, returns false.
func (Glob) Pattern ¶
Pattern returns a pattern part of the identity glob. If the identity glob string is invalid returns empty string.
func (Glob) Preprocess ¶
Preprocess splits the glob into its kind and a regexp against identity names.
For example "user:*@example.com" => ("user", "^.*@example\.com$"). Returns an error if the glob is malformed.
type Identity ¶
type Identity string
Identity represents a caller that makes requests. A string of the form "kind:value" where 'kind' is one of Kind constant and meaning of 'value' depends on a kind (see comments for Kind values).
const AnonymousIdentity Identity = "anonymous:anonymous"
AnonymousIdentity represents anonymous user.
func MakeIdentity ¶
MakeIdentity ensures 'identity' string looks like a valid identity and returns it as Identity value.
func (Identity) AsNormalized ¶
func (id Identity) AsNormalized() NormalizedIdentity
AsNormalized returns the Identity as a NormalizedIdentity.
func (Identity) Email ¶
Email returns user's email for identity with kind User or empty string for all other identity kinds. If identity string is undefined returns "".
type Kind ¶
type Kind string
Kind is enumeration of known identity kinds. See Identity.
const ( // Anonymous kind means no identity information is provided. Identity value // is always 'anonymous'. Anonymous Kind = "anonymous" // Bot is used for bots authenticated via IP allowlist. Used primarily by // Swarming. Identity value encodes bot ID. Bot Kind = "bot" // Project is used to convey that the request from one LUCI project to another // is being made on behalf of some LUCI project. Identity value is project ID. Project Kind = "project" // Service is used for GAE apps using X-Appengine-Inbound-Appid header for // authentication. Identity value is GAE app id. Service Kind = "service" // User is used for regular users. Identity value is email address. User Kind = "user" )
type NormalizedIdentity ¶
type NormalizedIdentity string
NormalizedIdentity is similar to Identity, but for identities with 'kind' User, the 'value' component has been normalized. This is primarily to support case-insensitive checks.
func NewNormalizedIdentity ¶
func NewNormalizedIdentity(identity string) NormalizedIdentity
NewNormalizedIdentity creates a NormalizedIdentity from the given 'identity' string. Note: the returned NormalizedIdentity may be an invalid identity, as no validation occurs.