Documentation ¶
Overview ¶
Package cel contains the CEL related interfaces and structs for authentication.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CELMapper ¶
type CELMapper struct { Username ClaimsMapper Groups ClaimsMapper UID ClaimsMapper Extra ClaimsMapper ClaimValidationRules ClaimsMapper UserValidationRules UserMapper }
CELMapper is a struct that holds the compiled expressions for username, groups, uid, extra, claimValidation and userValidation
type ClaimMappingExpression ¶
type ClaimMappingExpression struct {
Expression string
}
ClaimMappingExpression is a CEL expression that maps a claim.
func (*ClaimMappingExpression) GetExpression ¶
func (v *ClaimMappingExpression) GetExpression() string
GetExpression returns the CEL expression.
func (*ClaimMappingExpression) ReturnTypes ¶
func (v *ClaimMappingExpression) ReturnTypes() []*celgo.Type
ReturnTypes returns the CEL expression return types.
type ClaimValidationCondition ¶
ClaimValidationCondition is a CEL expression that validates a claim.
func (*ClaimValidationCondition) GetExpression ¶
func (v *ClaimValidationCondition) GetExpression() string
GetExpression returns the CEL expression.
func (*ClaimValidationCondition) ReturnTypes ¶
func (v *ClaimValidationCondition) ReturnTypes() []*celgo.Type
ReturnTypes returns the CEL expression return types.
type ClaimsMapper ¶
type ClaimsMapper interface { // EvalClaimMapping evaluates the given claim mapping expression and returns a EvaluationResult. // This is used for username, groups and uid claim mapping that contains a single expression. EvalClaimMapping(ctx context.Context, claims *unstructured.Unstructured) (EvaluationResult, error) // EvalClaimMappings evaluates the given expressions and returns a list of EvaluationResult. // This is used for extra claim mapping and claim validation that contains a list of expressions. EvalClaimMappings(ctx context.Context, claims *unstructured.Unstructured) ([]EvaluationResult, error) }
ClaimsMapper provides a CEL expression mapper configured with the claims CEL variable.
func NewClaimsMapper ¶
func NewClaimsMapper(compilationResults []CompilationResult) ClaimsMapper
NewClaimsMapper returns a new ClaimsMapper.
type CompilationResult ¶
type CompilationResult struct { Program celgo.Program AST *celgo.Ast ExpressionAccessor ExpressionAccessor }
CompilationResult represents a compiled validations expression.
type Compiler ¶
type Compiler interface { CompileClaimsExpression(expressionAccessor ExpressionAccessor) (CompilationResult, error) CompileUserExpression(expressionAccessor ExpressionAccessor) (CompilationResult, error) }
Compiler provides a CEL expression compiler configured with the desired authentication related CEL variables.
func NewCompiler ¶
func NewCompiler(env *environment.EnvSet) Compiler
NewCompiler returns a new Compiler.
func NewDefaultCompiler ¶
func NewDefaultCompiler() Compiler
NewDefaultCompiler returns a new Compiler following the default compatibility version. Note: the compiler construction depends on feature gates and the compatibility version to be initialized.
type EvaluationResult ¶
type EvaluationResult struct { EvalResult ref.Val ExpressionAccessor ExpressionAccessor }
EvaluationResult contains the minimal required fields and metadata of a cel evaluation
type ExpressionAccessor ¶
ExpressionAccessor is an interface that provides access to a CEL expression.
type ExtraMappingExpression ¶
ExtraMappingExpression is a CEL expression that maps an extra to a list of values.
func (*ExtraMappingExpression) GetExpression ¶
func (v *ExtraMappingExpression) GetExpression() string
GetExpression returns the CEL expression.
func (*ExtraMappingExpression) ReturnTypes ¶
func (v *ExtraMappingExpression) ReturnTypes() []*celgo.Type
ReturnTypes returns the CEL expression return types.
type UserMapper ¶
type UserMapper interface { // EvalUser evaluates the given user expressions and returns a list of EvaluationResult. // This is used for user validation that contains a list of expressions. EvalUser(ctx context.Context, userInfo *unstructured.Unstructured) ([]EvaluationResult, error) }
UserMapper provides a CEL expression mapper configured with the user CEL variable.
func NewUserMapper ¶
func NewUserMapper(compilationResults []CompilationResult) UserMapper
NewUserMapper returns a new UserMapper.
type UserValidationCondition ¶
UserValidationCondition is a CEL expression that validates a User.
func (*UserValidationCondition) GetExpression ¶
func (v *UserValidationCondition) GetExpression() string
GetExpression returns the CEL expression.
func (*UserValidationCondition) ReturnTypes ¶
func (v *UserValidationCondition) ReturnTypes() []*celgo.Type
ReturnTypes returns the CEL expression return types.