Documentation ¶
Index ¶
Constants ¶
const ( // Global Error Codes InternalServerError = 20000 ForbiddenAccess = 20002 TokenIsExpired = 20003 InsufficientPermissions = 20004 InsufficientScope = 20005 TokenIsNotUserToken = 20006 )
const (
// ClaimsAttribute is the key for JWT claims stored in the request
ClaimsAttribute = "ICJWTClaims"
)
Variables ¶
var DevStackTraceable bool
var ErrorCodeMapping = map[int]string{ InternalServerError: "internal server error", UnauthorizedAccess: "unauthorized access", ForbiddenAccess: "forbidden access", InsufficientPermissions: "insufficient permissions", InsufficientScope: "insufficient scope", TokenIsNotUserToken: "token is not user token", TokenIsExpired: "token is expired", }
Functions ¶
func ActionConverter ¶
ActionConverter convert IC action bit to human-readable
func RetrieveJWTClaims ¶
func RetrieveJWTClaims(request *restful.Request) *ic.JWTClaims
RetrieveJWTClaims is a convenience function to retrieve JWT claims from restful.Request. Warning: the claims can be nil if the request wasn't filtered through Auth()
Types ¶
type ErrorResponse ¶
type ErrorResponse struct { ErrorCode int `json:"errorCode"` ErrorMessage string `json:"errorMessage"` }
ErrorResponse is the generic structure for communicating errors from a REST endpoint.
type Filter ¶
type Filter struct {
// contains filtered or unexported fields
}
Filter handles auth using filter
func (*Filter) Auth ¶
func (filter *Filter) Auth(opts ...FilterOption) restful.FilterFunction
Auth returns a filter that filters request with valid access token in auth header or cookie The token's claims will be passed in the request.attributes["ICJWTClaims"] = *ic.JWTClaims{} This filter is expandable through FilterOption parameter Example: ic.Auth(
WithValidUser(), WithPermission("ADMIN"),
)
func (*Filter) PublicAuth ¶
func (filter *Filter) PublicAuth(opts ...FilterOption) restful.FilterFunction
PublicAuth returns a filter that allow unauthenticated request and request with valid access token in auth header or cookie If request has access token, the token's claims will be passed in the request.attributes["ICJWTClaims"] = *ic.JWTClaims{} If request has invalid access token, then request treated as public access without claims This filter is expandable through FilterOption parameter Example: ic.PublicAuth(
WithValidUser(), WithPermission("ADMIN"),
)
type FilterInitializationOptions ¶
type FilterInitializationOptions struct { }
FilterInitializationOptions hold options for Filter during initialization
type FilterOption ¶
type FilterOption func(req *restful.Request, icClient ic.Client, claims *ic.JWTClaims) error
FilterOption extends the basic auth filter functionality
func WithPermission ¶
func WithPermission(permission *ic.Permission) FilterOption
WithPermission filters request with valid permission only
func WithValidUser ¶
func WithValidUser() FilterOption
WithValidUser filters request with valid user only