Documentation

Overview

    Package filters contains all the http handler chain filters which _are_ api related, i.e. which are prerequisite for the API services to work (in contrast to the filters in the server package which are not part of the API contract).

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    func GetAuthorizerAttributes

    func GetAuthorizerAttributes(ctx request.Context) (authorizer.Attributes, error)

    func Unauthorized

    func Unauthorized(supportsBasicAuth bool) http.HandlerFunc

    func WithAudit

    func WithAudit(handler http.Handler, requestContextMapper request.RequestContextMapper, out io.Writer) http.Handler

      WithAudit decorates a http.Handler with audit logging information for all the requests coming to the server. If out is nil, no decoration takes place. Each audit log contains two entries: 1. the request line containing:

      - unique id allowing to match the response line (see 2)
      - source ip of the request
      - HTTP method being invoked
      - original user invoking the operation
      - impersonated user for the operation
      - namespace of the request or <none>
      - uri is the full URI as requested
      

      2. the response line containing:

      - the unique id from 1
      - response code
      

      func WithAuthentication

      func WithAuthentication(handler http.Handler, mapper genericapirequest.RequestContextMapper, auth authenticator.Request, failed http.Handler) http.Handler

        WithAuthentication creates an http handler that tries to authenticate the given request as a user, and then stores any such user found onto the provided context for the request. If authentication fails or returns an error the failed handler is used. On success, "Authorization" header is removed from the request and handler is invoked to serve the request.

        func WithAuthorization

        func WithAuthorization(handler http.Handler, requestContextMapper request.RequestContextMapper, a authorizer.Authorizer) http.Handler

          WithAuthorizationCheck passes all authorized requests on to handler, and returns a forbidden error otherwise.

          func WithImpersonation

          func WithImpersonation(handler http.Handler, requestContextMapper request.RequestContextMapper, a authorizer.Authorizer) http.Handler

            WithImpersonation is a filter that will inspect and check requests that attempt to change the user.Info for their requests

            func WithRequestInfo

            func WithRequestInfo(handler http.Handler, resolver *request.RequestInfoFactory, requestContextMapper request.RequestContextMapper) http.Handler

              WithRequestInfo attaches a RequestInfo to the context.

              Types

              This section is empty.