gokontrol

package module

v0.0.0-...-13a25ec Latest Latest Go to latest Published: May 13, 2022 License: BSD-3-Clause Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/LibertusDio/go-kontrol

README ¶

go-kontrol

Documentation ¶

Index ¶

Variables
type CertForSign
type Certificate
type DefaultKontrol
type Kontrol
- func NewBasicKontrol(store KontrolStore) Kontrol
type KontrolOption
type KontrolStore
type Object
type ObjectPermission
type Policy
type Service

Constants ¶

This section is empty.

Variables ¶

View Source

var CommonError = commonerror{
	NOT_FOUND:            errors.New("not found"),
	OBJECT_NOT_FOUND:     errors.New("object not found"),
	PERMISSION_NOT_FOUND: errors.New("permission not found"),
	POLICY_NOT_FOUND:     errors.New("policy not found"),
	SERVICE_NOT_FOUND:    errors.New("service not found"),
	INVALID_TOKEN:        errors.New("invalid or expired token"),
	INVALID_SERVICE:      errors.New("invalid service"),
	INVALID_POLICY:       errors.New("invalid policy"),
	INVALID_OBJECT:       errors.New("invalid object"),
	MALFORM_PERMISSION:   errors.New("policy permission malform"),
}

View Source

var DefaultKontrolOption = KontrolOption{
	DefaultTimeout: 1800,
	SecretKey:      "",
}

Default config for kontrol

View Source

var ObjectPolicyStatus = objectpolicystatus{
	INIT:    "",
	ENABLE:  "enable",
	DISABLE: "disable",
	DEFAULT: "default",
}

View Source

var ObjectStatus = objectstatus{
	INIT:    "",
	ENABLE:  "enable",
	DISABLE: "disable",
}

View Source

var PolicyPermission = policypermission{
	ANY:   0,
	TRUE:  1,
	FALSE: 2,
}

Functions ¶

This section is empty.

Types ¶

type CertForSign ¶

type CertForSign struct {
	ID         string                     `json:"id"`
	GlobalID   string                     `json:"global_id"`
	ExternalID string                     `json:"external_id"`
	ServiceID  string                     `json:"service_id"`
	ExpiryDate int64                      `json:"expiry_date"`
	Attributes map[string]interface{}     `json:"attributes"`
	Permission map[string]map[string]bool `json:"permission"`
}

type Certificate ¶

type Certificate struct {
	CertForSign
	Token      string `json:"token"`
	ExpiryDate int64  `json:"expiry_date"`
}

type DefaultKontrol ¶

type DefaultKontrol struct {
	Option KontrolOption
	// contains filtered or unexported fields
}

DefaultKontrol simple Kontrol

func (DefaultKontrol) AddSimpleObjectWithDefaultPolicy ¶

func (k DefaultKontrol) AddSimpleObjectWithDefaultPolicy(ctx context.Context, externalid string, serviceid string, servicekey string) (*ObjectPermission, error)

AddSimpleObjectWithDefaultPolicy add object with default service schema

func (DefaultKontrol) CreateCert ¶

func (k DefaultKontrol) CreateCert(obj *Object, policy []*Policy, enforce []*Policy) (*CertForSign, string, error)

CreateCert create final cert then sign

func (DefaultKontrol) CreatePolicy ¶

func (k DefaultKontrol) CreatePolicy(ctx context.Context, servicekey string, policy *Policy) error

CreatePolicy create a policy

func (DefaultKontrol) IssueCertForClient ¶

func (k DefaultKontrol) IssueCertForClient(ctx context.Context, objID string, serID string) (*ObjectPermission, error)

IssueCertForClient issue cert for current time, does not authen, must be authen-ed beforehand

func (DefaultKontrol) IssueCertForService ¶

func (k DefaultKontrol) IssueCertForService(ctx context.Context, objID string, serID string) (*ObjectPermission, error)

IssueCertForService issue cert for issed time, does not authen, must be authen-ed beforehand

func (DefaultKontrol) UpdateObject ¶

func (k DefaultKontrol) UpdateObject(ctx context.Context, obj *Object, servicekey string) error

UpdateObject update Object info

func (DefaultKontrol) ValidateToken ¶

func (k DefaultKontrol) ValidateToken(c context.Context, token string, serviceid string) (*Object, error)

ValidateToken validate the given token

type Kontrol ¶

type Kontrol interface {
	ValidateToken(c context.Context, token string, serviceid string) (*Object, error)                                                        // validate if token existed, for tighter check, use IssueCertForService
	IssueCertForService(ctx context.Context, objID string, serID string) (*ObjectPermission, error)                                          // get client cert for service to store
	AddSimpleObjectWithDefaultPolicy(ctx context.Context, externalid string, serviceid string, servicekey string) (*ObjectPermission, error) //service create new object
	UpdateObject(ctx context.Context, obj *Object, servicekey string) error                                                                  //service update object
	CreateCert(obj *Object, policy []*Policy, enforce []*Policy) (*CertForSign, string, error)                                               // internal use, centralise function to issue permission
	CreatePolicy(ctx context.Context, servicekey string, policy *Policy) error                                                               // service create policy
	IssueCertForClient(ctx context.Context, objID string, serID string) (*ObjectPermission, error)                                           // issue cert for client when login success
}

func NewBasicKontrol ¶

func NewBasicKontrol(store KontrolStore) Kontrol

NewBasicKontrol simple Kontrol with default option, stores still have to be provided

type KontrolOption ¶

type KontrolOption struct {
	DefaultTimeout int64
	SecretKey      string
}

KontrolOption kontrol config options

type KontrolStore ¶

type KontrolStore interface {
	GetObjectByToken(c context.Context, token string, serviceid string, timestamp int64) (*Object, error)
	CreateObject(c context.Context, obj *Object) error
	UpdateObject(c context.Context, obj *Object) error
	GetObjectByID(c context.Context, id string) (*Object, error)
	GetObjectByExternalID(c context.Context, extid string, serviceid string) (*Object, error)
	GetPolicyByID(c context.Context, id string) (*Policy, error)
	CreatePolicy(c context.Context, policy *Policy) error
	GetServiceByID(c context.Context, id string) (*Service, error)
}

type Object ¶

type Object struct {
	ID          string
	GlobalID    string
	ExternalID  string
	ServiceID   string
	Status      string
	Attributes  map[string]interface{} // ignore for now, extension
	Token       string
	ExpiryDate  int64
	ApplyPolicy []*Policy
}

Object is basic entity

type ObjectPermission ¶

type ObjectPermission struct {
	Object     Object
	Permission map[string]map[string]bool
}

ObjectPermission Contains object and it's permission

type Policy ¶

type Policy struct {
	ID         string
	Name       string
	ServiceID  string
	Permission map[string]int
	Status     string
	ApplyFrom  int64
	ApplyTo    int64
}

type Service ¶

type Service struct {
	ID            string
	ServiceID     string
	Name          string
	Key           string
	Status        string
	ExpiryDate    int64
	DefaultPolicy []*Policy
	EnforcePolicy []*Policy
}

Service is a registered serviced

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
client
server
service

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL