iauth

package

v0.0.0-...-dd0c44f Latest Latest Go to latest Published: Dec 7, 2022 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

Authentication Plug-In

Both ProxyFS itself and each PFSAgent client access Swift Accounts, Containers, and Objects directly. PFSAgent, potentially residing outside a Swift cluster's trust domain, will use normal OpenStack Swift methods for such access. This access must be authorized by means of obtaining an AuthToken. ProxyFS, if not configured alongside a so-called NoAuth Swift Proxy, will also need the same. Even in Swift clusters have a NoAuth Swift Proxy configured, ProxyFS will, from time to time, validate PFSAgent client access by testing their AuthToken locally as well.

While many Swift clusters implement authorization via Swift Proxy pipeline filters that honor the OpenStack Swift convention, some clusters may require alternate authorization mechanisms. To support any such authorization solution, a Golang Plug-In mechanism is employed.

A standard OpenStack Swift Plug-In is provided (see subdirectory iauth-swift) that may either be used for clusters honoring the OpenStack Swift authorization convention or as a template for development of any particular authorization solution. The only requirements are that:

The plug-in's location is provided this iauth package
Credentials to be authorized are provided in a single string (possibly a JSON document)
The plug-in returns both a Swift AuthToken and StorageURL (or an error)
The StorageURL has been properly modified as necessary to ensure
- the proper transport (scheme) is used (i.e. either "http" or "https")
- the specified Account, if necessary, has been substituted
- the specified Container has been appended

Documentation ¶

Index ¶

func PerformAuth(authPlugInPath string, authInString string) (authToken string, storageURL string, err error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func PerformAuth ¶

func PerformAuth(authPlugInPath string, authInString string) (authToken string, storageURL string, err error)

PerformAuth accepts a path to an Auth PlugIn and a string to pass to a func also named PerformAuth requesting it to perform the necessary authorization.

The return from the Auth PlugIn's PerformAuth func is simply returned to the caller of this func.

Types ¶

This section is empty.

Source Files ¶

View all Source files

api.go

Directories ¶

Path	Synopsis
iauth-swift

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL