Documentation
¶
Index ¶
- Constants
- type Access
- type AccessBuilder
- type AccessContext
- type Authentication
- type AuthenticationManager
- type Authenticator
- type AuthenticatorRegistration
- type AuthenticatorRegistry
- type Authorization
- type AuthorizationManager
- type Authorizer
- type AuthorizerRegistration
- type AuthorizerRegistry
- type ComplexPermissionRegistration
- type Configurer
- type Context
- type DefaultSecurityAccess
- func (inst *DefaultSecurityAccess) GetContext() context.Context
- func (inst *DefaultSecurityAccess) GetPermission() Permission
- func (inst *DefaultSecurityAccess) GetRoles() users.Roles
- func (inst *DefaultSecurityAccess) GetSubject() Subject
- func (inst *DefaultSecurityAccess) Init(ac *AccessContext) SecurityAccess
- func (inst *DefaultSecurityAccess) Method() string
- func (inst *DefaultSecurityAccess) Params() map[string]string
- func (inst *DefaultSecurityAccess) Path() string
- func (inst *DefaultSecurityAccess) PathPattern() string
- func (inst *DefaultSecurityAccess) SetPermission(p Permission)
- func (inst *DefaultSecurityAccess) SetRoles(roles users.Roles)
- func (inst *DefaultSecurityAccess) SetSubject(s Subject)
- type Holder
- type Identity
- type IdentityBuilder
- type Permission
- type PermissionLoader
- type PermissionLoaderFactory
- type PermissionManager
- type PermissionRegistry
- type PermissionTemplate
- type PermissionTemplateFactory
- type SecurityAccess
- type SecurityContext
- type Session
- type SessionAdapter
- type SessionAdapterFactory
- type SessionFactory
- type SessionLoader
- type SessionProvider
- type SessionProviderRegistration
- type SessionProviderRegistry
- type SessionSerializer
- type SessionTransaction
- type SimplePermissionRegistration
- type Subject
- type SubjectManager
- type UserGroup
Constants ¶
View Source
const ( SessionFieldUserID = "user_id" SessionFieldUserUUID = "user_uuid" SessionFieldUserName = "user_name" SessionFieldDisplayName = "display_name" SessionFieldRoles = "roles" SessionFieldPhone = "phone" SessionFieldEmail = "email" SessionFieldAvatar = "avatar" SessionFieldAuthenticated = "authenticated" SessionFieldCreatedAt = "created_at" SessionFieldUpdatedAt = "updated_at" )
定义会话中包含的基本字段
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Access ¶
type Access interface {
Method() string
Path() string
PathPattern() string
Params() map[string]string
}
Access 访问参数
type AccessBuilder ¶ added in v0.1.3
AccessBuilder ...
func (*AccessBuilder) Create ¶ added in v0.1.3
func (inst *AccessBuilder) Create() Access
type AccessContext ¶ added in v0.1.3
type AccessContext struct {
Access Access
Adapter SessionAdapter
Context context.Context
Permission Permission
Roles users.Roles
SecurityAccess SecurityAccess
SecurityContext SecurityContext
Session Session
Subject Subject
}
AccessContext 会话上下文
type Authentication ¶
Authentication 身份验证请求
type AuthenticationManager ¶
type AuthenticationManager interface {
Authenticate(ctx context.Context, a Authentication) (Identity, error)
}
AuthenticationManager 验证管理器
type Authenticator ¶
type Authenticator interface {
Supports(ctx context.Context, a Authentication) bool
Verify(ctx context.Context, a Authentication) (Identity, error)
}
Authenticator 身份验证器
type AuthenticatorRegistration ¶
type AuthenticatorRegistration struct {
Name string // 名称是全局唯一的
Mechanism string // 多个 Authenticator 可以支持同一种机制
Authenticator Authenticator
}
AuthenticatorRegistration 身份验证器注册项
type AuthenticatorRegistry ¶
type AuthenticatorRegistry interface {
GetRegistrationList() []*AuthenticatorRegistration
}
AuthenticatorRegistry 身份验证器注册器 【inject:".keeper-authenticator-registry"】
type AuthorizationManager ¶
type AuthorizationManager interface {
Authorize(ctx context.Context) error
ListAuthorizers() []Authorizer
}
AuthorizationManager 授权管理器
type Authorizer ¶
type Authorizer interface {
Authorize(ctx context.Context, a Authorization) error
}
Authorizer 授权者
type AuthorizerRegistration ¶
type AuthorizerRegistration struct {
Name string
Scope string // ["session","access","all"]
Enabled bool
Authorizer Authorizer
}
AuthorizerRegistration 授权者注册项
type AuthorizerRegistry ¶
type AuthorizerRegistry interface {
GetRegistrationList() []*AuthorizerRegistration
}
AuthorizerRegistry 授权者注册器 【inject:".keeper-authorizer-registry"】
type ComplexPermissionRegistration ¶ added in v0.1.3
type ComplexPermissionRegistration struct {
Methods []string // 操作方法表达式
Paths []string // 路径模板表达式
Roles []users.Role // 操作角色表达式
Enabled bool
LoaderFactorySelector string
TemplateFactorySelector string
Loader PermissionLoader // 注册时如果为nil,就使用默认的处理器
Template PermissionTemplate // 注册时如果为nil,就使用默认的处理器
}
ComplexPermissionRegistration 复合的身份验证器注册项
type Configurer ¶
Configurer 用来配置keeper上下文 【inject:".keeper-configurer"】
type Context ¶
type Context struct {
Authentications AuthenticationManager
Authorizations AuthorizationManager
Subjects SubjectManager
Permissions PermissionManager
SessionProvider SessionProvider
}
Context 安全上下文
func (*Context) GetAuthentications ¶
func (inst *Context) GetAuthentications() AuthenticationManager
func (*Context) GetAuthorizations ¶
func (inst *Context) GetAuthorizations() AuthorizationManager
func (*Context) GetPermissions ¶ added in v0.1.1
func (inst *Context) GetPermissions() PermissionManager
func (*Context) GetSessionProvider ¶
func (inst *Context) GetSessionProvider() SessionProvider
func (*Context) GetSubjects ¶
func (inst *Context) GetSubjects() SubjectManager
type DefaultSecurityAccess ¶ added in v0.1.3
type DefaultSecurityAccess struct {
AccessContext *AccessContext
Access Access
}
DefaultSecurityAccess ...
func (*DefaultSecurityAccess) GetContext ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) GetContext() context.Context
func (*DefaultSecurityAccess) GetPermission ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) GetPermission() Permission
func (*DefaultSecurityAccess) GetRoles ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) GetRoles() users.Roles
func (*DefaultSecurityAccess) GetSubject ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) GetSubject() Subject
func (*DefaultSecurityAccess) Init ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) Init(ac *AccessContext) SecurityAccess
func (*DefaultSecurityAccess) Method ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) Method() string
func (*DefaultSecurityAccess) Params ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) Params() map[string]string
func (*DefaultSecurityAccess) Path ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) Path() string
func (*DefaultSecurityAccess) PathPattern ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) PathPattern() string
func (*DefaultSecurityAccess) SetPermission ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) SetPermission(p Permission)
func (*DefaultSecurityAccess) SetRoles ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) SetRoles(roles users.Roles)
func (*DefaultSecurityAccess) SetSubject ¶ added in v0.1.3
func (inst *DefaultSecurityAccess) SetSubject(s Subject)
type Holder ¶
type Holder struct {
// contains filtered or unexported fields
}
Holder 持有会话相关的对象
func (*Holder) GetAccessContext ¶ added in v0.1.3
func (inst *Holder) GetAccessContext() *AccessContext
GetAccessContext 获取会话上下文,如果没有就新建一个
type Identity ¶
type Identity interface {
Avatar() string
Email() string
Nickname() string
Roles() users.Roles
UserID() users.UserID
UserName() users.UserName
UserUUID() users.UserUUID
}
Identity 身份
type IdentityBuilder ¶ added in v0.1.3
type IdentityBuilder struct {
Avatar string
Email string
Nickname string
Roles users.Roles
UserID users.UserID
UserName users.UserName
UserUUID users.UserUUID
}
IdentityBuilder 用来创建一个简单的身份信息
func (*IdentityBuilder) Identity ¶ added in v0.1.3
func (inst *IdentityBuilder) Identity() Identity
Identity 创建一个简单的身份信息
type Permission ¶ added in v0.1.1
type Permission interface {
Method() string
Path() string
Owner() Identity
Friends() UserGroup
Template() PermissionTemplate
IsOwner(user Identity) bool
IsFriend(user Identity) bool
AcceptUser(user Identity) bool
AcceptRole(role users.Role) bool
AcceptRoles(roles users.Roles) bool
}
Permission 表示一个许可实例 (路径中不带参数)
type PermissionLoader ¶ added in v0.1.3
type PermissionLoader interface {
Load(template PermissionTemplate, params map[string]string) (Permission, error)
}
PermissionLoader 表示一个许可加载器
type PermissionLoaderFactory ¶ added in v0.1.3
type PermissionLoaderFactory interface {
CreateLoader(spr *SimplePermissionRegistration) (PermissionLoader, error)
}
PermissionLoaderFactory 表示一个许可加载器工厂
type PermissionManager ¶ added in v0.1.1
type PermissionManager interface {
FindTemplate(ctx context.Context, a Access) (PermissionTemplate, error)
}
PermissionManager 许可管理器
type PermissionRegistry ¶ added in v0.1.1
type PermissionRegistry interface {
GetRegistrationList() []*ComplexPermissionRegistration
}
PermissionRegistry 许可注册器 【inject:".keeper-permission-registry"】
type PermissionTemplate ¶ added in v0.1.3
type PermissionTemplate interface {
Method() string
PathPattern() string
AcceptRole(role users.Role) bool
AcceptRoles(roles users.Roles) bool
LoadPermission(params map[string]string) (Permission, error)
}
PermissionTemplate 表示一个许可模板 (路径中带参数)
type PermissionTemplateFactory ¶ added in v0.1.3
type PermissionTemplateFactory interface {
CreateTemplate(spr *SimplePermissionRegistration) (PermissionTemplate, error)
}
PermissionTemplateFactory 表示一个许可模板工厂
type SecurityAccess ¶ added in v0.1.3
type SecurityAccess interface {
Access
GetContext() context.Context
GetSubject() Subject
GetPermission() Permission
// Session.GetRoles() 和 Access.GetRoles() 分别代表两个作用域的角色,
// Session > Access
GetRoles() users.Roles
SetRoles(roles users.Roles)
SetSubject(s Subject)
SetPermission(p Permission)
}
SecurityAccess 安全的访问参数
type SecurityContext ¶
type SecurityContext interface {
GetAuthentications() AuthenticationManager
GetAuthorizations() AuthorizationManager
GetSubjects() SubjectManager
GetPermissions() PermissionManager
GetSessionProvider() SessionProvider
}
SecurityContext 安全上下文接口
type Session ¶
type Session interface {
// Session.GetRoles() 和 Access.GetRoles() 分别代表两个作用域的角色,
// Session > Access
GetRoles() users.Roles
GetIdentity() Identity
IsAuthenticated() bool
// 可持久化的属性
Properties() collection.Properties
SetRoles(roles users.Roles)
SetIdentity(ident Identity)
SetAuthenticated(a bool)
BeginTransaction() SessionTransaction
}
Session 会话
type SessionAdapter ¶
SessionAdapter 会话适配器
type SessionAdapterFactory ¶
type SessionAdapterFactory interface {
Create(ctx context.Context) (SessionAdapter, error)
}
SessionAdapterFactory 会话适配器工厂
type SessionFactory ¶
type SessionFactory interface {
Create(ctx context.Context, adapter SessionAdapter) (Session, error)
}
SessionFactory 会话工厂
type SessionLoader ¶
SessionLoader 会话加载器
type SessionProvider ¶
type SessionProvider interface {
GetSessionFactory() SessionFactory
GetAdapterFactory() SessionAdapterFactory
}
SessionProvider 会话提供商
type SessionProviderRegistration ¶
type SessionProviderRegistration struct {
Name string
Provider SessionProvider
}
SessionProviderRegistration 会话提供商注册项
type SessionProviderRegistry ¶
type SessionProviderRegistry interface {
GetRegistrationList() []*SessionProviderRegistration
}
SessionProviderRegistry 会话提供商注册器 【inject:".keeper-session-provider-registry"】
type SessionSerializer ¶
SessionSerializer 会话存储器
type SessionTransaction ¶
SessionTransaction 表示一个会话的事务
type SimplePermissionRegistration ¶ added in v0.1.3
type SimplePermissionRegistration struct {
Method string // 操作方法表达式
PathPattern string // 路径模板表达式
Roles []users.Role // 操作角色表达式
Enabled bool
LoaderFactorySelector string
TemplateFactorySelector string
Loader PermissionLoader // 注册时如果为nil,就使用默认的处理器
Template PermissionTemplate // 注册时如果为nil,就使用默认的处理器
}
SimplePermissionRegistration 简单的身份验证器注册项
type Subject ¶
type Subject interface {
GetSession(create bool) (Session, error)
IsAuthenticated() bool
SetSession(s Session)
SetAuthenticated(authenticated bool)
Login(ctx context.Context, a Authentication) (Identity, error)
Logout(ctx context.Context) error
Authorize(ctx context.Context) error
HasPermission(ctx context.Context) bool
}
Subject 代表操作的主体
type SubjectManager ¶
SubjectManager 主体管理器 【inject:"#keeper-subject-manager"】
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.