Documentation
¶
Index ¶
- Constants
- func AccessCredentials(token string) credentials.PerRPCCredentials
- func AuthenticateContext(ctx context.Context, key, secret string) context.Context
- func AuthorizeContext(ctx context.Context, token string) context.Context
- func BasicCredentials(key, secret string) credentials.PerRPCCredentials
- func GenES256Key() (pem []byte, err error)
- func GetBasicCredentials(ctx context.Context) (key, secret string, err error)
- func LoadECPrivateKey(pem []byte) (*ecdsa.PrivateKey, error)
- func MarshalJwkJSON(kid, alg string, key interface{}) ([]byte, error)
- func PublicCredentials() credentials.PerRPCCredentials
- type Authorizer
- func (a *Authorizer) Context(ctx context.Context) (context.Context, error)
- func (a *Authorizer) HandleStream(srv interface{}, stream grpc.ServerStream, info *grpc.StreamServerInfo, ...) error
- func (a *Authorizer) HandleUnary(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, ...) (interface{}, error)
- func (a *Authorizer) Verify(tok string) (*jwt.Token, error)
- type Claims
- type Mint
- type Opts
Constants ¶
const ( AUTH_HEADER = "authorization" BEARER_PREFIX = "Bearer " BASIC_PREFIX = "Basic " )
Variables ¶
This section is empty.
Functions ¶
func AccessCredentials ¶
func AccessCredentials(token string) credentials.PerRPCCredentials
AccessCredentials generates grpc credentials based on the access token string
func AuthenticateContext ¶
func BasicCredentials ¶
func BasicCredentials(key, secret string) credentials.PerRPCCredentials
AccessCredentials generates grpc credentials based on the access token string
func GenES256Key ¶
func GetBasicCredentials ¶
func LoadECPrivateKey ¶
func LoadECPrivateKey(pem []byte) (*ecdsa.PrivateKey, error)
func MarshalJwkJSON ¶
func PublicCredentials ¶
func PublicCredentials() credentials.PerRPCCredentials
EmptyCredentials generates grpc credentials that can be used to call unsecured methods such as authentication
Types ¶
type Authorizer ¶
type Authorizer struct {
// contains filtered or unexported fields
}
Authorizer verifies authorization for a RPC calls by intercepting request metadata
func NewAuthorizer ¶
func NewAuthorizer(opts Opts) (*Authorizer, error)
func (*Authorizer) Context ¶
Context validates the context's authorization params and populates claims if there is no error TODO rename to validate and rm returned ctx
func (*Authorizer) HandleStream ¶
func (a *Authorizer) HandleStream(srv interface{}, stream grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error
func (*Authorizer) HandleUnary ¶
func (a *Authorizer) HandleUnary(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error)
func (*Authorizer) Verify ¶
func (a *Authorizer) Verify(tok string) (*jwt.Token, error)
Verify checks a token string and returns a jwt.Token if valid
type Claims ¶
type Claims struct {
jwt.StandardClaims
Scope []string `json:"scope,omitempty"`
}
func ClaimsFromToken ¶
ClaimsFromToken reads the claims from a token string. It DOES NOT verify the signature
type Mint ¶
type Mint struct {
// contains filtered or unexported fields
}
TODO mint interface
func NewEC256Mint ¶
NewEC creates a new mint w/ a ES256 private key from a .pem file at the given path
Source Files