userlist

package

v0.0.0-...-6c3212e Latest Latest Go to latest Published: Mar 6, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/choria-io/aaasvc

Links

Open Source Insights

Documentation ¶

Overview ¶

Package userlist provide a static configuration based authentication system

Each user has a set of ACLs that are applied to the generated token, ACL strings have to comply with the signer you choose, refer to signer documentation for details.

Index ¶

type Authenticator
- func New(c *AuthenticatorConfig, log *logrus.Entry, site string) (a *Authenticator, err error)
- func (a *Authenticator) Login(req *models.LoginRequest) (resp *models.LoginResponse)
type AuthenticatorConfig
type User
- func (u *User) OpenPolicy() (policy string, err error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authenticator ¶

type Authenticator struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Authenticator is a authenticator with a basic fixed list of users and bcrypt encrypted passwords

func New ¶

func New(c *AuthenticatorConfig, log *logrus.Entry, site string) (a *Authenticator, err error)

New creates an instance of the authenticator

func (a *Authenticator) Login(req *models.LoginRequest) (resp *models.LoginResponse)

Login logs someone in using a configured user list

type AuthenticatorConfig ¶

type AuthenticatorConfig struct {
	Users         []*User `json:"users"`
	UsersFile     string  `json:"users_file"`
	TokenValidity string  `json:"validity"`
	SigningKey    string  `json:"signing_key"`
	// when set will issue users as a chained signer using this token, the signing key must then be ed25519
	SigningToken string `json:"signing_token"`
}

AuthenticatorConfig configures the user/pass authenticator

type User ¶

type User struct {
	// Username in plain text
	Username string `json:"username"`

	// Password is a bcrypted password
	Password string `json:"password"`

	// Organization is a org name the user belongs to
	Organization string `json:"organization"`

	// ACLs are for the action list authorizer
	ACLs []string `json:"acls"`

	// OPAPolicy is a string holding a Open Policy Agent rego policy
	OPAPolicy string `json:"opa_policy"`

	// OPAPolicyFile is the path to a rego file to embed as the policy for this user
	OPAPolicyFile string `json:"opa_policy_file"`

	// Properties are free form additional information to add about a user, this can be
	// referenced later in a signer or other systems, mostly unused by core choria features atm
	Properties map[string]string `json:"properties"`

	// Permissions are additional abilities assigned to the user over and above basic Choria access
	// use these to allow Streams admin using JWT auth for example
	Permissions *tokens.ClientPermissions `json:"broker_permissions"`

	sync.Mutex
}

User is a choria user

func (*User) OpenPolicy ¶

func (u *User) OpenPolicy() (policy string, err error)

OpenPolicy retrieves the OPA Policy either from `OPAPolicy` or by reading the file in `OPAPolicyFile`

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Documentation ¶

Overview ¶

Index ¶

Constants ¶

Variables ¶

Functions ¶

Types ¶

type Authenticator ¶

func New ¶

func (*Authenticator) Login ¶

type AuthenticatorConfig ¶

type User ¶

func (*User) OpenPolicy ¶

Source Files ¶