README
¶
cmsauth
Perform authentication and authorization actions used in CMS experiment on web frontend.
Documentation
¶
Index ¶
- Variables
- func CertExpire(certs []tls.Certificate) time.Time
- func GetCricData(rurl string, verbose bool) (map[string]CricEntry, error)
- func GetCricDataByKey(rurl, key string, verbose bool) (map[string]CricEntry, error)
- func HttpClient() *http.Client
- func ParseCric(fname string, verbose bool) (map[string]CricEntry, error)
- func ParseCricByKey(fname, key string, verbose bool) (map[string]CricEntry, error)
- func ReadToken(r string) string
- func TlsCerts() ([]tls.Certificate, error)
- type CMSAuth
- func (a *CMSAuth) CheckAuthnAuthz(header http.Header) bool
- func (a *CMSAuth) CheckCMSAuthz(header http.Header, role, group, site string) bool
- func (a *CMSAuth) GetHmac(r *http.Request, verbose bool) (string, error)
- func (a *CMSAuth) Init(afile string)
- func (a *CMSAuth) SetCMSHeaders(r *http.Request, userData map[string]interface{}, cricRecords CricRecords, ...)
- func (a *CMSAuth) SetCMSHeadersByKey(r *http.Request, userData map[string]interface{}, cricRecords CricRecords, ...)
- type CricEntry
- type CricRecords
- type StringList
- type TLSCertsManager
Constants ¶
This section is empty.
Variables ¶
var TIMEOUT int
TIMEOUT defines timeout for net/url request
var TLSCertsRenewInterval time.Duration
TLSCertsRenewInterval controls interval to re-read TLS certs (in seconds)
var Token string
Token defines access token location
var Verbose int
Verbose defines verbosity level
Functions ¶
func CertExpire ¶
func CertExpire(certs []tls.Certificate) time.Time
CertExpire gets minimum certificate expire from list of certificates
func GetCricData ¶
GetCricData downloads CRIC data
func GetCricDataByKey ¶
GetCricDataByKey downloads CRIC data
func ParseCricByKey ¶
ParseCricByKey allows to parse CRIC file use use provided key as a cric entry map
Types ¶
type CMSAuth ¶
type CMSAuth struct {
// contains filtered or unexported fields
}
CMSAuth is a generic type which holds auth. file and associated key
func (*CMSAuth) CheckAuthnAuthz ¶
CheckAuthnAuthz function performs Authentication and Authorization
func (*CMSAuth) CheckCMSAuthz ¶
CheckCMSAuthz function performs CMS Authorization based on provided role and group or site attributes
func (*CMSAuth) SetCMSHeaders ¶
func (a *CMSAuth) SetCMSHeaders(r *http.Request, userData map[string]interface{}, cricRecords CricRecords, verbose bool)
SetCMSHeaders sets HTTP headers for given http request based on on provider user and CRIC data
func (*CMSAuth) SetCMSHeadersByKey ¶
func (a *CMSAuth) SetCMSHeadersByKey(r *http.Request, userData map[string]interface{}, cricRecords CricRecords, key, method string, verbose bool)
SetCMSHeadersByKey sets HTTP headers for given http request based on on provider user and CRIC data
type CricEntry ¶
type CricEntry struct {
DN string `json:"DN"` // CRIC DN
DNs []string `json:"DNs"` // List of all DNs assigned to user
ID int64 `json:"ID"` // CRIC ID
Login string `json:"LOGIN"` // CRIC Login name
Name string `json:"NAME"` // CRIC user name
Roles map[string][]string `json:"ROLES"` // CRIC user roles
}
CricEntry represents structure in CRIC entry (used by CMS headers)
func GetCricEntries ¶
GetCricEntries downloads CRIC data
type StringList ¶
type StringList []string
StringList allows to sort string keys
func (StringList) Len ¶
func (s StringList) Len() int
func (StringList) Less ¶
func (s StringList) Less(i, j int) bool
func (StringList) Swap ¶
func (s StringList) Swap(i, j int)
type TLSCertsManager ¶
type TLSCertsManager struct {
Certs []tls.Certificate
Expire time.Time
}
TLSCertsManager holds TLS certificates for the server
func (*TLSCertsManager) GetCerts ¶
func (t *TLSCertsManager) GetCerts() ([]tls.Certificate, error)
GetCerts return fresh copy of certificates
Source Files