Documentation
¶
Overview ¶
Package grpc contains IAM authentication interceptors for gRPC servers.
Index ¶
- func BearerToken(ctx context.Context) (string, bool)
- func RequireAALStream(min int) googlegrpc.StreamServerInterceptor
- func RequireAALUnary(min int) googlegrpc.UnaryServerInterceptor
- func RequireAnyScopeStream(scopes ...string) googlegrpc.StreamServerInterceptor
- func RequireAnyScopeUnary(scopes ...string) googlegrpc.UnaryServerInterceptor
- func RequireScopesStream(scopes ...string) googlegrpc.StreamServerInterceptor
- func RequireScopesUnary(scopes ...string) googlegrpc.UnaryServerInterceptor
- func StreamServerInterceptor(auth sdk.Authenticator, opts ...Option) googlegrpc.StreamServerInterceptor
- func UnaryServerInterceptor(auth sdk.Authenticator, opts ...Option) googlegrpc.UnaryServerInterceptor
- type Option
- type TokenExtractor
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BearerToken ¶
BearerToken extracts authorization: Bearer token from incoming metadata.
func RequireAALStream ¶ added in v1.1.0
func RequireAALStream(min int) googlegrpc.StreamServerInterceptor
RequireAALStream is the streaming counterpart of RequireAALUnary.
func RequireAALUnary ¶ added in v1.1.0
func RequireAALUnary(min int) googlegrpc.UnaryServerInterceptor
RequireAALUnary admits a unary call only when the principal's assurance level is at least min (e.g. RequireAALUnary(2) demands a step-up/MFA session).
func RequireAnyScopeStream ¶ added in v1.1.0
func RequireAnyScopeStream(scopes ...string) googlegrpc.StreamServerInterceptor
RequireAnyScopeStream is the streaming counterpart of RequireAnyScopeUnary.
func RequireAnyScopeUnary ¶ added in v1.1.0
func RequireAnyScopeUnary(scopes ...string) googlegrpc.UnaryServerInterceptor
RequireAnyScopeUnary admits a unary call when the principal holds at least one of the listed scopes.
func RequireScopesStream ¶ added in v1.1.0
func RequireScopesStream(scopes ...string) googlegrpc.StreamServerInterceptor
RequireScopesStream is the streaming counterpart of RequireScopesUnary.
func RequireScopesUnary ¶ added in v1.1.0
func RequireScopesUnary(scopes ...string) googlegrpc.UnaryServerInterceptor
RequireScopesUnary admits a unary call only when the principal holds every listed scope. Chain after UnaryServerInterceptor.
func StreamServerInterceptor ¶
func StreamServerInterceptor(auth sdk.Authenticator, opts ...Option) googlegrpc.StreamServerInterceptor
StreamServerInterceptor authenticates streaming gRPC calls and stores Principal in the stream context.
func UnaryServerInterceptor ¶
func UnaryServerInterceptor(auth sdk.Authenticator, opts ...Option) googlegrpc.UnaryServerInterceptor
UnaryServerInterceptor authenticates unary gRPC calls and stores Principal in the handler context.
Types ¶
type Option ¶
type Option func(*options)
Option customizes gRPC interceptors.
func WithTokenExtractor ¶
func WithTokenExtractor(extractor TokenExtractor) Option
WithTokenExtractor overrides the default authorization metadata extractor.
Source Files