Package iam provides types to develop or integrate with an Identity/Access Management system.

    Identity/Access Management (IAM) systems are external components that deal with authenticating (checking credentials) and authorising (assigning and checking roles and permissions) users and access to a system. There are many third-party IAM systems available and many developers also choose to implement their own.

    As such, Granitic does not attempt to implement an IAM system, but provides types and hooks to integrate existing systems into the web-service handling workflow.

    See also




    This section is empty.


    This section is empty.


    This section is empty.


    type ClientIdentity

    type ClientIdentity map[string]interface{}

      ClientIdentity is a semi-structured type allowing applications to define their own representation of Identity.

      func NewAnonymousIdentity

      func NewAnonymousIdentity() ClientIdentity

        NewAnonymousIdentity creates a new ClientIdentity for an anonymous user. The ClientIdentity will be marked as non-authenticated, anonymous and have a dash (-) as the loggable user ID.

        func NewAuthenticatedIdentity

        func NewAuthenticatedIdentity(loggableUserID string) ClientIdentity

          NewAuthenticatedIdentity creates a new ClientIdentity with the supplied log-friendly version of a user ID. The ClientIdentity will be marked as Authenticated and not anonymous

          func (ClientIdentity) Anonymous

          func (ci ClientIdentity) Anonymous() bool

            Anonymous returns true if this Identity had no identifying information (or the provided information was not trusted)

            func (ClientIdentity) Authenticated

            func (ci ClientIdentity) Authenticated() bool

              Authenticated indicates whether this is an authenticated (true) or unauthenticated (false) Identity.

              func (ClientIdentity) LoggableUserID

              func (ci ClientIdentity) LoggableUserID() string

                LoggableUserID returns a string representation of the Identity that is suitable for recording in log files.

                func (ClientIdentity) SetAnonymous

                func (ci ClientIdentity) SetAnonymous(b bool)

                  SetAnonymous called with true marks this as an anonymous Identity (e.g. no user identification was provided or trusted).

                  func (ClientIdentity) SetAuthenticated

                  func (ci ClientIdentity) SetAuthenticated(b bool)

                    SetAuthenticated marks this as an authenticated (true) or unauthenticated (false) Identity.

                    func (ClientIdentity) SetLoggableUserID

                    func (ci ClientIdentity) SetLoggableUserID(s string)

                      SetLoggableUserID records a string representation of the Identity that is suitable for recording in log files (e.g. a user name or real name).

                      Source Files