Documentation
¶
Index ¶
- Variables
- func AuthMiddleware(c Config) func(next http.Handler) http.Handler
- func ContextWithAuthInfo(ctx context.Context, info *AuthInfo) context.Context
- func ContextWithFullAccess(ctx context.Context) context.Context
- func IsFullAccess(ctx context.Context) bool
- type AnonymousConfig
- type AnonymousProvider
- type ApiKeyConfig
- type ApiKeyProvider
- type AuthInfo
- type AuthProvider
- type Config
- type JwtConfig
- type JwtProvider
- type UserAuthInfoConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrForbidden = errors.New("forbidden")
View Source
var ErrNeedAuth = errors.New("authentication required")
Functions ¶
func AuthMiddleware ¶
Provide middleware for authentication Checks if api key allowed or token is valid Get user and role from headers or token if request is anonymous, check if it allowed and add role
func ContextWithAuthInfo ¶
func IsFullAccess ¶
Types ¶
type AnonymousConfig ¶
type AnonymousProvider ¶
type AnonymousProvider struct {
Config AnonymousConfig
}
func NewAnonymous ¶
func NewAnonymous(config AnonymousConfig) *AnonymousProvider
func (*AnonymousProvider) Authenticate ¶
func (p *AnonymousProvider) Authenticate(r *http.Request) (*AuthInfo, error)
type ApiKeyConfig ¶
type ApiKeyConfig struct {
Key string `json:"key" yaml:"key"`
Header string `json:"header" yaml:"header"`
DefaultRole string `json:"default_role" yaml:"default-role"`
Headers UserAuthInfoConfig
}
type ApiKeyProvider ¶
type ApiKeyProvider struct {
Name string
// contains filtered or unexported fields
}
func NewApiKey ¶
func NewApiKey(name string, config ApiKeyConfig) *ApiKeyProvider
func (*ApiKeyProvider) Authenticate ¶
func (p *ApiKeyProvider) Authenticate(r *http.Request) (*AuthInfo, error)
type AuthInfo ¶
type AuthInfo struct {
Role string
UserId string
UserName string
AuthType string
AuthProvider string
}
func AuthInfoFromContext ¶
type AuthProvider ¶
type Config ¶
type Config struct {
Providers []AuthProvider
RedirectLoginPaths []string
LoginUrl string
RedirectUrl string
}
type JwtConfig ¶
type JwtConfig struct {
Issuer string `json:"issuer" yaml:"issuer"`
PublicKey []byte `json:"public_key" yaml:"public-key"`
CookieName string `json:"cookie_name" yaml:"cookie-name"`
ScopeRolePrefix string `json:"scope_role_prefix" yaml:"scope-role-prefix"`
// RoleHeader is the header to check for role if not in claims than check that scope contains prefix+role (if the many roles a)
RoleHeader string `json:"role_header" yaml:"role-header"`
Claims UserAuthInfoConfig `json:"claims" yaml:"claims"`
}
type JwtProvider ¶
type JwtProvider struct {
Issuer string
// contains filtered or unexported fields
}
func NewJwt ¶
func NewJwt(config *JwtConfig) (*JwtProvider, error)
func (*JwtProvider) Authenticate ¶
func (p *JwtProvider) Authenticate(r *http.Request) (*AuthInfo, error)
type UserAuthInfoConfig ¶
Source Files
Click to show internal directories.
Click to hide internal directories.