Documentation
¶
Overview ¶
Package internalauth manages authorizing gRPC calls.
Index ¶
- type Config
- type Permissions
- func (p *Permissions) AllowAuthorizeHTTP(ctx context.Context, proxyUser *types.User) error
- func (p *Permissions) AllowFinishEnrollment(ctx context.Context, target *types.Session) error
- func (p *Permissions) AllowGenerateEnrollmentLink(ctx context.Context, target *types.User, actor *types.Session) error
- func (p *Permissions) AllowRedirect(destination string) error
- func (p *Permissions) AllowStartEnrollment(ctx context.Context, target *types.Session) error
- func (p *Permissions) AllowStartLogin(ctx context.Context, target *types.User) error
- func (p *Permissions) AllowUserEdit(ctx context.Context, target *types.User, actor *types.Session) error
- func (p *Permissions) AllowWebVisit(ctx context.Context, session *types.Session, requestURL *url.URL) error
- func (p *Permissions) AuthorizeRPC(ctx context.Context, session *types.Session, fullMethod string) error
- func (p *Permissions) EnrollmentSessionPrototype(ctx context.Context, target *types.User) (*types.Session, error)
- func (p *Permissions) LoginSessionPrototype(ctx context.Context, target *types.User) (*types.Session, error)
- func (p *Permissions) StreamServerInterceptor() grpc.StreamServerInterceptor
- func (p *Permissions) UnaryServerInterceptor() grpc.UnaryServerInterceptor
- type RPCConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
RootPassword string `` /* 209-byte string literal not displayed */
}
type Permissions ¶
type Permissions struct {
// If set, a password that can be provided to bypass all access controls.
RootPassword string
RPCConfig map[string]*RPCConfig
Store *store.Connection
Cookies *sessions.CookieConfig
}
Permissions manages all authorization in JSSO.
func NewFromConfig ¶
func NewFromConfig(c *Config, s *store.Connection) *Permissions
NewFromConfig builds a Permissions object from configuration.
func (*Permissions) AllowAuthorizeHTTP ¶
func (*Permissions) AllowFinishEnrollment ¶
func (*Permissions) AllowGenerateEnrollmentLink ¶
func (*Permissions) AllowRedirect ¶
func (p *Permissions) AllowRedirect(destination string) error
func (*Permissions) AllowStartEnrollment ¶
func (*Permissions) AllowStartLogin ¶
func (*Permissions) AllowUserEdit ¶
func (*Permissions) AllowWebVisit ¶
func (*Permissions) AuthorizeRPC ¶
func (p *Permissions) AuthorizeRPC(ctx context.Context, session *types.Session, fullMethod string) error
AuthorizeRPC returns whether the credentials provided allow the RPC to be called.
func (*Permissions) EnrollmentSessionPrototype ¶
func (p *Permissions) EnrollmentSessionPrototype(ctx context.Context, target *types.User) (*types.Session, error)
General policy decisions start here.
func (*Permissions) LoginSessionPrototype ¶
func (*Permissions) StreamServerInterceptor ¶
func (p *Permissions) StreamServerInterceptor() grpc.StreamServerInterceptor
func (*Permissions) UnaryServerInterceptor ¶
func (p *Permissions) UnaryServerInterceptor() grpc.UnaryServerInterceptor
Source Files
Click to show internal directories.
Click to hide internal directories.