Documentation
¶
Index ¶
- Constants
- func AgentAuthHeaderWriter(token string) runtime.ClientAuthInfoWriter
- func AuthHeaderWriter(token string, header string) runtime.ClientAuthInfoWriter
- func GenJSJWKS(privKey crypto.PublicKey, pubKey crypto.PublicKey) ([]byte, []byte, string, error)
- func GenKeys(bits int) (crypto.PublicKey, crypto.PrivateKey, error)
- func OrgIDFromContext(ctx context.Context) string
- func PayloadFromContext(ctx context.Context) *ocm.AuthPayload
- func UserAuthHeaderWriter(token string) runtime.ClientAuthInfoWriter
- func UserNameFromContext(ctx context.Context) string
- type AUtilsInteface
- type AuthHandler
- type AuthzHandler
- type Config
Constants ¶
View Source
const ( // AdminUsername for disabled auth AdminUsername string = "admin" )
Variables ¶
This section is empty.
Functions ¶
func AgentAuthHeaderWriter ¶
func AgentAuthHeaderWriter(token string) runtime.ClientAuthInfoWriter
func AuthHeaderWriter ¶
func AuthHeaderWriter(token string, header string) runtime.ClientAuthInfoWriter
func OrgIDFromContext ¶
OrgIDFromContext returns org ID from the specified context
func PayloadFromContext ¶
func PayloadFromContext(ctx context.Context) *ocm.AuthPayload
PayloadFromContext returns auth payload from the specified context
func UserAuthHeaderWriter ¶
func UserAuthHeaderWriter(token string) runtime.ClientAuthInfoWriter
func UserNameFromContext ¶
UserNameFromContext returns username from the specified context
Types ¶
type AUtilsInteface ¶
type AUtilsInteface interface {
// contains filtered or unexported methods
}
func NewAuthUtils ¶
func NewAuthUtils(JwkCert string, JwkCertURL string) AUtilsInteface
type AuthHandler ¶
type AuthHandler struct {
EnableAuth bool
EnableAuthAgent bool
EnableAuthz bool
KeyMap map[string]*rsa.PublicKey
// contains filtered or unexported fields
}
func NewAuthHandler ¶
func NewAuthHandler(cfg Config, ocmCLient *ocm.Client, log logrus.FieldLogger) *AuthHandler
func (*AuthHandler) AuthAgentAuth ¶
func (a *AuthHandler) AuthAgentAuth(token string) (interface{}, error)
func (*AuthHandler) AuthUserAuth ¶
func (a *AuthHandler) AuthUserAuth(token string) (interface{}, error)
func (*AuthHandler) CreateAuthenticator ¶
func (a *AuthHandler) CreateAuthenticator() func(name, in string, authenticate security.TokenAuthentication) runtime.Authenticator
type AuthzHandler ¶
type AuthzHandler struct {
EnableAuth bool
EnableAuthz bool
// contains filtered or unexported fields
}
func NewAuthzHandler ¶
func NewAuthzHandler(cfg Config, ocmCLient *ocm.Client, log logrus.FieldLogger) *AuthzHandler
func (*AuthzHandler) Authorizer ¶
func (a *AuthzHandler) Authorizer(request *http.Request) error
Authorizer is used to authorize a request after the Auth function was called using the "Auth*" functions and the principal was stored in the context in the "AuthKey" context value.
func (*AuthzHandler) CreateAuthorizer ¶
func (a *AuthzHandler) CreateAuthorizer() func(*http.Request) error
CreateAuthorizer returns Authorizer if auth is enabled
type Config ¶
type Config struct {
EnableAuth bool `envconfig:"ENABLE_AUTH" default:"false"`
EnableAuthAgent bool `envconfig:"ENABLE_AUTH_AGENT" default:"true"`
EnableAuthz bool `envconfig:"ENABLE_AUTH_AGENT" default:"true"`
JwkCert string `envconfig:"JWKS_CERT"`
JwkCertURL string `envconfig:"JWKS_URL" default:"https://api.openshift.com/.well-known/jwks.json"`
// Will be split with "," as separator
AllowedDomains string `envconfig:"ALLOWED_DOMAINS" default:""`
}
Source Files
Click to show internal directories.
Click to hide internal directories.