authz

package
v0.38.3-beta.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2020 License: Apache-2.0 Imports: 20 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var ErrAuthorizerNotEnabled = herodot.DefaultError{
	ErrorField:  "authorizer matching this route is misconfigured or disabled",
	CodeField:   http.StatusInternalServerError,
	StatusField: http.StatusText(http.StatusInternalServerError),
}

Functions

func NewErrAuthorizerMisconfigured 

func NewErrAuthorizerMisconfigured(a Authorizer, err error) *herodot.DefaultError

func NewErrAuthorizerNotEnabled 

func NewErrAuthorizerNotEnabled(a Authorizer) *herodot.DefaultError

Types

type Authorizer 

type Authorizer interface {
	Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, rule pipeline.Rule) error
	GetID() string
	Validate(config json.RawMessage) error
}

type AuthorizerAllow 

type AuthorizerAllow struct {
	// contains filtered or unexported fields
}

func NewAuthorizerAllow 

func NewAuthorizerAllow(c configuration.Provider) *AuthorizerAllow

func (*AuthorizerAllow) Authorize 

func (a *AuthorizerAllow) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, _ pipeline.Rule) error

func (*AuthorizerAllow) GetID 

func (a *AuthorizerAllow) GetID() string

func (*AuthorizerAllow) Validate 

func (a *AuthorizerAllow) Validate(config json.RawMessage) error

type AuthorizerDeny 

type AuthorizerDeny struct {
	// contains filtered or unexported fields
}

func NewAuthorizerDeny 

func NewAuthorizerDeny(c configuration.Provider) *AuthorizerDeny

func (*AuthorizerDeny) Authorize 

func (a *AuthorizerDeny) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, _ pipeline.Rule) error

func (*AuthorizerDeny) GetID 

func (a *AuthorizerDeny) GetID() string

func (*AuthorizerDeny) Validate 

func (a *AuthorizerDeny) Validate(config json.RawMessage) error

type AuthorizerKetoEngineACPORY 

type AuthorizerKetoEngineACPORY struct {
	// contains filtered or unexported fields
}

func NewAuthorizerKetoEngineACPORY 

func NewAuthorizerKetoEngineACPORY(c configuration.Provider) *AuthorizerKetoEngineACPORY

func (*AuthorizerKetoEngineACPORY) Authorize 

func (a *AuthorizerKetoEngineACPORY) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, rule pipeline.Rule) error

func (*AuthorizerKetoEngineACPORY) Config 

func (a *AuthorizerKetoEngineACPORY) Config(config json.RawMessage) (*AuthorizerKetoEngineACPORYConfiguration, error)

func (*AuthorizerKetoEngineACPORY) GetID 

func (a *AuthorizerKetoEngineACPORY) GetID() string

func (*AuthorizerKetoEngineACPORY) Validate 

func (a *AuthorizerKetoEngineACPORY) Validate(config json.RawMessage) error

func (*AuthorizerKetoEngineACPORY) WithContextCreator 

func (a *AuthorizerKetoEngineACPORY) WithContextCreator(f authorizerKetoWardenContext)

type AuthorizerKetoEngineACPORYConfiguration 

type AuthorizerKetoEngineACPORYConfiguration struct {
	RequiredAction   string `json:"required_action"`
	RequiredResource string `json:"required_resource"`
	Subject          string `json:"subject"`
	Flavor           string `json:"flavor"`
	BaseURL          string `json:"base_url"`
}

func (*AuthorizerKetoEngineACPORYConfiguration) ActionTemplateID 

func (c *AuthorizerKetoEngineACPORYConfiguration) ActionTemplateID() string

func (*AuthorizerKetoEngineACPORYConfiguration) ResourceTemplateID 

func (c *AuthorizerKetoEngineACPORYConfiguration) ResourceTemplateID() string

func (*AuthorizerKetoEngineACPORYConfiguration) SubjectTemplateID 

func (c *AuthorizerKetoEngineACPORYConfiguration) SubjectTemplateID() string

type AuthorizerKetoEngineACPORYRequestBody 

type AuthorizerKetoEngineACPORYRequestBody struct {
	Action   string                 `json:"action"`
	Context  map[string]interface{} `json:"context"`
	Resource string                 `json:"resource"`
	Subject  string                 `json:"subject"`
}

type AuthorizerRemote 

type AuthorizerRemote struct {
	// contains filtered or unexported fields
}

AuthorizerRemote implements the Authorizer interface.

func NewAuthorizerRemote 

func NewAuthorizerRemote(c configuration.Provider) *AuthorizerRemote

NewAuthorizerRemote creates a new AuthorizerRemote.

func (*AuthorizerRemote) Authorize 

func (a *AuthorizerRemote) Authorize(r *http.Request, session *authn.AuthenticationSession, config json.RawMessage, rl pipeline.Rule) error

Authorize implements the Authorizer interface.

func (*AuthorizerRemote) Config 

func (a *AuthorizerRemote) Config(config json.RawMessage) (*AuthorizerRemoteConfiguration, error)

Config merges config and the authorizer's configuration and validates the resulting configuration. It reports an error if the configuration is invalid.

func (*AuthorizerRemote) GetID 

func (a *AuthorizerRemote) GetID() string

GetID implements the Authorizer interface.

func (*AuthorizerRemote) Validate 

func (a *AuthorizerRemote) Validate(config json.RawMessage) error

Validate implements the Authorizer interface.

type AuthorizerRemoteConfiguration 

type AuthorizerRemoteConfiguration struct {
	Remote  string            `json:"remote"`
	Headers map[string]string `json:"headers"`
}

AuthorizerRemoteConfiguration represents a configuration for the remote authorizer.

type AuthorizerRemoteJSON 

type AuthorizerRemoteJSON struct {
	// contains filtered or unexported fields
}

AuthorizerRemoteJSON implements the Authorizer interface.

func NewAuthorizerRemoteJSON 

func NewAuthorizerRemoteJSON(c configuration.Provider) *AuthorizerRemoteJSON

NewAuthorizerRemoteJSON creates a new AuthorizerRemoteJSON.

func (*AuthorizerRemoteJSON) Authorize 

func (a *AuthorizerRemoteJSON) Authorize(_ *http.Request, session *authn.AuthenticationSession, config json.RawMessage, _ pipeline.Rule) error

Authorize implements the Authorizer interface.

func (*AuthorizerRemoteJSON) Config 

func (a *AuthorizerRemoteJSON) Config(config json.RawMessage) (*AuthorizerRemoteJSONConfiguration, error)

Config merges config and the authorizer's configuration and validates the resulting configuration. It reports an error if the configuration is invalid.

func (*AuthorizerRemoteJSON) GetID 

func (a *AuthorizerRemoteJSON) GetID() string

GetID implements the Authorizer interface.

func (*AuthorizerRemoteJSON) Validate 

func (a *AuthorizerRemoteJSON) Validate(config json.RawMessage) error

Validate implements the Authorizer interface.

type AuthorizerRemoteJSONConfiguration 

type AuthorizerRemoteJSONConfiguration struct {
	Remote  string `json:"remote"`
	Payload string `json:"payload"`
}

AuthorizerRemoteJSONConfiguration represents a configuration for the remote_json authorizer.

func (*AuthorizerRemoteJSONConfiguration) PayloadTemplateID 

func (c *AuthorizerRemoteJSONConfiguration) PayloadTemplateID() string

PayloadTemplateID returns a string with which to associate the payload template.

type Registry 

type Registry interface {
	AvailablePipelineAuthorizers() []string
	PipelineAuthorizer(string) (Authorizer, error)
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.