authv3

package

v0.2.7 Latest Latest Go to latest Published: Feb 28, 2024 License: Apache-2.0 Imports: 36 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/paralus/paralus

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func NewAuthContext(db *bun.DB, kc *kclient.APIClient, apiKeySvc service.ApiKeyService, ...) authContext
func NewAuthMiddleware(al *zap.Logger, opt Option) negroni.Handler
func NewRemoteAuthMiddleware(al *zap.Logger, as string, opt Option) negroni.Handler
func SetupAuthContext(auditLogger *zap.Logger) authContext
type AuthPool
- func NewAuthPool(addr string, maxConn int) AuthPool
type AuthPoolClient
type AuthService
- func NewAuthService(ac authContext) AuthService
type Option

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrInvalidAPIKey is returned when api key is invalid
	ErrInvalidAPIKey = errors.New("invalid api key")
	// ErrInvalidSignature is returns when signature is invalid
	ErrInvalidSignature = errors.New("invalid signature")
)

Functions ¶

func NewAuthContext ¶

func NewAuthContext(
	db *bun.DB,
	kc *kclient.APIClient,
	apiKeySvc service.ApiKeyService,
	authzSvc service.AuthzService,
) authContext

NewAuthContext instantiate authContext. NewAuthContext creates authContext reusing dependency instances from calling function instead of creating new instances. To create authContext along with its dependencies, use SetupAuthContext.

func NewAuthMiddleware ¶

func NewAuthMiddleware(al *zap.Logger, opt Option) negroni.Handler

NewAuthMiddleware creates as a middleware for the HTTP server which does the auth and authz by talking to kratos server and casbin

func NewRemoteAuthMiddleware ¶

func NewRemoteAuthMiddleware(al *zap.Logger, as string, opt Option) negroni.Handler

NewRemoteAuthMiddleware creates a middleware for the HTTP server which does auth and authz by talking to the auth service exposed by paralus via grpc.

func SetupAuthContext ¶

func SetupAuthContext(auditLogger *zap.Logger) authContext

SetupAuthContext sets up new authContext along with its dependencies. If the caller already has instances of authContext fields created then use NewAuthContext instead.

Types ¶

type AuthPool ¶

type AuthPool interface {
	Close()
	NewClient(ctx context.Context) (AuthPoolClient, error)
}

AuthPool maintains pool of grpc connections to auth service

func NewAuthPool ¶

func NewAuthPool(addr string, maxConn int) AuthPool

NewAuthPool returns auth pool

type AuthPoolClient ¶

type AuthPoolClient interface {
	Unhealthy()
	Close() error
	rpcv3.AuthServiceClient
}

AuthPoolClient is the interface for auth pool client

type AuthService ¶

type AuthService interface {
	IsRequestAllowed(context.Context, *commonv3.IsRequestAllowedRequest) (*commonv3.IsRequestAllowedResponse, error)
}

func NewAuthService ¶

func NewAuthService(ac authContext) AuthService

type Option ¶

type Option struct {
	// ExcludeRPCMethods is a list of full RPC method string in
	// format /package.service/method (for example,
	// /paralus.dev.rpc.v3.Idp/ListIdps). These RPC methods are to
	// be excluded from the auth interceptor.
	ExcludeRPCMethods []string

	// ExcludeURLs is a list of URL regular expressions that are
	// excluded from the auth middleware.
	ExcludeURLs []string

	// ExcludeAuthzMethods is a list of RPC method strings which only
	// do authentication and not authorization.
	ExcludeAuthzMethods []string
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL