Documentation
¶
Index ¶
- func EnrichTenancyClaims(ctx context.Context, tenantID, partitionID, accessID string) context.Context
- func IsTenancyChecksOnClaimSkipped(ctx context.Context) bool
- func JwtFromContext(ctx context.Context) string
- func JwtToContext(ctx context.Context, jwt string) context.Context
- func SkipTenancyChecksOnClaims(ctx context.Context) context.Context
- type AuthOption
- type AuthOptions
- type AuthenticationClaims
- func (a *AuthenticationClaims) AsMetadata() map[string]string
- func (a *AuthenticationClaims) ClaimsToContext(ctx context.Context) context.Context
- func (a *AuthenticationClaims) GetAccessID() string
- func (a *AuthenticationClaims) GetContactID() string
- func (a *AuthenticationClaims) GetDeviceID() string
- func (a *AuthenticationClaims) GetPartitionID() string
- func (a *AuthenticationClaims) GetProfileID() string
- func (a *AuthenticationClaims) GetRoles() []string
- func (a *AuthenticationClaims) GetServiceName() string
- func (a *AuthenticationClaims) GetSessionID() string
- func (a *AuthenticationClaims) GetTenantID() string
- type Authenticator
- type Authorizer
- type InternalOauth2ClientHolder
- type Manager
- type Oauth2ClientRegistrar
- type Option
- type Options
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EnrichTenancyClaims ¶ added in v1.69.10
func EnrichTenancyClaims( ctx context.Context, tenantID, partitionID, accessID string, ) context.Context
EnrichTenancyClaims internal services act on behalf of different users Although they have their claims in place there may be situations where there is need to login as This is where secondary claims come into play and implementing systems can decide to use the secondary claims This should be done with very high caution though.
func JwtFromContext ¶
JwtFromContext extracts authentication jwt from the supplied context if any exist.
func JwtToContext ¶
JwtToContext adds authentication jwt to the current supplied context.
Types ¶
type AuthOption ¶
type AuthOption func(ctx context.Context, opts *AuthOptions)
func WithAudience ¶
func WithAudience(audience ...string) AuthOption
WithAudience sets the audience to use overriding any config option.
func WithDisableSecurity ¶
func WithDisableSecurity() AuthOption
WithDisableSecurity sets the security should be disabled.
func WithDisableSecurityConfig ¶
func WithDisableSecurityConfig(cfg config.ConfigurationSecurity) AuthOption
WithDisableSecurityConfig adds a security configuration to existing AuthOptions.
func WithIssuer ¶
func WithIssuer(issuer string) AuthOption
WithIssuer sets the issuer to use overriding any config option.
type AuthOptions ¶
type AuthOptions struct {
DisableSecurityCfg config.ConfigurationSecurity
Audience []string
Issuer string
DisableSecurity bool
}
AuthOptions contains configuration for Redis cache.
type AuthenticationClaims ¶
type AuthenticationClaims struct {
Ext map[string]any `json:"ext,omitempty"`
TenantID string `json:"tenant_id,omitempty"`
PartitionID string `json:"partition_id,omitempty"`
AccessID string `json:"access_id,omitempty"`
ContactID string `json:"contact_id,omitempty"`
SessionID string `json:"session_id,omitempty"`
DeviceID string `json:"device_id,omitempty"`
ServiceName string `json:"service_name,omitempty"`
Roles []string `json:"roles,omitempty"`
jwt.RegisteredClaims
}
AuthenticationClaims defines the structure for JWT claims, embedding jwt.StandardClaims to include standard fields like expiry time, and adding custom claims.
func ClaimsFromContext ¶
func ClaimsFromContext(ctx context.Context) *AuthenticationClaims
ClaimsFromContext extracts authentication claims from the supplied context if any exist. For internal systems, the returned claims are enriched with tenancy data from secondary claims.
func ClaimsFromMap ¶
func ClaimsFromMap(m map[string]string) *AuthenticationClaims
ClaimsFromMap extracts authentication claims from the supplied map if they exist.
func (*AuthenticationClaims) AsMetadata ¶
func (a *AuthenticationClaims) AsMetadata() map[string]string
AsMetadata Creates a string map to be used as metadata in queue data.
func (*AuthenticationClaims) ClaimsToContext ¶
func (a *AuthenticationClaims) ClaimsToContext(ctx context.Context) context.Context
ClaimsToContext adds authentication claims to the current supplied context.
func (*AuthenticationClaims) GetAccessID ¶
func (a *AuthenticationClaims) GetAccessID() string
func (*AuthenticationClaims) GetContactID ¶
func (a *AuthenticationClaims) GetContactID() string
func (*AuthenticationClaims) GetDeviceID ¶
func (a *AuthenticationClaims) GetDeviceID() string
func (*AuthenticationClaims) GetPartitionID ¶
func (a *AuthenticationClaims) GetPartitionID() string
func (*AuthenticationClaims) GetProfileID ¶
func (a *AuthenticationClaims) GetProfileID() string
func (*AuthenticationClaims) GetRoles ¶
func (a *AuthenticationClaims) GetRoles() []string
func (*AuthenticationClaims) GetServiceName ¶
func (a *AuthenticationClaims) GetServiceName() string
func (*AuthenticationClaims) GetSessionID ¶
func (a *AuthenticationClaims) GetSessionID() string
func (*AuthenticationClaims) GetTenantID ¶
func (a *AuthenticationClaims) GetTenantID() string
type Authenticator ¶
type Authorizer ¶
type Manager ¶
type Manager interface {
InternalOauth2ClientHolder
GetOauth2ClientRegistrar(ctx context.Context) Oauth2ClientRegistrar
GetAuthenticator(ctx context.Context) Authenticator
GetAuthorizer(ctx context.Context) Authorizer
}
type Oauth2ClientRegistrar ¶
type Oauth2ClientRegistrar interface {
RegisterForJwt(ctx context.Context, iClientHolder InternalOauth2ClientHolder) error
RegisterForJwtWithParams(ctx context.Context,
oauth2ServiceAdminHost string, clientName string, clientID string, clientSecret string,
scope string, audienceList []string, metadata map[string]string) (map[string]any, error)
UnRegisterForJwt(ctx context.Context,
oauth2ServiceAdminHost string, clientID string) error
}
type Option ¶
func WithInvoker ¶
WithInvoker adds an oauth2 configuration to Options.
func WithOauth2Config ¶
func WithOauth2Config(cfg config.ConfigurationOAUTH2) Option
WithOauth2Config adds an oauth2 configuration to Options.
func WithSecurityConfig ¶
func WithSecurityConfig(cfg config.ConfigurationSecurity) Option
WithSecurityConfig adds a security configuration to existing Options.
func WithServiceConfig ¶
func WithServiceConfig(cfg config.ConfigurationService) Option
WithServiceConfig adds service configuration to Options.
type Options ¶
type Options struct {
SecurityCfg config.ConfigurationSecurity
Oath2Cfg config.ConfigurationOAUTH2
ServiceCfg config.ConfigurationService
Invoker client.Manager
}
Options contains configuration for security manager.
Source Files
Directories