authmodel

package
v8.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 14, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Middleware 

func Middleware(a Authenticator) func(http.Handler) http.Handler

Middleware checks each request for authentication. If successful, the user's information is appended to the log context and request context. If not, an error is returned and the inner handler is skipped.

Types

type AuthMetadata 

type AuthMetadata struct {
	Type AuthType `json:"type"`
	// azure AD
	Authority string   `json:"authority,omitempty"`
	ClientID  string   `json:"client_id,omitempty"`
	Scopes    []string `json:"scopes,omitempty"`
}

type AuthType 

type AuthType string
const (
	AuthTypeCertificate AuthType = "https://relic.sas.com/auth/certificate"
	AuthTypeBearerToken AuthType = "https://relic.sas.com/auth/bearer-token"
	AuthTypeAzureAD     AuthType = "https://relic.sas.com/auth/azure-ad"
)

type Authenticator 

type Authenticator interface {
	Authenticate(req *http.Request) (UserInfo, error)
}

func New 

func New(conf *config.Config) (Authenticator, error)

New creates an authenticator based on the provided server configuration

type CertificateAuth 

type CertificateAuth struct {
	Config *config.Config
}

CertificateAuth requires all callers have a client certificate that either has its fingerprint explicitly configured with access, or is signed by a configured CA.

func (*CertificateAuth) Authenticate 

func (a *CertificateAuth) Authenticate(req *http.Request) (UserInfo, error)

type CertificateInfo 

type CertificateInfo struct {
	Name    string
	Subject string
	Roles   []string
}

func (*CertificateInfo) Allowed 

func (c *CertificateInfo) Allowed(keyConf *config.KeyConfig) bool

func (*CertificateInfo) AuditContext 

func (c *CertificateInfo) AuditContext(info *audit.Info)

type Metadata 

type Metadata struct {
	Hosts []string       `json:"hosts"`
	Auth  []AuthMetadata `json:"auth"`
}

type PolicyAuth 

type PolicyAuth struct {
	// contains filtered or unexported fields
}

func (*PolicyAuth) Authenticate 

func (a *PolicyAuth) Authenticate(req *http.Request) (UserInfo, error)

type PolicyInfo 

type PolicyInfo struct {
	Subject     string
	Roles       []string
	AllowedKeys []string

	Claims     map[string]interface{}
	DecisionID string
}

func (*PolicyInfo) Allowed 

func (i *PolicyInfo) Allowed(keyConf *config.KeyConfig) bool

Allowed checks whether the named key is visible to the current user

func (*PolicyInfo) AuditContext 

func (i *PolicyInfo) AuditContext(info *audit.Info)

AuditContext amends an audit record with the authenticated user's name and other relevant details

type UserInfo 

type UserInfo interface {
	// Allowed checks whether the named key is visible to the current user
	Allowed(*config.KeyConfig) bool
	// AuditContext amends an audit record with the authenticated user's name
	// and other relevant details
	AuditContext(info *audit.Info)
}

func RequestInfo 

func RequestInfo(req *http.Request) UserInfo

RequestInfo returns information about the calling user

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.