Documentation
¶
Index ¶
- Constants
- func AssertPermission(ctx corectx.Context, requiredPerm Perm) *ft.ClientErrors
- type ExtGetUserEntitlementsQuery
- type ExtGetUserEntitlementsResult
- type ExtGetUserEntitlementsResultData
- type GetUserEntitlementsQuery
- type GetUserEntitlementsResult
- type GetUserEntitlementsResultData
- type Perm
- type PermissionContext
- type RequestGuardService
- type ResourceScope
- type StaticRequestGuardServiceImpl
- func (this *StaticRequestGuardServiceImpl) CalcRequestFingerprint(_ corectx.Context, request *http.Request) (fingerprint string, err error)
- func (this *StaticRequestGuardServiceImpl) GetCorsMiddleware(_ corectx.Context) (echo.MiddlewareFunc, error)
- func (this *StaticRequestGuardServiceImpl) GetUserEntitlements(ctx corectx.Context, query GetUserEntitlementsQuery) (*GetUserEntitlementsResult, error)
- func (this *StaticRequestGuardServiceImpl) VerifyJwt(ctx corectx.Context, request *http.Request) (*VerifyRequestResult, error)
- func (this *StaticRequestGuardServiceImpl) VerifyJwtDpop(ctx corectx.Context, request *http.Request) (*VerifyRequestResult, error)
- func (this *StaticRequestGuardServiceImpl) VerifySessionBlacklist(ctx corectx.Context, request *http.Request) (*VerifyRequestResult, error)
- type StaticRequestGuardServiceParams
- type VerifyRequestResult
Constants ¶
View Source
const ( ResourceScopeDomain = ResourceScope("domain") ResourceScopeOrg = ResourceScope("org") ResourceScopeOrgUnit = ResourceScope("orgunit") ResourceScopePrivate = ResourceScope("private") )
Variables ¶
This section is empty.
Functions ¶
func AssertPermission ¶
func AssertPermission(ctx corectx.Context, requiredPerm Perm) *ft.ClientErrors
Types ¶
type ExtGetUserEntitlementsQuery ¶
type ExtGetUserEntitlementsQuery struct {
UserId *model.Id `json:"user_id"`
UserEmail *string `json:"user_email"`
}
func (ExtGetUserEntitlementsQuery) CqrsRequestType ¶
func (ExtGetUserEntitlementsQuery) CqrsRequestType() cqrs.RequestType
type ExtGetUserEntitlementsResult ¶
type ExtGetUserEntitlementsResult = dyn.OpResult[ExtGetUserEntitlementsResultData]
type ExtGetUserEntitlementsResultData ¶
type ExtGetUserEntitlementsResultData struct {
IsOwner bool `json:"is_owner"`
Entitlements []string `json:"entitlements"`
OrgUnitId *model.Id `json:"org_unit_id"`
OrgUnitOrgId *model.Id `json:"org_unit_org_id"`
UserId model.Id `json:"user_id"`
UserOrgIds []model.Id `json:"user_org_ids"`
User dmodel.DynamicFields `json:"user"`
}
type GetUserEntitlementsQuery ¶
type GetUserEntitlementsQuery = ExtGetUserEntitlementsQuery
type GetUserEntitlementsResult ¶
type GetUserEntitlementsResult = dyn.OpResult[GetUserEntitlementsResultData]
type GetUserEntitlementsResultData ¶
type GetUserEntitlementsResultData = ExtGetUserEntitlementsResultData
type Perm ¶
type Perm struct {
ResourceCode string
ActionCode string
Scope ResourceScope
// This is Org Unit ID to which the resource belongs (if any).
// If this is not nil, then OrgId must be this Org Unit's Org ID.
OrgUnitId *model.Id
// This is the Org ID to which the resource belongs (if any)
// Or, this can be the Org Unit's Org ID (if the resource belongs to an org unit)
OrgId *model.Id
}
type PermissionContext ¶
type RequestGuardService ¶
type RequestGuardService interface {
// Calculate a fingerprint for the request that can be used to identify the request.
// This can be used for caching or to prevent replay attacks.
CalcRequestFingerprint(ctx corectx.Context, request *http.Request) (fingerprint string, err error)
GetCorsMiddleware(ctx corectx.Context) (echo.MiddlewareFunc, error)
GetUserEntitlements(ctx corectx.Context, query GetUserEntitlementsQuery) (*GetUserEntitlementsResult, error)
VerifyJwt(ctx corectx.Context, request *http.Request) (result *VerifyRequestResult, err error)
}
func NewStaticRequestGuardServiceImpl ¶
func NewStaticRequestGuardServiceImpl(params StaticRequestGuardServiceParams) RequestGuardService
type ResourceScope ¶
type ResourceScope string
type StaticRequestGuardServiceImpl ¶
type StaticRequestGuardServiceImpl struct {
// contains filtered or unexported fields
}
func (*StaticRequestGuardServiceImpl) CalcRequestFingerprint ¶
func (*StaticRequestGuardServiceImpl) GetCorsMiddleware ¶
func (this *StaticRequestGuardServiceImpl) GetCorsMiddleware(_ corectx.Context) (echo.MiddlewareFunc, error)
func (*StaticRequestGuardServiceImpl) GetUserEntitlements ¶
func (this *StaticRequestGuardServiceImpl) GetUserEntitlements( ctx corectx.Context, query GetUserEntitlementsQuery, ) (*GetUserEntitlementsResult, error)
func (*StaticRequestGuardServiceImpl) VerifyJwt ¶
func (this *StaticRequestGuardServiceImpl) VerifyJwt(ctx corectx.Context, request *http.Request) (*VerifyRequestResult, error)
func (*StaticRequestGuardServiceImpl) VerifyJwtDpop ¶
func (this *StaticRequestGuardServiceImpl) VerifyJwtDpop(ctx corectx.Context, request *http.Request) (*VerifyRequestResult, error)
Verify JWT DPoP (OAuth2 Demonstraing Proof of Possession)
func (*StaticRequestGuardServiceImpl) VerifySessionBlacklist ¶
func (this *StaticRequestGuardServiceImpl) VerifySessionBlacklist(ctx corectx.Context, request *http.Request) (*VerifyRequestResult, error)
type StaticRequestGuardServiceParams ¶
type StaticRequestGuardServiceParams struct {
dig.In
ConfigSvc config.ConfigService
CqrsBus cqrs.CqrsBus
TokenSvc coretoken.AuthTokenService
}
type VerifyRequestResult ¶
type VerifyRequestResult struct {
IsOk bool
JwtClaims jwt.Claims
ClientError *ft.ClientErrorItem
}
Source Files
Click to show internal directories.
Click to hide internal directories.