auth

package

v0.0.0-...-260b785 Latest Latest Go to latest Published: Jan 28, 2024 License: Apache-2.0 Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spaceuptech/space-cloud

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Module
- func Init(clusterID, nodeID string, crud model.CrudAuthInterface, adminMan adminMan, ...) *Module
type TokenClaims
- func (c TokenClaims) GetRole() (string, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrIncorrectMatch = errors.New("auth: The two fields do not match")

ErrIncorrectMatch is thrown when the field type of a rule is of incorrect type

View Source

var ErrIncorrectRuleFieldType = errors.New("auth: Incorrect rule field type")

ErrIncorrectRuleFieldType is thrown when the field type of a rule is of incorrect type

View Source

var ErrRuleNotFound = errors.New("auth: No rule has been provided")

ErrRuleNotFound is thrown when an error is not present in the auth object

Functions ¶

This section is empty.

Types ¶

type Module ¶

type Module struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

Module is responsible for authentication and authorisation

func Init ¶

func Init(clusterID, nodeID string, crud model.CrudAuthInterface, adminMan adminMan, integrationMan integrationManagerInterface) *Module

Init creates a new instance of the auth object

func (*Module) AuthorizeRequest ¶

func (m *Module) AuthorizeRequest(ctx context.Context, rule *config.Rule, project, token string, args map[string]interface{}) (map[string]interface{}, error)

AuthorizeRequest authorizes a request using the rule provided

func (*Module) CloseConfig ¶

func (m *Module) CloseConfig()

CloseConfig closes go routines and initializes maps

func (*Module) CreateToken ¶

func (m *Module) CreateToken(ctx context.Context, tokenClaims model.TokenClaims) (string, error)

CreateToken generates a new JWT Token with the token claims

func (*Module) Encrypt ¶

func (m *Module) Encrypt(value string) (string, error)

Encrypt encrypts a value if the aes key present in the config. The result is base64 encoded before being returned.

func (*Module) GetAESKey ¶

func (m *Module) GetAESKey() []byte

GetAESKey gets aes key

func (*Module) GetIntegrationToken ¶

func (m *Module) GetIntegrationToken(ctx context.Context, id string) (string, error)

GetIntegrationToken returns a token for the integration module

func (*Module) GetInternalAccessToken ¶

func (m *Module) GetInternalAccessToken(ctx context.Context) (string, error)

GetInternalAccessToken returns the token that can be used internally by Space Cloud

func (*Module) GetMissionControlToken ¶

func (m *Module) GetMissionControlToken(ctx context.Context, claims map[string]interface{}) (string, error)

GetMissionControlToken returns a token to be used by mission control

func (*Module) GetSCAccessToken ¶

func (m *Module) GetSCAccessToken(ctx context.Context) (string, error)

GetSCAccessToken returns the token that can be used to verify Space Cloud

func (*Module) IsAggregateOpAuthorised ¶

func (m *Module) IsAggregateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.AggregateRequest) (model.RequestParams, error)

IsAggregateOpAuthorised checks if the crud operation is authorised

func (*Module) IsCreateOpAuthorised ¶

func (m *Module) IsCreateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.CreateRequest) (model.RequestParams, error)

IsCreateOpAuthorised checks if the crud operation is authorised

func (*Module) IsDeleteOpAuthorised ¶

func (m *Module) IsDeleteOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.DeleteRequest) (model.RequestParams, error)

IsDeleteOpAuthorised checks if the crud operation is authorised

func (*Module) IsEventingOpAuthorised ¶

func (m *Module) IsEventingOpAuthorised(ctx context.Context, project, token string, event *model.QueueEventRequest) (model.RequestParams, error)

IsEventingOpAuthorised checks if the eventing operation is authorised

func (*Module) IsFileOpAuthorised ¶

func (m *Module) IsFileOpAuthorised(ctx context.Context, project, token, path string, op model.FileOpType, args map[string]interface{}) (*model.PostProcess, error)

IsFileOpAuthorised checks if the caller is authorized to make the request

func (*Module) IsFuncCallAuthorised ¶

func (m *Module) IsFuncCallAuthorised(ctx context.Context, project, service, function, token string, params interface{}) (*model.PostProcess, model.RequestParams, error)

IsFuncCallAuthorised checks if the func call is authorised

func (*Module) IsPreparedQueryAuthorised ¶

func (m *Module) IsPreparedQueryAuthorised(ctx context.Context, project, dbAlias, id, token string, req *model.PreparedQueryRequest) (*model.PostProcess, model.RequestParams, error)

IsPreparedQueryAuthorised checks if the crud operation is authorised

func (*Module) IsReadOpAuthorised ¶

func (m *Module) IsReadOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.ReadRequest, stub model.ReturnWhereStub) (*model.PostProcess, model.RequestParams, error)

IsReadOpAuthorised checks if the crud operation is authorised

func (*Module) IsSCAccessToken ¶

func (m *Module) IsSCAccessToken(ctx context.Context, token string) error

IsSCAccessToken checks if its an SC access token

func (*Module) IsTokenInternal ¶

func (m *Module) IsTokenInternal(ctx context.Context, token string) error

IsTokenInternal checks if the provided token is internally generated

func (*Module) IsUpdateOpAuthorised ¶

func (m *Module) IsUpdateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.UpdateRequest) (model.RequestParams, error)

IsUpdateOpAuthorised checks if the crud operation is authorised

func (*Module) MatchRule ¶

func (m *Module) MatchRule(ctx context.Context, project string, rule *config.Rule, args, auth map[string]interface{}, returnWhere model.ReturnWhereStub) (*model.PostProcess, error)

MatchRule checks if the rule is matched or not

func (*Module) ParseToken ¶

func (m *Module) ParseToken(ctx context.Context, token string) (map[string]interface{}, error)

ParseToken simply parses and returns the claims of a provided token

func (*Module) RunAuthForJoins ¶

func (m *Module) RunAuthForJoins(ctx context.Context, project, dbType, dbAlias, token string, req *model.ReadRequest, join []*model.JoinOption) error

RunAuthForJoins runs the read authorizer function for all nested joins

func (*Module) SetConfig ¶

func (m *Module) SetConfig(ctx context.Context, fileStoreType string, projectConfig *config.ProjectConfig, dbRules config.DatabaseRules, dbPreparedRules config.DatabasePreparedQueries, fileStoreRules config.FileStoreRules, remoteServices config.Services, eventingRules config.EventingRules) error

SetConfig set the rules and secret key required by the auth block

func (*Module) SetDatabasePreparedQueryRules ¶

func (m *Module) SetDatabasePreparedQueryRules(dbPreparedRules config.DatabasePreparedQueries)

SetDatabasePreparedQueryRules set prepared query rules of auth module

func (*Module) SetDatabaseRules ¶

func (m *Module) SetDatabaseRules(dbRules config.DatabaseRules)

SetDatabaseRules sets the crud module config

func (*Module) SetEventingRules ¶

func (m *Module) SetEventingRules(eventingRules config.EventingRules)

SetEventingRules sets the eventing config

func (*Module) SetFileStoreRules ¶

func (m *Module) SetFileStoreRules(fileRules config.FileStoreRules)

SetFileStoreRules sets the file store module config

func (*Module) SetFileStoreType ¶

func (m *Module) SetFileStoreType(fileStoreType string)

SetFileStoreType sets file story type

func (*Module) SetMakeHTTPRequest ¶

func (m *Module) SetMakeHTTPRequest(function utils.TypeMakeHTTPRequest)

SetMakeHTTPRequest sets the http request

func (*Module) SetProjectConfig ¶

func (m *Module) SetProjectConfig(projectConfig *config.ProjectConfig) error

SetProjectConfig set project config of auth module

func (*Module) SetRemoteServiceConfig ¶

func (m *Module) SetRemoteServiceConfig(remoteServices config.Services)

SetRemoteServiceConfig sets the service module config

type TokenClaims ¶

type TokenClaims map[string]interface{}

TokenClaims holds the JWT token claims

func (TokenClaims) GetRole ¶

func (c TokenClaims) GetRole() (string, error)

GetRole returns the role present in the token claims

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
helpers

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL