Documentation ¶
Index ¶
- Variables
- type Module
- func (m *Module) AuthorizeRequest(ctx context.Context, rule *config.Rule, project, token string, ...) (map[string]interface{}, error)
- func (m *Module) CloseConfig()
- func (m *Module) CreateToken(ctx context.Context, tokenClaims model.TokenClaims) (string, error)
- func (m *Module) Encrypt(value string) (string, error)
- func (m *Module) GetAESKey() []byte
- func (m *Module) GetIntegrationToken(ctx context.Context, id string) (string, error)
- func (m *Module) GetInternalAccessToken(ctx context.Context) (string, error)
- func (m *Module) GetMissionControlToken(ctx context.Context, claims map[string]interface{}) (string, error)
- func (m *Module) GetSCAccessToken(ctx context.Context) (string, error)
- func (m *Module) IsAggregateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, ...) (model.RequestParams, error)
- func (m *Module) IsCreateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, ...) (model.RequestParams, error)
- func (m *Module) IsDeleteOpAuthorised(ctx context.Context, project, dbAlias, col, token string, ...) (model.RequestParams, error)
- func (m *Module) IsEventingOpAuthorised(ctx context.Context, project, token string, event *model.QueueEventRequest) (model.RequestParams, error)
- func (m *Module) IsFileOpAuthorised(ctx context.Context, project, token, path string, op model.FileOpType, ...) (*model.PostProcess, error)
- func (m *Module) IsFuncCallAuthorised(ctx context.Context, project, service, function, token string, ...) (*model.PostProcess, model.RequestParams, error)
- func (m *Module) IsPreparedQueryAuthorised(ctx context.Context, project, dbAlias, id, token string, ...) (*model.PostProcess, model.RequestParams, error)
- func (m *Module) IsReadOpAuthorised(ctx context.Context, project, dbAlias, col, token string, ...) (*model.PostProcess, model.RequestParams, error)
- func (m *Module) IsSCAccessToken(ctx context.Context, token string) error
- func (m *Module) IsTokenInternal(ctx context.Context, token string) error
- func (m *Module) IsUpdateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, ...) (model.RequestParams, error)
- func (m *Module) MatchRule(ctx context.Context, project string, rule *config.Rule, ...) (*model.PostProcess, error)
- func (m *Module) ParseToken(ctx context.Context, token string) (map[string]interface{}, error)
- func (m *Module) RunAuthForJoins(ctx context.Context, project, dbType, dbAlias, token string, ...) error
- func (m *Module) SetConfig(ctx context.Context, fileStoreType string, projectConfig *config.ProjectConfig, ...) error
- func (m *Module) SetDatabasePreparedQueryRules(dbPreparedRules config.DatabasePreparedQueries)
- func (m *Module) SetDatabaseRules(dbRules config.DatabaseRules)
- func (m *Module) SetEventingRules(eventingRules config.EventingRules)
- func (m *Module) SetFileStoreRules(fileRules config.FileStoreRules)
- func (m *Module) SetFileStoreType(fileStoreType string)
- func (m *Module) SetMakeHTTPRequest(function utils.TypeMakeHTTPRequest)
- func (m *Module) SetProjectConfig(projectConfig *config.ProjectConfig) error
- func (m *Module) SetRemoteServiceConfig(remoteServices config.Services)
- type TokenClaims
Constants ¶
This section is empty.
Variables ¶
var ErrIncorrectMatch = errors.New("auth: The two fields do not match")
ErrIncorrectMatch is thrown when the field type of a rule is of incorrect type
var ErrIncorrectRuleFieldType = errors.New("auth: Incorrect rule field type")
ErrIncorrectRuleFieldType is thrown when the field type of a rule is of incorrect type
var ErrRuleNotFound = errors.New("auth: No rule has been provided")
ErrRuleNotFound is thrown when an error is not present in the auth object
Functions ¶
This section is empty.
Types ¶
type Module ¶
Module is responsible for authentication and authorisation
func Init ¶
func Init(clusterID, nodeID string, crud model.CrudAuthInterface, adminMan adminMan, integrationMan integrationManagerInterface) *Module
Init creates a new instance of the auth object
func (*Module) AuthorizeRequest ¶
func (m *Module) AuthorizeRequest(ctx context.Context, rule *config.Rule, project, token string, args map[string]interface{}) (map[string]interface{}, error)
AuthorizeRequest authorizes a request using the rule provided
func (*Module) CloseConfig ¶
func (m *Module) CloseConfig()
CloseConfig closes go routines and initializes maps
func (*Module) CreateToken ¶
CreateToken generates a new JWT Token with the token claims
func (*Module) Encrypt ¶
Encrypt encrypts a value if the aes key present in the config. The result is base64 encoded before being returned.
func (*Module) GetIntegrationToken ¶
GetIntegrationToken returns a token for the integration module
func (*Module) GetInternalAccessToken ¶
GetInternalAccessToken returns the token that can be used internally by Space Cloud
func (*Module) GetMissionControlToken ¶
func (m *Module) GetMissionControlToken(ctx context.Context, claims map[string]interface{}) (string, error)
GetMissionControlToken returns a token to be used by mission control
func (*Module) GetSCAccessToken ¶
GetSCAccessToken returns the token that can be used to verify Space Cloud
func (*Module) IsAggregateOpAuthorised ¶
func (m *Module) IsAggregateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.AggregateRequest) (model.RequestParams, error)
IsAggregateOpAuthorised checks if the crud operation is authorised
func (*Module) IsCreateOpAuthorised ¶
func (m *Module) IsCreateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.CreateRequest) (model.RequestParams, error)
IsCreateOpAuthorised checks if the crud operation is authorised
func (*Module) IsDeleteOpAuthorised ¶
func (m *Module) IsDeleteOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.DeleteRequest) (model.RequestParams, error)
IsDeleteOpAuthorised checks if the crud operation is authorised
func (*Module) IsEventingOpAuthorised ¶
func (m *Module) IsEventingOpAuthorised(ctx context.Context, project, token string, event *model.QueueEventRequest) (model.RequestParams, error)
IsEventingOpAuthorised checks if the eventing operation is authorised
func (*Module) IsFileOpAuthorised ¶
func (m *Module) IsFileOpAuthorised(ctx context.Context, project, token, path string, op model.FileOpType, args map[string]interface{}) (*model.PostProcess, error)
IsFileOpAuthorised checks if the caller is authorized to make the request
func (*Module) IsFuncCallAuthorised ¶
func (m *Module) IsFuncCallAuthorised(ctx context.Context, project, service, function, token string, params interface{}) (*model.PostProcess, model.RequestParams, error)
IsFuncCallAuthorised checks if the func call is authorised
func (*Module) IsPreparedQueryAuthorised ¶
func (m *Module) IsPreparedQueryAuthorised(ctx context.Context, project, dbAlias, id, token string, req *model.PreparedQueryRequest) (*model.PostProcess, model.RequestParams, error)
IsPreparedQueryAuthorised checks if the crud operation is authorised
func (*Module) IsReadOpAuthorised ¶
func (m *Module) IsReadOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.ReadRequest, stub model.ReturnWhereStub) (*model.PostProcess, model.RequestParams, error)
IsReadOpAuthorised checks if the crud operation is authorised
func (*Module) IsSCAccessToken ¶
IsSCAccessToken checks if its an SC access token
func (*Module) IsTokenInternal ¶
IsTokenInternal checks if the provided token is internally generated
func (*Module) IsUpdateOpAuthorised ¶
func (m *Module) IsUpdateOpAuthorised(ctx context.Context, project, dbAlias, col, token string, req *model.UpdateRequest) (model.RequestParams, error)
IsUpdateOpAuthorised checks if the crud operation is authorised
func (*Module) MatchRule ¶
func (m *Module) MatchRule(ctx context.Context, project string, rule *config.Rule, args, auth map[string]interface{}, returnWhere model.ReturnWhereStub) (*model.PostProcess, error)
MatchRule checks if the rule is matched or not
func (*Module) ParseToken ¶
ParseToken simply parses and returns the claims of a provided token
func (*Module) RunAuthForJoins ¶
func (m *Module) RunAuthForJoins(ctx context.Context, project, dbType, dbAlias, token string, req *model.ReadRequest, join []*model.JoinOption) error
RunAuthForJoins runs the read authorizer function for all nested joins
func (*Module) SetConfig ¶
func (m *Module) SetConfig(ctx context.Context, fileStoreType string, projectConfig *config.ProjectConfig, dbRules config.DatabaseRules, dbPreparedRules config.DatabasePreparedQueries, fileStoreRules config.FileStoreRules, remoteServices config.Services, eventingRules config.EventingRules) error
SetConfig set the rules and secret key required by the auth block
func (*Module) SetDatabasePreparedQueryRules ¶
func (m *Module) SetDatabasePreparedQueryRules(dbPreparedRules config.DatabasePreparedQueries)
SetDatabasePreparedQueryRules set prepared query rules of auth module
func (*Module) SetDatabaseRules ¶
func (m *Module) SetDatabaseRules(dbRules config.DatabaseRules)
SetDatabaseRules sets the crud module config
func (*Module) SetEventingRules ¶
func (m *Module) SetEventingRules(eventingRules config.EventingRules)
SetEventingRules sets the eventing config
func (*Module) SetFileStoreRules ¶
func (m *Module) SetFileStoreRules(fileRules config.FileStoreRules)
SetFileStoreRules sets the file store module config
func (*Module) SetFileStoreType ¶
SetFileStoreType sets file story type
func (*Module) SetMakeHTTPRequest ¶
func (m *Module) SetMakeHTTPRequest(function utils.TypeMakeHTTPRequest)
SetMakeHTTPRequest sets the http request
func (*Module) SetProjectConfig ¶
func (m *Module) SetProjectConfig(projectConfig *config.ProjectConfig) error
SetProjectConfig set project config of auth module
func (*Module) SetRemoteServiceConfig ¶
SetRemoteServiceConfig sets the service module config
type TokenClaims ¶
type TokenClaims map[string]interface{}
TokenClaims holds the JWT token claims
func (TokenClaims) GetRole ¶
func (c TokenClaims) GetRole() (string, error)
GetRole returns the role present in the token claims