Documentation ¶
Overview ¶
Package auth is a lightweight credential store. It provides functionality for loading credentials, as well as validating credentials.
Index ¶
- Constants
- func Bearer(header string) (string, bool)
- func CreateBasicAuth(username, password string) (value string)
- type BasicAuther
- type CredentialsStore
- func (c *CredentialsStore) AA(username, password string, perm v1.Credential_Permission) bool
- func (c *CredentialsStore) Check(username, password string) bool
- func (c *CredentialsStore) CheckRequest(b BasicAuther) bool
- func (c *CredentialsStore) HasAnyPerm(username string, perm ...v1.Credential_Permission) bool
- func (c *CredentialsStore) HasPerm(username string, perm v1.Credential_Permission) bool
- func (c *CredentialsStore) HasPermRequest(b BasicAuther, perm v1.Credential_Permission) bool
- func (c *CredentialsStore) Load(ls *v1.Credential_List) error
- func (c *CredentialsStore) Password(username string) (string, bool)
Constants ¶
const ( // AllUsers is the username that indicates all users, even anonymous users (requests without // any BasicAuth information). AllUsers = "*" )
Variables ¶
This section is empty.
Functions ¶
func CreateBasicAuth ¶
Types ¶
type BasicAuther ¶
BasicAuther is the interface an object must support to return basic auth information.
type CredentialsStore ¶
type CredentialsStore struct {
// contains filtered or unexported fields
}
CredentialsStore stores authentication and authorization information for all users.
func NewCredentialsStore ¶
func NewCredentialsStore() *CredentialsStore
NewCredentialsStore returns a new instance of a CredentialStore.
func NewCredentialsStoreFromFile ¶
func NewCredentialsStoreFromFile(path string) (*CredentialsStore, error)
NewCredentialsStoreFromFile returns a new instance of a CredentialStore loaded from a file.
func (*CredentialsStore) AA ¶
func (c *CredentialsStore) AA(username, password string, perm v1.Credential_Permission) bool
AA authenticates and checks authorization for the given username and password for the given perm. If the credential store is nil, then this function always returns true. If AllUsers have the given perm, authentication is not done. Only then are the credentials checked, and then the perm checked.
func (*CredentialsStore) Check ¶
func (c *CredentialsStore) Check(username, password string) bool
Check returns true if the password is correct for the given username.
func (*CredentialsStore) CheckRequest ¶
func (c *CredentialsStore) CheckRequest(b BasicAuther) bool
CheckRequest returns true if b contains a valid username and password.
func (*CredentialsStore) HasAnyPerm ¶
func (c *CredentialsStore) HasAnyPerm(username string, perm ...v1.Credential_Permission) bool
HasAnyPerm returns true if username has at least one of the given perms, either directly, or via AllUsers. It does not perform any password checking.
func (*CredentialsStore) HasPerm ¶
func (c *CredentialsStore) HasPerm(username string, perm v1.Credential_Permission) bool
HasPerm returns true if username has the given perm, either directly or via AllUsers. It does not perform any password checking.
func (*CredentialsStore) HasPermRequest ¶
func (c *CredentialsStore) HasPermRequest(b BasicAuther, perm v1.Credential_Permission) bool
HasPermRequest returns true if the username returned by b has the givem perm. It does not perform any password checking, but if there is no username in the request, it returns false.
func (*CredentialsStore) Load ¶
func (c *CredentialsStore) Load(ls *v1.Credential_List) error
Load loads credential information from a reader.