warrant

package module
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2022 License: MIT Imports: 8 Imported by: 0

README

Warrant Go Library

Use Warrant in server-side Go projects.

Slack

Installation

go get github.com/warrant-dev/warrant-go

Usage

Instantiate the Warrant client with your API key to get started:

import "github.com/warrant-dev/warrant-go"

client := warrant.NewClient(warrant.ClientConfig{
    ApiKey: "api_test_f5dsKVeYnVSLHGje44zAygqgqXiLJBICbFzCiAg1E=",
})
CreateUserWithGeneratedId()

This method creates a user entity in Warrant with a Warrant-generated id.

user, err := client.CreateUserWithGeneratedId()
CreateUser(user User)

This method creates a user entity in Warrant with the specified userId.

user, err := client.CreateUser(warrant.User{
    UserId: "userId",
})
CreateWarrant(warrantToCreate Warrant)

This method creates a warrant which specifies that the provided user (or userset) has relation on the object of type objectType with id objectId.

// Create a warrant allowing user1 to "view" the store with id store1
warrant, err := client.createWarrant(warrant.Warrant{
		ObjectType: "store",
		ObjectId:   "store1",
		Relation:   "viewer",
		User: warrant.WarrantUser{
			UserId: "user1",
		},
	})
CreateSession(userId string)

This method creates a session in Warrant for the user with the specified userId and returns a session token which can be used to make authorized requests to the Warrant API only for the specified user. This session token can safely be used to make requests to the Warrant API's authorization endpoint to determine user access in web and mobile client applications.

// Creates a session token scoped to the specified userId
// Return this token to your client application to allow
// it to make requests for the given user.
token, err := client.CreateSession(userId)
IsAuthorized(warrant Warrant)

This method returns true or false depending on whether the user with the specified userId has the specified relation to the object of type objectType with id objectId and false otherwise.

//
// Example Scenario:
// An e-commerce website where Store Owners can edit store info
//
isAuthorized, err := client.IsAuthorized(warrant.Warrant{
		ObjectType: "store",
		ObjectId:   "store1",
		Relation:   "editor",
		User: warrant.WarrantUser{
			UserId: "user1", // store owner
		},
	})

We’ve used a random API key in these code examples. Replace it with your actual publishable API keys to test this code through your own Warrant account.

For more information on how to use the Warrant API, please refer to the Warrant API reference.

Note that we may release new minor and patch versions of this library with small but backwards-incompatible fixes to the type declarations. These changes will not affect Warrant itself.

Warrant Documentation

Documentation

Index

Constants

View Source 
const API_URL_BASE = "https://api.warrant.dev"
View Source 
const API_VERSION = "/v1"
View Source 
const SELF_SERVICE_DASH_URL_BASE = "https://self-serve.warrant.dev"

Variables

This section is empty.

Functions

This section is empty.

Types

type ClientConfig 

type ClientConfig struct {
	ApiKey            string
	AuthorizeEndpoint string
}

type EnsureHasPermission added in v1.0.1 

type EnsureHasPermission struct {
	// contains filtered or unexported fields
}

func (*EnsureHasPermission) ServeHTTP added in v1.0.1 

func (ehp *EnsureHasPermission) ServeHTTP(w http.ResponseWriter, r *http.Request)

type EnsureHasPermissionOptions added in v1.0.1 

type EnsureHasPermissionOptions struct {
	PermissionId string
	UserId       string
}

type EnsureIsAuthorized added in v1.0.1 

type EnsureIsAuthorized struct {
	// contains filtered or unexported fields
}

func (*EnsureIsAuthorized) ServeHTTP added in v1.0.1 

func (eia *EnsureIsAuthorized) ServeHTTP(w http.ResponseWriter, r *http.Request)

type EnsureIsAuthorizedOptions added in v1.0.1 

type EnsureIsAuthorizedOptions struct {
	ObjectType string
	ObjectId   string
	Relation   string
	UserId     string
}

type Error 

type Error struct {
	Message      string `json:"message"`
	WrappedError error  `json:"-"`
}

func (Error) Error 

func (err Error) Error() string

type GetObjectIdFunc added in v1.0.1 

type GetObjectIdFunc func(r *http.Request) string

type GetUserIdFunc added in v1.0.1 

type GetUserIdFunc func(r *http.Request) string

type ListParams added in v1.2.0 

type ListParams struct {
	Page  int `json:"page"`
	Limit int `json:"limit"`
}

type ListPermissionParams added in v1.2.0 

type ListPermissionParams struct {
	ListParams
}

type ListRoleParams added in v1.2.0 

type ListRoleParams struct {
	ListParams
}

type ListTenantParams added in v1.2.0 

type ListTenantParams struct {
	ListParams
}

type ListUserParams added in v1.2.0 

type ListUserParams struct {
	ListParams
}

type ListWarrantParams added in v1.2.0 

type ListWarrantParams struct {
	ListParams
	ObjectType string `json:"objectType" url:"objectType,omitempty"`
	ObjectId   string `json:"objectId" url:"objectId,omitempty"`
	Relation   string `json:"relation" url:"relation,omitempty"`
	UserId     string `json:"userId" url:"userId,omitempty"`
}

type Middleware added in v1.0.1 

type Middleware struct {
	// contains filtered or unexported fields
}

func NewMiddleware added in v1.0.1 

func NewMiddleware(config MiddlewareConfig) *Middleware

func (Middleware) NewEnsureHasPermission added in v1.0.1 

func (mw Middleware) NewEnsureHasPermission(handler http.Handler, options EnsureHasPermissionOptions) *EnsureHasPermission

func (Middleware) NewEnsureIsAuthorized added in v1.0.1 

func (mw Middleware) NewEnsureIsAuthorized(handler http.Handler, options EnsureIsAuthorizedOptions) *EnsureIsAuthorized

type MiddlewareConfig added in v1.0.1 

type MiddlewareConfig struct {
	ApiKey         string
	GetObjectId    GetObjectIdFunc
	GetUserId      GetUserIdFunc
	OnAccessDenied http.HandlerFunc
}

type NewEnsureHasPermissionFunc added in v1.0.1 

type NewEnsureHasPermissionFunc func(handler http.Handler, options EnsureHasPermissionOptions) *EnsureHasPermission

type NewEnsureIsAuthorizedFunc added in v1.0.1 

type NewEnsureIsAuthorizedFunc func(handler http.Handler, options EnsureIsAuthorizedOptions) *EnsureIsAuthorized

type Permission 

type Permission struct {
	PermissionId string `json:"permissionId"`
}

type PermissionCheckParams added in v1.1.0 

type PermissionCheckParams struct {
	PermissionId   string `json:"permissionId"`
	UserId         string `json:"userId"`
	ConsistentRead bool   `json:"consistentRead"`
	Debug          bool   `json:"debug"`
}

type QueryWarrantParams added in v1.3.0 

type QueryWarrantParams struct {
	ObjectType string  `json:"objectType" url:"objectType,omitempty"`
	Relation   string  `json:"relation" url:"relation,omitempty"`
	Subject    Subject `json:"subject" url:"subject,omitempty"`
}

type Role 

type Role struct {
	RoleId string `json:"roleId"`
}

type Session 

type Session struct {
	UserId   string `json:"userId"`
	TenantId string `json:"tenantId"`
	TTL      int64  `json:"ttl"`
}

type Subject added in v1.1.0 

type Subject struct {
	ObjectType string `json:"objectType"`
	ObjectId   string `json:"objectId"`
	Relation   string `json:"relation,omitempty"`
}

func (Subject) EncodeValues added in v1.3.1 

func (subject Subject) EncodeValues(key string, v *url.Values) error

type Tenant 

type Tenant struct {
	TenantId string `json:"tenantId"`
	Name     string `json:"name"`
}

type User 

type User struct {
	UserId string `json:"userId"`
	Email  string `json:"email"`
}

type Warrant 

type Warrant struct {
	ObjectType    string  `json:"objectType"`
	ObjectId      string  `json:"objectId"`
	Relation      string  `json:"relation"`
	Subject       Subject `json:"subject"`
	IsDirectMatch bool    `json:"isDirectMatch,omitempty"`
}

type WarrantCheckParams added in v1.1.0 

type WarrantCheckParams struct {
	Op             string    `json:"op"`
	Warrants       []Warrant `json:"warrants"`
	ConsistentRead bool      `json:"consistentRead"`
	Debug          bool      `json:"debug"`
}

type WarrantCheckResult added in v1.1.0 

type WarrantCheckResult struct {
	Code   int64  `json:"code"`
	Result string `json:"result"`
}

type WarrantClient 

type WarrantClient struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(config ClientConfig) WarrantClient

func (WarrantClient) AssignPermissionToRole 

func (client WarrantClient) AssignPermissionToRole(roleId string, permissionId string) (*Permission, error)

func (WarrantClient) AssignPermissionToUser 

func (client WarrantClient) AssignPermissionToUser(userId string, permissionId string) (*Permission, error)

func (WarrantClient) AssignRoleToUser 

func (client WarrantClient) AssignRoleToUser(userId string, roleId string) (*Role, error)

func (WarrantClient) AssignUserToTenant 

func (client WarrantClient) AssignUserToTenant(tenantId string, userId string) (*Warrant, error)

func (WarrantClient) CreateAuthorizationSession 

func (client WarrantClient) CreateAuthorizationSession(session Session) (string, error)

func (WarrantClient) CreatePermission 

func (client WarrantClient) CreatePermission(permission Permission) (*Permission, error)

func (WarrantClient) CreateRole 

func (client WarrantClient) CreateRole(role Role) (*Role, error)

func (WarrantClient) CreateSelfServiceSession 

func (client WarrantClient) CreateSelfServiceSession(session Session, redirectUrl string) (string, error)

func (WarrantClient) CreateTenant 

func (client WarrantClient) CreateTenant(tenant Tenant) (*Tenant, error)

func (WarrantClient) CreateUser 

func (client WarrantClient) CreateUser(user User) (*User, error)

func (WarrantClient) CreateWarrant 

func (client WarrantClient) CreateWarrant(warrantToCreate Warrant) (*Warrant, error)

func (WarrantClient) DeletePermission 

func (client WarrantClient) DeletePermission(permissionId string) error

func (WarrantClient) DeleteRole 

func (client WarrantClient) DeleteRole(roleId string) error

func (WarrantClient) DeleteTenant added in v1.0.2 

func (client WarrantClient) DeleteTenant(tenantId string) error

func (WarrantClient) DeleteUser added in v1.0.2 

func (client WarrantClient) DeleteUser(userId string) error

func (WarrantClient) DeleteWarrant added in v1.1.0 

func (client WarrantClient) DeleteWarrant(warrantToDelete Warrant) error

func (WarrantClient) GetPermission added in v1.1.0 

func (client WarrantClient) GetPermission(permissionId string) (*Permission, error)

func (WarrantClient) GetRole added in v1.1.0 

func (client WarrantClient) GetRole(roleId string) (*Role, error)

func (WarrantClient) GetTenant added in v1.1.0 

func (client WarrantClient) GetTenant(tenantId string) (*Tenant, error)

func (WarrantClient) GetUser added in v1.1.0 

func (client WarrantClient) GetUser(userId string) (*User, error)

func (WarrantClient) HasPermission 

func (client WarrantClient) HasPermission(toCheck PermissionCheckParams) (bool, error)

func (WarrantClient) IsAuthorized 

func (client WarrantClient) IsAuthorized(toCheck WarrantCheckParams) (bool, error)

func (WarrantClient) ListPermissions added in v1.1.0 

func (client WarrantClient) ListPermissions(listParams ListPermissionParams) ([]Permission, error)

func (WarrantClient) ListPermissionsForRole added in v1.2.0 

func (client WarrantClient) ListPermissionsForRole(roleId string, listParams ListPermissionParams) ([]Permission, error)

func (WarrantClient) ListPermissionsForUser added in v1.2.0 

func (client WarrantClient) ListPermissionsForUser(userId string, listParams ListPermissionParams) ([]Permission, error)

func (WarrantClient) ListRoles added in v1.1.0 

func (client WarrantClient) ListRoles(listParams ListRoleParams) ([]Role, error)

func (WarrantClient) ListRolesForUser added in v1.2.0 

func (client WarrantClient) ListRolesForUser(userId string, listParams ListRoleParams) ([]Role, error)

func (WarrantClient) ListTenants added in v1.1.0 

func (client WarrantClient) ListTenants(listParams ListTenantParams) ([]Tenant, error)

func (WarrantClient) ListTenantsForUser added in v1.2.0 

func (client WarrantClient) ListTenantsForUser(userId string, listParams ListTenantParams) ([]Tenant, error)

func (WarrantClient) ListUsers added in v1.1.0 

func (client WarrantClient) ListUsers(listParams ListUserParams) ([]User, error)

func (WarrantClient) ListUsersForTenant added in v1.2.0 

func (client WarrantClient) ListUsersForTenant(tenantId string) ([]User, error)

func (WarrantClient) ListWarrants added in v1.0.3 

func (client WarrantClient) ListWarrants(listParams ListWarrantParams) ([]Warrant, error)

func (WarrantClient) QueryWarrants added in v1.3.0 

func (client WarrantClient) QueryWarrants(queryWarrantParams QueryWarrantParams) ([]Warrant, error)

func (WarrantClient) RemovePermissionFromRole 

func (client WarrantClient) RemovePermissionFromRole(roleId string, permissionId string) error

func (WarrantClient) RemovePermissionFromUser 

func (client WarrantClient) RemovePermissionFromUser(userId string, permissionId string) error

func (WarrantClient) RemoveRoleFromUser 

func (client WarrantClient) RemoveRoleFromUser(userId string, roleId string) error

func (WarrantClient) RemoveUserFromTenant 

func (client WarrantClient) RemoveUserFromTenant(tenantId string, userId string) error

func (WarrantClient) UpdateTenant added in v1.1.0 

func (client WarrantClient) UpdateTenant(tenantId string, tenant Tenant) (*Tenant, error)

func (WarrantClient) UpdateUser added in v1.1.0 

func (client WarrantClient) UpdateUser(userId string, user User) (*User, error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.