util

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 19, 2020 License: Apache-2.0, BSD-2-Clause, BSD-3-Clause, + 8 more Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source 
const GroupName = "auth.tkestack.io"

GroupName is the group name use in this package.

Variables

View Source 
var (
	DefaultAPISigningKey = "default-api-signing-key"
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}

SchemeGroupVersion is group version used to register these objects

Functions

func BcryptPassword 

func BcryptPassword(password string) (string, error)

BcryptPassword decodes base64 string and bcrypts password.

func CaseInsensitiveContains 

func CaseInsensitiveContains(s, substr string) bool

CaseInsensitiveContains ignores case when check a string contains the sub string.

func CombineTenantAndName 

func CombineTenantAndName(tenantID, name string) string

func ConvertPolicyToRuleArray 

func ConvertPolicyToRuleArray(policy *auth.Policy) [][]string

func ConvertRule 

func ConvertRule(ptype string, line []string) (rule authv1.Rule)

func FilterAPIKey 

func FilterAPIKey(ctx context.Context, apiKey *auth.APIKey) error

FilterAPIKey is used to filter apiKey that do not belong to the tenant.

func FilterGroup 

func FilterGroup(ctx context.Context, group *auth.LocalGroup) error

FilterGroup is used to filter group that do not belong to the tenant.

func FilterLocalIdentity 

func FilterLocalIdentity(ctx context.Context, localIdentity *auth.LocalIdentity) error

FilterLocalIdentity is used to filter localIdentity that do not belong to the tenant.

func FilterPolicy 

func FilterPolicy(ctx context.Context, policy *auth.Policy) error

FilterPolicy is used to filter policy that do not belong to the tenant.

func FilterRole 

func FilterRole(ctx context.Context, role *auth.Role) error

FilterRole is used to filter role that do not belong to the tenant.

func GetGroupsForUser 

func GetGroupsForUser(authClient authinternalclient.AuthInterface, userID string) (auth.LocalGroupList, error)

func GetLocalIdentity 

func GetLocalIdentity(authClient authinternalclient.AuthInterface, tenantID, username string) (auth.LocalIdentity, error)

func GroupKey 

func GroupKey(tenantID string, name string) string

func GroupPrefix 

func GroupPrefix(tenantID string) string

func GroupResource 

func GroupResource(resource string) schema.GroupResource

GroupResource is group resource useed to register these objects

func InSubjects 

func InSubjects(subject auth.Subject, slice []auth.Subject) bool

func InterceptKeyword 

func InterceptKeyword(options *metainternal.ListOptions) string

func ParseQueryKeywordAndLimit 

func ParseQueryKeywordAndLimit(options *metainternal.ListOptions) (string, int)

func ParseTenantAndName 

func ParseTenantAndName(str string) (string, string)

func RemoveDuplicateSubjects 

func RemoveDuplicateSubjects(slice []auth.Subject) []auth.Subject

func UserKey 

func UserKey(tenantID string, name string) string

func UserPrefix 

func UserPrefix(tenantID string) string

func VerifyDecodedPassword 

func VerifyDecodedPassword(decodedPasswd string, bcryptedPasswd string) error

VerifyDecodedPassword verifies password.

Types

type APIClaims 

type APIClaims struct {
	*jwt.StandardClaims
	*KeyData
}

APIClaims is the claims section of jwt token.

type KeyData 

type KeyData struct {
	UserName string `json:"usr,omitempty"`
	TenantID string `json:"ted,omitempty"`
}

KeyData contains the necessary info of api key validated.

type KeySigner 

type KeySigner interface {
	Generate(username string, tenantID string, expire time.Duration) (*auth.APIKey, error)
	Verify(apiKey string) (*APIClaims, error)
}

KeySigner is a interface used to generate api key for a user

func NewGenericKeySigner 

func NewGenericKeySigner(authclient authinternalclient.AuthInterface) KeySigner

NewGenericKeySigner creates a generic key signer instance.

type RestAdapter 

type RestAdapter struct {
	// contains filtered or unexported fields
}

RestAdapter is the policy storage adapter for Casbin. With this library, Casbin can load policy from kubernetes rest storage and save policy to it. Rest adapter support the Auto-Save feature for Casbin policy. This means it can support adding a single policy rule to the storage, or removing a single policy rule from the storage.

func NewAdapter 

func NewAdapter(ruleClient authv1client.RuleInterface, ruleLister authv1lister.RuleLister) *RestAdapter

NewAdapter creates a new adaptor instance.

func (*RestAdapter) AddPolicy 

func (a *RestAdapter) AddPolicy(sec string, ptype string, line []string) error

AddPolicy adds a policy rule to the storage. Part of the Auto-Save feature.

func (*RestAdapter) LoadPolicy 

func (a *RestAdapter) LoadPolicy(model model.Model) error

LoadPolicy loads all of policys from backend

func (*RestAdapter) RemoveFilteredPolicy 

func (a *RestAdapter) RemoveFilteredPolicy(sec string, ptype string, fieldIndex int, fieldValues ...string) error

RemoveFilteredPolicy removes policy rules that match the filter from the storage. Part of the Auto-Save feature.

func (*RestAdapter) RemovePolicy 

func (a *RestAdapter) RemovePolicy(sec string, ptype string, line []string) error

RemovePolicy removes a policy rule from the storage. Part of the Auto-Save feature.

func (*RestAdapter) SavePolicy 

func (a *RestAdapter) SavePolicy(model model.Model) error

SavePolicy will rewrite all of policies in ETCD with the current data in Casbin

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.