identity

package

v0.0.0-...-ac1c1c5 Latest Latest Go to latest Published: Sep 16, 2021 License: MIT Imports: 9 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ONSdigital/go-ns

Links

Open Source Insights

README ¶

Identity middleware

Middleware component that authenticates requests against zebedee.

The identity and permissions returned from the identity endpoint are added to the request context.

Getting started

Initialise the identity middleware and add it into the HTTP handler chain using alice:

    router := mux.NewRouter()
    alice := alice.New(identity.Handler(true)).Then(router)
    httpServer := server.New(config.BindAddr, alice)

Wrap authenticated endpoints using the identity.Check(handler) function to check that a request identity exists.

    router.Path("/jobs").Methods("POST").HandlerFunc(identity.Check(api.addJob))

Add required headers to outbound requests to other services

    import "github.com/ONSdigital/go-ns/common"

    common.AddServiceTokenHeader(req, api.AuthToken)
    common.AddUserHeader(req, "UserA")

or, put less portably:

    req.Header.Add("Authorization", api.AuthToken)
    req.Header.Add("User-Identity", "UserA")

But most of this should be done by go-ns/rchttp and dp-api-clients-go/....

Testing

If you need to use the middleware component in unit tests you can call the constructor function that allows injection of the HTTP client

import clientsidentity "github.com/ONSdigital/go-ns/clients/identity"
import "github.com/ONSdigital/go-ns/common/commontest"

httpClient := &rchttp.ClienterMock{
    DoFunc: func(ctx context.Context, req *http.Request) (*http.Response, error) {
        return &http.Response{
            StatusCode: http.StatusOK,
        }, nil
    },
}
// set last argument to secretKey if you want to support legacy headers
clientsidentity.NewAPIClient(httpClient, zebedeeURL, "")

identityHandler := identity.HandlerForHTTPClient(doAuth, httpClient)

Documentation ¶

Index ¶

func Check(auditor Auditor, action string, ...) http.HandlerFunc
func Handler(zebedeeURL string) func(http.Handler) http.Handler
func HandlerForHTTPClient(cli *clientsidentity.Client) func(http.Handler) http.Handler
type Auditor

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Check ¶

func Check(auditor Auditor, action string, handle func(http.ResponseWriter, *http.Request)) http.HandlerFunc

Check wraps a HTTP handler. If authentication fails an error code is returned else the HTTP handler is called

func Handler ¶

func Handler(zebedeeURL string) func(http.Handler) http.Handler

Handler controls the authenticating of a request

func HandlerForHTTPClient ¶

func HandlerForHTTPClient(cli *clientsidentity.Client) func(http.Handler) http.Handler

HandlerForHTTPClient allows a handler to be created that uses the given HTTP client

Types ¶

type Auditor ¶

type Auditor audit.AuditorService

Auditor is an alias for the auditor service

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
identitytest

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL