dam

package
v0.9.15 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2021 License: Apache-2.0 Imports: 62 Imported by: 0

Documentation

Overview

Package dam contains data access management service.

Index

Constants

This section is empty.

Variables

View Source 
var (

	// BuiltinPolicies contains the set of policies that are managed by DAM directly (not the administrator).
	BuiltinPolicies = map[string]*pb.Policy{
		// contains filtered or unexported fields
	}
)

Functions

func ImportConfig added in v0.8.4 

func ImportConfig(store storage.Store, service string, warehouse clouds.ResourceTokenCreator, cfgVars map[string]string, importConfig, importSecrets, importPermission bool) (ferr error)

ImportConfig ingests bootstrap configuration files to the DAM's storage sytem.

func NewConfigHandler 

func NewConfigHandler(s *Service) *configHandler

func NewConfigIssuerHandler 

func NewConfigIssuerHandler(s *Service) *configIssuerHandler

func NewConfigOptionsHandler 

func NewConfigOptionsHandler(s *Service) *configOptionsHandler

func NewConfigPersonaHandler 

func NewConfigPersonaHandler(s *Service) *configPersonaHandler

func NewConfigPolicyHandler 

func NewConfigPolicyHandler(s *Service) *configPolicyHandler

func NewConfigResourceHandler 

func NewConfigResourceHandler(s *Service) *configResourceHandler

func NewConfigServiceTemplateHandler 

func NewConfigServiceTemplateHandler(s *Service) *configServiceTemplateHandler

func NewConfigSourceHandler 

func NewConfigSourceHandler(s *Service) *configSourceHandler

func NewConfigViewHandler 

func NewConfigViewHandler(s *Service) *configViewHandler

func NewConfigVisaTypeHandler added in v0.8.4 

func NewConfigVisaTypeHandler(s *Service) *configVisaTypeHandler

func NewProcessHandler 

func NewProcessHandler(s *Service) *processHandler

func NewProcessesHandler 

func NewProcessesHandler(s *Service) *processesHandler

func ValidateDAMConfig added in v0.8.4 

func ValidateDAMConfig(cfg *pb.DamConfig, vopts ValidateCfgOpts) *status.Status

ValidateDAMConfig checks that the provided config is valid.

Types

type Options 

type Options struct {
	// HTTPClient: http client for making http request.
	HTTPClient *http.Client
	// Domain: domain used to host DAM service
	Domain string
	// ServiceName: name of this service instance including environment (example: "dam-staging")
	ServiceName string
	// DefaultBroker: default identity broker
	DefaultBroker string
	// Store: data storage and configuration storage
	Store storage.Store
	// Warehouse: resource token creator service
	Warehouse clouds.ResourceTokenCreator
	// AWSClient: a client for interacting with the AWS API
	AWSClient             aws.APIClient
	ServiceAccountManager *saw.AccountWarehouse
	// Logger: audit log logger
	Logger *logging.Client
	// SDLC: gRPC client to StackDriver Logging.
	SDLC lgrpcpb.LoggingServiceV2Client
	// AuditLogProject is the GCP project id where audit logs are written to.
	AuditLogProject string
	// SkipInformationReleasePage: set true if want to skip the information release page.
	SkipInformationReleasePage bool
	// UseHydra: service use hydra integrated OIDC.
	UseHydra bool
	// HydraAdminURL: hydra admin endpoints url
	HydraAdminURL string
	// HydraPublicURL: hydra public endpoints url
	HydraPublicURL string
	// HydraPublicProxy: proxy for hydra public endpoint.
	HydraPublicProxy *hydraproxy.Service
	// HydraSyncFreq: how often to allow clients:sync to be called
	HydraSyncFreq time.Duration
	// HidePolicyBasis: do not send policy basis to client
	HidePolicyBasis bool
	// HideRejectDetail: do not send rejected visas details
	HideRejectDetail bool
	// Signer: the signer use for signing jwt.
	Signer kms.Signer
	// Encryption: used to encrypt the jwt in account
	Encryption kms.Encryption
	// ConsentDashboardURL is url to frontend consent dashboard, will replace
	// ${USER_ID} with userID.
	ConsentDashboardURL string
	// LRO: the long running operation background process
	LRO lro.LRO
}

Options contains parameters to New DAM Service.

type Service 

type Service struct {
	Handler *ServiceHandler
	// contains filtered or unexported fields
}

func New added in v0.8.5 

func New(r *mux.Router, params *Options) *Service

New creates a DAM and registers it on r.

func NewService 

func NewService(params *Options) *Service

NewService create DAM service

func (*Service) AcceptInformationRelease added in v0.9.7 

func (s *Service) AcceptInformationRelease(w http.ResponseWriter, r *http.Request)

AcceptInformationRelease is the HTTP handler for "dam/inforelease/accept" endpoint.

func (*Service) CheckIntegrity 

func (s *Service) CheckIntegrity(cfg *pb.DamConfig, realm string, tx storage.Tx) *status.Status

CheckIntegrity returns an error status if the config is invalid.

func (*Service) ConfigHistory 

func (s *Service) ConfigHistory(w http.ResponseWriter, r *http.Request)

ConfigHistory implements the HistoryConfig RPC method.

func (*Service) ConfigHistoryRevision 

func (s *Service) ConfigHistoryRevision(w http.ResponseWriter, r *http.Request)

ConfigHistoryRevision implements the HistoryRevisionConfig RPC method.

func (*Service) ConfigReset 

func (s *Service) ConfigReset(w http.ResponseWriter, r *http.Request)

ConfigReset implements the corresponding method in the DAM API.

func (*Service) ConfigTestPersonas 

func (s *Service) ConfigTestPersonas(w http.ResponseWriter, r *http.Request)

ConfigTestPersonas implements the ConfigTestPersonas RPC method.

func (*Service) GetDamRoleCategories 

func (s *Service) GetDamRoleCategories(w http.ResponseWriter, r *http.Request)

GetDamRoleCategories implements the corresponding REST API method.

func (*Service) GetFlatViews 

func (s *Service) GetFlatViews(w http.ResponseWriter, r *http.Request)

GetFlatViews implements the corresponding REST API endpoint.

func (*Service) GetInfo 

func (s *Service) GetInfo(w http.ResponseWriter, r *http.Request)

func (*Service) GetLocaleMetadata added in v0.9.8 

func (s *Service) GetLocaleMetadata(w http.ResponseWriter, r *http.Request)

GetLocaleMetadata implements the corresponding REST API endpoint.

func (*Service) GetPassportTranslators 

func (s *Service) GetPassportTranslators(w http.ResponseWriter, r *http.Request)

GetPassportTranslators implements the corresponding REST API endpoint.

func (*Service) GetResource 

func (s *Service) GetResource(w http.ResponseWriter, r *http.Request)

GetResource implements the corresponding endpoint in the REST API.

func (*Service) GetResources 

func (s *Service) GetResources(w http.ResponseWriter, r *http.Request)

GetResources implements the GetResources RPC method.

func (*Service) GetServiceDescriptors added in v0.8.4 

func (s *Service) GetServiceDescriptors(w http.ResponseWriter, r *http.Request)

GetServiceDescriptors implements the corresponding REST API endpoint.

func (*Service) GetStore 

func (s *Service) GetStore() storage.Store

func (*Service) GetTestPersonas 

func (s *Service) GetTestPersonas(w http.ResponseWriter, r *http.Request)

GetTestPersonas implements the corresponding REST API method.

func (*Service) GetView 

func (s *Service) GetView(w http.ResponseWriter, r *http.Request)

GetView implements the corresponding endpoint in the REST API.

func (*Service) GetViewRole 

func (s *Service) GetViewRole(w http.ResponseWriter, r *http.Request)

GetViewRole implements the corresponding endpoint in the REST API.

func (*Service) GetViewRoles 

func (s *Service) GetViewRoles(w http.ResponseWriter, r *http.Request)

GetViewRoles implements the corresponding endpoint in the REST API.

func (*Service) GetViews 

func (s *Service) GetViews(w http.ResponseWriter, r *http.Request)

GetViews implements the corresponding endpoint in the REST API.

func (*Service) HydraConsent 

func (s *Service) HydraConsent(w http.ResponseWriter, r *http.Request)

HydraConsent handles consent request from hydra.

func (*Service) HydraLogin 

func (s *Service) HydraLogin(w http.ResponseWriter, r *http.Request)

HydraLogin handles login request from hydra.

func (*Service) LoggedInHandler 

func (s *Service) LoggedInHandler(w http.ResponseWriter, r *http.Request)

LoggedInHandler implements endpoint "/loggedin" for broker auth code redirect.

func (*Service) OidcKeys added in v0.9.2 

func (s *Service) OidcKeys(w http.ResponseWriter, r *http.Request)

OidcKeys handle OpenID Provider jwks request.

func (*Service) OidcWellKnownConfig added in v0.9.2 

func (s *Service) OidcWellKnownConfig(w http.ResponseWriter, r *http.Request)

OidcWellKnownConfig handle OpenID Provider configuration request.

func (*Service) RejectInformationRelease added in v0.9.7 

func (s *Service) RejectInformationRelease(w http.ResponseWriter, r *http.Request)

RejectInformationRelease is the HTTP handler for "dam/inforelease/reject" endpoint.

func (*Service) ResourceTokens 

func (s *Service) ResourceTokens(w http.ResponseWriter, r *http.Request)

ResourceTokens returns a set of access tokens for a set of resources.

func (*Service) ValidateCfgOpts added in v0.8.4 

func (s *Service) ValidateCfgOpts(realm string, tx storage.Tx) ValidateCfgOpts

ValidateCfgOpts returns the options for checking validity of configuration.

type ServiceHandler 

type ServiceHandler struct {
	Handler *mux.Router
	// contains filtered or unexported fields
}

func (*ServiceHandler) ServeHTTP 

func (sh *ServiceHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)

type SyncClientsHandler added in v0.8.6 

type SyncClientsHandler struct {
	// contains filtered or unexported fields
}

SyncClientsHandler is a handler for sync client.

func NewSyncClientsHandler added in v0.8.4 

func NewSyncClientsHandler(s *Service) *SyncClientsHandler

NewSyncClientsHandler implements the sync Hydra clients RPC method.

func (*SyncClientsHandler) CheckIntegrity added in v0.8.6 

func (h *SyncClientsHandler) CheckIntegrity(*http.Request) *status.Status

CheckIntegrity checks integrity.

func (*SyncClientsHandler) Get added in v0.8.6 

func (h *SyncClientsHandler) Get(r *http.Request, name string) (proto.Message, error)

Get gets.

func (*SyncClientsHandler) LookupItem added in v0.8.6 

func (h *SyncClientsHandler) LookupItem(r *http.Request, name string, vars map[string]string) bool

LookupItem looks up item.

func (*SyncClientsHandler) NormalizeInput added in v0.8.6 

func (h *SyncClientsHandler) NormalizeInput(r *http.Request, name string, vars map[string]string) error

NormalizeInput normalizes.

func (*SyncClientsHandler) Patch added in v0.8.6 

func (h *SyncClientsHandler) Patch(r *http.Request, name string) (proto.Message, error)

Patch paches.

func (*SyncClientsHandler) Post added in v0.8.6 

func (h *SyncClientsHandler) Post(r *http.Request, name string) (proto.Message, error)

Post posts.

func (*SyncClientsHandler) Put added in v0.8.6 

func (h *SyncClientsHandler) Put(r *http.Request, name string) (proto.Message, error)

Put puts.

func (*SyncClientsHandler) Remove added in v0.8.6 

func (h *SyncClientsHandler) Remove(r *http.Request, name string) (proto.Message, error)

Remove removes.

func (*SyncClientsHandler) Save added in v0.8.6 

func (h *SyncClientsHandler) Save(r *http.Request, tx storage.Tx, name string, vars map[string]string, desc, typeName string) error

Save saves.

func (*SyncClientsHandler) Setup added in v0.8.6 

func (h *SyncClientsHandler) Setup(r *http.Request, tx storage.Tx) (int, error)

Setup setups.

type TokenHandler added in v0.8.6 

type TokenHandler struct {
	// contains filtered or unexported fields
}

TokenHandler is handler for token.

func NewTokenHandler 

func NewTokenHandler(s *Service) *TokenHandler

NewTokenHandler is the handler for the tokens/{name} endpoint.

func (*TokenHandler) CheckIntegrity added in v0.8.6 

func (h *TokenHandler) CheckIntegrity(*http.Request) *status.Status

CheckIntegrity checks integrity.

func (*TokenHandler) Get added in v0.8.6 

func (h *TokenHandler) Get(r *http.Request, name string) (proto.Message, error)

Get gets.

func (*TokenHandler) LookupItem added in v0.8.6 

func (h *TokenHandler) LookupItem(r *http.Request, name string, vars map[string]string) bool

LookupItem looks up item.

func (*TokenHandler) NormalizeInput added in v0.8.6 

func (h *TokenHandler) NormalizeInput(r *http.Request, name string, vars map[string]string) error

NormalizeInput normalizes.

func (*TokenHandler) Patch added in v0.8.6 

func (h *TokenHandler) Patch(r *http.Request, name string) (proto.Message, error)

Patch patches.

func (*TokenHandler) Post added in v0.8.6 

func (h *TokenHandler) Post(r *http.Request, name string) (proto.Message, error)

Post posts.

func (*TokenHandler) Put added in v0.8.6 

func (h *TokenHandler) Put(r *http.Request, name string) (proto.Message, error)

Put puts.

func (*TokenHandler) Remove added in v0.8.6 

func (h *TokenHandler) Remove(r *http.Request, name string) (proto.Message, error)

Remove removes.

func (*TokenHandler) Save added in v0.8.6 

func (h *TokenHandler) Save(r *http.Request, tx storage.Tx, name string, vars map[string]string, desc, typeName string) error

Save saves.

func (*TokenHandler) Setup added in v0.8.6 

func (h *TokenHandler) Setup(r *http.Request, tx storage.Tx) (int, error)

Setup setups.

type TokensHandler added in v0.8.6 

type TokensHandler struct {
	// contains filtered or unexported fields
}

TokensHandler is hanlder for tokens.

func NewTokensHandler 

func NewTokensHandler(s *Service) *TokensHandler

NewTokensHandler creates a new TokensHandler.

func (*TokensHandler) CheckIntegrity added in v0.8.6 

func (h *TokensHandler) CheckIntegrity(*http.Request) *status.Status

CheckIntegrity checks integrity.

func (*TokensHandler) Get added in v0.8.6 

func (h *TokensHandler) Get(r *http.Request, name string) (proto.Message, error)

Get gets.

func (*TokensHandler) LookupItem added in v0.8.6 

func (h *TokensHandler) LookupItem(r *http.Request, name string, vars map[string]string) bool

LookupItem looks up item.

func (*TokensHandler) NormalizeInput added in v0.8.6 

func (h *TokensHandler) NormalizeInput(r *http.Request, name string, vars map[string]string) error

NormalizeInput normalizes.

func (*TokensHandler) Patch added in v0.8.6 

func (h *TokensHandler) Patch(r *http.Request, name string) (proto.Message, error)

Patch patches.

func (*TokensHandler) Post added in v0.8.6 

func (h *TokensHandler) Post(r *http.Request, name string) (proto.Message, error)

Post posts.

func (*TokensHandler) Put added in v0.8.6 

func (h *TokensHandler) Put(r *http.Request, name string) (proto.Message, error)

Put puts.

func (*TokensHandler) Remove added in v0.8.6 

func (h *TokensHandler) Remove(r *http.Request, name string) (proto.Message, error)

Remove removes.

func (*TokensHandler) Save added in v0.8.6 

func (h *TokensHandler) Save(r *http.Request, tx storage.Tx, name string, vars map[string]string, desc, typeName string) error

Save saves.

func (*TokensHandler) Setup added in v0.8.6 

func (h *TokensHandler) Setup(r *http.Request, tx storage.Tx) (int, error)

Setup setups.

type ValidateCfgOpts added in v0.8.4 

type ValidateCfgOpts struct {
	Services         *adapter.ServiceAdapters
	DefaultBroker    string
	RoleCategories   map[string]*pb.RoleCategory
	HidePolicyBasis  bool
	HideRejectDetail bool
	Scim             *scim.Scim
	Realm            string
	Tx               storage.Tx
}

ValidateCfgOpts contains options for ValidateDAMConfig.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.