authn

package
v1.3.22 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 25, 2024 License: MIT Imports: 18 Imported by: 1

Documentation

Overview

Package authn provides AuthN API over HTTP(S)

  • Copyright (c) 2018-2023, NVIDIA CORPORATION. All rights reserved.

Package authn provides AuthN API over HTTP(S)

  • Copyright (c) 2018-2022, NVIDIA CORPORATION. All rights reserved.

Package authn provides AuthN API over HTTP(S)

  • Copyright (c) 2018-2022, NVIDIA CORPORATION. All rights reserved.

Package authn provides AuthN API over HTTP(S)

  • Copyright (c) 2018-2022, NVIDIA CORPORATION. All rights reserved.

Index

Constants

View Source 
const (
	AdminRole = "Admin"
)

Variables

This section is empty.

Functions

func AddRole 

func AddRole(bp api.BaseParams, roleSpec *Role) error

func AddUser 

func AddUser(bp api.BaseParams, newUser *User) error

func DeleteRole 

func DeleteRole(bp api.BaseParams, role string) error

func DeleteUser 

func DeleteUser(bp api.BaseParams, userID string) error

func LoadToken 

func LoadToken(tokenFile string) string

NOTE: must load when tokenFile != ""

func RegisterCluster 

func RegisterCluster(bp api.BaseParams, cluSpec CluACL) error

func RevokeToken 

func RevokeToken(bp api.BaseParams, token string) error

func SetConfig 

func SetConfig(bp api.BaseParams, conf *ConfigToUpdate) error

func UnregisterCluster 

func UnregisterCluster(bp api.BaseParams, spec CluACL) error

func UpdateCluster 

func UpdateCluster(bp api.BaseParams, cluSpec CluACL) error

func UpdateRole 

func UpdateRole(bp api.BaseParams, roleSpec *Role) error

func UpdateUser 

func UpdateUser(bp api.BaseParams, user *User) error

Types

type BckACL 

type BckACL struct {
	Bck    cmn.Bck         `json:"bck"`
	Access apc.AccessAttrs `json:"perm,string"`
}

type CluACL 

type CluACL struct {
	ID     string          `json:"id"`
	Alias  string          `json:"alias,omitempty"`
	Access apc.AccessAttrs `json:"perm,string,omitempty"`
	URLs   []string        `json:"urls,omitempty"`
}

func GetRegisteredClusters 

func GetRegisteredClusters(bp api.BaseParams, spec CluACL) ([]*CluACL, error)

func (*CluACL) String 

func (clu *CluACL) String() string

type Config 

type Config struct {
	sync.RWMutex `list:"omit"` // for cmn.IterFields
	Log          LogConf       `json:"log"`
	Net          NetConf       `json:"net"`
	Server       ServerConf    `json:"auth"`
	Timeout      TimeoutConf   `json:"timeout"`
}

func GetConfig 

func GetConfig(bp api.BaseParams) (*Config, error)

func (*Config) ApplyUpdate 

func (c *Config) ApplyUpdate(cu *ConfigToUpdate) error

func (*Config) JspOpts 

func (*Config) JspOpts() jsp.Options

func (*Config) Secret 

func (c *Config) Secret() (secret string)

func (*Config) Verbose added in v1.3.18 

func (c *Config) Verbose() bool

type ConfigToUpdate 

type ConfigToUpdate struct {
	Server *ServerConfToSet `json:"auth"`
}

type HTTPConf 

type HTTPConf struct {
	Port        int    `json:"port"`
	UseHTTPS    bool   `json:"use_https"`
	Certificate string `json:"server_crt"`
	Key         string `json:"server_key"`
}

type LogConf 

type LogConf struct {
	Dir   string `json:"dir"`
	Level string `json:"level"`
}

type LoginMsg 

type LoginMsg struct {
	Password  string         `json:"password"`
	ExpiresIn *time.Duration `json:"expires_in"`
	ClusterID string         `json:"cluster_id"`
}

type NetConf 

type NetConf struct {
	HTTP HTTPConf `json:"http"`
}

type RegisteredClusters 

type RegisteredClusters struct {
	M map[string]*CluACL `json:"clusters,omitempty"`
}

type Role 

type Role struct {
	ID          string    `json:"name"`
	Desc        string    `json:"desc"`
	Roles       []string  `json:"roles"`
	ClusterACLs []*CluACL `json:"clusters"`
	BucketACLs  []*BckACL `json:"buckets"`
	IsAdmin     bool      `json:"admin"`
}

func GetAllRoles 

func GetAllRoles(bp api.BaseParams) ([]*Role, error)

func GetRole 

func GetRole(bp api.BaseParams, roleID string) (*Role, error)

type ServerConf 

type ServerConf struct {
	Secret       string       `json:"secret"`
	ExpirePeriod cos.Duration `json:"expiration_time"`
}

type ServerConfToSet added in v1.3.21 

type ServerConfToSet struct {
	Secret       *string `json:"secret"`
	ExpirePeriod *string `json:"expiration_time"`
}

type TimeoutConf 

type TimeoutConf struct {
	Default cos.Duration `json:"default_timeout"`
}

type TokenList 

type TokenList struct {
	Tokens  []string `json:"tokens"`
	Version int64    `json:"version,string"`
}

TokenList is a list of tokens pushed by authn

type TokenMsg 

type TokenMsg struct {
	Token string `json:"token"`
}

func LoginUser 

func LoginUser(bp api.BaseParams, userID, pass, clusterID string, expire *time.Duration) (token *TokenMsg, err error)

Authorize a user and return a user token in case of success. The token expires in `expire` time. If `expire` is `nil` the expiration time is set by AuthN (default AuthN expiration time is 24 hours)

func (*TokenMsg) JspOpts 

func (*TokenMsg) JspOpts() jsp.Options

type User 

type User struct {
	ID          string    `json:"id"`
	Password    string    `json:"pass,omitempty"`
	Roles       []string  `json:"roles"`
	ClusterACLs []*CluACL `json:"clusters"`
	BucketACLs  []*BckACL `json:"buckets"` // list of buckets with special permissions
}

func GetAllUsers 

func GetAllUsers(bp api.BaseParams) ([]*User, error)

func GetUser 

func GetUser(bp api.BaseParams, userID string) (*User, error)

func (*User) IsAdmin 

func (uInfo *User) IsAdmin() bool

IsAdmin returns true if the user is an admin or super-user, i.e. the user has the full access to everything.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.