Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthBypassMatch ¶ added in v0.5.2
type AuthBypassMatch interface {
/*
Match checks whether a request matches against auth bypass rules
@param ctxt context.Context - context calling this API
@param request RequestParam - request parameters
@return if a match is found or not, or an error otherwise
*/
Match(ctxt context.Context, request RequestParam) (bool, error)
}
AuthBypassMatch check whether a request matches against auth bypass rules
func DefineAuthBypassMatch ¶ added in v0.5.2
func DefineAuthBypassMatch(config common.AuthnBypassConfig) (AuthBypassMatch, error)
DefineAuthBypassMatch defines a new AuthBypassMatch
@param config common.AuthnBypassConfig - matcher configuration @return new AuthBypassMatch instance
type RequestMatch ¶
type RequestMatch interface {
/*
Match checks whether a request matches against defined parameters
@param ctxt context.Context - context calling this API
@param request RequestParam - request parameters
@return if a match, the list permissions needed to proceed, or an error otherwise
*/
Match(ctxt context.Context, request RequestParam) ([]string, error)
/*
String returns an ASCII description of the object
@return an ASCII description of the object
*/
String() string
}
RequestMatch checks whether a request matches against defined parameters
func DefineTargetGroupMatcher ¶
func DefineTargetGroupMatcher(spec TargetGroupSpec) (RequestMatch, error)
DefineTargetGroupMatcher defines a new RequestMatch for matching at host group level
@param spec TargetGroupSpec - the matcher specification @return new RequestMatch instance
type RequestParam ¶
type RequestParam struct {
// Host is the request target "host"
Host *string `validate:"omitempty,fqdn"`
// Path is the request target Path
Path string `validate:"required,uri"`
// Method is the request method
Method string `validate:"required,oneof=GET HEAD PUT POST PATCH DELETE OPTIONS"`
}
RequestParam contains critical parameters describing a REST request
func (RequestParam) String ¶
func (p RequestParam) String() string
String returns an ASCII description of the object
@return an ASCII description of the object
type TargetGroupSpec ¶
type TargetGroupSpec struct {
// AllowedHosts is the list of TargetHostSpec keyed by the host name. The host key of "*"
// functions as a wildcard. If a request host is not explicitly listed here, it may match
// against "*" if that key was defined
AllowedHosts map[string]TargetHostSpec `validate:"required,min=1,dive"`
}
TargetGroupSpec is a groups of hosts to check against
func ConvertConfigToTargetGroupSpec ¶
func ConvertConfigToTargetGroupSpec(cfg *common.AuthorizationConfig) (TargetGroupSpec, error)
ConvertConfigToTargetGroupSpec convert a common.AuthorizationConfig into TargetGroupSpec
@param cfg *common.AuthorizationConfig - the authorize config section @return the converted TargetGroupSpec
type TargetHostSpec ¶
type TargetHostSpec struct {
// TargetHost is the host value the URI are associated with
TargetHost string `validate:"required"`
// AllowedPathsForHost is the list of paths associated with this host
AllowedPathsForHost []TargetPathSpec `validate:"required,min=1,dive"`
}
TargetHostSpec is a single host to check against defined by multiple associated paths
type TargetPathSpec ¶
type TargetPathSpec struct {
// PathPattern is the pattern for matching against a request URI path
PathPattern string `validate:"required"`
// PermissionsForMethod is the DICT of required permission for each specified request
// method that is allowed for this path. The method key of "*" functions as a wildcard.
// If the request method is not explicitly listed here, it may match against "*" if that
// key was defined.
PermissionsForMethod map[string][]string `validate:"required,min=1"`
}
TargetPathSpec is a single path pattern to check against
Source Files
Click to show internal directories.
Click to hide internal directories.