authz

package

v0.0.0-...-e1ceea9 Latest Latest Go to latest Published: Jan 13, 2021 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Copyright 2020 CYBERCRYPT ¶

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index ¶

type Authorizer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authorizer ¶

type Authorizer struct {
	MessageAuthenticator *crypt.MessageAuthenticator
	Store                authstorage.AuthStoreInterface
}

Authorizer encapsulates a MessageAuthenticator and a backing Auth Storage for reading and writing Access Objects

func (*Authorizer) AddPermission ¶

func (a *Authorizer) AddPermission(ctx context.Context, accessObject *AccessObject, objectID, targetUserID uuid.UUID) error

AddPermission adds a userID to the allowed users of the objectID and updates the Auth Storage

func (*Authorizer) Authorize ¶

func (a *Authorizer) Authorize(ctx context.Context, objectID, userID uuid.UUID) (*AccessObject, bool, error)

Authorize checks if a userID is allowed to access the objectID

func (*Authorizer) CreateObject ¶

func (a *Authorizer) CreateObject(ctx context.Context, objectID, userID uuid.UUID, kek []byte) ([]byte, error)

CreateObject creates a new object with given parameters and inserts it into the Auth Store, returning the associated OEK.

func (*Authorizer) ParseAccessObject ¶

func (a *Authorizer) ParseAccessObject(objectID uuid.UUID, data, tag []byte) (*AccessObject, error)

parseAccessObject verifies and parses an Object ID + data + tag into an Access Object

func (*Authorizer) RemovePermission ¶

func (a *Authorizer) RemovePermission(ctx context.Context, accessObject *AccessObject, objectID, targetUserID uuid.UUID) error

RemovePermission removes an userID to the allowed users of the objectID and updates the Auth Storage

func (*Authorizer) SerializeAccessObject ¶

func (a *Authorizer) SerializeAccessObject(objectID uuid.UUID, accessObject *AccessObject) ([]byte, []byte, error)

serializeAccessObject serializes and signs an Object ID + Access Object into data + tag

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL