cased

package module
v1.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 2, 2021 License: MIT Imports: 14 Imported by: 4

README

cased-go

A Cased client for Go applications in your organization to control and monitor the access of information within your organization.

Build Status go.dev

Overview

Installation

To make cased-go available for use in your package, run:

$ go get github.com/cased/cased-go

After installing the cased-go package and configuring cased-go, the first thing you'll want to do is start publishing audit events:

package main

import "github.com/cased/cased-go"

func main() {
	p := cased.NewPublisher(
		cased.WithPublishKey("publish_test_1mY8qb355NWIa3uY00H2fk7elpT"),
	)
	cased.SetPublisher(p)

	ae := cased.AuditEvent{
		"action":          "user.login",
		"actor":           cased.NewSensitiveValue("John Doe", "username"),
		"actor_id":        "User;1",
		"organization":    "cased",
		"organization_id": "Organization;1",
	}
	cased.Publish(ae)

	fmt.Printf("%+v\n", ae)
}

cased-go publishes audit events asynchronously by default. To ensure no audit events are dropped at the end of your process, you'll want to make sure cased.Flush is called at some point in your shutdown process.

package main

import "github.com/cased/cased-go"

func main() {
	p := cased.NewPublisher(
		cased.WithPublishKey("publish_test_1mY8qb355NWIa3uY00H2fk7elpT"),
	)
	cased.SetPublisher(p)

	// The process will wait 30 seconds to publish all events to Cased before
	// exiting the process.
	defer cased.Flush(30 * time.Second)

	ae := cased.AuditEvent{
		"action":          "user.login",
		"actor":           cased.NewSensitiveValue("John Doe", "username"),
		"actor_id":        "User;1",
		"organization":    "cased",
		"organization_id": "Organization;1",
	}
	cased.Publish(ae)

	fmt.Printf("%+v\n", ae)
}

You've now installed cased-go properly and have published your first event. For more details on publishing audit events and protecting sensitive values, keep reading on.

Configuration

All configuration options available in cased-go are available to be configured by an environment variable or manually.

package main

import (
	"net/http"
	"time"

	"github.com/cased/cased-go"
)

func main() {
	p := cased.NewPublisher(
		// CASED_PUBLISH_URL=https://publish.cased.com
		cased.WithPublishURL("https://publish.cased.com"),

		// CASED_PUBLISH_KEY=publish_live_1mY8qb355NWIa3uY00H2fk7elpT
		cased.WithPublishKey("publish_live_1mY8qb355NWIa3uY00H2fk7elpT"),

		// CASED_DEBUG=1
		cased.WithDebug(true),

		// CASED_SILENCE=1
		cased.WithSilence(true),

		// You can configure your own client or re-use an existing HTTP client from
		// your application.
		cased.WithHTTPClient(&http.Client{}),

		// You can configure your own transport or re-use an existing HTTP transport
		// from your application.
		cased.WithHTTPTransport(&http.Transport{}),

		// CASED_HTTP_TIMEOUT=10s
		cased.WithHTTPTimeout(10*time.Second),
		cased.WithTransport(cased.NewNoopHTTPTransport()),
	)
	cased.SetPublisher(p)

	// ...
}

Usage

Publishing events to Cased

There are two ways to publish your first Cased event.

Manually

package user

import "github.com/cased/cased-go"

type Organization struct {
	ID   string
	Name string
}

type User struct {
	ID           string
	Username     string
	Organization Organization
}

func (u *User) login(password, passwordConfirmation string) error {
	ae := cased.AuditEvent{
		"action":          "user.login",
		"actor":           cased.NewSensitiveValue(u.Username, "username"),
		"actor_id":        u.ID,
		"organization":    u.Organization.Name,
		"organization_id": u.Organization.ID,
	}
	defer cased.Publish(ae)

	if password != passwordConfirmation {
		ae["action"] = "user.failed_login"
		return errors.New("invalid password")
	}

	return nil
}
Masking & filtering sensitive information

If you are handling sensitive information on behalf of your users you should consider masking or filtering any sensitive information.

package user

import "github.com/cased/cased-go"

type Address struct {
	Street  string
	City    string
	State   string
	ZipCode string
}

type User struct {
	ID       string
	Username string
	Address  *Address
}

func (a *Address) Create() error {
	cased.Publish(cased.AuditEvent{
		"action":   "address.create",
		"actor":    cased.NewSensitiveValue(u.Username, "username"),
		"actor_id": u.ID,
		"location": map[string]interface{}{
			"street":   cased.NewSensitiveValue(u.Address.Street, "street"),
			"city":     cased.NewSensitiveValue(u.Address.City, "city"),
			"state":    cased.NewSensitiveValue(u.Address.State, "state"),
			"zip_code": cased.NewSensitiveValue(u.Address.ZipCode, "zip-code"),
		},
	})

	return nil
}
Disable publishing events

Although rare, there may be times where you wish to disable publishing events to Cased. You can configure it using an environment variable or in the client.

package main

import (
	"net/http"
	"time"

	"github.com/cased/cased-go"
)

func main() {
	p := cased.NewPublisher(
		// CASED_SILENCE=1
		cased.WithSilence(true),
	)
	cased.SetPublisher(p)
	defer cased.Flush(10 * time.Second)

	// This audit event will not get published to Cased.
	cased.Publish(cased.AuditEvent{
		"action":             "user.login",
		"actor":              "dewski",
		"actor_id":           "user_1dsGbftbx1c47iU8c7BzUcKJRcD",
		"organization":       "Cased",
		"organization_id":    "org_1dsGTnNZLzgwb1alwS2szN0KUo5",
		"request_id":         "27d62d1869e5f9826acc6cfd80edca90",
		"request_url":        "https://app.cased.com/saml/consume",
		"request_user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
	})
}

Or you can configure the entire process to disable publishing events.

CASED_SILENCE=1 go run main.go

Contributing

  1. Fork it ( https://github.com/cased/cased-go/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request

Documentation

Index

Constants

View Source 
const (
	// DotCasedKey is the key name for the property that encodes information about
	// an AuditEvent.
	DotCasedKey = ".cased"

	// DefaultSensitiveLabel is the default value used if a particular PII
	// does not contain a label.
	DefaultSensitiveLabel = "sensitive-value"
)

Variables

View Source 
var (
	// APIURL is the Cased REST API URL (default: https://api.cased.com)
	APIURL = os.Getenv("CASED_API_URL")
	APIKey = os.Getenv("CASED_API_KEY")

	// PublishURL is the Cased API URL for publishing audit trail events
	// (default: https://publish.cased.com)
	PublishURL = os.Getenv("CASED_PUBLISH_URL")

	// PublishKey is the audit trail API key for publishing audit trail events.
	PublishKey = os.Getenv("CASED_PUBLISH_KEY")

	// WorkflowsKey is the workflows API key for managing and triggering workflows.
	WorkflowsKey = os.Getenv("CASED_WORKFLOWS_KEY")
)
View Source 
var ContextKey = contextKey(0)

ContextKey ...

View Source 
var Logger = log.New(ioutil.Discard, "[Cased] ", log.LstdFlags)

Logger ...

View Source 
var Processors = []Processor{
	SensitiveDataProcessor,
	PublishedAtProcessor,
}

Processors contains all processors available to transform an audit event before it's published to Cased.

Functions

func Bool added in v1.0.0 

func Bool(b bool) *bool

func Flush 

func Flush(timeout time.Duration) bool

Flush waits for audit events to be published.

func Int added in v1.0.0 

func Int(i int) *int

func Publish 

func Publish(event AuditEvent) error

Publish publishes an audit event to Cased.

func PublishWithContext 

func PublishWithContext(ctx context.Context, event AuditEvent) error

PublishWithContext enriches the provided audit event with the context set in the request. If the same key is present in both the context and provided audit event, the audit event value will be preserved.

func SetEndpoint added in v1.0.0 

func SetEndpoint(endpoint AvailableEndpoint, e Endpoint)

SetEndpoint lets you configure the endpoint implementation for a particular endpoint. Helpful for mocking in tests.

func SetHTTPClient added in v1.0.0 

func SetHTTPClient(client *http.Client)

SetHTTPClient sets the global HTTP client.

func SetPublisher 

func SetPublisher(publisher Publisher)

SetPublisher ...

func String added in v1.0.0 

func String(s string) *string

Built in type pointer helpers

Types

type AuditEvent 

type AuditEvent map[string]interface{}

AuditEvent ...

func GetContextFromContext 

func GetContextFromContext(ctx context.Context) AuditEvent

GetContextFromContext ...

func (AuditEvent) MarshalJSON 

func (ae AuditEvent) MarshalJSON() ([]byte, error)

MarshalJSON ...

type AuditEventPayload 

type AuditEventPayload struct {
	DotCased   DotCased `json:".cased"`
	AuditEvent AuditEvent
}

AuditEventPayload is the wrapper struct hosting the nestable JSON AuditEvent with the internal `.cased` property with a rich struct.

func NewAuditEventPayload 

func NewAuditEventPayload(event AuditEvent) *AuditEventPayload

NewAuditEventPayload ...

func PublishedAtProcessor 

func PublishedAtProcessor(aep *AuditEventPayload) *AuditEventPayload

PublishedAtProcessor sets the current time the audit event was published at.

func SensitiveDataProcessor 

func SensitiveDataProcessor(aep *AuditEventPayload) *AuditEventPayload

SensitiveDataProcessor adds sensitive data positions based on values.

func (*AuditEventPayload) MarshalJSON 

func (aep *AuditEventPayload) MarshalJSON() ([]byte, error)

MarshalJSON ...

func (*AuditEventPayload) UnmarshalJSON 

func (aep *AuditEventPayload) UnmarshalJSON(data []byte) error

UnmarshalJSON ...

type AvailableEndpoint added in v1.0.0 

type AvailableEndpoint string
const (
	APIEndpoint         AvailableEndpoint = "api"
	WorkflowsEndpoint   AvailableEndpoint = "workflows"
	AuditTrailsEndpoint AvailableEndpoint = "audittrails"
)

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client is the underlying processor that is used by the main API and Hub instances. It must be created with NewClient.

func (*Client) Flush 

func (c *Client) Flush(timeout time.Duration) bool

Flush ...

func (Client) Options 

func (c Client) Options() PublisherOptions

Options return PublisherOptions for the current Client.

func (Client) Publish 

func (c Client) Publish(event AuditEvent) error

Publish ...

type DotCased 

type DotCased struct {
	PII                map[string][]*SensitiveRange `json:"pii,omitempty"`
	ID                 string                       `json:"id,omitempty"`
	Event              AuditEvent                   `json:"event,omitempty"`
	PublisherUserAgent string                       `json:"publisher_user_agent,omitempty"`
	ProcessedAt        *time.Time                   `json:"processed_at,omitempty"`
	ReceivedAt         *time.Time                   `json:"received_at,omitempty"`
	PublishedAt        time.Time                    `json:"published_at"`
}

DotCased is a reserved property in an audit event containing the original event, any modifications to the event post-processing, timestamps, and more.

type Endpoint added in v1.0.0 

type Endpoint interface {
	Call(method, path string, params ParamsContainer, i interface{}) error
}

func GetEndpoint added in v1.0.0 

func GetEndpoint(endpointType AvailableEndpoint) Endpoint

GetEndpoint retrieves an endpoint implementation for a particular endpoint.

func GetEndpointWithConfig added in v1.0.0 

func GetEndpointWithConfig(endpointType AvailableEndpoint, config *EndpointConfig) Endpoint

GetEndpointWithConfig configures the specified endpoint type with the default configuration.

type EndpointConfig added in v1.0.0 

type EndpointConfig struct {
	HTTPClient *http.Client
	APIKey     *string
	URL        *string
}

type EndpointImplementation added in v1.0.0 

type EndpointImplementation struct {
	Endpoint   AvailableEndpoint
	HTTPClient *http.Client
	URL        string
	APIKey     string
}

func (*EndpointImplementation) Call added in v1.0.0 

func (ei *EndpointImplementation) Call(method, path string, params ParamsContainer, i interface{}) error

type Endpoints added in v1.0.0 

type Endpoints struct {
	API         Endpoint
	AuditTrails Endpoint
	Workflows   Endpoint
	// contains filtered or unexported fields
}

type Error added in v1.0.0 

type Error struct {
	Code    ErrorCode       `json:"error,omitempty"`
	Message string          `json:"message"`
	Errors  []*ErrorMessage `json:"errors,omitempty"`

	Err error `json:"-"`
}

func (*Error) Error added in v1.0.0 

func (ae *Error) Error() string

type ErrorCode added in v1.0.0 

type ErrorCode string
const (
	ErrorCodeNotFound                    ErrorCode = "not_found"
	ErrorCodeInvalidContentType          ErrorCode = "invalid_content_type"
	ErrorCodeInvalidAuthenticationScheme ErrorCode = "invalid_authentication_scheme"
	ErrorCodeReadOnlyAPIKey              ErrorCode = "read_only_api_key"
	ErrorCodeInvalidAPIKey               ErrorCode = "invalid_api_key"
	ErrorCodeUnauthorized                ErrorCode = "unauthorized"
	ErrorCodeInvalidRequest              ErrorCode = "invalid_request"
)

type ErrorMessage added in v1.0.0 

type ErrorMessage struct {
	Resource string `json:"resource"`
	Path     string `json:"path"`
	Code     string `json:"code"`
}

type Event added in v1.0.0 

type Event struct {
	// The Event ID
	ID string `json:"id"`

	// The API URL for the workflow.
	APIURL string `json:"api_url"`

	// Result contains information about the workflow run. If a workflow was not
	// specified or detected, it will be empty.
	Result Result `json:"result"`

	// Event has been processed.
	Event EventPayload `json:"event"`

	// OriginalEvent contains the original event published to Cased.
	OriginalEvent EventPayload `json:"original_event"`

	// UpdatedAt is when the event was last updated.
	UpdatedAt time.Time `json:"updated_at"`

	// CreatedAt is when the event was published.
	CreatedAt time.Time `json:"created_at"`
}

type EventParams added in v1.0.0 

type EventParams struct {
	Params

	// WorkflowID is optional and only required if the workflow is known ahead of
	// time.
	WorkflowID *string

	// Event is the event that is published to Cased.
	Event EventPayload
}

EventParams contains the available fields when publishing events.

func (EventParams) MarshalJSON added in v1.0.0 

func (ep EventParams) MarshalJSON() ([]byte, error)

type EventPayload added in v1.0.0 

type EventPayload map[string]interface{}

EventPayload is the JSON event.

type HTTPSyncTransport 

type HTTPSyncTransport struct {
	// contains filtered or unexported fields
}

HTTPSyncTransport provides a transport that publishes audit events synchronously as they are received.

func NewHTTPSyncTransport 

func NewHTTPSyncTransport() *HTTPSyncTransport

NewHTTPSyncTransport returns a transport that publishes audit events synchronously as they are received.

func (*HTTPSyncTransport) Configure 

func (t *HTTPSyncTransport) Configure(options PublisherOptions)

Configure prepares the synchronous audit event publisher with provided client options.

func (*HTTPSyncTransport) Flush 

func (t *HTTPSyncTransport) Flush(_ time.Duration) bool

Flush is unused.

func (*HTTPSyncTransport) Publish 

func (t *HTTPSyncTransport) Publish(event *AuditEventPayload) error

Publish publishes the provided audit event to Cased.

type HTTPTransport 

type HTTPTransport struct {
	BufferSize int
	// contains filtered or unexported fields
}

HTTPTransport ...

func NewHTTPTransport 

func NewHTTPTransport() *HTTPTransport

NewHTTPTransport ...

func (*HTTPTransport) Configure 

func (t *HTTPTransport) Configure(options PublisherOptions)

Configure prepares the asynchronous audit event publisher with provided client options.

func (*HTTPTransport) Flush 

func (t *HTTPTransport) Flush(timeout time.Duration) bool

Flush waits for all audit events to be published that are in the buffer.

func (*HTTPTransport) Publish 

func (t *HTTPTransport) Publish(event *AuditEventPayload) error

Publish queues the audit event to be published in the asynchronously.

To ensure queued audit events are published at end of process see Flush.

type MockPublisher 

type MockPublisher struct {
	Events []AuditEvent
	// contains filtered or unexported fields
}

func NewMockPublisher 

func NewMockPublisher() (*MockPublisher, func())

func NewSilencedMockPublisher 

func NewSilencedMockPublisher() (*MockPublisher, func())

func (MockPublisher) Flush 

func (mp MockPublisher) Flush(_ time.Duration) bool

func (MockPublisher) Options 

func (mp MockPublisher) Options() PublisherOptions

func (*MockPublisher) Publish 

func (mp *MockPublisher) Publish(event AuditEvent) error

type NoopHTTPTransport 

type NoopHTTPTransport struct{}

NoopHTTPTransport does not publish audit events to Cased.

func NewNoopHTTPTransport 

func NewNoopHTTPTransport() *NoopHTTPTransport

NewNoopHTTPTransport returns a client that does not publish audit events to Cased.

func (*NoopHTTPTransport) Configure 

func (t *NoopHTTPTransport) Configure(options PublisherOptions)

Configure is a noop operation.

func (*NoopHTTPTransport) Flush 

func (t *NoopHTTPTransport) Flush(_ time.Duration) bool

Flush is a noop operation.

func (*NoopHTTPTransport) Publish 

func (t *NoopHTTPTransport) Publish(event *AuditEventPayload) error

Publish is a noop operation.

type Params added in v1.0.0 

type Params struct {
	Context context.Context `json:"-"`
}

func (*Params) GetParams added in v1.0.0 

func (p *Params) GetParams() *Params

type ParamsContainer added in v1.0.0 

type ParamsContainer interface {
	GetParams() *Params
}

type Processor 

type Processor func(*AuditEventPayload) *AuditEventPayload

Processor is the interface necessary for processor functions to implement. It takes the audit event payload that is about to be published and mutates it as necessary.

Each processor should be idempotent and not depend on another processor to be called beforehand.

type Publisher 

type Publisher interface {
	Publish(event AuditEvent) error
	Options() PublisherOptions
	Flush(timeout time.Duration) bool
}

Publisher describes the interface for structs that want to publish audit events to Cased.

func CurrentPublisher 

func CurrentPublisher() Publisher

CurrentPublisher ...

func NewPublisher 

func NewPublisher(opts ...PublisherOption) Publisher

NewPublisher ...

type PublisherOption 

type PublisherOption func(opts *PublisherOptions)

PublisherOption ...

func WithDebug 

func WithDebug(debug bool) PublisherOption

WithDebug ...

func WithHTTPClient 

func WithHTTPClient(httpClient *http.Client) PublisherOption

WithHTTPClient ...

func WithHTTPTimeout 

func WithHTTPTimeout(httpTimeout time.Duration) PublisherOption

WithHTTPTimeout ...

func WithHTTPTransport 

func WithHTTPTransport(httpTransport *http.Transport) PublisherOption

WithHTTPTransport ...

func WithPublishKey 

func WithPublishKey(publishKey string) PublisherOption

WithPublishKey configures the publish key used to publish audit events to Cased. You can obtain the publish key from the audit trail settings page within the Cased dashboard.

func WithPublishURL 

func WithPublishURL(publishURL string) PublisherOption

WithPublishURL ...

func WithSilence 

func WithSilence(silence bool) PublisherOption

WithSilence ...

func WithTransport 

func WithTransport(transport Transporter) PublisherOption

WithTransport ...

type PublisherOptions 

type PublisherOptions struct {
	// PublishURL contains the URL to published Cased events to.
	PublishURL string `envconfig:"CASED_PUBLISH_URL" default:"https://publish.cased.com"`

	// PublishKey is the publish API key used to publish to an audit trail.
	//
	// A publish key is associated with a single audit trail and is required if
	// you intend to publish events to Cased in your application.
	PublishKey string `envconfig:"CASED_PUBLISH_KEY"`

	Debug bool `envconfig:"CASED_DEBUG" default:"false"`

	// Silence to determine if new events are published to Cased.
	Silence bool `envconfig:"CASED_SILENCE" default:"false"`

	HTTPClient    *http.Client
	HTTPTransport *http.Transport
	HTTPTimeout   time.Duration `envconfig:"CASED_HTTP_TIMEOUT" default:"5s"`

	Transport Transporter
}

PublisherOptions ...

type Result added in v1.0.0 

type Result struct {
	// The Result ID
	ID string `json:"id"`

	// The API URL for the result.
	APIURL string `json:"api_url"`

	// State contains the workflow run state.
	State WorkflowState `json:"state"`

	// Controls contains the controls specified by the workflow that was triggered.
	Controls ResultControls `json:"controls"`

	// Workflow contains the workflow that was detected or specified with the
	// event.
	Workflow *Workflow `json:"workflow"`

	// UpdatedAt is when the result was last updated.
	UpdatedAt time.Time `json:"updated_at"`

	// CreatedAt is when the result was originally created.
	CreatedAt time.Time `json:"created_at"`
}

type ResultControls added in v1.0.0 

type ResultControls struct {
	Authentication *ResultControlsAuthentication `json:"authentication,omitempty"`
	Reason         *ResultControlsReason         `json:"reason,omitempty"`
	Approval       *ResultControlsApproval       `json:"approval,omitempty"`
}

ResultControls contains all the controls specified by the workflow that was triggered. All controls must be fulfilled for the workflow run to be fulfilled.

type ResultControlsApproval added in v1.0.0 

type ResultControlsApproval struct {
	// ID is the approval result control identifier
	ID string `json:"id"`

	// State reflects the workflow result's approval state.
	State ResultControlsApprovalState `json:"state"`

	// URL where user can approve the request in the UI.
	URL string `json:"url"`

	// Requests contains all approval requests sent. Feature is not yet enabled.
	Requests []ResultControlsApprovalRequest `json:"requests"`

	// Source contains the approval sources.
	Source ResultControlsApprovalSource `json:"source"`
}

type ResultControlsApprovalRequest added in v1.0.0 

type ResultControlsApprovalRequest struct {
	ID    string                            `json:"id"`
	State WorkflowState                     `json:"state"`
	Type  ResultControlsApprovalRequestType `json:"type"`
}

type ResultControlsApprovalRequestType added in v1.0.0 

type ResultControlsApprovalRequestType string

type ResultControlsApprovalSource added in v1.0.0 

type ResultControlsApprovalSource struct {
	// Email indicates if the workflow approval request notified users via email.
	Email bool `json:"email"`

	// Slack indicates if the workflow approval request notified users via Slack.
	Slack ResultControlsApprovalSourceSlack `json:"slack"`
}

type ResultControlsApprovalSourceSlack added in v1.0.0 

type ResultControlsApprovalSourceSlack struct {
	// Channel indicates the Slack channel the approval request was published to.
	Channel string `json:"channel"`
}

type ResultControlsApprovalState added in v1.0.0 

type ResultControlsApprovalState string

ResultControlsApprovalState reflects the workflow approval state. 

const (
	// ResultControlsApprovalStatePending indicates when workflow controls have
	// not yet been fulfilled to request approval from the configured approval
	// sources.
	//
	// See that non-approval controls are fulfilled before the approval request
	// will be requested.
	ResultControlsApprovalStatePending ResultControlsApprovalState = "pending"

	// ResultControlsApprovalStateRequested indicates the workflow has requested
	// approval from the configured approval sources. The specified approval
	// requirements have not been met.
	ResultControlsApprovalStateRequested ResultControlsApprovalState = "requested"

	// ResultControlsApprovalStateApproved indicates that the approval request
	// has been approved per the configured approval requirements.
	ResultControlsApprovalStateApproved ResultControlsApprovalState = "approved"

	// ResultControlsApprovalStateDenied indicates that the approval request
	// has been denied or did not meet approval requirements.
	ResultControlsApprovalStateDenied ResultControlsApprovalState = "denied"

	// ResultControlsApprovalStateTimedOut indicates that the approval request
	// received no response within the configured timeout window.
	ResultControlsApprovalStateTimedOut ResultControlsApprovalState = "timed_out"

	// ResultControlsApprovalStateCanceled indicates that the approval request
	// was canceled by the requester.
	ResultControlsApprovalStateCanceled ResultControlsApprovalState = "canceled"
)

type ResultControlsAuthentication added in v1.0.0 

type ResultControlsAuthentication struct {
	// State contains the authentication request state.
	State WorkflowState `json:"state"`

	// User contains the user information if the user has authenticated
	// successfully.
	User *ResultControlsAuthenticationUser `json:"user"`

	// URL contains the ephemeral URL for the user to authenticate with their
	// Cased account for this particular workflow run. If running in a headless
	// environment present the URL to the user to visit manually, otherwise
	// redirect the user to the URL.
	URL string `json:"url"`

	// ApiURL contains the URL to check the status of the authentication request.
	APIURL string `json:"api_url"`
}

type ResultControlsAuthenticationUser added in v1.0.0 

type ResultControlsAuthenticationUser struct {
	// ID contains the authenticated Cased user ID.
	ID string `json:"id"`

	// Email contains the authenticated Cased user email address.
	Email string `json:"email"`
}

type ResultControlsReason added in v1.0.0 

type ResultControlsReason struct {
	State WorkflowState `json:"state"`
}

type SensitiveRange 

type SensitiveRange struct {
	Begin int    `json:"begin"`
	End   int    `json:"end"`
	Label string `json:"label"`
}

SensitiveRange is a range that informs Cased about any sensitive information stored in an AuditEvent.

type SensitiveValue 

type SensitiveValue struct {
	Value  string
	Ranges []SensitiveRange
}

SensitiveValue contains the sensitive value and all the sensitive ranges within the provided value.

func NewSensitiveValue 

func NewSensitiveValue(value, label string) SensitiveValue

NewSensitiveValue marks an entire string as sensitive.

The marked sensitive value will be encoded upon publishing to Cased.

func (SensitiveValue) MarshalJSON 

func (sv SensitiveValue) MarshalJSON() ([]byte, error)

MarshalJSON encodes the provided sensitive value for JSON representation.

type Transporter 

type Transporter interface {
	Configure(options PublisherOptions)
	Publish(event *AuditEventPayload) error
	Flush(timeout time.Duration) bool
}

Transporter ...

type WebhooksEndpoint added in v1.0.1 

type WebhooksEndpoint struct {
	// The Webhook Endpoint ID
	ID string `json:"id"`

	// URL to deliver webhook events to.
	URL string `json:"url"`

	// The API URL for the webhook endpoint.
	APIURL string `json:"api_url"`

	// Secret used to sign payloads.
	Secret string `json:"secret"`

	// EventTypes to deliver to the webhook endpoint. If none are specified, all
	// event types will deliver events.
	EventTypes []string `json:"event_types"`

	// UpdatedAt is when the webhook endpoint was last updated.
	UpdatedAt time.Time `json:"updated_at"`

	// CreatedAt is when the webhook endpoint was created.
	CreatedAt time.Time `json:"created_at"`
}

type WebhooksEndpointParams added in v1.0.1 

type WebhooksEndpointParams struct {
	Params `json:"-"`

	// URL to deliver webhook events to.
	URL *string `json:"url,omitempty"`

	// EventTypes to deliver to the webhook endpoint. If none are specified, all
	// event types will deliver events.
	EventTypes *[]string `json:"event_types,omitempty"`
}

type Workflow added in v1.0.0 

type Workflow struct {
	// The Workflow ID
	ID string `json:"id"`

	// Name of the workflow to be used to trigger the workflow.
	Name *string `json:"name,omitempty"`

	// The API URL for the workflow.
	APIURL string `json:"api_url"`

	// Conditions are how Cased determines which workflow should run when an event
	// is published and a workflow is not specified.
	Conditions []WorkflowCondition `json:"conditions"`

	// Controls specifies the controls enabled for this workflow.
	Controls WorkflowControls `json:"controls"`

	// UpdatedAt is when the workflow was last updated.
	UpdatedAt time.Time `json:"updated_at"`

	// CreatedAt is when the workflow was created.
	CreatedAt time.Time `json:"created_at"`
}

type WorkflowCondition added in v1.0.0 

type WorkflowCondition struct {
	// The path to the field on the event to evaluate this condition for.
	Field string `json:"field"`

	// Operator specifies the operator use to evaluate the condition. See
	// `ConditionOperator` for all available operators.
	Operator WorkflowConditionOperator `json:"operator"`

	// Value contains the value to be used to evaluate the condition based on its
	// configured operator.
	Value string `json:"value"`
}

WorkflowCondition is an individual clause in one or more conditions that can be used to match incoming events.

All conditions are evaluated ignoring the case of the value.

type WorkflowConditionOperator added in v1.0.0 

type WorkflowConditionOperator string

WorkflowConditionOperator contains all condition operators available for workflows. 

const (
	// WorkflowConditionOperatorEndsWith case-insensitive matches "world" in
	// "hello world"
	WorkflowConditionOperatorEndsWith WorkflowConditionOperator = "endsWith"

	// WorkflowConditionOperatorEqual case-insensitive matches "cased" both
	// "cased" or "Cased"
	WorkflowConditionOperatorEqual WorkflowConditionOperator = "eq"

	// WorkflowConditionOperatorIncludes case-insensitive matches when the value
	// is included in the specified field for both strings and arrays.
	WorkflowConditionOperatorIncludes WorkflowConditionOperator = "in"

	// WorkflowConditionOperatorNotEqual case-insensitive matches when the field
	// does not contain the specified value.
	WorkflowConditionOperatorNotEqual WorkflowConditionOperator = "not"

	// WorkflowConditionOperatorRegex matches based on the provided regular
	// expression. Not currently enabled.
	WorkflowConditionOperatorRegex WorkflowConditionOperator = "re"

	// WorkflowConditionOperatorStartsWith case-insensitive matches "hello" in
	// "hello world"
	WorkflowConditionOperatorStartsWith WorkflowConditionOperator = "startsWith"
)

type WorkflowConditionParams added in v1.0.0 

type WorkflowConditionParams struct {
	// The path to the field on the event to evaluate this condition for.
	Field *string `json:"field"`

	// Operator specifies the operator use to evaluate the condition. See
	// `ConditionOperator` for all available operators.
	Operator *string `json:"operator"`

	// Value contains the value to be used to evaluate the condition based on its
	// configured operator.
	Value *string `json:"value"`
}

WorkflowCondition is an individual clause in one or more conditions that can be used to match incoming events.

All conditions are evaluated ignoring the case of the value.

type WorkflowControls added in v1.0.0 

type WorkflowControls struct {
	// Require a user to provide a reason to continue the workflow.
	Reason *bool `json:"reason,omitempty"`

	// Require a user to authenticate with Cased to continue the workflow.
	Authentication *bool `json:"authentication,omitempty"`

	// Require a user to receive approval before a workflow is fulfilled or
	// rejected.
	Approval *WorkflowControlsApproval `json:"approval,omitempty"`
}

type WorkflowControlsApproval added in v1.0.0 

type WorkflowControlsApproval struct {
	// The number of approvals required to fulfill the approval requirement.
	//
	// Approval count cannot exceed the number of users on your account,
	// otherwise an error will be returned.
	Count int `json:"count"`

	// Permit an approval request to allow user requesting approval the ability
	// to approve their own request. If the Authentication control is disabled,
	// any user can approve the request and this setting is ignored.
	SelfApproval bool `json:"self_approval"`

	// Determine how long the approval lasts for.
	Duration int `json:"duration"`

	// Control how long the approval request is valid for. If not supplied,
	// approval requests can be responded to indefinitely.
	Timeout *int `json:"timeout"`

	// List of responders that can include individual users and groups of users
	// who are authorized to respond to the approval request.
	Responders *WorkflowControlsApprovalResponders `json:"responders,omitempty"`

	// Sources where to obtain the approval from. If not provided, defaults to
	// email.
	Sources *WorkflowControlsApprovalSources `json:"sources,omitempty"`
}

type WorkflowControlsApprovalParams added in v1.0.0 

type WorkflowControlsApprovalParams struct {
	// The number of approvals required to fulfill the approval requirement.
	//
	// Approval count cannot exceed the number of users on your account,
	// otherwise an error will be returned.
	Count *int `json:"count,omitempty"`

	// Permit an approval request to allow user requesting approval the ability
	// to approve their own request. If the Authentication control is disabled,
	// any user can approve the request and this setting is ignored.
	SelfApproval *bool `json:"self_approval,omitempty"`

	// Determine how long the approval lasts for.
	Duration *int `json:"duration,omitempty"`

	// Control how long the approval request is valid for. If not supplied,
	// approval requests can be responded to indefinitely.
	Timeout *int `json:"timeout,omitempty"`

	// List of responders that can include individual users and groups of users
	// who are authorized to respond to the approval request.
	Responders *WorkflowControlsApprovalResponders `json:"responders,omitempty"`

	// Sources where to obtain the approval from. If not provided, defaults to
	// email.
	Sources *WorkflowControlsApprovalSourcesParams `json:"sources,omitempty"`
}

type WorkflowControlsApprovalResponders added in v1.0.0 

type WorkflowControlsApprovalResponders map[string]string

WorkflowControlsApprovalResponders is the list of individual users and groups of users who are authorized to respond to an approval request.

type WorkflowControlsApprovalSources added in v1.0.0 

type WorkflowControlsApprovalSources struct {
	// Email determines if an email is delivered for the approval request.
	Email bool `json:"email"`

	// Slack when provided, publishes a Slack message which users can respond to
	// the request.
	Slack *WorkflowControlsApprovalSourcesSlack `json:"slack,omitempty"`
}

WorkflowControlsApprovalSources determines where approval requests are delivered.

type WorkflowControlsApprovalSourcesParams added in v1.0.0 

type WorkflowControlsApprovalSourcesParams struct {
	// Email determines if an email is delivered for the approval request.
	Email *bool `json:"email,omitempty"`

	// Slack when provided, publishes a Slack message which users can respond to
	// the request.
	Slack *WorkflowControlsApprovalSourcesSlackParams `json:"slack,omitempty"`
}

WorkflowControlsApprovalSourcesParams determines where approval requests are delivered.

type WorkflowControlsApprovalSourcesSlack added in v1.0.0 

type WorkflowControlsApprovalSourcesSlack struct {
	// The fully qualified Slack channel name (ie: #security).
	Channel string `json:"channel"`
}

WorkflowControlsApprovalSourcesSlack configures which the Slack approval source.

type WorkflowControlsApprovalSourcesSlackParams added in v1.0.0 

type WorkflowControlsApprovalSourcesSlackParams struct {
	// The fully qualified Slack channel name (ie: #security).
	Channel *string `json:"channel,omitempty"`
}

WorkflowControlsApprovalSourcesSlackParams configures which the Slack approval source.

type WorkflowControlsParams added in v1.0.0 

type WorkflowControlsParams struct {
	// Require a user to provide a reason to continue the workflow.
	Reason *bool `json:"reason,omitempty"`

	// Require a user to authenticate with Cased to continue the workflow.
	Authentication *bool `json:"authentication,omitempty"`

	// Require a user to receive approval before a workflow is fulfilled or
	// rejected.
	Approval *WorkflowControlsApprovalParams `json:"approval,omitempty"`
}

type WorkflowParams added in v1.0.0 

type WorkflowParams struct {
	Params `json:"-"`

	// Name is optional and only required if you intend to trigger workflows
	// by publishing events directly to them.
	Name *string `json:"name,omitempty"`

	// Conditions specify the conditions the workflow should match when events
	// are not published directly to a workflow.
	Conditions *[]WorkflowConditionParams `json:"conditions,omitempty"`

	// Configure the controls necessary for the workflow to reach the fulfilled
	// state.
	Controls *WorkflowControlsParams `json:"controls,omitempty"`
}

WorkflowParams contains the available fields when creating and updating workflows.

type WorkflowState added in v1.0.0 

type WorkflowState string
const (
	// Workflow
	WorkflowStatePending WorkflowState = "pending"

	// Workflow result state is unfulfilled when all controls have not been met.
	WorkflowStateUnfulfilled WorkflowState = "unfulfilled"

	// Workflow controls were not met. When the workflow result state is rejected
	// it's intended any further progress is canceled.
	WorkflowStateFulfilled WorkflowState = "fulfilled"

	// Workflow controls were not met. When the workflow result state is rejected
	// it's intended any further progress is canceled.
	WorkflowStateRejected WorkflowState = "rejected"
)

Source Files

View all Source files

Directories

Path Synopsis
example
basic
configuration
http
sensitive-data
webhooks
workflows/approval
workflows/lifecycle
workflows/reason-required
webhooks
endpoint
controlstates/approval

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.