Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( AllowCtr = prometheus.NewCounterVec(prometheus.CounterOpts{ Name: "choria_aaa_authorizer_allowed", Help: "Total number of requests that were allowed", }, []string{"site", "authorizer", "action"}) DenyCtr = prometheus.NewCounterVec(prometheus.CounterOpts{ Name: "choria_aaa_authorizer_denied", Help: "Total number of requests that were denied", }, []string{"site", "authorizer", "action"}) ErrCtr = prometheus.NewCounterVec(prometheus.CounterOpts{ Name: "choria_aaa_authorizer_errors", Help: "Total number of requests could not be authorized", }, []string{"site", "authorizer"}) )
Functions ¶
This section is empty.
Types ¶
type Authorizer ¶
type Authorizer interface {
// Authorize should check if the request should be allowed
Authorize(req protocol.Request, claims *tokens.ClientIDClaims) (allow bool, err error)
}
Authorizer is used to authorize a request based on its JWT claims
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package actionlist is a Authorizer that looks at specific claims in a JWT token and allow requests based on the approved list of actions.
|
Package actionlist is a Authorizer that looks at specific claims in a JWT token and allow requests based on the approved list of actions. |
|
Package opa is a Authorizer that reads Open Policy Agent Rego policies from a `opa_policy` claim in a JWT token and allow requests based on evaluation of the policy
|
Package opa is a Authorizer that reads Open Policy Agent Rego policies from a `opa_policy` claim in a JWT token and allow requests based on evaluation of the policy |
Click to show internal directories.
Click to hide internal directories.