authz

package

v0.27.258 Latest Latest Go to latest Published: Apr 29, 2024 License: MIT Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/effective-security/porto

Links

Open Source Insights

Documentation ¶

Overview ¶

Package authz provides an implemention of http authorization where specific URI (or URI's and their children) are allowed access by a set of roles

the caller can supply a way to map from a request to a role name.

the access control points are on entire URI segments only, e.g. Allow("/foo/bar", "bob") gives access to /foo/bar /foo/bar/baz, but not /foo/barry

Access is based on the deepest matching path, not the accumulated paths, so, Allow("/foo", "bob") Allow("/foo/bar", "barry") will allow barry access to /foo/bar but not access to /foo

AllowAny("/foo") will allow any authenticated request access to the /foo resource AllowAnyRole("/bar") will allow any authenticated request with a non-empty role access to the /bar resource

AllowAny, allowAnyRole always overrides any matching Allow regardless of the order of calls multiple calls to Allow for the same resource are cumulative, e.g. Allow("/foo", "bob") Allow("/foo", "barry") is equivilent to Allow("/foo", "bob", "barry")

Once you've built your Provider you can call NewHandler to get a http.Handler that implements those rules.

Index ¶

Variables
type Config
type GRPCAuthz
type HTTPAuthz
type Provider
- func New(cfg *Config) (*Provider, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrNoRoleMapperSpecified can't call NewHandler before you've set the RoleMapper function
	ErrNoRoleMapperSpecified = errors.New("you must have a RoleMapper set to be able to create a http.Handler")
	// ErrNoPathsConfigured is returned by NewHandler if you call NewHandler, but haven't configured any paths to be accessible
	ErrNoPathsConfigured = errors.New("you must have at least one path before being able to create a http.Handler")
)

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	// Allow will allow the specified roles access to this path and its children, in format: ${path}:${role},${role}
	Allow []string `json:"allow" yaml:"allow"`

	// AllowAny will allow any authenticated request access to this path and its children
	AllowAny []string `json:"allow_any" yaml:"allow_any"`

	// AllowAnyRole will allow any authenticated request that include a non empty role
	AllowAnyRole []string `json:"allow_any_role" yaml:"allow_any_role"`

	// LogAllowedAny specifies to log allowed access to nodes in AllowAny list
	LogAllowedAny bool `json:"log_allowed_any" yaml:"log_allowed_any"`

	// LogAllowed specifies to log allowed access
	LogAllowed bool `json:"log_allowed" yaml:"log_allowed"`

	// LogDenied specifies to log denied access
	LogDenied bool `json:"log_denied" yaml:"log_denied"`

	// SkipLogPaths if set, specifies a list of paths to not log.
	// this can be used for /v1/status/node or /metrics
	SkipLogPaths []telemetry.LoggerSkipPath `json:"logger_skip_paths,omitempty" yaml:"logger_skip_paths,omitempty"`
}

Config contains configuration for the authorization module

type GRPCAuthz ¶

type GRPCAuthz interface {
	// SetGRPCRoleMapper configures the function that provides
	// the mapping from a gRPC request to a role name
	SetGRPCRoleMapper(m func(ctx context.Context) identity.Identity)
	// NewUnaryInterceptor returns grpc.UnaryServerInterceptor that enforces the current
	// authorization configuration.
	// The returned interceptor will extract the role and verify that the role has access to the
	// URI being request, and either return an error, or pass the request on to the supplied
	// delegate handler
	NewUnaryInterceptor() grpc.UnaryServerInterceptor
}

GRPCAuthz represents an Authorization provider interface, You can call Allow or AllowAny to specify which roles are allowed access to which path segments. once configured you can create a Unary interceptor that enforces that configuration for you by calling NewUnaryInterceptor

type HTTPAuthz ¶

type HTTPAuthz interface {
	// SetRoleMapper configures the function that provides the mapping from an HTTP request to a role name
	SetRoleMapper(func(*http.Request) identity.Identity)
	// NewHandler returns a http.Handler that enforces the current authorization configuration
	// The handler has its own copy of the configuration changes to the Provider after calling
	// NewHandler won't affect previously created Handlers.
	// The returned handler will extract the role and verify that the role has access to the
	// URI being request, and either return an error, or pass the request on to the supplied
	// delegate handler
	NewHandler(delegate http.Handler) (http.Handler, error)
}

HTTPAuthz represents an Authorization provider interface, You can call Allow or AllowAny to specify which roles are allowed access to which path segments. once configured you can create a http.Handler that enforces that configuration for you by calling NewHandler

type Provider ¶

type Provider struct {
	// contains filtered or unexported fields
}

Provider represents an Authorization provider, You can call Allow or AllowAny to specify which roles are allowed access to which path segments. once configured you can create a http.Handler that enforces that configuration for you by calling NewHandler

func New ¶

func New(cfg *Config) (*Provider, error)

New returns new Authz provider

func (*Provider) Allow ¶

func (c *Provider) Allow(path string, roles ...string)

Allow will allow the specified roles access to this path and its children [unless a specific Allow/AllowAny is called for a child path] multiple calls to Allow for the same path are cumulative

func (*Provider) AllowAny ¶

func (c *Provider) AllowAny(path string)

AllowAny will allow any authenticated request access to this path and its children [unless a specific Allow/AllowAny is called for a child path]

func (*Provider) AllowAnyRole ¶

func (c *Provider) AllowAnyRole(path string)

AllowAnyRole will allow any authenticated request that include a non empty role access to this path and its children [unless a specific Allow/AllowAny is called for a child path]

func (*Provider) Clone ¶

func (c *Provider) Clone() *Provider

Clone returns a deep copy of this Provider

func (*Provider) NewHandler ¶

func (c *Provider) NewHandler(delegate http.Handler) (http.Handler, error)

NewHandler returns a http.Handler that enforces the current authorization configuration The handler has its own copy of the configuration changes to the Provider after calling NewHandler won't affect previously created Handlers. The returned handler will extract the role and verify that the role has access to the URI being request, and either return an error, or pass the request on to the supplied delegate handler

func (*Provider) NewUnaryInterceptor ¶

func (c *Provider) NewUnaryInterceptor() grpc.UnaryServerInterceptor

NewUnaryInterceptor returns grpc.UnaryServerInterceptor to check access

func (*Provider) SetGRPCRoleMapper ¶

func (c *Provider) SetGRPCRoleMapper(m func(ctx context.Context) identity.Identity)

SetGRPCRoleMapper configures the function that provides the mapping from a gRPC request to a role name

func (*Provider) SetRoleMapper ¶

func (c *Provider) SetRoleMapper(m func(r *http.Request) identity.Identity)

SetRoleMapper configures the function that provides the mapping from an HTTP request to a role name

Source Files ¶

View all Source files

authz.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL