accesscontrol

package

v0.0.0-...-ef7a112 Latest Latest Go to latest Published: Mar 23, 2024 License: MIT Imports: 26 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fapiper/onchain-access-control

Links

Open Source Insights

Documentation ¶

Index ¶

type CreatePolicyRequest
- func (cpr CreatePolicyRequest) IsValid() bool
type CreatePolicyResponse
type CreateSessionInput
- func (in CreateSessionInput) IsValid() bool
type PolicyURISet
type PolicyVerifier
type RegisterResourceInput
- func (in RegisterResourceInput) IsValid() bool
type RegisterResourceOutput
type RegisterResourceValue
type Service
- func NewAccessControlService(config config.AuthServiceConfig, s storage.ServiceStorage, ...) (*Service, error)
- func (s Service) CreateAccessContext(ctx context.Context) (*StoredAccessContext, error)
- func (s Service) CreatePolicy(ctx context.Context, request CreatePolicyRequest) (*CreatePolicyResponse, error)
- func (s Service) CreateSession(ctx context.Context, request CreateSessionInput) (*StoredSession, error)
- func (s Service) RegisterResource(ctx context.Context, request RegisterResourceInput) (*RegisterResourceOutput, error)
- func (s Service) Status() framework.Status
- func (s Service) Type() framework.Type
- func (s Service) VerifySession(ctx context.Context, request VerifySessionInput) (*VerifySessionOutput, error)
type ServiceFactory
- func NewAccessControlServiceFactory(s storage.ServiceStorage, p *presentation.Service, r resolution.Resolver, ...) ServiceFactory
type Storage
- func NewAccessControlStorage(db storage.ServiceStorage, e encryption.Encrypter, d encryption.Decrypter, ...) (*Storage, error)
- func (s *Storage) CheckAccessContextExists(ctx context.Context, id string) (bool, error)
- func (s *Storage) GetAccessContext(ctx context.Context, id string) (*StoredAccessContext, error)
- func (s *Storage) GetSession(ctx context.Context, id string) (*StoredSession, error)
- func (s *Storage) InsertAccessContext(ctx context.Context, access StoredAccessContext) error
- func (s *Storage) InsertSession(ctx context.Context, session StoredSession) error
type StoredAccessContext
type StoredSession
type VerifySessionInput
type VerifySessionOutput

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CreatePolicyRequest ¶

type CreatePolicyRequest struct {
	PresentationDefinitionID *model.GetPresentationDefinitionRequest `json:"presentation_definition_id"`
	Verifier                 PolicyVerifier                          `json:"verifier"`
}

func (CreatePolicyRequest) IsValid ¶

func (cpr CreatePolicyRequest) IsValid() bool

type CreatePolicyResponse ¶

type CreatePolicyResponse struct {
	// Address of the created policy contract
	PolicyContract string       `json:"policy_contract"`
	URIs           PolicyURISet `json:"uris"`
}

type CreateSessionInput ¶

type CreateSessionInput struct {
	SessionJWE []byte `json:"jwe,omitempty" validate:"required"`
}

func (CreateSessionInput) IsValid ¶

func (in CreateSessionInput) IsValid() bool

type PolicyURISet ¶

type PolicyURISet struct {
	PresentationDefinition string `json:"presentation_definition"`
	ProofProgram           string `json:"proof_program"`
	ProvingKey             string `json:"proving_key"`
	VerificationKey        string `json:"verification_key,omitempty"`
}

type PolicyVerifier ¶

type PolicyVerifier struct {
	ContractAddress string `json:"contract_address"`
	ProvingKey      byte   `json:"proving_key"`
	VerificationKey byte   `json:"verification_key"`
}

type RegisterResourceInput ¶

type RegisterResourceInput struct {
	Role           string `json:"role"`
	PolicyContract string `json:"policy_contract"`
	Resource       string `json:"resource"`
}

func (RegisterResourceInput) IsValid ¶

func (in RegisterResourceInput) IsValid() bool

type RegisterResourceOutput ¶

type RegisterResourceOutput struct {
	Role       string  `json:"role"`
	Policy     string  `json:"policy"`
	Permission string  `json:"permission"`
	Resource   string  `json:"resource"`
	Operations []uint8 `json:"operations"`
	DID        string  `json:"did"`
}

type RegisterResourceValue ¶

type RegisterResourceValue struct {
	Role       persist.Role   `json:"role"`
	Policy     persist.Policy `json:"policy"`
	Permission string         `json:"permission"`
	Resource   string         `json:"resource"`
	Operations []uint8        `json:"operations"`
	DID        string         `json:"did"`
}

type Service ¶

type Service struct {
	// contains filtered or unexported fields
}

func NewAccessControlService ¶

func NewAccessControlService(config config.AuthServiceConfig, s storage.ServiceStorage, p *presentation.Service, r resolution.Resolver, k *keystore.Service, rpcService *rpc.Service, ipfsClient *shell.Shell) (*Service, error)

func (Service) CreateAccessContext ¶

func (s Service) CreateAccessContext(ctx context.Context) (*StoredAccessContext, error)

CreateAccessContext creates an access context

func (Service) CreatePolicy ¶

func (s Service) CreatePolicy(ctx context.Context, request CreatePolicyRequest) (*CreatePolicyResponse, error)

CreatePolicy uploads required policy artifacts to ipfs and deploys and registers an access policy on-chain.

func (Service) CreateSession ¶

func (s Service) CreateSession(ctx context.Context, request CreateSessionInput) (*StoredSession, error)

CreateSession houses the main service logic for session token storage. It accepts only requests from trusted parties that are indexing the blockchain state, validates the input, and stores a session entry.

func (Service) RegisterResource ¶

func (s Service) RegisterResource(ctx context.Context, request RegisterResourceInput) (*RegisterResourceOutput, error)

RegisterResource registers a resource on-chain

func (Service) Status ¶

func (s Service) Status() framework.Status

func (Service) Type ¶

func (s Service) Type() framework.Type

func (Service) VerifySession ¶

func (s Service) VerifySession(ctx context.Context, request VerifySessionInput) (*VerifySessionOutput, error)

type ServiceFactory ¶

type ServiceFactory func(storage.Tx) (*Service, error)

func NewAccessControlServiceFactory ¶

func NewAccessControlServiceFactory(s storage.ServiceStorage, p *presentation.Service, r resolution.Resolver, k *keystore.Service, encrypter encryption.Encrypter, decrypter encryption.Decrypter, rpcService *rpc.Service, ipfsClient *shell.Shell) ServiceFactory

type Storage ¶

type Storage struct {
	// contains filtered or unexported fields
}

func NewAccessControlStorage ¶

func NewAccessControlStorage(db storage.ServiceStorage, e encryption.Encrypter, d encryption.Decrypter, writer storage.Tx) (*Storage, error)

func (*Storage) CheckAccessContextExists ¶

func (s *Storage) CheckAccessContextExists(ctx context.Context, id string) (bool, error)

func (*Storage) GetAccessContext ¶

func (s *Storage) GetAccessContext(ctx context.Context, id string) (*StoredAccessContext, error)

func (*Storage) GetSession ¶

func (s *Storage) GetSession(ctx context.Context, id string) (*StoredSession, error)

func (*Storage) InsertAccessContext ¶

func (s *Storage) InsertAccessContext(ctx context.Context, access StoredAccessContext) error

func (*Storage) InsertSession ¶

func (s *Storage) InsertSession(ctx context.Context, session StoredSession) error

type StoredAccessContext ¶

type StoredAccessContext struct {
	ID      common.Hash     `json:"id"`
	Address persist.Address `json:"address,omitempty"`
}

type StoredSession ¶

type StoredSession struct {
	ID         string        `json:"id"`
	SessionJWT keyaccess.JWT `json:"token,omitempty"`
	Issuer     string        `json:"issuer"`
	Audience   []string      `json:"audience"`
	Subject    string        `json:"subject"`
	CreatedAt  time.Time     `json:"createdAt"`
	Revoked    bool          `json:"revoked"`
	RevokedAt  string        `json:"revokedAt"`
	Expired    bool          `json:"expired"`
	ExpiresAt  time.Time     `json:"expiresAt"`
}

type VerifySessionInput ¶

type VerifySessionInput struct {
	RoleID       string        `json:"role"`
	SessionToken keyaccess.JWT `json:"jwt,omitempty" validate:"required"`
}

type VerifySessionOutput ¶

type VerifySessionOutput struct {
	// Whether the Session was verified.
	Verified bool `json:"verified"`

	// The session token that was checked against.
	SessionJWT keyaccess.JWT `json:"jwt"`

	// When Verified == false, the reason why it wasn't verified.
	Reason string `json:"reason,omitempty"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL