Package iam provides types to develop or integrate with an Identity/Access Management system.
Identity/Access Management (IAM) systems are external components that deal with authenticating (checking credentials) and authorising (assigning and checking roles and permissions) users and access to a system. There are many third-party IAM systems available and many developers also choose to implement their own.
As such, Granitic does not attempt to implement an IAM system, but provides types and hooks to integrate existing systems into the web-service handling workflow.
ClientIdentity is a semi-structured type allowing applications to define their own representation of Identity.
NewAnonymousIdentity creates a new ClientIdentity for an anonymous user. The ClientIdentity will be marked as non-authenticated, anonymous and have a dash (-) as the loggable user ID.
NewAuthenticatedIdentity creates a new ClientIdentity with the supplied log-friendly version of a user ID. The ClientIdentity will be marked as Authenticated and not anonymous
Anonymous returns true if this Identity had no identifying information (or the provided information was not trusted)
Authenticated indicates whether this is an authenticated (true) or unauthenticated (false) Identity.
LoggableUserID returns a string representation of the Identity that is suitable for recording in log files.
SetAnonymous called with true marks this as an anonymous Identity (e.g. no user identification was provided or trusted).
SetAuthenticated marks this as an authenticated (true) or unauthenticated (false) Identity.
SetLoggableUserID records a string representation of the Identity that is suitable for recording in log files (e.g. a user name or real name).