hauth

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2024 License: Apache-2.0 Imports: 27 Imported by: 17

Documentation

Index

Constants

View Source 
const (
	AccessKeyStatusNone   uint64 = 0
	AccessKeyStatusActive uint64 = 1 << 1
)

Variables

View Source 
var (
	AccessKeyIdRE     = regexp.MustCompile("^[0-9a-z]{1}[a-z0-9_]{3,31}$")
	AccessKeySecretRE = regexp.MustCompile("^[a-zA-Z0-9\\-\\_\\+\\/]{8,100}$")
)
View Source 
var File_hauth_proto protoreflect.FileDescriptor

Functions

func GrpcAppCredentialValid 

func GrpcAppCredentialValid(ctx context.Context, keyMgr *AccessKeyManager) error

func NewGrpcAppCredential 

func NewGrpcAppCredential(k *AccessKey) credentials.PerRPCCredentials

Types

type AccessKey 

type AccessKey struct {
	Id          string         `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty" toml:"id,omitempty"`
	Secret      string         `protobuf:"bytes,2,opt,name=secret,proto3" json:"secret,omitempty" toml:"secret,omitempty"`
	User        string         `protobuf:"bytes,3,opt,name=user,proto3" json:"user,omitempty" toml:"user,omitempty"`
	Status      uint64         `protobuf:"varint,5,opt,name=status,proto3" json:"status,omitempty" toml:"status,omitempty"`
	Roles       []string       `protobuf:"bytes,6,rep,name=roles,proto3" json:"roles,omitempty" toml:"roles,omitempty"`
	Scopes      []*ScopeFilter `protobuf:"bytes,11,rep,name=scopes,proto3" json:"scopes,omitempty" toml:"scopes,omitempty"`
	Description string         `protobuf:"bytes,13,opt,name=description,proto3" json:"description,omitempty" toml:"description,omitempty"`
	// contains filtered or unexported fields
}

func NewAccessKey 

func NewAccessKey() *AccessKey

func (*AccessKey) Descriptor deprecated 

func (*AccessKey) Descriptor() ([]byte, []int)

Deprecated: Use AccessKey.ProtoReflect.Descriptor instead.

func (*AccessKey) Equal 

func (it *AccessKey) Equal(v *AccessKey) bool

func (*AccessKey) GetDescription 

func (x *AccessKey) GetDescription() string

func (*AccessKey) GetId 

func (x *AccessKey) GetId() string

func (*AccessKey) GetRoles 

func (x *AccessKey) GetRoles() []string

func (*AccessKey) GetScopes 

func (x *AccessKey) GetScopes() []*ScopeFilter

func (*AccessKey) GetSecret 

func (x *AccessKey) GetSecret() string

func (*AccessKey) GetStatus 

func (x *AccessKey) GetStatus() uint64

func (*AccessKey) GetUser 

func (x *AccessKey) GetUser() string

func (*AccessKey) ProtoMessage 

func (*AccessKey) ProtoMessage()

func (*AccessKey) ProtoReflect 

func (x *AccessKey) ProtoReflect() protoreflect.Message

func (*AccessKey) Reset 

func (x *AccessKey) Reset()

func (*AccessKey) ScopeAllow 

func (it *AccessKey) ScopeAllow(scope *ScopeFilter) error

func (*AccessKey) ScopeDel 

func (it *AccessKey) ScopeDel(name string) bool

func (*AccessKey) ScopeSet 

func (it *AccessKey) ScopeSet(set *ScopeFilter) bool

func (*AccessKey) String 

func (x *AccessKey) String() string

type AccessKeyManager 

type AccessKeyManager struct {
	// contains filtered or unexported fields
}

func NewAccessKeyManager 

func NewAccessKeyManager() *AccessKeyManager

func (*AccessKeyManager) KeyDel 

func (it *AccessKeyManager) KeyDel(id string) error

func (*AccessKeyManager) KeyGet 

func (it *AccessKeyManager) KeyGet(id string) *AccessKey

func (*AccessKeyManager) KeyRand 

func (it *AccessKeyManager) KeyRand() *AccessKey

func (*AccessKeyManager) KeySet 

func (it *AccessKeyManager) KeySet(k *AccessKey) error

func (*AccessKeyManager) RoleSet 

func (it *AccessKeyManager) RoleSet(r *Role) *AccessKeyManager

type AppCredential 

type AppCredential struct {
	// contains filtered or unexported fields
}

func NewAppCredential 

func NewAppCredential(k *AccessKey) *AppCredential

func (*AppCredential) SignHttpToken 

func (it *AppCredential) SignHttpToken(r *http.Request, data []byte)

func (*AppCredential) SignToken 

func (it *AppCredential) SignToken(data []byte) string

type AppPayload 

type AppPayload struct {
	Id        string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty" toml:"id,omitempty"`
	User      string `protobuf:"bytes,2,opt,name=user,proto3" json:"user,omitempty" toml:"user,omitempty"`
	AccessKey string `protobuf:"bytes,3,opt,name=access_key,json=accessKey,proto3" json:"access_key,omitempty" toml:"access_key,omitempty"`
	Created   int64  `protobuf:"varint,9,opt,name=created,proto3" json:"created,omitempty" toml:"created,omitempty"` // unix time in milliseconds
	// contains filtered or unexported fields
}

func (*AppPayload) Descriptor deprecated 

func (*AppPayload) Descriptor() ([]byte, []int)

Deprecated: Use AppPayload.ProtoReflect.Descriptor instead.

func (*AppPayload) GetAccessKey 

func (x *AppPayload) GetAccessKey() string

func (*AppPayload) GetCreated 

func (x *AppPayload) GetCreated() int64

func (*AppPayload) GetId 

func (x *AppPayload) GetId() string

func (*AppPayload) GetUser 

func (x *AppPayload) GetUser() string

func (*AppPayload) ProtoMessage 

func (*AppPayload) ProtoMessage()

func (*AppPayload) ProtoReflect 

func (x *AppPayload) ProtoReflect() protoreflect.Message

func (*AppPayload) Reset 

func (x *AppPayload) Reset()

func (*AppPayload) String 

func (x *AppPayload) String() string

type AppValidator 

type AppValidator struct {
	AppPayload

	Key *AccessKey
	// contains filtered or unexported fields
}

func AppValid 

func AppValid(token string, data []byte, keyMgr *AccessKeyManager) (*AppValidator, error)

func AppValidWithHttpRequest 

func AppValidWithHttpRequest(r *http.Request, data []byte, keyMgr *AccessKeyManager) (*AppValidator, error)

func GrpcAppValidator 

func GrpcAppValidator(ctx context.Context, keyMgr *AccessKeyManager) (*AppValidator, error)

func NewAppValidator 

func NewAppValidator(token string, keyMgr *AccessKeyManager) (*AppValidator, error)

func NewAppValidatorWithHttpRequest 

func NewAppValidatorWithHttpRequest(r *http.Request, keyMgr *AccessKeyManager) (*AppValidator, error)

func (*AppValidator) Allow 

func (it *AppValidator) Allow(args ...interface{}) error

func (*AppValidator) SignValid 

func (it *AppValidator) SignValid(data []byte) error

type GrpcAppCredential 

type GrpcAppCredential struct {
	// contains filtered or unexported fields
}

func (GrpcAppCredential) GetRequestMetadata 

func (s GrpcAppCredential) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error)

func (GrpcAppCredential) RequireTransportSecurity 

func (s GrpcAppCredential) RequireTransportSecurity() bool

type Permission 

type Permission struct {

	// The name of this Permission.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty" toml:"name,omitempty"`
	// The title of this Permission.
	Title string `protobuf:"bytes,2,opt,name=title,proto3" json:"title,omitempty" toml:"title,omitempty"`
	// A brief description of what this Permission is used for.
	// This permission can ONLY be used in predefined roles.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty" toml:"description,omitempty"`
	// contains filtered or unexported fields
}

A permission which can be included by a role.

func (*Permission) Descriptor deprecated 

func (*Permission) Descriptor() ([]byte, []int)

Deprecated: Use Permission.ProtoReflect.Descriptor instead.

func (*Permission) GetDescription 

func (x *Permission) GetDescription() string

func (*Permission) GetName 

func (x *Permission) GetName() string

func (*Permission) GetTitle 

func (x *Permission) GetTitle() string

func (*Permission) ProtoMessage 

func (*Permission) ProtoMessage()

func (*Permission) ProtoReflect 

func (x *Permission) ProtoReflect() protoreflect.Message

func (*Permission) Reset 

func (x *Permission) Reset()

func (*Permission) String 

func (x *Permission) String() string

type Role 

type Role struct {

	// The name of the role.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty" toml:"name,omitempty"`
	// Optional. A human-readable title for the role. Typically this
	// is limited to 100 UTF-8 bytes.
	Title string `protobuf:"bytes,2,opt,name=title,proto3" json:"title,omitempty" toml:"title,omitempty"`
	// Optional. A human-readable description for the role.
	Description string `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty" toml:"description,omitempty"`
	// The names of the permissions this role grants when bound in an IAM policy.
	Permissions []string `protobuf:"bytes,7,rep,name=permissions,proto3" json:"permissions,omitempty" toml:"permissions,omitempty"`
	// The current launch status of the role.
	Status uint64 `protobuf:"varint,10,opt,name=status,proto3" json:"status,omitempty" toml:"status,omitempty"`
	// contains filtered or unexported fields
}

A role in the RBAC.

func (*Role) Descriptor deprecated 

func (*Role) Descriptor() ([]byte, []int)

Deprecated: Use Role.ProtoReflect.Descriptor instead.

func (*Role) GetDescription 

func (x *Role) GetDescription() string

func (*Role) GetName 

func (x *Role) GetName() string

func (*Role) GetPermissions 

func (x *Role) GetPermissions() []string

func (*Role) GetStatus 

func (x *Role) GetStatus() uint64

func (*Role) GetTitle 

func (x *Role) GetTitle() string

func (*Role) ProtoMessage 

func (*Role) ProtoMessage()

func (*Role) ProtoReflect 

func (x *Role) ProtoReflect() protoreflect.Message

func (*Role) Reset 

func (x *Role) Reset()

func (*Role) String 

func (x *Role) String() string

type ScopeFilter 

type ScopeFilter struct {
	Name  string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty" toml:"name,omitempty"`
	Value string `protobuf:"bytes,2,opt,name=value,proto3" json:"value,omitempty" toml:"value,omitempty"`
	// contains filtered or unexported fields
}

func NewScopeFilter 

func NewScopeFilter(name, value string) *ScopeFilter

func (*ScopeFilter) Descriptor deprecated 

func (*ScopeFilter) Descriptor() ([]byte, []int)

Deprecated: Use ScopeFilter.ProtoReflect.Descriptor instead.

func (*ScopeFilter) GetName 

func (x *ScopeFilter) GetName() string

func (*ScopeFilter) GetValue 

func (x *ScopeFilter) GetValue() string

func (*ScopeFilter) ProtoMessage 

func (*ScopeFilter) ProtoMessage()

func (*ScopeFilter) ProtoReflect 

func (x *ScopeFilter) ProtoReflect() protoreflect.Message

func (*ScopeFilter) Reset 

func (x *ScopeFilter) Reset()

func (*ScopeFilter) String 

func (x *ScopeFilter) String() string

type TLSKey added in v0.1.1 

type TLSKey struct {
	Key     string         `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty" toml:"key,omitempty"`
	Cert    string         `protobuf:"bytes,3,opt,name=cert,proto3" json:"cert,omitempty" toml:"cert,omitempty"`
	Options *TLSKeyOptions `protobuf:"bytes,4,opt,name=options,proto3" json:"options,omitempty" toml:"options,omitempty"`
	Nodes   []*TLSKeyPair  `protobuf:"bytes,8,rep,name=nodes,proto3" json:"nodes,omitempty" toml:"nodes,omitempty"`
	Clients []*TLSKeyPair  `protobuf:"bytes,9,rep,name=clients,proto3" json:"clients,omitempty" toml:"clients,omitempty"`
	Comment string         `protobuf:"bytes,10,opt,name=comment,proto3" json:"comment,omitempty" toml:"comment,omitempty"`
	// contains filtered or unexported fields
}

Transport Layer Security Key Sets

func DecodeFromFile added in v0.1.1 

func DecodeFromFile(file string) (*TLSKey, error)

func NewTLSKey added in v0.1.1 

func NewTLSKey(opts *TLSKeyOptions) (*TLSKey, error)

func (*TLSKey) CertDecode added in v0.1.1 

func (it *TLSKey) CertDecode(txt string) (*x509.Certificate, error)

func (*TLSKey) ClientKey added in v0.1.1 

func (it *TLSKey) ClientKey(name string) *TLSKeyPair

func (*TLSKey) Descriptor deprecated added in v0.1.1 

func (*TLSKey) Descriptor() ([]byte, []int)

Deprecated: Use TLSKey.ProtoReflect.Descriptor instead.

func (*TLSKey) Export added in v0.1.1 

func (it *TLSKey) Export(obj interface{}, fpath string) error

func (*TLSKey) GetCert added in v0.1.1 

func (x *TLSKey) GetCert() string

func (*TLSKey) GetClients added in v0.1.1 

func (x *TLSKey) GetClients() []*TLSKeyPair

func (*TLSKey) GetComment added in v0.1.1 

func (x *TLSKey) GetComment() string

func (*TLSKey) GetKey added in v0.1.1 

func (x *TLSKey) GetKey() string

func (*TLSKey) GetNodes added in v0.1.1 

func (x *TLSKey) GetNodes() []*TLSKeyPair

func (*TLSKey) GetOptions added in v0.1.1 

func (x *TLSKey) GetOptions() *TLSKeyOptions

func (*TLSKey) KeyDecode added in v0.1.1 

func (it *TLSKey) KeyDecode(txt string) (*rsa.PrivateKey, error)

func (*TLSKey) NewClientKey added in v0.1.1 

func (it *TLSKey) NewClientKey(name string) error

func (*TLSKey) ProtoMessage added in v0.1.1 

func (*TLSKey) ProtoMessage()

func (*TLSKey) ProtoReflect added in v0.1.1 

func (x *TLSKey) ProtoReflect() protoreflect.Message

func (*TLSKey) Reset added in v0.1.1 

func (x *TLSKey) Reset()

func (*TLSKey) String added in v0.1.1 

func (x *TLSKey) String() string

type TLSKeyOptions added in v0.1.1 

type TLSKeyOptions struct {
	Country            []string `protobuf:"bytes,1,rep,name=country,proto3" json:"country,omitempty" toml:"country,omitempty"`
	Organization       []string `protobuf:"bytes,2,rep,name=organization,proto3" json:"organization,omitempty" toml:"organization,omitempty"`
	OrganizationalUnit []string `` /* 152-byte string literal not displayed */
	Locality           []string `protobuf:"bytes,4,rep,name=locality,proto3" json:"locality,omitempty" toml:"locality,omitempty"`
	Province           []string `protobuf:"bytes,5,rep,name=province,proto3" json:"province,omitempty" toml:"province,omitempty"`
	StreetAddress      []string `` /* 132-byte string literal not displayed */
	PostalCode         []string `protobuf:"bytes,7,rep,name=postal_code,json=postalCode,proto3" json:"postal_code,omitempty" toml:"postal_code,omitempty"`
	SerialNumber       string   `` /* 128-byte string literal not displayed */
	CommonName         string   `protobuf:"bytes,9,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty" toml:"common_name,omitempty"`
	IsCA               bool     `protobuf:"varint,10,opt,name=IsCA,proto3" json:"IsCA,omitempty" toml:"IsCA,omitempty"`
	// contains filtered or unexported fields
}

func (*TLSKeyOptions) Descriptor deprecated added in v0.1.1 

func (*TLSKeyOptions) Descriptor() ([]byte, []int)

Deprecated: Use TLSKeyOptions.ProtoReflect.Descriptor instead.

func (*TLSKeyOptions) GetCommonName added in v0.1.1 

func (x *TLSKeyOptions) GetCommonName() string

func (*TLSKeyOptions) GetCountry added in v0.1.1 

func (x *TLSKeyOptions) GetCountry() []string

func (*TLSKeyOptions) GetIsCA added in v0.1.1 

func (x *TLSKeyOptions) GetIsCA() bool

func (*TLSKeyOptions) GetLocality added in v0.1.1 

func (x *TLSKeyOptions) GetLocality() []string

func (*TLSKeyOptions) GetOrganization added in v0.1.1 

func (x *TLSKeyOptions) GetOrganization() []string

func (*TLSKeyOptions) GetOrganizationalUnit added in v0.1.1 

func (x *TLSKeyOptions) GetOrganizationalUnit() []string

func (*TLSKeyOptions) GetPostalCode added in v0.1.1 

func (x *TLSKeyOptions) GetPostalCode() []string

func (*TLSKeyOptions) GetProvince added in v0.1.1 

func (x *TLSKeyOptions) GetProvince() []string

func (*TLSKeyOptions) GetSerialNumber added in v0.1.1 

func (x *TLSKeyOptions) GetSerialNumber() string

func (*TLSKeyOptions) GetStreetAddress added in v0.1.1 

func (x *TLSKeyOptions) GetStreetAddress() []string

func (*TLSKeyOptions) ProtoMessage added in v0.1.1 

func (*TLSKeyOptions) ProtoMessage()

func (*TLSKeyOptions) ProtoReflect added in v0.1.1 

func (x *TLSKeyOptions) ProtoReflect() protoreflect.Message

func (*TLSKeyOptions) Reset added in v0.1.1 

func (x *TLSKeyOptions) Reset()

func (*TLSKeyOptions) String added in v0.1.1 

func (x *TLSKeyOptions) String() string

type TLSKeyPair added in v0.1.1 

type TLSKeyPair struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty" toml:"name,omitempty"`
	Key  string `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty" toml:"key,omitempty"`
	Cert string `protobuf:"bytes,3,opt,name=cert,proto3" json:"cert,omitempty" toml:"cert,omitempty"`
	// contains filtered or unexported fields
}

func (*TLSKeyPair) Descriptor deprecated added in v0.1.1 

func (*TLSKeyPair) Descriptor() ([]byte, []int)

Deprecated: Use TLSKeyPair.ProtoReflect.Descriptor instead.

func (*TLSKeyPair) GetCert added in v0.1.1 

func (x *TLSKeyPair) GetCert() string

func (*TLSKeyPair) GetKey added in v0.1.1 

func (x *TLSKeyPair) GetKey() string

func (*TLSKeyPair) GetName added in v0.1.1 

func (x *TLSKeyPair) GetName() string

func (*TLSKeyPair) ProtoMessage added in v0.1.1 

func (*TLSKeyPair) ProtoMessage()

func (*TLSKeyPair) ProtoReflect added in v0.1.1 

func (x *TLSKeyPair) ProtoReflect() protoreflect.Message

func (*TLSKeyPair) Reset added in v0.1.1 

func (x *TLSKeyPair) Reset()

func (*TLSKeyPair) String added in v0.1.1 

func (x *TLSKeyPair) String() string

type UserPayload 

type UserPayload struct {
	Id      string   `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty" toml:"id,omitempty"` // struct:object_slice_key
	Name    string   `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty" toml:"name,omitempty"`
	Roles   []uint32 `protobuf:"varint,4,rep,packed,name=roles,proto3" json:"roles,omitempty" toml:"roles,omitempty"`
	Groups  []string `protobuf:"bytes,5,rep,name=groups,proto3" json:"groups,omitempty" toml:"groups,omitempty"`
	Expired int64    `protobuf:"varint,9,opt,name=expired,proto3" json:"expired,omitempty" toml:"expired,omitempty"` // unix time in seconds
	// contains filtered or unexported fields
}

func NewUserPayload 

func NewUserPayload(id, name string, roles []uint32, groups []string, ttl int64) *UserPayload

func (*UserPayload) Descriptor deprecated 

func (*UserPayload) Descriptor() ([]byte, []int)

Deprecated: Use UserPayload.ProtoReflect.Descriptor instead.

func (*UserPayload) GetExpired 

func (x *UserPayload) GetExpired() int64

func (*UserPayload) GetGroups 

func (x *UserPayload) GetGroups() []string

func (*UserPayload) GetId 

func (x *UserPayload) GetId() string

func (*UserPayload) GetName 

func (x *UserPayload) GetName() string

func (*UserPayload) GetRoles 

func (x *UserPayload) GetRoles() []uint32

func (*UserPayload) IsExpired 

func (it *UserPayload) IsExpired() bool

func (*UserPayload) ProtoMessage 

func (*UserPayload) ProtoMessage()

func (*UserPayload) ProtoReflect 

func (x *UserPayload) ProtoReflect() protoreflect.Message

func (*UserPayload) Reset 

func (x *UserPayload) Reset()

func (*UserPayload) SignToken 

func (it *UserPayload) SignToken(keyMgr *AccessKeyManager) string

func (*UserPayload) String 

func (x *UserPayload) String() string

type UserValidator 

type UserValidator struct {
	UserPayload
	// contains filtered or unexported fields
}

func NewUserValidator 

func NewUserValidator(token string, keyMgr *AccessKeyManager) (*UserValidator, error)

func UserValid 

func UserValid(token string, keyMgr *AccessKeyManager) (*UserValidator, error)

func (*UserValidator) SignValid 

func (it *UserValidator) SignValid() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.