authorization

package

v0.0.0-...-99b6106 Latest Latest Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/openshift-kni/oran-o2ims

Documentation ¶

Index ¶

func AddFlags(set *pflag.FlagSet)
type HandlerWrapperBuilder
- func NewHandlerWrapper() *HandlerWrapperBuilder

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func AddFlags ¶

func AddFlags(set *pflag.FlagSet)

AddFlags adds the flags related to authorization to the given flag set.

Types ¶

type HandlerWrapperBuilder ¶

type HandlerWrapperBuilder struct {
	// contains filtered or unexported fields
}

HandlerWrapperBuilder contains the data and logic needed to create a wrapper that knows how to convert an HTTP handler into another one that also performs authorization using the claims of the authenticated subject.

Don't create instances of this object directly, use the NewHandlerWrapper function instead.

func NewHandlerWrapper ¶

func NewHandlerWrapper() *HandlerWrapperBuilder

NewHandlerWrapper creates a builder that can then be configured and used to create authorization handler wrappers. This wrapper is a function that transforms an HTTP handler into another that performs authorization using the claims of the authenticated subject.

func (*HandlerWrapperBuilder) AddACLFile ¶

func (b *HandlerWrapperBuilder) AddACLFile(value string) *HandlerWrapperBuilder

AddACLFile adds a file that contains items of the access control list. This should be a YAML file with the following format:

claim: email pattern: ^.*@redhat\.com$
claim: sub pattern: ^f:b3f7b485-7184-43c8-8169-37bd6d1fe4aa:myuser$

The claim field is the name of the claim of the subject that will be checked. The pattern field is a regular expression. If the claim matches the regular expression then access will be allowed.

If the ACL is empty then access will be allowed to all subjects.

If the ACL has at least one item then access will be allowed only to subjects that match at least one of the items.

func (*HandlerWrapperBuilder) AddPublicPath ¶

func (b *HandlerWrapperBuilder) AddPublicPath(value string) *HandlerWrapperBuilder

AddPublicPath adds a regular expression that defines parts of the URL space that considered public, and therefore require no authorization. This method may be called multiple times and then all the given regular expressions will be used to check what parts of the URL space are public.

func (*HandlerWrapperBuilder) Build ¶

func (b *HandlerWrapperBuilder) Build() (result func(http.Handler) http.Handler, err error)

Build uses the data stored in the builder to create a new authentication handler.

func (*HandlerWrapperBuilder) SetFlags ¶

func (b *HandlerWrapperBuilder) SetFlags(flags *pflag.FlagSet) *HandlerWrapperBuilder

SetFlags sets the command line flags that should be used to configure the wrapper. This is optional.

func (*HandlerWrapperBuilder) SetLogger ¶

func (b *HandlerWrapperBuilder) SetLogger(value *slog.Logger) *HandlerWrapperBuilder

SetLogger sets the logger that the handlers will use to send messages to the log. This is mandatory.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL