auth

package

v0.8.11 Latest Latest Go to latest Published: Apr 12, 2021 License: MIT Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/redsailtechnologies/boatswain

Links

Open Source Insights

Documentation ¶

Index ¶

type Agent
type Config
- func Flags() *Config
type NotAuthorizedError
- func (e NotAuthorizedError) Error() string
type OIDCAgent
- func NewOIDCAgent(config *Config) *OIDCAgent
type Role
type User
- func (u *User) HasRole(r string) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Agent ¶

type Agent interface {
	Authenticate(context.Context) (context.Context, error)
	Authorize(context.Context, Role) error
	User(context.Context) User
	Wrap(http.Handler) http.Handler
}

Agent is the interface through which most of the auth package is utilized

type Config ¶

type Config struct {
	OIDC      string
	Endpoints *oidcConfig

	Scope      string
	AdminRole  string
	EditorRole string
	ReaderRole string
}

Config is the configuration needed to run an auth service

func Flags ¶

func Flags() *Config

Flags initializes the agent's configuration

type NotAuthorizedError ¶

type NotAuthorizedError struct{}

NotAuthorizedError represents an erorr in the authorization process

func (NotAuthorizedError) Error ¶

func (e NotAuthorizedError) Error() string

type OIDCAgent ¶

type OIDCAgent struct {
	// contains filtered or unexported fields
}

OIDCAgent is an auth agent implementation using oidc

func NewOIDCAgent ¶

func NewOIDCAgent(config *Config) *OIDCAgent

NewOIDCAgent builds a new agent from the configuration

func (*OIDCAgent) Authenticate ¶

func (o *OIDCAgent) Authenticate(ctx context.Context) (context.Context, error)

Authenticate handles validation of auth tokens stored in the context

func (*OIDCAgent) Authorize ¶

func (o *OIDCAgent) Authorize(ctx context.Context, role Role) error

Authorize verifies a context's user has the given access level

func (*OIDCAgent) User ¶ added in v0.4.0

func (o *OIDCAgent) User(ctx context.Context) User

User gets the user from the context

func (*OIDCAgent) Wrap ¶

func (o *OIDCAgent) Wrap(base http.Handler) http.Handler

Wrap wraps an existing http hander to store the auth JWT

type Role ¶

type Role string

Role is the type representing a user's authorization level

const (
	// Admin role, can do anything
	Admin Role = "Admin"

	// Editor role, edit most objects
	Editor Role = "Editor"

	// Reader role, readonly
	Reader Role = "Reader"
)

type User ¶

type User struct {
	Name    string
	Email   string
	Subject string
	Roles   []Role
}

User is the external (to the system) representation of a user

func (*User) HasRole ¶ added in v0.8.0

func (u *User) HasRole(r string) bool

HasRole checks if a user has a role represented by the string passed

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL