authn

package

v1.4.1 Latest Latest Go to latest Published: Dec 5, 2025 License: MIT Imports: 18 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/NVIDIA/aistore

Links

Documentation ¶

Overview ¶

Package authn provides AuthN API over HTTP(S)

Copyright (c) 2018-2025, NVIDIA CORPORATION. All rights reserved.

Package authn provides AuthN API over HTTP(S)

Copyright (c) 2018-2025, NVIDIA CORPORATION. All rights reserved.

Package authn provides AuthN API over HTTP(S)

Copyright (c) 2018-2025, NVIDIA CORPORATION. All rights reserved.

Package authn provides AuthN API over HTTP(S)

Copyright (c) 2018-2025, NVIDIA CORPORATION. All rights reserved.

Index ¶

Constants
func AddRole(bp api.BaseParams, roleSpec *Role) error
func AddUser(bp api.BaseParams, newUser *User) error
func DeleteRole(bp api.BaseParams, role string) error
func DeleteUser(bp api.BaseParams, userID string) error
func LoadToken(tokenFile string) (string, error)
func RegisterCluster(bp api.BaseParams, cluSpec CluACL) error
func RevokeToken(bp api.BaseParams, token string) error
func SetConfig(bp api.BaseParams, conf *ConfigToUpdate) error
func UnregisterCluster(bp api.BaseParams, spec CluACL) error
func UpdateCluster(bp api.BaseParams, cluSpec CluACL) error
func UpdateRole(bp api.BaseParams, roleSpec *Role) error
func UpdateUser(bp api.BaseParams, user *User) error
type BckACL
type CluACL
- func GetRegisteredClusters(bp api.BaseParams, spec CluACL) ([]*CluACL, error)
- func (clu *CluACL) String() string
type Config
- func GetConfig(bp api.BaseParams) (*Config, error)
- func (c *Config) ApplyUpdate(cu *ConfigToUpdate) error
- func (c *Config) Expire() time.Duration
- func (c *Config) Init()
- func (*Config) JspOpts() jsp.Options
- func (c *Config) Lock()
- func (c *Config) Secret() cmn.Censored
- func (c *Config) SetSecret(val *string)
- func (c *Config) Unlock()
- func (c *Config) Verbose() bool
type ConfigToUpdate
type HTTPConf
type LogConf
type LoginMsg
type NetConf
type RegisteredClusters
type Role
- func GetAllRoles(bp api.BaseParams) ([]*Role, error)
- func GetRole(bp api.BaseParams, roleID string) (*Role, error)
type ServerConf
type ServerConfToSet
type TimeoutConf
type TokenList
type TokenMsg
- func LoginUser(bp api.BaseParams, userID, pass string, expire *time.Duration) (token *TokenMsg, err error)
- func (*TokenMsg) JspOpts() jsp.Options
type User
- func GetAllUsers(bp api.BaseParams) ([]*User, error)
- func GetUser(bp api.BaseParams, userID string) (*User, error)
- func (u *User) IsAdmin() bool

Constants ¶

View Source

const (
	AdminRole = "Admin"
)

Variables ¶

This section is empty.

Functions ¶

func AddRole ¶

func AddRole(bp api.BaseParams, roleSpec *Role) error

func AddUser ¶

func AddUser(bp api.BaseParams, newUser *User) error

func DeleteRole ¶

func DeleteRole(bp api.BaseParams, role string) error

func DeleteUser ¶

func DeleteUser(bp api.BaseParams, userID string) error

func LoadToken ¶

func LoadToken(tokenFile string) (string, error)

LoadToken retrieves the authentication token from the specified tokenFile, environment variables, or default location (CLI config).

func RegisterCluster ¶

func RegisterCluster(bp api.BaseParams, cluSpec CluACL) error

func RevokeToken ¶

func RevokeToken(bp api.BaseParams, token string) error

func SetConfig ¶

func SetConfig(bp api.BaseParams, conf *ConfigToUpdate) error

func UnregisterCluster ¶

func UnregisterCluster(bp api.BaseParams, spec CluACL) error

func UpdateCluster ¶

func UpdateCluster(bp api.BaseParams, cluSpec CluACL) error

func UpdateRole ¶

func UpdateRole(bp api.BaseParams, roleSpec *Role) error

func UpdateUser ¶

func UpdateUser(bp api.BaseParams, user *User) error

Types ¶

type BckACL ¶

type BckACL struct {
	Bck    cmn.Bck         `json:"bck"`
	Access apc.AccessAttrs `json:"perm,string"`
}

type CluACL ¶

type CluACL struct {
	ID     string          `json:"id"`
	Alias  string          `json:"alias,omitempty"`
	URLs   []string        `json:"urls,omitempty"`
	Access apc.AccessAttrs `json:"perm,string,omitempty"`
}

func GetRegisteredClusters ¶

func GetRegisteredClusters(bp api.BaseParams, spec CluACL) ([]*CluACL, error)

func (*CluACL) String ¶

func (clu *CluACL) String() string

type Config ¶

type Config struct {
	Server  ServerConf  `json:"auth"`
	Log     LogConf     `json:"log"`
	Net     NetConf     `json:"net"`
	Timeout TimeoutConf `json:"timeout"`
	// contains filtered or unexported fields
}

func GetConfig ¶

func GetConfig(bp api.BaseParams) (*Config, error)

func (*Config) ApplyUpdate ¶

func (c *Config) ApplyUpdate(cu *ConfigToUpdate) error

func (*Config) Expire ¶ added in v1.3.24

func (c *Config) Expire() time.Duration

func (*Config) Init ¶ added in v1.3.24

func (c *Config) Init()

func (*Config) JspOpts ¶

func (*Config) JspOpts() jsp.Options

func (*Config) Lock ¶ added in v1.3.24

func (c *Config) Lock()

func (*Config) Secret ¶

func (c *Config) Secret() cmn.Censored

func (*Config) SetSecret ¶ added in v1.3.24

func (c *Config) SetSecret(val *string)

func (*Config) Unlock ¶ added in v1.3.24

func (c *Config) Unlock()

func (*Config) Verbose ¶ added in v1.3.18

func (c *Config) Verbose() bool

type ConfigToUpdate ¶

type ConfigToUpdate struct {
	Server *ServerConfToSet `json:"auth"`
}

type HTTPConf ¶

type HTTPConf struct {
	Certificate string `json:"server_crt"`
	Key         string `json:"server_key"`
	Port        int    `json:"port"`
	UseHTTPS    bool   `json:"use_https"`
}

type LogConf ¶

type LogConf struct {
	Dir   string `json:"dir"`
	Level string `json:"level"`
}

type LoginMsg ¶

type LoginMsg struct {
	ExpiresIn *time.Duration `json:"expires_in"`
	Password  string         `json:"password"`
}

type NetConf ¶

type NetConf struct {
	HTTP HTTPConf `json:"http"`
}

type RegisteredClusters ¶

type RegisteredClusters struct {
	Clusters map[string]*CluACL `json:"clusters,omitempty"`
}

type Role ¶

type Role struct {
	Name        string    `json:"name"`
	Description string    `json:"desc"`
	ClusterACLs []*CluACL `json:"clusters"`
	BucketACLs  []*BckACL `json:"buckets"`
	IsAdmin     bool      `json:"admin"`
}

func GetAllRoles ¶

func GetAllRoles(bp api.BaseParams) ([]*Role, error)

func GetRole ¶

func GetRole(bp api.BaseParams, roleID string) (*Role, error)

type ServerConf ¶

type ServerConf struct {
	Secret string       `json:"secret"`
	Expire cos.Duration `json:"expiration_time"`
	PubKey *string      `json:"public_key"`
	// contains filtered or unexported fields
}

type ServerConfToSet ¶ added in v1.3.21

type ServerConfToSet struct {
	Secret *string `json:"secret,omitempty"`
	Expire *string `json:"expiration_time,omitempty"`
}

type TimeoutConf ¶

type TimeoutConf struct {
	Default cos.Duration `json:"default_timeout"`
}

type TokenList ¶

type TokenList struct {
	Tokens  []string `json:"tokens"`
	Version int64    `json:"version,string"`
}

TokenList is a list of tokens pushed by authn

type TokenMsg ¶

type TokenMsg struct {
	Token string `json:"token"`
}

func LoginUser ¶

func LoginUser(bp api.BaseParams, userID, pass string, expire *time.Duration) (token *TokenMsg, err error)

Authorize a user and return a user token in case of success. The token expires in `expire` time. If `expire` is `nil` the expiration time is set by AuthN (default AuthN expiration time is 24 hours)

func (*TokenMsg) JspOpts ¶

func (*TokenMsg) JspOpts() jsp.Options

type User ¶

type User struct {
	ID       string  `json:"id"`
	Password string  `json:"pass,omitempty"`
	Roles    []*Role `json:"roles"`
}

func GetAllUsers ¶

func GetAllUsers(bp api.BaseParams) ([]*User, error)

func GetUser ¶

func GetUser(bp api.BaseParams, userID string) (*User, error)

func (*User) IsAdmin ¶

func (u *User) IsAdmin() bool

IsAdmin returns true if the user is an admin or super-user, i.e. the user has full access to everything.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL