openfga

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 27, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package openfga provides an OpenFGA-based Authorizer implementation for pkg/authz. Use NewAuthorizer to create an instance and pass it to authz.Server().

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAuthorizer 

func NewAuthorizer(fgaClient *pkgfga.Client, opts ...Option) authz.Authorizer

NewAuthorizer creates an OpenFGA-backed Authorizer. The fgaClient must not be nil; pass WithRedisCache to enable result caching.

Types

type Authorizer 

type Authorizer struct {
	// contains filtered or unexported fields
}

Authorizer is an OpenFGA-based authorization engine. It optionally caches results in Redis via the WithRedisCache option.

func (*Authorizer) IsAuthorized 

func (a *Authorizer) IsAuthorized(ctx context.Context, subject, relation, objectType, objectID string) (bool, error)

IsAuthorized checks whether subject has the given relation on objectType:objectID. If a Redis cache is configured, results are cached for the configured TTL. The CacheHit field in DecisionDetail reflects whether the result came from cache.

type Option 

type Option func(*authorizerConfig)

Option configures the OpenFGA Authorizer.

func WithRedisCache 

func WithRedisCache(rdb *redis.Client, ttl time.Duration) Option

WithRedisCache enables Redis caching of authorization check results. Results are stored for the given TTL. Pass nil redis client to disable caching.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.