Documentation
¶
Index ¶
- Constants
- func IsHashType(t string) bool
- type APILimit
- type AccessDefinition
- type AccessSpec
- type BasicAuthData
- type FieldAccessDefinition
- type FieldLimits
- type GraphAccessDefinition
- type HashType
- type JWTData
- type Monitor
- type Policy
- type PolicyPartitions
- type SessionState
- func (s SessionState) Clone() SessionState
- func (s *SessionState) GetQuotaLimitByAPIID(apiID string) (int64, int64, int64, int64)
- func (s *SessionState) KeyHash() string
- func (s *SessionState) KeyHashEmpty() bool
- func (s *SessionState) Lifetime(respectKeyExpiration bool, fallback int64, forceGlobalSessionLifetime bool, ...) int64
- func (s *SessionState) MD5Hash() string
- func (s *SessionState) PoliciesEqualTo(ids []string) bool
- func (s *SessionState) PolicyIDs() []string
- func (s *SessionState) SetKeyHash(hash string)
- func (s *SessionState) SetPolicies(ids ...string)
Constants ¶
View Source
const ( HashPlainText HashType = "" HashBCrypt = "bcrypt" HashSha256 = "sha256" HashMurmur32 = "murmur32" HashMurmur64 = "murmur64" HashMurmur128 = "murmur128" )
Variables ¶
This section is empty.
Functions ¶
func IsHashType ¶
Types ¶
type APILimit ¶
type APILimit struct {
Rate float64 `json:"rate" msg:"rate"`
Per float64 `json:"per" msg:"per"`
ThrottleInterval float64 `json:"throttle_interval" msg:"throttle_interval"`
ThrottleRetryLimit int `json:"throttle_retry_limit" msg:"throttle_retry_limit"`
MaxQueryDepth int `json:"max_query_depth" msg:"max_query_depth"`
QuotaMax int64 `json:"quota_max" msg:"quota_max"`
QuotaRenews int64 `json:"quota_renews" msg:"quota_renews"`
QuotaRemaining int64 `json:"quota_remaining" msg:"quota_remaining"`
QuotaRenewalRate int64 `json:"quota_renewal_rate" msg:"quota_renewal_rate"`
SetBy string `json:"-" msg:"-"`
}
APILimit stores quota and rate limit on ACL level (per API)
type AccessDefinition ¶
type AccessDefinition struct {
APIName string `json:"api_name" msg:"api_name"`
APIID string `json:"api_id" msg:"api_id"`
Versions []string `json:"versions" msg:"versions"`
AllowedURLs []AccessSpec `bson:"allowed_urls" json:"allowed_urls" msg:"allowed_urls"` // mapped string MUST be a valid regex
RestrictedTypes []graphql.Type `json:"restricted_types" msg:"restricted_types"`
AllowedTypes []graphql.Type `json:"allowed_types" msg:"allowed_types"`
Limit APILimit `json:"limit" msg:"limit"`
FieldAccessRights []FieldAccessDefinition `json:"field_access_rights" msg:"field_access_rights"`
DisableIntrospection bool `json:"disable_introspection" msg:"disable_introspection"`
AllowanceScope string `json:"allowance_scope" msg:"allowance_scope"`
}
AccessDefinition defines which versions of an API a key has access to NOTE: when adding new fields it is required to map them from DBAccessDefinition in the gateway/policy.go:19 TODO: is it possible to share fields?
type AccessSpec ¶
type AccessSpec struct {
URL string `json:"url" msg:"url"`
Methods []string `json:"methods" msg:"methods"`
}
AccessSpecs define what URLS a user has access to an what methods are enabled
type BasicAuthData ¶
type FieldAccessDefinition ¶
type FieldAccessDefinition struct {
TypeName string `json:"type_name" msg:"type_name"`
FieldName string `json:"field_name" msg:"field_name"`
Limits FieldLimits `json:"limits" msg:"limits"`
}
type FieldLimits ¶
type FieldLimits struct {
MaxQueryDepth int `json:"max_query_depth" msg:"max_query_depth"`
}
type GraphAccessDefinition ¶
type GraphAccessDefinition struct {
}
type Monitor ¶
type Monitor struct {
TriggerLimits []float64 `json:"trigger_limits" msg:"trigger_limits"`
}
type Policy ¶
type Policy struct {
MID apidef.ObjectId `bson:"_id,omitempty" json:"_id" gorm:"primaryKey;column:_id"`
ID string `bson:"id,omitempty" json:"id"`
Name string `bson:"name" json:"name"`
OrgID string `bson:"org_id" json:"org_id"`
Rate float64 `bson:"rate" json:"rate"`
Per float64 `bson:"per" json:"per"`
QuotaMax int64 `bson:"quota_max" json:"quota_max"`
QuotaRenewalRate int64 `bson:"quota_renewal_rate" json:"quota_renewal_rate"`
ThrottleInterval float64 `bson:"throttle_interval" json:"throttle_interval"`
ThrottleRetryLimit int `bson:"throttle_retry_limit" json:"throttle_retry_limit"`
MaxQueryDepth int `bson:"max_query_depth" json:"max_query_depth"`
AccessRights map[string]AccessDefinition `bson:"access_rights" json:"access_rights"`
HMACEnabled bool `bson:"hmac_enabled" json:"hmac_enabled"`
EnableHTTPSignatureValidation bool `json:"enable_http_signature_validation" msg:"enable_http_signature_validation"`
Active bool `bson:"active" json:"active"`
IsInactive bool `bson:"is_inactive" json:"is_inactive"`
Tags []string `bson:"tags" json:"tags"`
KeyExpiresIn int64 `bson:"key_expires_in" json:"key_expires_in"`
Partitions PolicyPartitions `bson:"partitions" json:"partitions"`
LastUpdated string `bson:"last_updated" json:"last_updated"`
MetaData map[string]interface{} `bson:"meta_data" json:"meta_data"`
GraphQL map[string]GraphAccessDefinition `bson:"graphql_access_rights" json:"graphql_access_rights"`
}
Policy represents a user policy swagger:model
type PolicyPartitions ¶
type SessionState ¶
type SessionState struct {
LastCheck int64 `json:"last_check" msg:"last_check"`
Allowance float64 `json:"allowance" msg:"allowance"`
Rate float64 `json:"rate" msg:"rate"`
Per float64 `json:"per" msg:"per"`
ThrottleInterval float64 `json:"throttle_interval" msg:"throttle_interval"`
ThrottleRetryLimit int `json:"throttle_retry_limit" msg:"throttle_retry_limit"`
MaxQueryDepth int `json:"max_query_depth" msg:"max_query_depth"`
DateCreated time.Time `json:"date_created" msg:"date_created"`
Expires int64 `json:"expires" msg:"expires"`
QuotaMax int64 `json:"quota_max" msg:"quota_max"`
QuotaRenews int64 `json:"quota_renews" msg:"quota_renews"`
QuotaRemaining int64 `json:"quota_remaining" msg:"quota_remaining"`
QuotaRenewalRate int64 `json:"quota_renewal_rate" msg:"quota_renewal_rate"`
AccessRights map[string]AccessDefinition `json:"access_rights" msg:"access_rights"`
OrgID string `json:"org_id" msg:"org_id"`
OauthClientID string `json:"oauth_client_id" msg:"oauth_client_id"`
OauthKeys map[string]string `json:"oauth_keys" msg:"oauth_keys"`
Certificate string `json:"certificate" msg:"certificate"`
BasicAuthData BasicAuthData `json:"basic_auth_data" msg:"basic_auth_data"`
JWTData JWTData `json:"jwt_data" msg:"jwt_data"`
HMACEnabled bool `json:"hmac_enabled" msg:"hmac_enabled"`
EnableHTTPSignatureValidation bool `json:"enable_http_signature_validation" msg:"enable_http_signature_validation"`
HmacSecret string `json:"hmac_string" msg:"hmac_string"`
RSACertificateId string `json:"rsa_certificate_id" msg:"rsa_certificate_id"`
IsInactive bool `json:"is_inactive" msg:"is_inactive"`
ApplyPolicyID string `json:"apply_policy_id" msg:"apply_policy_id"`
ApplyPolicies []string `json:"apply_policies" msg:"apply_policies"`
DataExpires int64 `json:"data_expires" msg:"data_expires"`
Monitor Monitor `json:"monitor" msg:"monitor"`
// Deprecated: EnableDetailRecording is deprecated. Use EnableDetailedRecording
// going forward instead
EnableDetailRecording bool `json:"enable_detail_recording" msg:"enable_detail_recording"`
EnableDetailedRecording bool `json:"enable_detailed_recording" msg:"enable_detailed_recording"`
MetaData map[string]interface{} `json:"meta_data" msg:"meta_data"`
Tags []string `json:"tags" msg:"tags"`
Alias string `json:"alias" msg:"alias"`
LastUpdated string `json:"last_updated" msg:"last_updated"`
IdExtractorDeadline int64 `json:"id_extractor_deadline" msg:"id_extractor_deadline"`
SessionLifetime int64 `bson:"session_lifetime" json:"session_lifetime"`
KeyID string `json:"-"`
// contains filtered or unexported fields
}
SessionState objects represent a current API session, mainly used for rate limiting. There's a data structure that's based on this and it's used for Protocol Buffer support, make sure to update "coprocess/proto/coprocess_session_state.proto" and generate the bindings using: cd coprocess/proto && ./update_bindings.sh
swagger:model
func NewSessionState ¶
func NewSessionState() *SessionState
func (SessionState) Clone ¶
func (s SessionState) Clone() SessionState
Clone returns a fresh copy of s
func (*SessionState) GetQuotaLimitByAPIID ¶
GetQuotaLimitByAPIID return quota max, quota remaining, quota renewal rate and quota renews for the given session
func (*SessionState) KeyHash ¶
func (s *SessionState) KeyHash() string
func (*SessionState) KeyHashEmpty ¶
func (s *SessionState) KeyHashEmpty() bool
func (*SessionState) Lifetime ¶
func (s *SessionState) Lifetime(respectKeyExpiration bool, fallback int64, forceGlobalSessionLifetime bool, globalSessionLifetime int64) int64
Lifetime returns the lifetime of a session. Global session lifetime has always precedence. Then, the session lifetime value in the key level takes precedence. However, if key `respectKeyExpiration` is `true`, when the key expiration has longer than the session lifetime, the key expiration is returned. It means even if the session lifetime finishes, it waits for the key expiration for physical removal.
func (*SessionState) MD5Hash ¶
func (s *SessionState) MD5Hash() string
func (*SessionState) PoliciesEqualTo ¶
func (s *SessionState) PoliciesEqualTo(ids []string) bool
PoliciesEqualTo compares and returns true if passed slice if IDs contains only current ApplyPolicies
func (*SessionState) PolicyIDs ¶
func (s *SessionState) PolicyIDs() []string
PolicyIDs returns the IDs of all the policies applied to this session. For backwards compatibility reasons, this falls back to ApplyPolicyID if ApplyPolicies is empty.
func (*SessionState) SetKeyHash ¶
func (s *SessionState) SetKeyHash(hash string)
func (*SessionState) SetPolicies ¶
func (s *SessionState) SetPolicies(ids ...string)
Source Files
Click to show internal directories.
Click to hide internal directories.