iauth

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	AuthTypePassword   = "Password"
	AuthTypeSessionKey = "Session"
	AuthTypeToken      = "Token"
	AuthTypeSkip       = "Skip"
)
View Source 
const (
	ScopeAlwaysAllowed = "Allowed"
	ScopeSystem        = "System"
	ScopeProduct       = "Product"
	ScopeSupport       = "Support"
)

Variables

View Source 
var (
	UserTypeNormal int8 = 0
	UserTypeToken  int8 = 1
)
View Source 
var (
	FA  = NewFeatureAuthorization
	FAP = NewFeatureAuthorizerWithFactoryWithProduct
)
View Source 
var Authenticators = map[string]func(ctx context.Context, param *AuthenticateParam, manager *AuthenticateManager) (*Visitor, error){
	AuthTypePassword: authTypePassword,

	AuthTypeSessionKey: func(ctx context.Context, param *AuthenticateParam, manager *AuthenticateManager) (v *Visitor, err error) {
		user, err := manager.storager.FetchUser(ctx, &UserFilter{
			SessionKey: &param.Identify,
		})
		if err != nil {
			return nil, err
		}

		if user == nil {
			return nil, xerror.WrapAuthenticateFailErrorWithMsg("Session Key Wrong")
		}

		if user.SessionKeyCreateAt.AddDate(0, 0, stateful.DefaultConfig.RunTime.SessionExpireDay).Before(time.Now()) {
			return nil, xerror.WrapAuthenticateFailErrorWithMsg("Session Key Expired")
		}

		return &Visitor{
			User: user,
		}, nil
	},

	AuthTypeToken: func(ctx context.Context, param *AuthenticateParam, manager *AuthenticateManager) (v *Visitor, err error) {
		tokens, err := manager.storager.FetchTokens(ctx, &TokenFilter{
			Token: &param.Identify,
		})
		if err != nil {
			return nil, err
		}

		if len(tokens) == 0 {
			return nil, xerror.WrapAuthenticateFailErrorWithMsg("Token Wrong")
		}

		return &Visitor{
			Token: tokens[0],
		}, nil
	},

	AuthTypeSkip: func(ctx context.Context, param *AuthenticateParam, manager *AuthenticateManager) (v *Visitor, err error) {
		if !stateful.DefaultConfig.RunTime.SkipTokenValidate {
			return nil, xerror.WrapAuthenticateFailErrorWithMsg("Bad Authorization Flag")
		}

		return newFakeVisitor(param.Identify), nil
	},
}

Functions

func NewVisitorContext added in v0.0.2 

func NewVisitorContext(ctx context.Context, visitor *Visitor) context.Context

Types

type Action 

type Action int64
const (
	ActionDeny    Action = 1 << iota // 000001
	ActionRead                       // 000010
	ActionReadAll                    // 000010
	ActionUpdate                     // 000100
	ActionCreate                     // 001000
	ActionDelete                     // 010000
	ActionExport                     // 100000
)

func (Action) Grant 

func (a Action) Grant(b Action) Action

func (Action) IsAllowed 

func (a Action) IsAllowed(b Action) bool

func (Action) Revoke 

func (a Action) Revoke(b Action) Action

type AuthenticateManager 

type AuthenticateManager struct {
	// contains filtered or unexported fields
}

func NewAuthenticateManager 

func NewAuthenticateManager(txn itxn.TxnStorager, storager AuthenticateStorager,
	authorizeStorage AuthorizeStorager) *AuthenticateManager

func (*AuthenticateManager) Authenticate 

func (m *AuthenticateManager) Authenticate(ctx context.Context, param *AuthenticateParam) (v *Visitor, err error)

func (*AuthenticateManager) CreateToken added in v0.0.2 

func (m *AuthenticateManager) CreateToken(ctx context.Context, param *TokenParam, product *ibasic.Product) (token *Token, err error)

func (*AuthenticateManager) CreateUser 

func (m *AuthenticateManager) CreateUser(ctx context.Context, param *UserParam) (err error)

func (*AuthenticateManager) DeleteToken added in v0.0.2 

func (m *AuthenticateManager) DeleteToken(ctx context.Context, token *Token) (err error)

func (*AuthenticateManager) DeleteUser 

func (m *AuthenticateManager) DeleteUser(ctx context.Context, userName string) (err error)

func (*AuthenticateManager) DestroySessionKey 

func (m *AuthenticateManager) DestroySessionKey(ctx context.Context, sessionKey string) (err error)

func (*AuthenticateManager) FetchTokens added in v0.0.2 

func (m *AuthenticateManager) FetchTokens(ctx context.Context, filter *TokenFilter) (list []*Token, err error)

func (*AuthenticateManager) FetchUser 

func (m *AuthenticateManager) FetchUser(ctx context.Context, filter *UserFilter) (user *User, err error)

func (*AuthenticateManager) FetchUserList added in v0.0.2 

func (m *AuthenticateManager) FetchUserList(ctx context.Context, param *UserFilter) (users []*User, err error)

func (*AuthenticateManager) UpdateUserPassword 

func (m *AuthenticateManager) UpdateUserPassword(ctx context.Context, pcd *PasswordChangeData) (err error)

type AuthenticateParam 

type AuthenticateParam struct {
	Type     string
	Identify string
	Extend   string
}

type AuthenticateStorager 

type AuthenticateStorager interface {
	FetchUserList(ctx context.Context, param *UserFilter) ([]*User, error)
	FetchUser(ctx context.Context, param *UserFilter) (*User, error)
	UpdateUser(ctx context.Context, user *User, param *UserParam) error
	CreateUser(ctx context.Context, param *UserParam) error
	DeleteUser(ctx context.Context, user *User) error

	FetchTokens(ctx context.Context, param *TokenFilter) ([]*Token, error)
	CreateToken(ctx context.Context, token *TokenParam) error
	DeleteToken(ctx context.Context, param *Token) error
}

type Authorization added in v0.0.2 

type Authorization struct {
	FeatureAuthorizer *FeatureAuthorition
	ValidateProduct   bool
}

func NewFeatureAuthorization added in v0.0.2 

func NewFeatureAuthorization(f Feature, a Action) *Authorization

func NewFeatureAuthorizerWithFactoryWithProduct 

func NewFeatureAuthorizerWithFactoryWithProduct(f Feature, a Action) *Authorization

type AuthorizeManager added in v0.0.2 

type AuthorizeManager struct {
	// contains filtered or unexported fields
}

func NewAuthorizeManager added in v0.0.2 

func NewAuthorizeManager(txn itxn.TxnStorager, storager AuthorizeStorager) *AuthorizeManager

func (*AuthorizeManager) Authorizate added in v0.0.2 

func (m *AuthorizeManager) Authorizate(ctx context.Context, authrizer *Authorization) (err error)

func (*AuthorizeManager) BindUserProduct added in v0.0.2 

func (m *AuthorizeManager) BindUserProduct(ctx context.Context, user *User, product *ibasic.Product) (err error)

func (*AuthorizeManager) FetchProductTokens added in v0.0.2 

func (m *AuthorizeManager) FetchProductTokens(ctx context.Context, product *ibasic.Product) (tokens []*Token, err error)

func (*AuthorizeManager) FetchProductUsers added in v0.0.2 

func (m *AuthorizeManager) FetchProductUsers(ctx context.Context, product *ibasic.Product) (users []*User, err error)

func (*AuthorizeManager) FetchVisitorProductList added in v0.0.2 

func (m *AuthorizeManager) FetchVisitorProductList(ctx context.Context, v *Visitor) (userProducts []*ibasic.Product, err error)

func (*AuthorizeManager) IsVisitorProductGranted added in v0.0.2 

func (m *AuthorizeManager) IsVisitorProductGranted(ctx context.Context, v *Visitor, product *ibasic.Product) (bound bool, err error)

func (*AuthorizeManager) UnBindUserProduct added in v0.0.2 

func (m *AuthorizeManager) UnBindUserProduct(ctx context.Context, user *User, product *ibasic.Product) (err error)

func (*AuthorizeManager) UpdateUserIsAdmin added in v0.0.2 

func (m *AuthorizeManager) UpdateUserIsAdmin(ctx context.Context, user *User, isAdmin bool) (err error)

type AuthorizeStorager added in v0.0.2 

type AuthorizeStorager interface {
	UnbindUserProduct(ctx context.Context, user *User, product *ibasic.Product) error
	UnbindUserAllProduct(ctx context.Context, user *User) error
	BindUserProduct(ctx context.Context, user *User, product *ibasic.Product) error
	FetchUserProducts(ctx context.Context, user *User) ([]*ibasic.Product, error)
	FetchProductUsers(ctx context.Context, product *ibasic.Product) ([]*User, error)
	UpdateUserScopes(ctx context.Context, user *User, scopes []string) error
	IsUserProductGranted(ctx context.Context, user *User, product *ibasic.Product) (bool, error)

	UnbindTokenAllProduct(ctx context.Context, token *Token) error
	BindTokenProduct(ctx context.Context, token *Token, product *ibasic.Product) error
	FetchProductTokens(ctx context.Context, product *ibasic.Product) ([]*Token, error)
	IsTokenProductGranted(ctx context.Context, token *Token, product *ibasic.Product) (bool, error)
	FetchTokenProduct(ctx context.Context, token *Token) (*ibasic.Product, error)
	BatchFetchTokenProduct(ctx context.Context, token []*Token) (map[int64]*ibasic.Product, error)
}

type Feature 

type Feature string
const (
	// global resource
	FeatureProxyPool  Feature = "ProxyPool"
	FeatureBFECluster Feature = "BFECluster"
	FeatureBFEPool    Feature = "BFEPool"
	FeatureArea       Feature = "Area"
	FeatureDomain     Feature = "Domain"
	FeatureProduct    Feature = "Product"
	FeatureExtraFile  Feature = "ExtraFile"

	// product resource
	FeatureProductPool       Feature = "ProductPool"
	FeatureRoute             Feature = "Route"
	FeatureSubCluster        Feature = "SubCluster"
	FeatureProductCluster    Feature = "ProductCluster"
	FeatureTraffic           Feature = "Traffic"
	FeatureCert              Feature = "Cert"
	FeatureActiveHealthCheck Feature = "ActiveHealthCheck"

	// auth
	FeatureProductUser Feature = "AuthProductUser"
	FeatureUser        Feature = "User"
	FeatureToken       Feature = "Token"

	// nlb resource
	FeatureNLBPool    Feature = "NLBPool"
	FeatureNLBCluster Feature = "NLBCluster"
)

type FeatureAuthorition added in v0.0.2 

type FeatureAuthorition struct {
	Feature Feature
	Action  Action
}

type Loginer added in v0.0.2 

type Loginer interface {
	GetName() string
	GetScopes() []string
	GetType() int8
	IsAdmin() bool
}

type PasswordChangeData 

type PasswordChangeData struct {
	UserName    string
	OldPassword string
	Password    string
}

type Token added in v0.0.2 

type Token struct {
	ID    int64
	Name  string
	Token string
	Scope string

	Product *ibasic.Product
}

func (*Token) GetName added in v0.0.2 

func (t *Token) GetName() string

func (*Token) GetScopes added in v0.0.2 

func (t *Token) GetScopes() []string

func (*Token) GetType added in v0.0.2 

func (t *Token) GetType() int8

func (*Token) IsAdmin added in v0.0.2 

func (t *Token) IsAdmin() bool

type TokenFilter added in v0.0.2 

type TokenFilter struct {
	IDs   []int64
	Name  *string
	Token *string
}

type TokenParam added in v0.0.2 

type TokenParam struct {
	Name  *string
	Token *string
	Scope *string
}

type User 

type User struct {
	ID                 int64
	Name               string
	Type               int8
	Admin              bool
	Password           string
	SessionKey         string
	SessionKeyCreateAt time.Time
}

func (*User) GetName added in v0.0.2 

func (u *User) GetName() string

func (*User) GetScopes added in v0.0.2 

func (u *User) GetScopes() []string

func (*User) GetType added in v0.0.2 

func (u *User) GetType() int8

func (*User) IsAdmin 

func (u *User) IsAdmin() bool

type UserFilter 

type UserFilter struct {
	IDs        []int64
	Name       *string
	SessionKey *string
	Type       *int8
	Types      []int8
}

type UserParam 

type UserParam struct {
	Name               *string
	Password           *string
	Scopes             []string
	SessionKey         *string
	SessionKeyCreateAt *time.Time
}

type Visitor added in v0.0.2 

type Visitor struct {
	User  *User
	Token *Token
}

func MustGetVisitor added in v0.0.2 

func MustGetVisitor(ctx context.Context) (*Visitor, error)

func (*Visitor) GetName added in v0.0.2 

func (v *Visitor) GetName() string

func (*Visitor) GetScopes added in v0.0.2 

func (v *Visitor) GetScopes() []string

func (*Visitor) GetType added in v0.0.2 

func (v *Visitor) GetType() int8

func (*Visitor) IsAdmin added in v0.0.2 

func (v *Visitor) IsAdmin() bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.