handler

package

v0.8.3 Latest Latest Go to latest Published: May 8, 2023 License: MIT Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/eko/authz

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func ActionGet(actionManager manager.Action) fiber.Handler
func ActionList(actionManager manager.Action) fiber.Handler
func AuditGet(auditManager manager.Audit) fiber.Handler
func Authenticate(validate *validator.Validate, userManager manager.User, ...) fiber.Handler
func Check(logger *slog.Logger, validate *validator.Validate, ...) fiber.Handler
func ClientCreate(validate *validator.Validate, clientManager manager.Client, ...) fiber.Handler
func ClientDelete(clientManager manager.Client) fiber.Handler
func ClientGet(clientManager manager.Client) fiber.Handler
func ClientList(clientManager manager.Client) fiber.Handler
func CompiledList(compiledManager manager.CompiledPolicy) fiber.Handler
func OAuthAuthenticate(oauthClientManager client.Manager, tokenGenerator token.Generator) fiber.Handler
func OAuthCallback(jwtManager jwt.Manager, oauthClientManager client.Manager, ...) fiber.Handler
func PolicyCreate(validate *validator.Validate, policyManager manager.Policy) fiber.Handler
func PolicyDelete(policyManager manager.Policy) fiber.Handler
func PolicyGet(policyManager manager.Policy) fiber.Handler
func PolicyList(policyManager manager.Policy) fiber.Handler
func PolicyUpdate(validate *validator.Validate, policyManager manager.Policy) fiber.Handler
func PrincipalCreate(validate *validator.Validate, principalManager manager.Principal) fiber.Handler
func PrincipalDelete(principalManager manager.Principal) fiber.Handler
func PrincipalGet(principalManager manager.Principal) fiber.Handler
func PrincipalList(principalManager manager.Principal) fiber.Handler
func PrincipalUpdate(validate *validator.Validate, principalManager manager.Principal) fiber.Handler
func ResourceCreate(validate *validator.Validate, resourceManager manager.Resource) fiber.Handler
func ResourceDelete(resourceManager manager.Resource) fiber.Handler
func ResourceGet(resourceManager manager.Resource) fiber.Handler
func ResourceList(resourceManager manager.Resource) fiber.Handler
func ResourceUpdate(validate *validator.Validate, resourceManager manager.Resource) fiber.Handler
func RoleCreate(validate *validator.Validate, roleManager manager.Role) fiber.Handler
func RoleDelete(roleManager manager.Role) fiber.Handler
func RoleGet(roleManager manager.Role) fiber.Handler
func RoleList(roleManager manager.Role) fiber.Handler
func RoleUpdate(validate *validator.Validate, roleManager manager.Role) fiber.Handler
func StatsGet(statsManager manager.Stats) fiber.Handler
func TokenNew(server *server.Server) http.HandlerFunc
func UserCreate(validate *validator.Validate, userManager manager.User) fiber.Handler
func UserDelete(userManager manager.User) fiber.Handler
func UserGet(userManager manager.User) fiber.Handler
func UserList(userManager manager.User) fiber.Handler
type AttributeKeyValue
type AuthRequest
type AuthResponse
type CheckRequest
type CheckRequestQuery
type CheckResponse
type CheckResponseQuery
type ClientCreateRequest
type CreatePolicyRequest
type CreatePrincipalRequest
type CreateResourceRequest
type CreateRoleRequest
type Handler
type Handlers
- func NewHandlers(actionManager manager.Action, auditManager manager.Audit, ...) Handlers
- func (h Handlers) Get(name string) Handler
type RequestAttributes
- func (r RequestAttributes) AttributesMap() map[string]any
type TokenRequest
type TokenResponse
type UpdatePolicyRequest
type UpdatePrincipalRequest
type UpdateResourceRequest
type UpdateRoleRequest
type UserCreateRequest

Constants ¶

View Source

const (
	ActionGetKey         = "action-get"
	ActionListKey        = "action-list"
	AuditGetKey          = "audit-get"
	AuthAuthenticateKey  = "auth-authenticate"
	AuthTokenNewKey      = "auth-token-new"
	CheckKey             = "check"
	ClientCreateKey      = "client-create"
	ClientDeleteKey      = "client-delete"
	ClientGetKey         = "client-get"
	ClientListKey        = "client-list"
	CompiledListKey      = "compiled-list"
	OAuthAuthenticateKey = "oauth-authenticate"
	OAuthCallbackKey     = "oauth-callback"
	PolicyCreateKey      = "policy-create"
	PolicyDeleteKey      = "policy-delete"
	PolicyGetKey         = "policy-get"
	PolicyListKey        = "policy-list"
	PolicyUpdateKey      = "policy-update"
	PrincipalCreateKey   = "principal-create"
	PrincipalDeleteKey   = "principal-delete"
	PrincipalGetKey      = "principal-get"
	PrincipalListKey     = "principal-list"
	PrincipalUpdateKey   = "principal-update"
	ResourceCreateKey    = "resource-create"
	ResourceDeleteKey    = "resource-delete"
	ResourceGetKey       = "resource-get"
	ResourceListKey      = "resource-list"
	ResourceUpdateKey    = "resource-update"
	RoleCreateKey        = "role-create"
	RoleDeleteKey        = "role-delete"
	RoleGetKey           = "role-get"
	RoleListKey          = "role-list"
	RoleUpdateKey        = "role-update"
	StatsGetKey          = "stats-get"
	UserCreateKey        = "user-create"
	UserDeleteKey        = "user-delete"
	UserGetKey           = "user-get"
	UserListKey          = "user-list"
)

View Source

const (
	OAuthClaimEmailKey = "email"
	OAuthClaimNameKey  = "name"

	OAuthStateCookieName     = "authz_state"
	OAuthExpiresInCookieName = "authz_expires_in"
	OAuthTokenCookieName     = "authz_access_token"
	OAuthNonceCookieName     = "authz_nonce"
)

Variables ¶

This section is empty.

Functions ¶

func ActionGet ¶

func ActionGet(
	actionManager manager.Action,
) fiber.Handler

Retrieve an action.

@security	Authentication
@Summary	Retrieve an action
@Tags		Action
@Produce	json
@Success	200	{object}	model.Action
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/actions/{identifier} [Get]

func ActionList ¶

func ActionList(
	actionManager manager.Action,
) fiber.Handler

Lists actions.

@security	Authentication
@Summary	Lists actions
@Tags		Action
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(name:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(name:desc)
@Success	200		{object}	[]model.Action
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/actions [Get]

func AuditGet ¶

func AuditGet(
	auditManager manager.Audit,
) fiber.Handler

Retrieve audits for last days

@security	Authentication
@Summary	Retrieve audits for last days
@Tags		Check
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(kind:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(kind:desc)
@Success	200		{object}	[]model.Audit
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/audits [Get]

func Authenticate ¶

func Authenticate(
	validate *validator.Validate,
	userManager manager.User,
	tokenManager jwt.Manager,
) fiber.Handler

Authenticates a user

@security	Authentication
@Summary	Authenticates a user
@Tags		Auth
@Produce	json
@Param		default	body		AuthRequest	true	"Authentication request"
@Success	200		{object}	AuthResponse
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/auth [Post]

func Check ¶

func Check(
	logger *slog.Logger,
	validate *validator.Validate,
	compiledManager manager.CompiledPolicy,
	dispatcher event.Dispatcher,
) fiber.Handler

Check if a principal has access to do action on resource.

@security	Authentication
@Summary	Check if a principal has access to do action on resource
@Tags		Check
@Produce	json
@Param		default	body		CheckRequest	true	"Check request"
@Success	200		{object}	CheckResponse
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/check [Post]

func ClientCreate ¶

func ClientCreate(
	validate *validator.Validate,
	clientManager manager.Client,
	authCfg *configs.Auth,
) fiber.Handler

Creates a new client

@security	Authentication
@Summary	Creates a new client
@Tags		Client
@Produce	json
@Param		default	body		ClientCreateRequest	true	"Client creation request"
@Success	200		{object}	model.Client
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/clients [Post]

func ClientDelete ¶

func ClientDelete(
	clientManager manager.Client,
) fiber.Handler

Deletes a client.

@security	Authentication
@Summary	Deletes a client
@Tags		Client
@Produce	json
@Success	200	{object}	model.Client
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/clients/{identifier} [Delete]

func ClientGet ¶

func ClientGet(
	clientManager manager.Client,
) fiber.Handler

Retrieve a client.

@security	Authentication
@Summary	Retrieve a client
@Tags		Client
@Produce	json
@Success	200	{object}	model.Client
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/clients/{identifier} [Get]

func ClientList ¶

func ClientList(
	clientManager manager.Client,
) fiber.Handler

Lists clients.

@security	Authentication
@Summary	Lists clients
@Tags		Client
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(name:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(name:desc)
@Success	200		{object}	[]model.Client
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/clients [Get]

func CompiledList ¶

func CompiledList(
	compiledManager manager.CompiledPolicy,
) fiber.Handler

Retrieve compiled policies

@security	Authentication
@Summary	Retrieve compiled policies
@Tags		Policy
@Produce	json
@Success	200	{object}	[]model.CompiledPolicy
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/policies/{identifier}/matches [Get]

func OAuthAuthenticate ¶

func OAuthAuthenticate(
	oauthClientManager client.Manager,
	tokenGenerator token.Generator,
) fiber.Handler

Authenticates a user using an OAuth OpenID Connect provider

@security	Authentication
@Summary	Authenticates a user using an OAuth OpenID Connect provider
@Tags		Auth
@Success	302
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/oauth [Get]

func OAuthCallback ¶

func OAuthCallback(
	jwtManager jwt.Manager,
	oauthClientManager client.Manager,
	principalManager manager.Principal,
) fiber.Handler

Callback of the OAuth OpenID Connect provider authentication

@security	Authentication
@Summary	Callback of the OAuth OpenID Connect provider authentication
@Tags		Auth
@Success	200	{object}	AuthResponse
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/oauth/callback [Get]

func PolicyCreate ¶

func PolicyCreate(
	validate *validator.Validate,
	policyManager manager.Policy,
) fiber.Handler

Creates a new policy.

@security	Authentication
@Summary	Creates a new policy
@Tags		Policy
@Produce	json
@Param		default	body		CreatePolicyRequest	true	"Policy creation request"
@Success	200		{object}	model.Policy
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/policies [Post]

func PolicyDelete ¶

func PolicyDelete(
	policyManager manager.Policy,
) fiber.Handler

Deletes a policy.

@security	Authentication
@Summary	Deletes a policy
@Tags		Policy
@Produce	json
@Success	200	{object}	model.Policy
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/policies/{identifier} [Delete]

func PolicyGet ¶

func PolicyGet(
	policyManager manager.Policy,
) fiber.Handler

Retrieve a policy.

@security	Authentication
@Summary	Retrieve a policy
@Tags		Policy
@Produce	json
@Success	200	{object}	model.Policy
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/policies/{identifier} [Get]

func PolicyList ¶

func PolicyList(
	policyManager manager.Policy,
) fiber.Handler

Lists policies.

@security	Authentication
@Summary	Lists policies
@Tags		Policy
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(kind:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(kind:desc)
@Success	200		{object}	[]model.Policy
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/policies [Get]

func PolicyUpdate ¶

func PolicyUpdate(
	validate *validator.Validate,
	policyManager manager.Policy,
) fiber.Handler

Updates a policy.

@security	Authentication
@Summary	Updates a policy
@Tags		Policy
@Produce	json
@Param		default	body		UpdatePolicyRequest	true	"Policy update request"
@Success	200		{object}	model.Policy
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/policies/{identifier} [Put]

func PrincipalCreate ¶

func PrincipalCreate(
	validate *validator.Validate,
	principalManager manager.Principal,
) fiber.Handler

Creates a new principal.

@security	Authentication
@Summary	Creates a new principal
@Tags		Principal
@Produce	json
@Param		default	body		CreatePrincipalRequest	true	"Principal creation request"
@Success	200		{object}	model.Principal
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/principals [Post]

func PrincipalDelete ¶

func PrincipalDelete(
	principalManager manager.Principal,
) fiber.Handler

Deletes a principal.

@security	Authentication
@Summary	Deletes a principal
@Tags		Principal
@Produce	json
@Success	200	{object}	model.Principal
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/principals/{identifier} [Delete]

func PrincipalGet ¶

func PrincipalGet(
	principalManager manager.Principal,
) fiber.Handler

Retrieve a principal.

@security	Authentication
@Summary	Retrieve a principal
@Tags		Principal
@Produce	json
@Success	200	{object}	model.Principal
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/principals/{identifier} [Get]

func PrincipalList ¶

func PrincipalList(
	principalManager manager.Principal,
) fiber.Handler

Lists principals.

@security	Authentication
@Summary	Lists principals
@Tags		Principal
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(name:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(name:desc)
@Success	200		{object}	[]model.Principal
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/principals [Get]

func PrincipalUpdate ¶

func PrincipalUpdate(
	validate *validator.Validate,
	principalManager manager.Principal,
) fiber.Handler

Updates a principal.

@security	Authentication
@Summary	Updates a principal
@Tags		Principal
@Produce	json
@Param		default	body		UpdatePrincipalRequest	true	"Principal update request"
@Success	200		{object}	model.Principal
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/principals/{identifier} [Put]

func ResourceCreate ¶

func ResourceCreate(
	validate *validator.Validate,
	resourceManager manager.Resource,
) fiber.Handler

Creates a new resource.

@security	Authentication
@Summary	Creates a new resource
@Tags		Resource
@Produce	json
@Param		default	body		CreateResourceRequest	true	"Resource creation request"
@Success	200		{object}	model.Resource
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/resources [Post]

func ResourceDelete ¶

func ResourceDelete(
	resourceManager manager.Resource,
) fiber.Handler

Deletes a resource.

@security	Authentication
@Summary	Deletes a resource
@Tags		Resource
@Produce	json
@Success	200	{object}	model.Resource
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/resources/{identifier} [Delete]

func ResourceGet ¶

func ResourceGet(
	resourceManager manager.Resource,
) fiber.Handler

Retrieve a resource.

@security	Authentication
@Summary	Retrieve a resource
@Tags		Resource
@Produce	json
@Success	200	{object}	model.Resource
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/resources/{identifier} [Get]

func ResourceList ¶

func ResourceList(
	resourceManager manager.Resource,
) fiber.Handler

Lists resources.

@security	Authentication
@Summary	Lists resources
@Tags		Resource
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(kind:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(kind:desc)
@Success	200		{object}	[]model.Resource
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/resources [Get]

func ResourceUpdate ¶

func ResourceUpdate(
	validate *validator.Validate,
	resourceManager manager.Resource,
) fiber.Handler

Updates a resource.

@security	Authentication
@Summary	Updates a resource
@Tags		Resource
@Produce	json
@Param		default	body		UpdateResourceRequest	true	"Resource update request"
@Success	200		{object}	model.Resource
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/resources/{identifier} [Put]

func RoleCreate ¶

func RoleCreate(
	validate *validator.Validate,
	roleManager manager.Role,
) fiber.Handler

Creates a new role.

@security	Authentication
@Summary	Creates a new role
@Tags		Role
@Produce	json
@Param		default	body		CreateRoleRequest	true	"Role creation request"
@Success	200		{object}	model.Role
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/roles [Post]

func RoleDelete ¶

func RoleDelete(
	roleManager manager.Role,
) fiber.Handler

Deletes a role.

@security	Authentication
@Summary	Deletes a role
@Tags		Role
@Produce	json
@Success	200	{object}	model.Role
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/roles/{identifier} [Delete]

func RoleGet ¶

func RoleGet(
	roleManager manager.Role,
) fiber.Handler

Retrieve a role.

@security	Authentication
@Summary	Retrieve a role
@Tags		Role
@Produce	json
@Success	200	{object}	model.Role
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/roles/{identifier} [Get]

func RoleList ¶

func RoleList(
	roleManager manager.Role,
) fiber.Handler

Lists roles.

@security	Authentication
@Summary	Lists roles
@Tags		Role
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(kind:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(kind:desc)
@Success	200		{object}	[]model.Role
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/roles [Get]

func RoleUpdate ¶

func RoleUpdate(
	validate *validator.Validate,
	roleManager manager.Role,
) fiber.Handler

Updates a role.

@security	Authentication
@Summary	Updates a role
@Tags		Role
@Produce	json
@Param		default	body		UpdateRoleRequest	true	"Role update request"
@Success	200		{object}	model.Role
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/roles/{identifier} [Put]

func StatsGet ¶

func StatsGet(
	statsManager manager.Stats,
) fiber.Handler

Retrieve statistics for last days

@security	Authentication
@Summary	Retrieve statistics for last days
@Tags		Check
@Produce	json
@Success	200	{object}	[]model.Stats
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/stats [Get]

func TokenNew ¶

func TokenNew(
	server *server.Server,
) http.HandlerFunc

Retrieve a client token

@security	Authentication
@Summary	Retrieve a client token
@Tags		Auth
@Produce	json
@Param		default	body		TokenRequest	true	"Token request"
@Success	200		{object}	TokenResponse
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/token [Post]

func UserCreate ¶

func UserCreate(
	validate *validator.Validate,
	userManager manager.User,
) fiber.Handler

Creates a new user

@security	Authentication
@Summary	Creates a new user
@Tags		User
@Produce	json
@Param		default	body		UserCreateRequest	true	"User creation request"
@Success	200		{object}	model.User
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/users [Post]

func UserDelete ¶

func UserDelete(
	userManager manager.User,
) fiber.Handler

Deletes a user.

@security	Authentication
@Summary	Deletes a user
@Tags		User
@Produce	json
@Success	200	{object}	model.User
@Failure	400	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/users/{identifier} [Delete]

func UserGet ¶

func UserGet(
	userManager manager.User,
) fiber.Handler

Retrieve a user.

@security	Authentication
@Summary	Retrieve a user
@Tags		User
@Produce	json
@Success	200	{object}	model.User
@Failure	404	{object}	model.ErrorResponse
@Failure	500	{object}	model.ErrorResponse
@Router		/v1/users/{identifier} [Get]

func UserList ¶

func UserList(
	userManager manager.User,
) fiber.Handler

Lists users.

@security	Authentication
@Summary	Lists users
@Tags		User
@Produce	json
@Param		page	query		int		false	"page number"			example(1)
@Param		size	query		int		false	"page size"				minimum(1)	maximum(1000)	default(100)
@Param		filter	query		string	false	"filter on a field"		example(name:contains:something)
@Param		sort	query		string	false	"sort field and order"	example(name:desc)
@Success	200		{object}	[]model.User
@Failure	400		{object}	model.ErrorResponse
@Failure	500		{object}	model.ErrorResponse
@Router		/v1/users [Get]

Types ¶

type AttributeKeyValue ¶

type AttributeKeyValue struct {
	Key   string `json:"key" validate:"required"`
	Value any    `json:"value" validate:"required"`
}

type AuthRequest ¶

type AuthRequest struct {
	Username string `json:"username" example:"john.doe"`
	Password string `json:"password" example:"mypassword"`
}

type AuthResponse ¶

type AuthResponse struct {
	AccessToken string      `json:"access_token"`
	TokenType   string      `json:"token_type"`
	ExpiresIn   int64       `json:"expires_in"`
	User        *model.User `json:"user"`
}

type CheckRequest ¶

type CheckRequest struct {
	Checks []*CheckRequestQuery `json:"checks" validate:"required,dive"`
}

type CheckRequestQuery ¶

type CheckRequestQuery struct {
	Principal     string `json:"principal" validate:"required,slug"`
	ResourceKind  string `json:"resource_kind" validate:"required,slug"`
	ResourceValue string `json:"resource_value" validate:"required,slug"`
	Action        string `json:"action" validate:"required,slug"`
}

type CheckResponse ¶

type CheckResponse struct {
	Checks []*CheckResponseQuery `json:"checks"`
}

type CheckResponseQuery ¶

type CheckResponseQuery struct {
	*CheckRequestQuery
	IsAllowed bool `json:"is_allowed"`
}

type ClientCreateRequest ¶

type ClientCreateRequest struct {
	Name string `json:"name" validate:"required,slug" example:"my-client"`
}

type CreatePolicyRequest ¶

type CreatePolicyRequest struct {
	ID             string   `json:"id" validate:"required,slug"`
	Resources      []string `json:"resources" validate:"required,dive,slug"`
	Actions        []string `json:"actions" validate:"required,dive,slug"`
	AttributeRules []string `json:"attribute_rules"`
}

type CreatePrincipalRequest ¶

type CreatePrincipalRequest struct {
	RequestAttributes
	ID    string   `json:"id" validate:"required,slug"`
	Roles []string `json:"roles" validate:"dive,slug"`
}

type CreateResourceRequest ¶

type CreateResourceRequest struct {
	RequestAttributes
	ID    string `json:"id" validate:"required,slug"`
	Kind  string `json:"kind" validate:"required,slug"`
	Value string `json:"value"`
}

type CreateRoleRequest ¶

type CreateRoleRequest struct {
	ID       string   `json:"id" validate:"required"`
	Policies []string `json:"policies" validate:"required"`
}

type Handler ¶

type Handler fiber.Handler

type Handlers ¶

type Handlers map[string]Handler

func NewHandlers ¶

func NewHandlers(
	actionManager manager.Action,
	auditManager manager.Audit,
	authCfg *configs.Auth,
	clientManager manager.Client,
	compiledManager manager.CompiledPolicy,
	dispatcher event.Dispatcher,
	logger *slog.Logger,
	oauthClientManager client.Manager,
	oauthServer *server.Server,
	policyManager manager.Policy,
	principalManager manager.Principal,
	resourceManager manager.Resource,
	roleManager manager.Role,
	statsManager manager.Stats,
	tokenGenerator token.Generator,
	jwtManager jwt.Manager,
	userManager manager.User,
	validate *validator.Validate,
) Handlers

func (Handlers) Get ¶

func (h Handlers) Get(name string) Handler

type RequestAttributes ¶

type RequestAttributes struct {
	Attributes []AttributeKeyValue `json:"attributes"`
}

func (RequestAttributes) AttributesMap ¶

func (r RequestAttributes) AttributesMap() map[string]any

type TokenRequest ¶

type TokenRequest struct {
	GrantType    string `json:"grant_type" example:"client_credentials"`
	ClientID     string `json:"client_id" example:"0be4e0e0-6788-4b99-8e00-e0af5b4945b1"`
	ClientSecret string `json:"client_secret" example:"EXCAdNZjCz0qJ_8uYA2clkxVdp_f1tm7"`
	RefreshToken string `json:"refresh_token,omitempty"`
}

type TokenResponse ¶

type TokenResponse struct {
	AccessToken  string `json:"access_token"`
	TokenType    string `json:"token_type"`
	RefreshToken string `json:"refresh_token,omitempty"`
	ExpiresIn    int    `json:"expires_in"`
}

type UpdatePolicyRequest ¶

type UpdatePolicyRequest struct {
	Resources      []string `json:"resources" validate:"required,dive,slug"`
	Actions        []string `json:"actions" validate:"required,dive,slug"`
	AttributeRules []string `json:"attribute_rules"`
}

type UpdatePrincipalRequest ¶

type UpdatePrincipalRequest struct {
	RequestAttributes
	Roles []string `json:"roles" validate:"dive,slug"`
}

type UpdateResourceRequest ¶

type UpdateResourceRequest struct {
	RequestAttributes
	Kind  string `json:"kind" validate:"required,slug"`
	Value string `json:"value"`
}

type UpdateRoleRequest ¶

type UpdateRoleRequest struct {
	Policies []string `json:"policies" validate:"required"`
}

type UserCreateRequest ¶

type UserCreateRequest struct {
	Username string `json:"username" validate:"required,slug" example:"my-user"`
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
model
validator

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL