Documentation
¶
Index ¶
- Variables
- func Auth(authenticator auth.Authenticator) func(http.Handler) http.Handler
- func AuthzFromBody[T ObjectScopeProvider](object auth.ObjectType, action auth.Action, authorizer auth.Authorizer) func(http.Handler) http.Handler
- func AuthzFromExtractor(object auth.ObjectType, action auth.Action, authorizer auth.Authorizer, ...) func(http.Handler) http.Handler
- func AuthzFromID(object auth.ObjectType, action auth.Action, authorizer auth.Authorizer, ...) func(http.Handler) http.Handler
- func AuthzSimple(object auth.ObjectType, action auth.Action, authorizer auth.Authorizer) func(http.Handler) http.Handler
- func DecodeBody[T any]() func(http.Handler) http.Handler
- func ID(next http.Handler) http.Handler
- func MustGetBody[T any](ctx context.Context) T
- func MustGetID(ctx context.Context) properties.UUID
- func MustHaveRoles(roles ...auth.Role) func(http.Handler) http.Handler
- type ObjectScopeExtractor
- type ObjectScopeLoader
- type ObjectScopeProvider
Constants ¶
This section is empty.
Variables ¶
var ( ErrIdentityNotFound = errors.New("identity not found") )
Functions ¶
func AuthzFromBody ¶
func AuthzFromBody[T ObjectScopeProvider]( object auth.ObjectType, action auth.Action, authorizer auth.Authorizer, ) func(http.Handler) http.Handler
AuthzFromBody middleware authorizes using the decoded body through the extractor pattern T must implement AuthTargetScopeProvider to provide its own target scope
func AuthzFromExtractor ¶
func AuthzFromExtractor( object auth.ObjectType, action auth.Action, authorizer auth.Authorizer, extractor ObjectScopeExtractor, ) func(http.Handler) http.Handler
AuthzFromExtractor is the base authorization middleware that uses a scope extractor function to get the authorization target scope from the request
func AuthzFromID ¶
func AuthzFromID( object auth.ObjectType, action auth.Action, authorizer auth.Authorizer, loader ObjectScopeLoader, ) func(http.Handler) http.Handler
AuthzFromID authorizes using a resource ID through the extractor pattern
func AuthzSimple ¶
func AuthzSimple( object auth.ObjectType, action auth.Action, authorizer auth.Authorizer, ) func(http.Handler) http.Handler
AuthzSimple authorizes without resource-specific scope through the extractor pattern
func DecodeBody ¶
DecodeBody is middleware that decodes the request body into a struct and stores it in the request context for later middlewares and handlers
func MustGetBody ¶
MustGetBody retrieves and casts the decoded body to a specific type
Types ¶
type ObjectScopeExtractor ¶
type ObjectScopeExtractor func(r *http.Request) (auth.ObjectScope, error)
ObjectScopeExtractor defines a function type that extracts the auth target scope from a request
func BodyScopeExtractor ¶
func BodyScopeExtractor[T ObjectScopeProvider]() ObjectScopeExtractor
BodyScopeExtractor creates an extractor that gets scope from the request body
func IDScopeExtractor ¶
func IDScopeExtractor(loader ObjectScopeLoader) ObjectScopeExtractor
IDScopeExtractor creates an extractor that gets scope from a resource ID using a retriever
func SimpleScopeExtractor ¶
func SimpleScopeExtractor() ObjectScopeExtractor
SimpleScopeExtractor creates an extractor that always returns empty scope
type ObjectScopeLoader ¶
type ObjectScopeLoader func(ctx context.Context, id properties.UUID) (auth.ObjectScope, error)
ObjectScopeLoader defines a function type that retrieves the authorization scope for a resource ID
type ObjectScopeProvider ¶
type ObjectScopeProvider interface {
ObjectScope() (auth.ObjectScope, error)
}
ObjectScopeProvider defines an interface for types that can provide their own auth target scope
Source Files