auth

package
v0.3.9-beta.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 17, 2025 License: Apache-2.0 Imports: 28 Imported by: 0

Documentation

Overview

Package auth 提供 grpc-kit 微服务脚手架的认证授权模块

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	// contains filtered or unexported fields
}

Client 认证鉴权客户端

func NewClient 

func NewClient(ctx context.Context, config *Config) (*Client, error)

NewClient 初始化实例

func (*Client) Allow 

func (c *Client) Allow(ctx context.Context) (bool, error)

Allow 是否满足策略允许访问

func (*Client) AuthMetadata 

func (c *Client) AuthMetadata(ctx context.Context, req *http.Request) context.Context

AuthMetadata 把 http 请求信息转换为 grpc 的 metadata 用于鉴权

func (*Client) Close 

func (c *Client) Close(ctx context.Context)

Close 关闭释放资源

func (*Client) GetRBACData added in v0.3.8 

func (c *Client) GetRBACData() *rbacv3.RBAC

func (*Client) WithLoggerOption 

func (c *Client) WithLoggerOption(logger *logrus.Entry) *Client

WithLoggerOption 设置日志记录器

type Config 

type Config struct {
	PackageName string
	OPASDK      *OPASDKConfig
	OPARego     *OPARegoConfig
	OPAEnvoy    *OPAEnvoyPluginConfig
}

Config xx

type IDTokenClaims 

type IDTokenClaims struct {
	jwt.RegisteredClaims
	Email         string `json:"email,omitempty"`
	EmailVerified bool   `json:"email_verified,omitempty"`
	// 注意:在这里 "Groups" 对应平台 "lion_roles" 表中的 "name" 而非 "lion_groups" 内容。
	Groups          []string          `json:"groups,omitempty"`
	FederatedClaims map[string]string `json:"federated_claims,omitempty"`
	Appid           string            `json:"appid,omitempty"`
	Tenant          string            `json:"tenant,omitempty"`
	Username        string            `json:"username,omitempty"`
	Nickname        string            `json:"nickname,omitempty"`
}

IDTokenClaims 用于框架jwt的数据结构 部分参考:https://openid.net/specs/openid-connect-core-1_0.html#IDToken

func ParseIDTokenClaims 

func ParseIDTokenClaims(token string) (*IDTokenClaims, error)

ParseIDTokenClaims 解析 token

func (*IDTokenClaims) GetAccessToken 

func (i *IDTokenClaims) GetAccessToken(signeKey string) (string, error)

GetAccessToken 获取或生成 jwt token

func (*IDTokenClaims) GetAccessTokenRSA 

func (i *IDTokenClaims) GetAccessTokenRSA(signeKey *rsa.PrivateKey) (string, error)

func (*IDTokenClaims) GetMustUserID 

func (i *IDTokenClaims) GetMustUserID() int64

func (*IDTokenClaims) SetEmail 

func (i *IDTokenClaims) SetEmail(email string) *IDTokenClaims

func (*IDTokenClaims) SetExpiresAt 

func (i *IDTokenClaims) SetExpiresAt(expiresIn int64) *IDTokenClaims

func (*IDTokenClaims) SetGroups 

func (i *IDTokenClaims) SetGroups(groups []string) *IDTokenClaims

func (*IDTokenClaims) SetSubject 

func (i *IDTokenClaims) SetSubject(subject string) *IDTokenClaims

type OPAEnvoyPluginConfig 

type OPAEnvoyPluginConfig struct {
	GRPCAddress string
}

type OPARegoConfig 

type OPARegoConfig struct {
	RegoBody []byte
	DataBody []byte
}

type OPASDKConfig 

type OPASDKConfig struct {
	Config string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.