auth

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2026 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrAuthorizationDenied = fmt.Errorf("authorization denied by dynamic hook")
)

Functions

func PermissionsFromContext 

func PermissionsFromContext(ctx context.Context) []string

PermissionsFromContext extracts the permissions from the context.

func RolesFromContext 

func RolesFromContext(ctx context.Context) []string

RolesFromContext extracts the roles from the context.

func TenantIDFromContext 

func TenantIDFromContext(ctx context.Context) string

TenantIDFromContext extracts the tenant ID from the context.

func UserIDFromContext 

func UserIDFromContext(ctx context.Context) string

UserIDFromContext extracts the user ID from the context.

func WithIdentity 

func WithIdentity(ctx context.Context, id *Identity) context.Context

WithIdentity stores the identity in the context.

func WithTenantID 

func WithTenantID(ctx context.Context, tenantID string) context.Context

WithTenantID stores a tenant ID in the context (useful for background workers).

Types

type AuthorizationHook 

type AuthorizationHook struct {
	// contains filtered or unexported fields
}

AuthorizationHook calls the consuming system's dynamic authorization endpoint to determine if a checker is allowed to act on a request.

func NewAuthorizationHook 

func NewAuthorizationHook(timeout time.Duration) *AuthorizationHook

func (*AuthorizationHook) Check 

func (h *AuthorizationHook) Check(ctx context.Context, hookURL string, secret string, hookReq model.AuthorizationHookRequest) error

func (*AuthorizationHook) SetMetrics 

func (h *AuthorizationHook) SetMetrics(m *metrics.Metrics)

type Identity 

type Identity struct {
	UserID      string
	Roles       []string
	Permissions []string
	TenantID    string
}

Identity represents the authenticated user extracted from the request.

type Provider 

type Provider interface {
	Authenticate(r *http.Request) (*Identity, error)
}

Provider extracts identity from an HTTP request.

type TrustProvider 

type TrustProvider struct {
	UserIDHeader      string
	RolesHeader       string
	PermissionsHeader string
	TenantIDHeader    string
}

TrustProvider trusts identity headers from the host app.

func NewTrustProvider 

func NewTrustProvider(userIDHeader, rolesHeader, permissionsHeader, tenantIDHeader string) *TrustProvider

func (*TrustProvider) Authenticate 

func (p *TrustProvider) Authenticate(r *http.Request) (*Identity, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.