auth

package
v1.19.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 25, 2025 License: Apache-2.0 Imports: 13 Imported by: 17

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AppendClusterInfoToContext 

func AppendClusterInfoToContext(ctx context.Context, info ClusterInfo) context.Context

AppendClusterInfoToContext appends the cluster info to the context.

func AppendUserInfoToContext 

func AppendUserInfoToContext(ctx context.Context, info UserInfo) context.Context

AppendUserInfoToContext appends the user info to the context.

func AppendWorkerAuthorization 

func AppendWorkerAuthorization(ctx context.Context) context.Context

AppendWorkerAuthorization appends the authorization to the context for a request from a worker cluster.

func AppendWorkerAuthorizationToHeader 

func AppendWorkerAuthorizationToHeader(req *http.Request)

AppendWorkerAuthorizationToHeader appends the authorization to the HTTP header.

func CarryMetadata 

func CarryMetadata(ctx context.Context) context.Context

CarryMetadata extracts relevant metadata from the incoming context and appends that to the outgoing context.

func CarryMetadataFromHTTPHeader 

func CarryMetadataFromHTTPHeader(ctx context.Context, header http.Header) context.Context

CarryMetadataFromHTTPHeader extracts relevant metadata from HTTP headers and appends that to the outgoing context.

func ExtractTokenFromContext 

func ExtractTokenFromContext(ctx context.Context) (string, error)

ExtractTokenFromContext extracts a token from a context.

func HeaderMatcher 

func HeaderMatcher(key string) (string, bool)

HeaderMatcher is a custom header matcher for GRPC gateway.

func ValidateClusterRegistrationKey added in v1.9.0 

func ValidateClusterRegistrationKey() error

ValidateClusterRegistrationKey validates the cluster registration key.

Types

type AssignedKubernetesEnv 

type AssignedKubernetesEnv struct {
	ClusterID   string
	ClusterName string
	Namespace   string
}

AssignedKubernetesEnv represents the assigned Kubernetes environment.

type ClusterInfo 

type ClusterInfo struct {
	ClusterID   string
	ClusterName string
	TenantID    string
}

ClusterInfo manages the cluster info.

func ExtractClusterInfoFromContext 

func ExtractClusterInfoFromContext(ctx context.Context) (*ClusterInfo, bool)

ExtractClusterInfoFromContext extracts the cluster info from the context.

type Config 

type Config struct {
	RBACServerAddr string

	// AccessResource is the static resource name to access. This value or GetAccessResource functions must be set.
	AccessResource string
	// GetAccessResourceForGRPCRequest is a function to get the resource name from a gRPC method.
	GetAccessResourceForGRPCRequest func(fullMethod string) string
	// GetAccessResourceForHTTPRequest is a function to get the resource name from an HTTP request method and URL.
	GetAccessResourceForHTTPRequest func(method string, url url.URL) string
}

Config is the configuration for an Interceptor.

type Interceptor 

type Interceptor struct {
	// contains filtered or unexported fields
}

Interceptor is an authentication interceptor.

func NewInterceptor 

func NewInterceptor(ctx context.Context, c Config) (*Interceptor, error)

NewInterceptor creates a new Interceptor.

func (*Interceptor) InterceptHTTPRequest 

func (a *Interceptor) InterceptHTTPRequest(req *http.Request) (int, UserInfo, error)

InterceptHTTPRequest intercepts an HTTP request and returns an HTTP status code.

func (*Interceptor) Unary 

func (a *Interceptor) Unary(excludeMethods ...string) grpc.UnaryServerInterceptor

Unary returns a unary server interceptor.

type UserInfo 

type UserInfo struct {
	UserID                 string
	InternalUserID         string
	OrganizationID         string
	OrganizationTitle      string
	ProjectID              string
	ProjectTitle           string
	AssignedKubernetesEnvs []AssignedKubernetesEnv
	TenantID               string

	// APIKeyID is the ID of the API key. It is set only when the user is authenticated with an API key.
	APIKeyID string

	// ExcludedFromRateLimiting indicates whether the API key is excluded from rate limiting.
	ExcludedFromRateLimiting bool
}

UserInfo manages the user info.

func ExtractUserInfoFromContext 

func ExtractUserInfoFromContext(ctx context.Context) (*UserInfo, bool)

ExtractUserInfoFromContext extracts the user info from the context.

type WorkerConfig 

type WorkerConfig struct {
	RBACServerAddr string
}

WorkerConfig is the configuration for a WorkerInterceptor.

type WorkerInterceptor 

type WorkerInterceptor struct {
	// contains filtered or unexported fields
}

WorkerInterceptor is an authentication interceptor for requests from worker clusters.

func NewWorkerInterceptor 

func NewWorkerInterceptor(ctx context.Context, c WorkerConfig) (*WorkerInterceptor, error)

NewWorkerInterceptor creates a new WorkerInterceptor.

func (*WorkerInterceptor) InterceptHTTPRequest 

func (a *WorkerInterceptor) InterceptHTTPRequest(req *http.Request) (int, ClusterInfo, error)

InterceptHTTPRequest intercepts an HTTP request and returns an HTTP status code.

func (*WorkerInterceptor) Stream 

func (a *WorkerInterceptor) Stream() grpc.StreamServerInterceptor

Stream returns a stream server interceptor.

func (*WorkerInterceptor) Unary 

func (a *WorkerInterceptor) Unary() grpc.UnaryServerInterceptor

Unary returns a unary server interceptor.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.