security

package
v0.1.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2024 License: MIT Imports: 8 Imported by: 0

Documentation

Overview

Package security implements the functions, types, and interfaces for the module.

Package security implements the functions, types, and interfaces for the module.

Package security implements the functions, types, and interfaces for the module.

Package security is a toolkit for security check and authorization

Package security implements the functions, types, and interfaces for the module.

Package security is a toolkit for security check and authorization

Package security implements the functions, types, and interfaces for the module.

Index

Constants

View Source 
const (
	HeaderAuthorize = "Authorization"
)
View Source 
const (
	// SchemeNTLM represents an NTLM authorization.
	SchemeNTLM = SchemeNegotiate
)
View Source 
const (
	TokenNamespace = "security:token"
)

Variables

This section is empty.

Functions

func FromToken added in v0.1.8 

func FromToken(ctx context.Context) string

func NewSecurityCache added in v0.0.92 

func NewSecurityCache() cache.Cache

func NewToken added in v0.1.8 

func NewToken(ctx context.Context, token string) context.Context

Types

type Authenticator 

type Authenticator interface {
	// AuthenticateToken returns a nil error and the AuthClaims info (if available).
	AuthenticateToken(string) (Claims, error)
	// AuthenticateTokenContext returns a nil error and the AuthClaims info (if available).
	// if the subject is authenticated or a non-nil error with an appropriate error cause otherwise.
	AuthenticateTokenContext(context.Context, TokenType) (Claims, error)
	// Authenticate validates if a token is valid.
	Authenticate(context.Context, string) (bool, error)
	// AuthenticateContext validates if a token is valid.
	AuthenticateContext(context.Context, TokenType, string) (bool, error)

	// CreateToken inject user claims into token string.
	CreateToken(Claims) (string, error)
	// CreateTokenContext inject user claims into context.
	CreateTokenContext(context.Context, TokenType, Claims) (context.Context, error)
	// DestroyToken invalidate a token by removing it from the token store.
	DestroyToken(context.Context, string) error
	// DestroyTokenContext invalidate a token by removing it from the token store.
	DestroyTokenContext(context.Context, TokenType, string) error

	// Close Cleans up the authenticator.
	Close()
}

Authenticator interface

type Authorizer 

type Authorizer interface {
	Authorized(context.Context, Policy) (bool, error)
}

type Claims 

type Claims interface {
	// GetSubject returns the subject of the security
	GetSubject() string
	// GetIssuer returns the issuer of the security
	GetIssuer() string
	// GetAudience returns the audience of the security
	GetAudience() []string
	// GetExpiration returns the expiration time of the security
	GetExpiration() time.Time
	// GetNotBefore returns the time before which the security cannot be accepted
	GetNotBefore() time.Time
	// GetIssuedAt returns the time at which the security was issued
	GetIssuedAt() time.Time
	// GetJWTID returns the unique identifier for the security
	GetJWTID() string
	// GetScopes returns the scopes associated with the security
	GetScopes() map[string]bool
	// GetExtra returns any additional data associated with the security
	GetExtra() map[string]string
}

Claims is an interface that defines the methods that a security claims object should have

type Policy added in v0.0.20 

type Policy interface {
	// GetSubject returns the subject of the policy
	GetSubject() string
	// GetObject returns the object of the policy
	GetObject() string
	// GetAction returns the action of the policy
	GetAction() string
	// GetDomain returns the domain of the policy
	GetDomain() []string
	// GetExtra returns the extra information of the policy
	GetExtra() map[string]string
}

Policy is an interface that defines the methods for a policy

type PolicyChecker added in v0.1.7 

type PolicyChecker interface {
	// CheckPolicy checks if the policy for a given subject, object, action, domain and extra is allowed
	CheckPolicy(Policy) bool
	// CheckPolicyContext checks if the policy for a given subject, object, action
	CheckPolicyContext(context.Context, TokenType, Policy) bool
}

PolicyChecker is an interface that defines the methods for a policy checker

type PolicyManager 

type PolicyManager interface {
	// AddPolicy adds a policy for a given subject, object, action, domain and extra
	AddPolicy(sec string, pt string, rule []string) error
	// RemovePolicy removes a policy for a given subject, object, action, domain and extra
	RemovePolicy(sec string, pt string, rule []string) error
	// GetPolicy returns the policy for a given subject, object, action, domain and extra
	GetPolicy(subject string, object string, action string, domain []string, extra map[string]string) Policy
	// SetPolicy sets the policy for a given subject, object, action, domain and extra
	SetPolicy(subject string, object string, action string, domain []string, extra map[string]string)
	// SetPolicies sets the policies for a given context
	SetPolicies(context.Context, map[string]Policy) error
}

PolicyManager is an interface that defines the methods for a policy manager

type Scheme 

type Scheme int

Scheme represents the type of authorization. 

const (
	// SchemeAnonymous represents an anonymous authorization.
	SchemeAnonymous Scheme = iota
	// SchemeBasic represents a basic authorization.
	SchemeBasic
	// SchemeBearer represents a bearer authorization.
	SchemeBearer
	// SchemeDigest represents a digest authorization.
	SchemeDigest
	// SchemeHOBA represents a HTTP Origin-Bound Authentication (HOBA) authorization.
	SchemeHOBA
	// SchemeMutual represents a mutual authentication.
	SchemeMutual
	// SchemeNegotiate represents a negotiate authorization.
	SchemeNegotiate
	// SchemeVapid represents a VAPID authorization.
	SchemeVapid
	// SchemeSCRAM represents a SCRAM authorization.
	SchemeSCRAM
	// SchemeAWS4HMAC256 represents an AWS4-HMAC-SHA256 authorization.
	SchemeAWS4HMAC256
	// SchemeDPoP represents a DPoP authorization.
	SchemeDPoP
	// SchemeGNAP represents a GNAP authorization.
	SchemeGNAP
	// SchemePrivate represents a private authorization.
	SchemePrivate
	// SchemeOAuth represents an OAuth authorization.
	SchemeOAuth
	// SchemeUnknown represents an unknown authorization.
	SchemeUnknown
	SchemeMax
)

func (Scheme) Equal 

func (t Scheme) Equal(other string) bool

func (Scheme) Lower 

func (t Scheme) Lower() string

Lower returns the lowercase string representation of the Type.

func (Scheme) String 

func (i Scheme) String() string

type Serializer 

type Serializer interface {
	// Serialize serializes the given data into a byte slice
	Serialize(ctx context.Context, data Claims) ([]byte, error)
	// Deserialize deserializes the given byte slice into the given data
	Deserialize(ctx context.Context, data []byte) (Claims, error)
}

Serializer is an interface that defines the methods for a serializer

type StorageOption added in v0.0.42 

type StorageOption struct {
	Cache     cache.Cache
	Namespace string
}

StorageOption contains options for the JWT datacache

type StorageSetting 

type StorageSetting = func(*StorageOption)

func WithCache 

func WithCache(c cache.Cache) StorageSetting

func WithNamespace added in v0.0.42 

func WithNamespace(ns string) StorageSetting

type TokenStorage added in v0.0.42 

type TokenStorage interface {
	// Set stores the token with a specific expiration time
	Set(ctx context.Context, tokenStr string, expiration time.Duration) error
	// Delete deletes the token from the tokenStorage
	Delete(ctx context.Context, tokenStr string) error
	// Validate checks if the token exists in the tokenStorage
	Validate(ctx context.Context, tokenStr string) error
	// Close closes the tokenStorage
	Close(ctx context.Context) error
}

TokenStorage is the interface that tokenStorage the token.

func NewTokenStorage added in v0.0.42 

func NewTokenStorage(ss ...StorageSetting) TokenStorage

NewTokenStorage creates a new TokenStorage with a Cache and optional StoreOptions

type TokenType 

type TokenType int
const (
	ContextTypeContext TokenType = iota
	ContextTypeHeader
	ContextTypeQuery
	ContextTypeCookie
	ContextTypeParam
	ContextTypeForm
	ContextTypeBody
	ContextTypeSession
	ContextTypeUnknown
)

type UnimplementedClaims 

type UnimplementedClaims struct {
}

UnimplementedClaims is a struct that implements the Claims interface

func (UnimplementedClaims) GetAudience 

func (u UnimplementedClaims) GetAudience() []string

GetAudience returns an empty slice

func (UnimplementedClaims) GetExpiration 

func (u UnimplementedClaims) GetExpiration() time.Time

GetExpiration returns the current time

func (UnimplementedClaims) GetExtra 

func (u UnimplementedClaims) GetExtra() map[string]string

GetExtra returns an empty map

func (UnimplementedClaims) GetIssuedAt 

func (u UnimplementedClaims) GetIssuedAt() time.Time

GetIssuedAt returns the current time

func (UnimplementedClaims) GetIssuer 

func (u UnimplementedClaims) GetIssuer() string

GetIssuer returns an empty string

func (UnimplementedClaims) GetJwtID 

func (u UnimplementedClaims) GetJwtID() string

GetJwtID returns an empty string

func (UnimplementedClaims) GetNotBefore 

func (u UnimplementedClaims) GetNotBefore() time.Time

GetNotBefore returns the current time

func (UnimplementedClaims) GetScopes 

func (u UnimplementedClaims) GetScopes() map[string]bool

GetScopes returns an empty map

func (UnimplementedClaims) GetSubject 

func (u UnimplementedClaims) GetSubject() string

GetSubject returns an empty string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.