grpc

func StreamAuthInterceptor ¶

func StreamAuthInterceptor(
	authenticator security.Authenticator,
	opts ...security.AuthOption,
) grpc.StreamServerInterceptor

StreamAuthInterceptor An authentication claims extractor that will always verify the information flowing in the streams as true jwt claims.

func StreamTenancyAccessInterceptor ¶ added in v1.76.1

func StreamTenancyAccessInterceptor(checker *authorizer.TenancyAccessChecker) grpc.StreamServerInterceptor

StreamTenancyAccessInterceptor is a gRPC stream server interceptor that verifies the caller has data access to the partition identified in their claims.

This interceptor should be placed after StreamAuthInterceptor in the interceptor chain so that claims are available in the context.

func UnaryAuthInterceptor ¶

func UnaryAuthInterceptor(
	authenticator security.Authenticator,
	opts ...security.AuthOption,
) grpc.UnaryServerInterceptor

UnaryAuthInterceptor Simple grpc interceptor to extract the jwt supplied via authorization bearer token and verify the authentication claims in the token.

func UnaryTenancyAccessInterceptor ¶ added in v1.76.1

func UnaryTenancyAccessInterceptor(checker *authorizer.TenancyAccessChecker) grpc.UnaryServerInterceptor

UnaryTenancyAccessInterceptor is a gRPC unary server interceptor that verifies the caller has data access to the partition identified in their claims. It uses TenancyAccessChecker.CheckAccess which checks the "member" relation for regular users and the "service" relation for system_internal callers.

This interceptor should be placed after UnaryAuthInterceptor in the interceptor chain so that claims are available in the context.