Documentation
¶
Index ¶
- Variables
- func DefaultList(_ context.Context, authI security.Authenticator, ...) ([]connect.Interceptor, error)
- func NewAuthInterceptor(authenticator security.Authenticator) connect.Interceptor
- func NewFunctionAccessInterceptor(checker *authorizer.FunctionChecker, permissions map[string][]string) connect.Interceptor
- func NewTenancyAccessInterceptor(checker *authorizer.TenancyAccessChecker) connect.Interceptor
- func NewTenancyTxInterceptor(dbPool pool.Pool) connect.Interceptor
- func NewValidationInterceptor(opts ...Option) connect.Interceptor
- type Option
Constants ¶
This section is empty.
Variables ¶
var ( // ErrMissingToken is returned when no authorization header is present. ErrMissingToken = errors.New("authorization header is required") // ErrMalformedToken is returned when the authorization header is malformed. ErrMalformedToken = errors.New("malformed authorization header") // ErrInvalidToken is returned when token authentication fails. ErrInvalidToken = errors.New("invalid authorization token") )
Functions ¶
func DefaultList ¶ added in v1.68.9
func DefaultList( _ context.Context, authI security.Authenticator, moreInterceptors ...connect.Interceptor, ) ([]connect.Interceptor, error)
func NewAuthInterceptor ¶
func NewAuthInterceptor(authenticator security.Authenticator) connect.Interceptor
NewAuthInterceptor creates a new authentication interceptor.
func NewFunctionAccessInterceptor ¶ added in v1.82.0
func NewFunctionAccessInterceptor( checker *authorizer.FunctionChecker, permissions map[string][]string, ) connect.Interceptor
NewFunctionAccessInterceptor creates a Connect interceptor that enforces functional permissions automatically based on a procedure-to-permissions map.
The permissions map should be keyed by Connect procedure name (e.g., "/profile.v1.ProfileService/GetById") with values being the permission strings required for that procedure. Use the permissions.BuildProcedureMap helper from the apis/go/common/permissions package to build this map from proto service descriptors.
If a procedure is not in the map, the request is allowed through without a functional permission check.
func NewTenancyAccessInterceptor ¶ added in v1.76.1
func NewTenancyAccessInterceptor(checker *authorizer.TenancyAccessChecker) connect.Interceptor
NewTenancyAccessInterceptor creates a Connect interceptor that enforces tenancy data access using the provided TenancyAccessChecker.
func NewTenancyTxInterceptor ¶ added in v1.95.0
func NewTenancyTxInterceptor(dbPool pool.Pool) connect.Interceptor
NewTenancyTxInterceptor returns a Connect interceptor that runs every RPC inside a request-scoped tenancy transaction. The interceptor invokes pool.WithRequestTx, which:
- Opens a transaction on a pooled connection.
- Publishes app.tenant_id (single value) and app.partition_id (comma-separated list — one principal may legitimately span multiple partitions) from the auth claims via set_config(..., true) so the values are SET LOCAL and revert when the transaction commits / rolls back.
- Binds the transaction to the request context so downstream pool.DB(ctx, _) calls return the same tx, end-to-end.
Combined with the Row-Level Security policies installed automatically by pool.Migrate on every data.BaseModel-embedding table, this means the application's repository code never references tenant_id or partition_id directly — frame and Postgres enforce isolation between them.
Register after the authentication interceptor so the auth claims are available when WithRequestTx reads them. The auto-applied scopes.TenancyPartition still runs for trivial GORM-builder paths where it can prefix the table alias correctly; this interceptor is what makes naive Raw SQL and multi-table joins transparent.
Streaming handlers (server-streaming RPCs that send batches via a workerpool) hold the transaction open for the duration of the stream. That is intentional: every batch reads through the same session-variable scope. Pure-read streams are safe; mutate-then- stream patterns inherit the transaction's commit semantics.
func NewValidationInterceptor ¶
func NewValidationInterceptor(opts ...Option) connect.Interceptor
NewValidationInterceptor builds an validationInterceptor. The default configuration is appropriate for most use cases.
Types ¶
type Option ¶ added in v1.67.1
type Option interface {
// contains filtered or unexported methods
}
An Option configures an [validationInterceptor].
func WithValidateResponses ¶ added in v1.67.1
func WithValidateResponses() Option
WithValidateResponses configures the [validationInterceptor] to also validate reponses in addition to validating requests.
By default:
- Unary: Response messages from the server are not validated. - Client streams: Received messages are not validated. - Server streams: Sent messages are not validated.
However, these messages are all validated if this option is set.
func WithValidator ¶ added in v1.67.1
func WithValidator(validator protovalidate.Validator) Option
WithValidator configures the [validationInterceptor] to use a customized protovalidate.Validator. By default, protovalidate.GlobalInterceptor is used See protovalidate.ValidatorOption for the range of available customizations.
func WithoutErrorDetails ¶ added in v1.67.1
func WithoutErrorDetails() Option
WithoutErrorDetails configures the [validationInterceptor] to elide error details from validation errors. By default, a protovalidate.ValidationError is added as a detail when validation errors are returned.
Source Files