Add helper for clientauth
continuous-integration/drone/tag Build is passing Details

main v0.5.4
René Jochum 1 year ago
parent f24ff5298c
commit 39f9335852
Signed by: jochum
GPG Key ID: F7D906F5E51E8E5E

@ -25,6 +25,11 @@ func ClientAuthMustReg(cReg *components.Registry) *AuthRegistry[ClientPlugin] {
return cReg.Must(ClientAuthName).(*AuthRegistry[ClientPlugin])
}
func RegHasClientAuth(cReg *components.Registry) error {
_, err := cReg.Get(ClientAuthName)
return err
}
func RouterAuthComponent() *AuthRegistry[RouterPlugin] {
c := &AuthRegistry[RouterPlugin]{initialized: false, kind: "router", name: RouterAuthName, plugins: make(map[string]RouterPlugin)}
c.Register(newNoopRouterPlugin())

@ -24,7 +24,6 @@ LABEL maintainer="René Jochum <rene@jochum.dev>"
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /etc/passwd /etc/passwd
COPY --from=builder /usr/local/bin/microauth2sqld /usr/local/bin/microauth2sqld
RUN chmod +x /usr/local/bin/microauth2sqld
COPY ./cmd/microauth2sqld/migrations /migrations

@ -17,7 +17,7 @@ require (
golang.org/x/crypto v0.0.0-20220924013350-4ba4fb4dd9e7
google.golang.org/protobuf v1.28.1
jochum.dev/jo-micro/buncomponent v0.0.6
jochum.dev/jo-micro/components v0.3.0
jochum.dev/jo-micro/components v0.3.2
jochum.dev/jo-micro/logruscomponent v0.0.4
jochum.dev/jo-micro/router v0.4.8
)

@ -1918,8 +1918,8 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
jochum.dev/jo-micro/buncomponent v0.0.6 h1:Kj3BMXiDoA7LznfppqnRk2vHMbluyiGJPCgkhaYIae0=
jochum.dev/jo-micro/buncomponent v0.0.6/go.mod h1:saW250HcLcDWTCvQRSsSLw4C/d0ly6KmHZ/P48Azek8=
jochum.dev/jo-micro/components v0.3.0 h1:mo9IzK6UVbQuIit+vp74RFeT/VtS5mVv0ggBZ9q0tiE=
jochum.dev/jo-micro/components v0.3.0/go.mod h1:Yvn0Qz1zctUQUI6WIjq7PbfLY87Qvywpw+KxnVZeCvA=
jochum.dev/jo-micro/components v0.3.2 h1:Z6Od76Uh2C2+bKhfZvaDLbry8vWGe4Ie/rDfrObE1pg=
jochum.dev/jo-micro/components v0.3.2/go.mod h1:MXpsIY5Gut4/wDNquiCN+e4zYtATVwn+7uiNKj4nlKk=
jochum.dev/jo-micro/logruscomponent v0.0.4 h1:KkJhLIM0mm2tlk+z+gZdpb5vCeuBs6bhG3bncGhCqoQ=
jochum.dev/jo-micro/logruscomponent v0.0.4/go.mod h1:NVy+eN3Xm2SlzdsQGuC/9/+MwU+8BwxFZuaTprmLguU=
jochum.dev/jo-micro/router v0.4.8 h1:LLrozHtNAAtFRcvhlxNo+xnHfIZI3pR19ptDA1fWUpM=

@ -54,16 +54,13 @@ func (v *EndpointRolesVerifier) Verify(ctx context.Context, u *auth2.User, req s
}
if v.options.DefaultDeny {
v.logrus().WithField("endpoint", req.Endpoint()).WithField("user_roles", u.Roles).WithField("roles_allow", ep.RolesAllow).Debug("DefaultDeny: No matching role")
return errors.Unauthorized("auth2/plugins/verifier/endpointroles/EndpointRolesVerifier.Verify|No matching role", "Unauthorized"), true
}
}
if !v.options.DefaultDeny {
v.logrus().WithField("endpoint", req.Endpoint()).WithField("endpoints", v.endpointnames).Trace("DefaultAllow: No rule")
return nil, true
}
v.logrus().WithField("endpoint", req.Endpoint()).WithField("endpoints", v.endpointnames).Debug("DefaultDeny: no rule")
return errors.Unauthorized("auth2/plugins/verifier/endpointroles/EndpointRolesVerifier.Verify|No rule", "Unauthorized"), false
return errors.Unauthorized("auth2/plugins/verifier/endpointroles/EndpointRolesVerifier.Verify|No rule", "Unauthorized"), true
}

Loading…
Cancel
Save