github.com/m3db/m3@v1.5.1-0.20231129193456-75a402aa583b/src/ctl/auth/auth.go (about)

     1  // Copyright (c) 2017 Uber Technologies, Inc.
     2  //
     3  // Permission is hereby granted, free of charge, to any person obtaining a copy
     4  // of this software and associated documentation files (the "Software"), to deal
     5  // in the Software without restriction, including without limitation the rights
     6  // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
     7  // copies of the Software, and to permit persons to whom the Software is
     8  // furnished to do so, subject to the following conditions:
     9  //
    10  // The above copyright notice and this permission notice shall be included in
    11  // all copies or substantial portions of the Software.
    12  //
    13  // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    14  // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    15  // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    16  // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    17  // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    18  // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    19  // THE SOFTWARE.
    20  
    21  package auth
    22  
    23  import (
    24  	"context"
    25  	"net/http"
    26  )
    27  
    28  type keyType int
    29  
    30  // AuthorizationType designates a type of authorization.
    31  type AuthorizationType int
    32  
    33  type errorResponseHandler func(w http.ResponseWriter, code int, msg string) error
    34  
    35  const (
    36  	// UserIDField is a key
    37  	UserIDField keyType = iota
    38  )
    39  
    40  const (
    41  	// UnknownAuthorization is the unknown authorizationType case.
    42  	UnknownAuthorization AuthorizationType = iota
    43  	// NoAuthorization is the no authorizationType case.
    44  	NoAuthorization
    45  	// ReadOnlyAuthorization is the read only authorizationType case.
    46  	ReadOnlyAuthorization
    47  	// WriteOnlyAuthorization is the write only authorizationType case.
    48  	WriteOnlyAuthorization
    49  	// ReadWriteAuthorization is the read and write authorizationType case.
    50  	ReadWriteAuthorization
    51  )
    52  
    53  // HTTPAuthService defines how to handle requests for various http authentication and authorization methods.
    54  type HTTPAuthService interface {
    55  	// NewAuthHandler should return a handler that performs some check on the request coming into the given handler
    56  	// and then runs the handler if it is. If the request passes authentication/authorization successfully, it should call SetUser
    57  	// to make the callers id available to the service in a global context. errHandler should be passed in to properly format the
    58  	// the error and respond the the request in the event of bad auth.
    59  	NewAuthHandler(authType AuthorizationType, next http.Handler, errHandler errorResponseHandler) http.Handler
    60  
    61  	// SetUser sets a userID that identifies the api caller in the global context.
    62  	SetUser(parent context.Context, userID string) context.Context
    63  
    64  	// GetUser fetches the ID of an api caller from the global context.
    65  	GetUser(ctx context.Context) (string, error)
    66  }