github.com/safedep/dry@v0.0.0-20241016050132-a15651f0548b/apiguard/apiguard.go

github.com/safedep/dry@v0.0.0-20241016050132-a15651f0548b/apiguard/apiguard.go (about)

     1  package apiguard
     2  
     3  // These are metadata associated with the API key
     4  // at the time of creation. This is useful to set
     5  // application specific information that can be
     6  // passed across the API Guard to the API server.
     7  type KeyInfo struct {
     8  	OrganizationID string `json:"org_id"`
     9  	TeamID         string `json:"team_id"`
    10  	UserID         string `json:"user_id"`
    11  	KeyID          string `json:"key_id"`
    12  }
    13  
    14  type TokenInfo struct {
    15  	Email         string `json:"email"`
    16  	EmailVerified bool   `json:"email_verified"`
    17  	Subject       string `json:"sub"`
    18  	Audience      string `json:"aud"`
    19  }
    20  
    21  // Context represent the information passed by the API guard
    22  // to the API handler (down stream servers).
    23  type Context struct {
    24  	// Remote client address
    25  	RemoteAddr string
    26  
    27  	// Request ID generated by the API Guard or passed by client
    28  	RequestID string
    29  
    30  	// Path as seen by the API Guard. This is important
    31  	// to avoid parser differential vulnerabilities
    32  	Path string
    33  
    34  	// Secret shared between API Guard and Server. This enables
    35  	// API servers to verify that the request is actually coming from API Guard
    36  	// and not spoofed.
    37  	TrustToken string
    38  
    39  	// Meta Data stored in the API Key by client applications
    40  	Key KeyInfo
    41  
    42  	// Token info, available when JWT token is used
    43  	Token TokenInfo
    44  }