github.com/sijibomii/docker@v0.0.0-20231230191044-5cf6ca554647/pkg/authorization/plugin.go

github.com/sijibomii/docker@v0.0.0-20231230191044-5cf6ca554647/pkg/authorization/plugin.go (about)

     1  package authorization
     2  
     3  import "github.com/docker/docker/pkg/plugins"
     4  
     5  // Plugin allows third party plugins to authorize requests and responses
     6  // in the context of docker API
     7  type Plugin interface {
     8  	// Name returns the registered plugin name
     9  	Name() string
    10  
    11  	// AuthZRequest authorize the request from the client to the daemon
    12  	AuthZRequest(*Request) (*Response, error)
    13  
    14  	// AuthZResponse authorize the response from the daemon to the client
    15  	AuthZResponse(*Request) (*Response, error)
    16  }
    17  
    18  // NewPlugins constructs and initialize the authorization plugins based on plugin names
    19  func NewPlugins(names []string) []Plugin {
    20  	plugins := []Plugin{}
    21  	pluginsMap := make(map[string]struct{})
    22  	for _, name := range names {
    23  		if _, ok := pluginsMap[name]; ok {
    24  			continue
    25  		}
    26  		pluginsMap[name] = struct{}{}
    27  		plugins = append(plugins, newAuthorizationPlugin(name))
    28  	}
    29  	return plugins
    30  }
    31  
    32  // authorizationPlugin is an internal adapter to docker plugin system
    33  type authorizationPlugin struct {
    34  	plugin *plugins.Plugin
    35  	name   string
    36  }
    37  
    38  func newAuthorizationPlugin(name string) Plugin {
    39  	return &authorizationPlugin{name: name}
    40  }
    41  
    42  func (a *authorizationPlugin) Name() string {
    43  	return a.name
    44  }
    45  
    46  func (a *authorizationPlugin) AuthZRequest(authReq *Request) (*Response, error) {
    47  	if err := a.initPlugin(); err != nil {
    48  		return nil, err
    49  	}
    50  
    51  	authRes := &Response{}
    52  	if err := a.plugin.Client.Call(AuthZApiRequest, authReq, authRes); err != nil {
    53  		return nil, err
    54  	}
    55  
    56  	return authRes, nil
    57  }
    58  
    59  func (a *authorizationPlugin) AuthZResponse(authReq *Request) (*Response, error) {
    60  	if err := a.initPlugin(); err != nil {
    61  		return nil, err
    62  	}
    63  
    64  	authRes := &Response{}
    65  	if err := a.plugin.Client.Call(AuthZApiResponse, authReq, authRes); err != nil {
    66  		return nil, err
    67  	}
    68  
    69  	return authRes, nil
    70  }
    71  
    72  // initPlugin initialize the authorization plugin if needed
    73  func (a *authorizationPlugin) initPlugin() error {
    74  	// Lazy loading of plugins
    75  	if a.plugin == nil {
    76  		var err error
    77  		a.plugin, err = plugins.Get(a.name, AuthZApiImplements)
    78  		if err != nil {
    79  			return err
    80  		}
    81  	}
    82  	return nil
    83  }