• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字

Golang auth.Store类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Golang中github.com/coreos/etcd/etcdserver/auth.Store的典型用法代码示例。如果您正苦于以下问题:Golang Store类的具体用法?Golang Store怎么用?Golang Store使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



在下文中一共展示了Store类的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。

示例1: hasRootAccess

func hasRootAccess(sec auth.Store, r *http.Request, clientCertAuthEnabled bool) bool {
	if sec == nil {
		// No store means no auth available, eg, tests.
		return true
	}
	if !sec.AuthEnabled() {
		return true
	}

	var rootUser *auth.User
	if r.Header.Get("Authorization") == "" && clientCertAuthEnabled {
		rootUser = userFromClientCertificate(sec, r)
		if rootUser == nil {
			return false
		}
	} else {
		rootUser = userFromBasicAuth(sec, r)
		if rootUser == nil {
			return false
		}
	}

	for _, role := range rootUser.Roles {
		if role == auth.RootRoleName {
			return true
		}
	}
	plog.Warningf("auth: user %s does not have the %s role for resource %s.", rootUser.User, auth.RootRoleName, r.URL.Path)
	return false
}
开发者ID:AdoHe,项目名称:kubernetes,代码行数:30,代码来源:client_auth.go


示例2: hasRootAccess

func hasRootAccess(sec *auth.Store, r *http.Request) bool {
	if sec == nil {
		// No store means no auth available, eg, tests.
		return true
	}
	if !sec.AuthEnabled() {
		return true
	}
	username, password, ok := netutil.BasicAuth(r)
	if !ok {
		return false
	}
	rootUser, err := sec.GetUser(username)
	if err != nil {
		return false
	}
	ok = rootUser.CheckPassword(password)
	if !ok {
		plog.Warningf("auth: wrong password for user %s", username)
		return false
	}
	for _, role := range rootUser.Roles {
		if role == auth.RootRoleName {
			return true
		}
	}
	plog.Warningf("auth: user %s does not have the %s role for resource %s.", username, auth.RootRoleName, r.URL.Path)
	return false
}
开发者ID:EricMountain-1A,项目名称:openshift-origin,代码行数:29,代码来源:client_auth.go


示例3: hasGuestAccess

func hasGuestAccess(sec *auth.Store, r *http.Request, key string) bool {
	writeAccess := r.Method != "GET" && r.Method != "HEAD"
	role, err := sec.GetRole(auth.GuestRoleName)
	if err != nil {
		return false
	}
	if role.HasKeyAccess(key, writeAccess) {
		return true
	}
	plog.Warningf("auth: invalid access for unauthenticated user on resource %s.", key)
	return false
}
开发者ID:EricMountain-1A,项目名称:openshift-origin,代码行数:12,代码来源:client_auth.go


示例4: userFromClientCertificate

func userFromClientCertificate(sec auth.Store, r *http.Request) *auth.User {
	if r.TLS == nil {
		return nil
	}

	for _, chains := range r.TLS.VerifiedChains {
		for _, chain := range chains {
			plog.Debugf("auth: found common name %s.\n", chain.Subject.CommonName)
			user, err := sec.GetUser(chain.Subject.CommonName)
			if err == nil {
				plog.Debugf("auth: authenticated user %s by cert common name.", user.User)
				return &user
			}
		}
	}
	return nil
}
开发者ID:AdoHe,项目名称:kubernetes,代码行数:17,代码来源:client_auth.go


示例5: userFromBasicAuth

func userFromBasicAuth(sec auth.Store, r *http.Request) *auth.User {
	username, password, ok := r.BasicAuth()
	if !ok {
		plog.Warningf("auth: malformed basic auth encoding")
		return nil
	}
	user, err := sec.GetUser(username)
	if err != nil {
		return nil
	}

	ok = sec.CheckPassword(user, password)
	if !ok {
		plog.Warningf("auth: incorrect password for user: %s", username)
		return nil
	}
	return &user
}
开发者ID:AdoHe,项目名称:kubernetes,代码行数:18,代码来源:client_auth.go


示例6: hasKeyPrefixAccess

func hasKeyPrefixAccess(sec auth.Store, r *http.Request, key string, recursive, clientCertAuthEnabled bool) bool {
	if sec == nil {
		// No store means no auth available, eg, tests.
		return true
	}
	if !sec.AuthEnabled() {
		return true
	}

	var user *auth.User
	if r.Header.Get("Authorization") == "" {
		if clientCertAuthEnabled {
			user = userFromClientCertificate(sec, r)
		}
		if user == nil {
			return hasGuestAccess(sec, r, key)
		}
	} else {
		user = userFromBasicAuth(sec, r)
		if user == nil {
			return false
		}
	}

	writeAccess := r.Method != "GET" && r.Method != "HEAD"
	for _, roleName := range user.Roles {
		role, err := sec.GetRole(roleName)
		if err != nil {
			continue
		}
		if recursive {
			if role.HasRecursiveAccess(key, writeAccess) {
				return true
			}
		} else if role.HasKeyAccess(key, writeAccess) {
			return true
		}
	}
	plog.Warningf("auth: invalid access for user %s on key %s.", user.User, key)
	return false
}
开发者ID:jbeda,项目名称:kubernetes,代码行数:41,代码来源:client_auth.go


示例7: hasKeyPrefixAccess

func hasKeyPrefixAccess(sec auth.Store, r *http.Request, key string, recursive bool) bool {
	if sec == nil {
		// No store means no auth available, eg, tests.
		return true
	}
	if !sec.AuthEnabled() {
		return true
	}
	if r.Header.Get("Authorization") == "" {
		plog.Warningf("auth: no authorization provided, checking guest access")
		return hasGuestAccess(sec, r, key)
	}
	username, password, ok := r.BasicAuth()
	if !ok {
		plog.Warningf("auth: malformed basic auth encoding")
		return false
	}
	user, err := sec.GetUser(username)
	if err != nil {
		plog.Warningf("auth: no such user: %s.", username)
		return false
	}
	authAsUser := sec.CheckPassword(user, password)
	if !authAsUser {
		plog.Warningf("auth: incorrect password for user: %s.", username)
		return false
	}
	writeAccess := r.Method != "GET" && r.Method != "HEAD"
	for _, roleName := range user.Roles {
		role, err := sec.GetRole(roleName)
		if err != nil {
			continue
		}
		if recursive {
			if role.HasRecursiveAccess(key, writeAccess) {
				return true
			}
		} else if role.HasKeyAccess(key, writeAccess) {
			return true
		}
	}
	plog.Warningf("auth: invalid access for user %s on key %s.", username, key)
	return false
}
开发者ID:CliffYuan,项目名称:etcd,代码行数:44,代码来源:client_auth.go


示例8: hasKeyPrefixAccess

func hasKeyPrefixAccess(sec *auth.Store, r *http.Request, key string, recursive bool) bool {
	if sec == nil {
		// No store means no auth available, eg, tests.
		return true
	}
	if !sec.AuthEnabled() {
		return true
	}
	username, password, ok := netutil.BasicAuth(r)
	if !ok {
		return hasGuestAccess(sec, r, key)
	}
	user, err := sec.GetUser(username)
	if err != nil {
		plog.Warningf("auth: no such user: %s.", username)
		return false
	}
	authAsUser := user.CheckPassword(password)
	if !authAsUser {
		plog.Warningf("auth: incorrect password for user: %s.", username)
		return false
	}
	writeAccess := r.Method != "GET" && r.Method != "HEAD"
	for _, roleName := range user.Roles {
		role, err := sec.GetRole(roleName)
		if err != nil {
			continue
		}
		if recursive {
			return role.HasRecursiveAccess(key, writeAccess)
		}
		return role.HasKeyAccess(key, writeAccess)
	}
	plog.Warningf("auth: invalid access for user %s on key %s.", username, key)
	return false
}
开发者ID:EricMountain-1A,项目名称:openshift-origin,代码行数:36,代码来源:client_auth.go



注:本文中的github.com/coreos/etcd/etcdserver/auth.Store类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。

鲜花
握手
雷人
路过
鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
More+
上一篇:
Golang etcdhttp.NewClientHandler函数代码示例发布时间:2022-05-23
下一篇:
Golang auth.NewStore函数代码示例发布时间:2022-05-23
热门推荐
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap