mirror of
https://github.com/harness/drone.git
synced 2025-05-06 02:40:52 +08:00
8c2f900c80
This change introduces the concept of a principal (abstraction of call identity), and adds a new service account type principal. Also adds support for different tokens (session, PAT, SAT, OAuth2) and adds auth.Session which is being used to capture information about the caller and call method.
40 lines
1.1 KiB
Go
40 lines
1.1 KiB
Go
// Copyright 2022 Harness Inc. All rights reserved.
|
|
// Use of this source code is governed by the Polyform Free Trial License
|
|
// that can be found in the LICENSE.md file for this repository.
|
|
|
|
package auth
|
|
|
|
import "github.com/harness/gitness/types/enum"
|
|
|
|
type Metadata interface {
|
|
ImpactsAuthorization() bool
|
|
}
|
|
|
|
// EmptyMetadata represents the state when the auth session doesn't have any extra metadata.
|
|
type EmptyMetadata struct{}
|
|
|
|
func (m *EmptyMetadata) ImpactsAuthorization() bool {
|
|
return false
|
|
}
|
|
|
|
// SSHMetadata contains information about the ssh connection that was used during auth.
|
|
type SSHMetadata struct {
|
|
KeyID string
|
|
Grants enum.AccessGrant // retrieved from ssh key table during verification
|
|
}
|
|
|
|
func (m *SSHMetadata) ImpactsAuthorization() bool {
|
|
return m.Grants != enum.AccessGrantAll
|
|
}
|
|
|
|
// TokenMetadata contains information about the token that was used during auth.
|
|
type TokenMetadata struct {
|
|
TokenType enum.TokenType
|
|
TokenID int64
|
|
Grants enum.AccessGrant // retrieved from token during verification
|
|
}
|
|
|
|
func (m *TokenMetadata) ImpactsAuthorization() bool {
|
|
return m.Grants != enum.AccessGrantAll
|
|
}
|