package server

import "github.com/open-policy-agent/opa/server"

Package server contains the policy engine's server handlers.

Index

Types

type AuthenticationScheme 

type AuthenticationScheme int

AuthenticationScheme enumerates the supported authentication schemes. The authentication scheme determines how client identities are established. 

const (
	AuthenticationOff   AuthenticationScheme = iota
	AuthenticationToken                      = iota
)

Set of supported authentication schemes.

type AuthorizationScheme 

type AuthorizationScheme int

AuthorizationScheme enumerates the supported authorization schemes. The authorization scheme determines how access to OPA is controlled. 

const (
	AuthorizationOff   AuthorizationScheme = iota
	AuthorizationBasic                     = iota
)

Set of supported authorization schemes.

type Buffer 

type Buffer interface {
	// Push adds the given Info into the buffer.
	Push(*Info)

	// Iter iterates over the buffer, from oldest present Info to newest. It should
	// call fn on each Info.
	Iter(fn func(*Info))
}

Buffer defines an interface that the server can call to push diagnostic information about policy decisions. Buffers must be able to handle concurrent calls.

func NewBoundedBuffer 

func NewBoundedBuffer(n int) Buffer

NewBoundedBuffer creates a new Buffer with maximum size n. NewBoundedBuffer will panic if n is not positive.

type Info 

type Info struct {
	DecisionID string
	RemoteAddr string
	Query      string
	Timestamp  time.Time
	Input      interface{}
	Results    *interface{}
	Error      error
	Metrics    metrics.Metrics
	Trace      []*topdown.Event
}

Info contains information describing a policy decision.

type Server 

type Server struct {
	Handler http.Handler
	// contains filtered or unexported fields
}

Server represents an instance of OPA running in server mode.

func New 

func New() *Server

New returns a new Server.

func (*Server) Compiler 

func (s *Server) Compiler() *ast.Compiler

Compiler returns the server's compiler.

The server's compiler contains the compiled versions of all modules added to the server as well as data structures for performing query analysis. This is intended to allow services to embed the OPA server while still relying on the topdown package for query evaluation.

func (*Server) Init 

func (s *Server) Init(ctx context.Context) (*Server, error)

Init initializes the server. This function MUST be called before Loop.

func (*Server) Listeners 

func (s *Server) Listeners() (func() error, func() error)

Listeners returns functions that listen and serve connections.

func (*Server) WithAddress 

func (s *Server) WithAddress(addr string) *Server

WithAddress sets the listening address that the server will bind to.

func (*Server) WithAuthentication 

func (s *Server) WithAuthentication(scheme AuthenticationScheme) *Server

WithAuthentication sets authentication scheme to use on the server.

func (*Server) WithAuthorization 

func (s *Server) WithAuthorization(scheme AuthorizationScheme) *Server

WithAuthorization sets authorization scheme to use on the server.

func (*Server) WithCertificate 

func (s *Server) WithCertificate(cert *tls.Certificate) *Server

WithCertificate sets the server-side certificate that the server will use.

func (*Server) WithCompilerErrorLimit 

func (s *Server) WithCompilerErrorLimit(limit int) *Server

WithCompilerErrorLimit sets the limit on the number of compiler errors the server will allow.

func (*Server) WithDecisionIDFactory 

func (s *Server) WithDecisionIDFactory(f func() string) *Server

WithDecisionIDFactory sets a function on the server to generate decision IDs.

func (*Server) WithDiagnosticsBuffer 

func (s *Server) WithDiagnosticsBuffer(buf Buffer) *Server

WithDiagnosticsBuffer sets the diagnostics buffer used by the server.

func (*Server) WithInsecureAddress 

func (s *Server) WithInsecureAddress(addr string) *Server

WithInsecureAddress sets the listening address that the server will bind to.

func (*Server) WithStore 

func (s *Server) WithStore(store storage.Store) *Server

WithStore sets the storage used by the server.

Source Files

buffer.go doc.go server.go

Directories

PathSynopsis
server/authorizerPackage authorizer provides authorization handlers to the server.
server/identifierPackage identifier provides handlers for associating an identity with incoming requests.
server/typesPackage types contains request/response types and codes for the server.
server/writerPackage writer contains utilities for writing responses in the server.
Version
v0.5.12
Published
Nov 22, 2017
Platform
linux/amd64
Imports
28 packages
Last checked
13 minutes ago

Tools for package owners.