Skip to content

👮‍♂️ A middleware to secure routes in fiber ⚡️

License

Notifications You must be signed in to change notification settings

ZEISS/fiber-authz

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

👮‍♀️ AuthZ

Test & Build Go Reference Go Report Card License: MIT Taylor Swift

Installation

$ go get github.com/zeiss/fiber-authz

Usage

  • OpenFGA
  • Team-based access control
  • Role-based access control
  • Noop (for testing)

Any authorization model can be implemented by implementing the Authorizer interface.

OpenAPI

Using OpenAPI Extensions individual operations can be protected with OpenFGA.

x-fiber-authz-fga:
  user:
    namespace: user
    auth_type: oidc
  relation:
    name: admin
  object:
    namespace: system
    components:
      - in: params
        name: teamId

There are three parts to the OpenAPI extension:

  • user - The user namespace and authentication type.
  • relation - The relation name.
  • object - The object namespace and components.

Then there are components to construct the relation or object.

  • in - The location of the component (e.g. path).
  • name - The name of the component (e.g. teamId).
  • type - The type of the component (e.g. string).

Examples

See examples to understand the provided interfaces.

License

MIT