-
Notifications
You must be signed in to change notification settings - Fork 1
/
restrictionKey.go
127 lines (109 loc) · 3.24 KB
/
restrictionKey.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package model
import (
"encoding/json"
"github.com/oidc-mytoken/api/v0"
"github.com/pkg/errors"
"gopkg.in/yaml.v3"
)
// RestrictionClaim is an enum like type for restriction keys
type RestrictionClaim int
// RestrictionClaims is a slice of RestrictionClaim
type RestrictionClaims []RestrictionClaim
// AllRestrictionClaimStrings holds all defined RestrictionClaim strings
var AllRestrictionClaimStrings = api.AllRestrictionClaims
// AllRestrictionClaims holds all defined RestrictionClaims
var AllRestrictionClaims RestrictionClaims
func init() {
for i := 0; i < int(maxRestrictionClaim); i++ {
AllRestrictionClaims = append(AllRestrictionClaims, RestrictionClaim(i))
}
}
// RestrictionClaims
const ( // assert that these are in the same order as api.AllRestrictionKeys
RestrictionClaimNotBefore RestrictionClaim = iota
RestrictionClaimExpiresAt
RestrictionClaimScope
RestrictionClaimAudiences
RestrictionClaimHosts
RestrictionClaimGeoIPAllow
RestrictionClaimGeoIPDisallow
RestrictionClaimUsagesAT
RestrictionClaimUsagesOther
maxRestrictionClaim
)
// NewRestrictionClaim creates a new RestrictionClaim from the grant type string
func NewRestrictionClaim(s string) RestrictionClaim {
for i, f := range AllRestrictionClaimStrings {
if f == s {
return RestrictionClaim(i)
}
}
return -1
}
func (rc *RestrictionClaim) String() string {
if *rc < 0 || int(*rc) >= len(AllRestrictionClaims) {
return ""
}
return AllRestrictionClaimStrings[*rc]
}
// Valid checks that RestrictionClaim is a defined grant type
func (rc *RestrictionClaim) Valid() bool {
return *rc < maxRestrictionClaim && *rc >= 0
}
const valueNotValidFmt = "value '%s' not valid for RestrictionClaim"
// UnmarshalYAML implements the yaml.Unmarshaler interface
func (rc *RestrictionClaim) UnmarshalYAML(value *yaml.Node) error {
s := value.Value
if s == "" {
return errors.New("empty value in unmarshal grant type")
}
*rc = NewRestrictionClaim(s)
if !rc.Valid() {
return errors.Errorf(valueNotValidFmt, s)
}
return nil
}
// UnmarshalJSON implements the json.Unmarshaler interface
func (rc *RestrictionClaim) UnmarshalJSON(data []byte) error {
var s string
if err := json.Unmarshal(data, &s); err != nil {
return errors.WithStack(err)
}
*rc = NewRestrictionClaim(s)
if !rc.Valid() {
return errors.Errorf(valueNotValidFmt, s)
}
return nil
}
// UnmarshalText implements the encoding.TextUnmarshaler interface
func (rc *RestrictionClaim) UnmarshalText(data []byte) error {
s := string(data)
*rc = NewRestrictionClaim(s)
if !rc.Valid() {
return errors.Errorf(valueNotValidFmt, s)
}
return nil
}
// MarshalJSON implements the json.Marshaler interface
func (rc RestrictionClaim) MarshalJSON() ([]byte, error) {
data, err := json.Marshal(rc.String())
return data, errors.WithStack(err)
}
// Has checks if a RestrictionClaim is in a RestrictionClaims
func (rks RestrictionClaims) Has(rk RestrictionClaim) bool {
for _, k := range rks {
if k == rk {
return true
}
}
return false
}
// Disable subtracts the passed RestrictionClaims from this RestrictionClaims and returns the left RestrictionClaims
func (rks RestrictionClaims) Disable(disable RestrictionClaims) (left RestrictionClaims) {
for _, r := range rks {
if !disable.Has(r) {
left = append(left, r)
}
}
return
}