-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrate rond with routers in golang services #194
Comments
Hey, this is coherent with the recent refactor that has been done to allow using rond as a server-side library; I was thinking about creating a On top of this sdk we can build another package holding several middlewares for supporting different frameworks and technologies. The SDK could be something like: |
I'm thinking about the interface we could expose by the sdk, I'll write it in this issue when I have some update to it. package sdk
type PolicyResult struct {
QueryToProxy string
Allowed bool
}
type User struct {
UserID string
UserGroups []string
UserRoles []Role
UserBindings []Binding
Properties map[string]any
}
type Rond interface {
EvaluatePolicy(method, path string, userInfo User) (*PolicyResult, error)
} I'd like to separate the http interface from both the sdk and the core, but the user should process method and path and retrieve user before use the sdk (probably, with some per router integration). What do you think about? |
I agree in decoupling from the underlying Request types, however the proposed I'd create a type RequestInfo struct {
Method string
Path string
QueryParams map[string]string
Headers map[string][]string
Body []byte (or even a bytes.Buffer)
} |
path and method are used to find the policy to evaluate. So, I think that we should pass the Input directly to the sdk, or as []byte using the We should also have a |
it makes sense but the function should be coupled with the |
This is the parent issue for several changes that are being done:
The whole project can be followed in the Project Board |
Is your feature request related to a problem? Please describe.
At the moment, to use rond it is required to have a sidecar near each service. This sidecar is an additional operation inside the pod, and rond consumes resources.
Describe the solution you'd like
I'd like to integrate rond inside our services.
As first step, we could integrate in services written in golang with some middleware authorization step.
As the next step, we could see also to create a Wasm lib to use it also in services written in other languages.
The text was updated successfully, but these errors were encountered: