$ go get github /zeiss/fiber-authz
- OpenFGA
- Team-based access control
- Role-based access control
- Noop (for testing)
Any authorization model can be implemented by implementing theAuthorizer
interface.
UsingOpenAPI Extensionsindividual operations can be protected withOpenFGA.
x-fiber-authz-fga:
user:
namespace:user
auth_type:oidc
relation:
name:admin
object:
namespace:system
components:
-in:params
name:teamId
There are three parts to the OpenAPI extension:
user
- The user namespace and authentication type.relation
- The relation name.object
- The object namespace and components.
Then there are components to construct the relation or object.
in
- The location of the component (e.g.path
).name
- The name of the component (e.g.teamId
).type
- The type of the component (e.g.string
).
Seeexamplesto understand the provided interfaces.