Categorygithub.com/permguard/permguard-go
repositorypackage
0.0.0-20250308230023-b526e1fdfc01
Repository: https://github.com/permguard/permguard-go.git
Documentation: pkg.go.dev
Overview
Dependencies
3
Dependents
0

# Packages

No description provided by the author

# README

Permguard Go SDK

GitHub License X (formerly Twitter) Follow

Documentation Build, test and publish the artifacts

The Permguard GO SDK provides a simple and flexible client to perform authorization checks against a Permguard Policy Decision Point (PDP) service using gRPC. Plase refer to the Permguard Documentation for more information.

Prerequisites

  • Go 1.23.5

Installation

Run the following command to install the SDK:

go get -u github.com/permguard/permguard-go

Usage Example

Below is a sample Go code demonstrating how to create a Permguard client, build an authorization request using a builder pattern, and process the authorization response:


// Create a new Permguard client
azClient := permguard.NewAZClient(
  permguard.WithEndpoint("localhost", 9094),
)

// Create the Principal
principal := azreq.NewPrincipalBuilder("[email protected]").Build()

// Create the entities
entities := []map[string]any{
  {
      "uid": map[string]any{
      "type": "MagicFarmacia::Platform::BranchInfo",
      "id":   "subscription",
      },
      "attrs": map[string]any{
      "active": true,
    },
    "parents": []any{},
  },
}

// Create a new authorization request
req := azreq.NewAZAtomicRequestBuilder(273165098782, "fd1ac44e4afa4fc4beec622494d3175a",
  "[email protected]", "MagicFarmacia::Platform::Subscription", "MagicFarmacia::Platform::Action::create").
  // RequestID
  WithRequestID("1234").
  // Principal
  WithPrincipal(principal).
  // Entities
  WithEntitiesItems(azreq.CedarEntityKind, entities).
  // Subject
  WithSubjectKind(azreq.UserType).
  WithSubjectSource("keycloack").
  WithSubjectProperty("isSuperUser", true).
  // Resource
  WithResourceID("e3a786fd07e24bfa95ba4341d3695ae8").
  WithResourceProperty("isEnabled", true).
  // Action
  WithActionProperty("isEnabled", true).
  WithContextProperty("time", "2025-01-23T16:17:46+00:00").
  WithContextProperty("isSubscriptionActive", true).
  Build()

// Check the authorization
decsion, response, _ := azClient.Check(req)
if decsion {
  fmt.Println("✅ Authorization Permitted")
} else {
  fmt.Println("❌ Authorization Denied")
  if response.Context.ReasonAdmin != nil {
    fmt.Printf("-> Reason Admin: %s\n", response.Context.ReasonAdmin.Message)
  }
  if response.Context.ReasonUser != nil {
    fmt.Printf("-> Reason User: %s\n", response.Context.ReasonUser.Message)
  }
  for _, eval := range response.Evaluations {
    if eval.Context.ReasonUser != nil {
      fmt.Printf("-> Reason Admin: %s\n", eval.Context.ReasonAdmin.Message)
      fmt.Printf("-> Reason User: %s\n", eval.Context.ReasonUser.Message)
    }
  }
}

Created by Nitro Agility.