CheckSecurityLevel checks if a connection's security level is greater than or equal to the specified one. It returns success if 1) the condition is satisfied or 2) AuthInfo struct does not implement GetCommonAuthInfo() method or 3) CommonAuthInfo.SecurityLevel has an invalid zero value. For 2) and 3
(ai AuthInfo, level SecurityLevel)
| 288 | // |
| 289 | // This API is experimental. |
| 290 | func CheckSecurityLevel(ai AuthInfo, level SecurityLevel) error { |
| 291 | type internalInfo interface { |
| 292 | GetCommonAuthInfo() CommonAuthInfo |
| 293 | } |
| 294 | if ai == nil { |
| 295 | return errors.New("AuthInfo is nil") |
| 296 | } |
| 297 | if ci, ok := ai.(internalInfo); ok { |
| 298 | // CommonAuthInfo.SecurityLevel has an invalid value. |
| 299 | if ci.GetCommonAuthInfo().SecurityLevel == InvalidSecurityLevel { |
| 300 | return nil |
| 301 | } |
| 302 | if ci.GetCommonAuthInfo().SecurityLevel < level { |
| 303 | return fmt.Errorf("requires SecurityLevel %v; connection has %v", level, ci.GetCommonAuthInfo().SecurityLevel) |
| 304 | } |
| 305 | } |
| 306 | // The condition is satisfied or AuthInfo struct does not implement GetCommonAuthInfo() method. |
| 307 | return nil |
| 308 | } |
| 309 | |
| 310 | // ChannelzSecurityInfo defines the interface that security protocols should implement |
| 311 | // in order to provide security info to channelz. |