Documentation
¶
Index ¶
- Constants
- Variables
- func AttrValueFromTagField(name string, obj interface{}) string
- func BackendAttrFields(obj interface{}) []string
- func ParseDuration(attribute string, value string, _default time.Duration) (time.Duration, error)
- func WithErrorHandlerSchema(schema *hcl.BodySchema) *hcl.BodySchema
- type API
- type APIs
- type AcceptForwarded
- type AccessControl
- type Backend
- type BackendInitialization
- type BackendReference
- type BackendTLS
- type BasicAuth
- type Body
- type CORS
- type Claims
- type ClientCertificate
- type Couper
- type DefaultEnvVars
- type Defaults
- type DefaultsBlock
- type Definitions
- type Endpoint
- type Endpoints
- type ErrorHandler
- type ErrorHandlerGetter
- type ErrorHandlerSetter
- type Files
- type FilesBlocks
- type Headers
- type Health
- type HealthCheck
- type Inline
- type JWT
- type JWTSigningProfile
- type Job
- type List
- type OAuth2AC
- func (oa *OAuth2AC) ClientAuthenticationRequired() bool
- func (oa *OAuth2AC) GetAuthorizationEndpoint() (string, error)
- func (oa *OAuth2AC) GetClientID() string
- func (oa *OAuth2AC) GetClientSecret() string
- func (oa *OAuth2AC) GetGrantType() string
- func (oa *OAuth2AC) GetJWTSigningProfile() *JWTSigningProfile
- func (oa *OAuth2AC) GetRedirectURI() string
- func (oa *OAuth2AC) GetScope() string
- func (oa *OAuth2AC) GetTokenEndpoint() (string, error)
- func (oa *OAuth2AC) GetTokenEndpointAuthMethod() *string
- func (oa *OAuth2AC) GetVerifierMethod() (string, error)
- func (oa *OAuth2AC) HCLBody() *hclsyntax.Body
- func (oa *OAuth2AC) Inline() interface{}
- func (oa *OAuth2AC) Prepare(backendFunc PrepareBackendFunc) (err error)
- func (oa *OAuth2AC) Reference() string
- func (oa *OAuth2AC) Schema(inline bool) *hcl.BodySchema
- type OAuth2AS
- type OAuth2AcClient
- type OAuth2Authorization
- type OAuth2Client
- type OAuth2ReqAuth
- func (oa *OAuth2ReqAuth) ClientAuthenticationRequired() bool
- func (oa *OAuth2ReqAuth) GetClientID() string
- func (oa *OAuth2ReqAuth) GetClientSecret() string
- func (oa *OAuth2ReqAuth) GetJWTSigningProfile() *JWTSigningProfile
- func (oa *OAuth2ReqAuth) GetTokenEndpoint() (string, error)
- func (oa *OAuth2ReqAuth) GetTokenEndpointAuthMethod() *string
- func (oa *OAuth2ReqAuth) HCLBody() *hclsyntax.Body
- func (oa *OAuth2ReqAuth) Inline() interface{}
- func (oa *OAuth2ReqAuth) Reference() string
- func (oa *OAuth2ReqAuth) Schema(inline bool) *hcl.BodySchema
- type OIDC
- func (o *OIDC) ClientAuthenticationRequired() bool
- func (o *OIDC) GetClientID() string
- func (o *OIDC) GetClientSecret() string
- func (o *OIDC) GetGrantType() string
- func (o *OIDC) GetJWTSigningProfile() *JWTSigningProfile
- func (o *OIDC) GetRedirectURI() string
- func (o *OIDC) GetScope() string
- func (o *OIDC) GetTokenEndpointAuthMethod() *string
- func (o *OIDC) HCLBody() *hclsyntax.Body
- func (o *OIDC) Inline() interface{}
- func (o *OIDC) Prepare(backendFunc PrepareBackendFunc) (err error)
- func (o *OIDC) Reference() string
- func (o *OIDC) Schema(inline bool) *hcl.BodySchema
- type OpenAPI
- type PrepareBackendFunc
- type Proxies
- type Proxy
- type RateLimit
- type RateLimits
- type Request
- type Requests
- type Response
- type SAML
- type SPAs
- type Server
- type ServerCertificate
- type ServerTLS
- type Servers
- type Settings
- type Spa
- type TokenRequest
- type Websockets
Constants ¶
View Source
const ( ClientCredentials = "client_credentials" JwtBearer = "urn:ietf:params:oauth:grant-type:jwt-bearer" Password = "password" )
View Source
const (
CcmS256 = "ccm_s256"
)
View Source
const DefaultFilename = "couper.hcl"
DefaultFilename defines the default filename for a couper config file.
View Source
const DefaultNameLabel = "default"
DefaultNameLabel maps the hcl label attr 'name'.
Variables ¶
View Source
var OAuthBlockSchema = &hcl.BodySchema{
Blocks: []hcl.BlockHeaderSchema{
oauthBlockHeaderSchema,
},
}
View Source
var (
ResponseInlineSchema = Response{}.Schema(true)
)
View Source
var TokenRequestBlockSchema = &hcl.BodySchema{
Blocks: []hcl.BlockHeaderSchema{
tokenRequestBlockHeaderSchema,
},
}
View Source
var (
WebsocketsInlineSchema = Websockets{}.Schema(true)
)
Functions ¶
func AttrValueFromTagField ¶ added in v1.9.0
func BackendAttrFields ¶ added in v1.9.0
func BackendAttrFields(obj interface{}) []string
func ParseDuration ¶ added in v1.9.0
func WithErrorHandlerSchema ¶
func WithErrorHandlerSchema(schema *hcl.BodySchema) *hcl.BodySchema
Types ¶
type API ¶
type API struct {
ErrorHandlerSetter
AccessControl []string `hcl:"access_control,optional" docs:"Sets predefined [access control](../access-control) for this block."`
AllowedMethods []string `` /* 223-byte string literal not displayed */
BasePath string `hcl:"base_path,optional" docs:"Configures the path prefix for all requests."`
CORS *CORS `hcl:"cors,block" docs:"Configures [CORS](/configuration/block/cors) settings (zero or one)."`
DisableAccessControl []string `hcl:"disable_access_control,optional" docs:"Disables access controls by name."`
Endpoints Endpoints `hcl:"endpoint,block" docs:"Configures an [endpoint](/configuration/block/endpoint) (zero or more)."`
ErrorFile string `hcl:"error_file,optional" docs:"Location of the error file template."`
Name string `hcl:"name,label,optional"`
Remain hcl.Body `hcl:",remain"`
// internally used
CatchAllEndpoint *Endpoint
RequiredPermission hcl.Expression
}
API represents the <API> object.
type AcceptForwarded ¶
type AcceptForwarded struct {
// contains filtered or unexported fields
}
func (*AcceptForwarded) Set ¶
func (a *AcceptForwarded) Set(forwarded []string) error
type AccessControl ¶
AccessControl holds all active and inactive access control references.
func NewAccessControl ¶
func NewAccessControl(ac, dac []string) AccessControl
NewAccessControl creates the container object for ac configuration.
func (AccessControl) List ¶
func (ac AccessControl) List() []string
List returns all active access controls.
func (AccessControl) Merge ¶
func (ac AccessControl) Merge(oac AccessControl) AccessControl
Merge appends control references in order.
type Backend ¶
type Backend struct {
DisableCertValidation bool `` /* 134-byte string literal not displayed */
DisableConnectionReuse bool `` /* 133-byte string literal not displayed */
Health *Health `hcl:"beta_health,block" docs:"Configures a [health check](/configuration/block/health) (zero or one)."`
HTTP2 bool `hcl:"http2,optional" docs:"Enables the HTTP2 support. Must not be used in backend refinement."`
MaxConnections int `` /* 183-byte string literal not displayed */
Name string `hcl:"name,label,optional"`
OpenAPI *OpenAPI `hcl:"openapi,block" docs:"Configures [OpenAPI validation](/configuration/block/openapi) (zero or one)."`
RateLimits RateLimits `hcl:"beta_rate_limit,block" docs:"Configures [rate limiting](/configuration/block/rate_limit) (zero or one)."`
Remain hcl.Body `hcl:",remain"`
TLS *BackendTLS `hcl:"tls,block" docs:"Configures [backend TLS](/configuration/block/backend_tls) (zero or one)."`
// used for validation and documentation
OAuth2 *OAuth2ReqAuth `hcl:"oauth2,block" docs:"Configures an [OAuth2 authorization](/configuration/block/oauth2) (zero or one)."`
TokenRequest []*TokenRequest `` /* 132-byte string literal not displayed */
}
Backend represents the <Backend> object.
func (Backend) Inline ¶
func (b Backend) Inline() interface{}
Inline implements the <Inline> interface.
type BackendInitialization ¶ added in v1.9.0
type BackendInitialization interface {
Prepare(backendFunc PrepareBackendFunc) error
}
type BackendReference ¶
type BackendReference interface {
Reference() string
}
BackendReference defines the <BackendReference> interface.
type BackendTLS ¶ added in v1.11.0
type BackendTLS struct {
ServerCertificate string `` /* 160-byte string literal not displayed */
ServerCertificateFile string `` /* 200-byte string literal not displayed */
ClientCertificate string `` /* 151-byte string literal not displayed */
ClientCertificateFile string `` /* 191-byte string literal not displayed */
ClientPrivateKey string `` /* 192-byte string literal not displayed */
ClientPrivateKeyFile string `` /* 232-byte string literal not displayed */
}
type BasicAuth ¶
type BasicAuth struct {
ErrorHandlerSetter
File string `hcl:"htpasswd_file,optional" docs:"The htpasswd file."`
Name string `hcl:"name,label"`
User string `hcl:"user,optional" docs:"The user name."`
Pass string `hcl:"password,optional" docs:"The corresponding password."`
Realm string `hcl:"realm,optional" docs:"The realm to be sent in a WWW-Authenticate response HTTP header field."`
Remain hcl.Body `hcl:",remain"`
}
BasicAuth represents the "basic_auth" config block
func (*BasicAuth) DefaultErrorHandlers ¶ added in v1.12.1
func (b *BasicAuth) DefaultErrorHandlers() []*ErrorHandler
type CORS ¶
type CORS struct {
AllowedOrigins cty.Value `hcl:"allowed_origins" docs:"An allowed origin or a list of allowed origins."`
AllowCredentials bool `` /* 171-byte string literal not displayed */
Disable bool `hcl:"disable,optional" docs:"Set to {true} to disable the inheritance of CORS from parent context."`
MaxAge string `` /* 191-byte string literal not displayed */
}
CORS represents the <CORS> object.
type ClientCertificate ¶ added in v1.11.0
type ClientCertificate struct {
Name string `hcl:",label,optional"`
CA string `` /* 146-byte string literal not displayed */
CAFile string `` /* 186-byte string literal not displayed */
Leaf string `` /* 147-byte string literal not displayed */
LeafFile string `` /* 187-byte string literal not displayed */
}
type Couper ¶
type Couper struct {
Context context.Context
Environment string
Files file.Files
Definitions *Definitions `hcl:"definitions,block"`
Servers Servers `hcl:"server,block"`
Settings *Settings `hcl:"settings,block"`
Defaults *Defaults `hcl:"defaults,block"`
}
Couper represents the <Couper> config object.
type DefaultEnvVars ¶
type Defaults ¶
type Defaults struct {
EnvironmentVariables DefaultEnvVars `` /* 151-byte string literal not displayed */
}
type DefaultsBlock ¶
type DefaultsBlock struct {
Defaults *Defaults `hcl:"defaults,block"`
Remain hcl.Body `hcl:",remain"`
}
type Definitions ¶
type Definitions struct {
Backend []*Backend `hcl:"backend,block" docs:"Configure a [backend](/configuration/block/backend) (zero or more)."`
BasicAuth []*BasicAuth `hcl:"basic_auth,block" docs:"Configure a [BasicAuth access control](/configuration/block/basic_auth) (zero or more)."`
Job []*Job `hcl:"beta_job,block" docs:"Configure a [job](/configuration/block/job) (zero or more)."`
JWT []*JWT `hcl:"jwt,block" docs:"Configure a [JWT access control](/configuration/block/jwt) (zero or more)."`
JWTSigningProfile []*JWTSigningProfile `` /* 130-byte string literal not displayed */
SAML []*SAML `hcl:"saml,block" docs:"Configure a [SAML access control](/configuration/block/saml) (zero or more)."`
OAuth2AC []*OAuth2AC `hcl:"beta_oauth2,block" docs:"Configure an [OAuth2 assess control](/configuration/block/beta_oauth2) (zero or more)."`
OIDC []*OIDC `hcl:"oidc,block" docs:"Configure an [OIDC access control](/configuration/block/oidc) (zero or more)."`
// used for documentation
Proxy []*Proxy `hcl:"proxy,block" docs:"Configure a [proxy](/configuration/block/proxy) (zero or more)."`
}
Definitions represents the <Definitions> object.
type Endpoint ¶
type Endpoint struct {
ErrorHandlerSetter
AccessControl []string `hcl:"access_control,optional" docs:"Sets predefined access control for this block context."`
AllowedMethods []string `` /* 237-byte string literal not displayed */
DisableAccessControl []string `hcl:"disable_access_control,optional" docs:"Disables access controls by name."`
ErrorFile string `hcl:"error_file,optional" docs:"Location of the error file template."`
Pattern string `hcl:"pattern,label"`
Proxies Proxies `hcl:"proxy,block" docs:"Configures a [proxy](/configuration/block/proxy) (zero or more)."`
Proxy string `` /* 140-byte string literal not displayed */
Remain hcl.Body `hcl:",remain"`
RequestBodyLimit string `` /* 197-byte string literal not displayed */
Requests Requests `hcl:"request,block" docs:"Configures a [request](/configuration/block/request) (zero or more)."`
Response *Response `hcl:"response,block" docs:"Configures the [response](/configuration/block/response) (zero or one)."`
// internally configured due to multi-label options
RequiredPermission hcl.Expression
Sequences sequence.List
}
Endpoint represents the <Endpoint> object.
type ErrorHandler ¶
type ErrorHandler struct {
Kinds []string
ErrorFile string `hcl:"error_file,optional" docs:"Location of the error file template."`
Proxies Proxies `hcl:"proxy,block" docs:"Configures a [proxy](/configuration/block/proxy) (zero or more)."`
Remain hcl.Body `hcl:",remain"`
Requests Requests `hcl:"request,block" docs:"Configures a [request](/configuration/block/request) (zero or more)."`
Response *Response `hcl:"response,block" docs:"Configures the [response](/configuration/block/response) (zero or one)."`
}
ErrorHandler represents a subset of Endpoint.
func (ErrorHandler) HCLBody ¶
func (e ErrorHandler) HCLBody() *hclsyntax.Body
HCLBody implements the <Body> interface.
func (ErrorHandler) Inline ¶
func (e ErrorHandler) Inline() interface{}
Inline implements the <Inline> interface.
func (ErrorHandler) Schema ¶
func (e ErrorHandler) Schema(inline bool) *hcl.BodySchema
Schema implements the <Inline> interface.
type ErrorHandlerGetter ¶
type ErrorHandlerGetter interface {
DefaultErrorHandlers() []*ErrorHandler
}
ErrorHandlerGetter defines the <ErrorHandlerGetter> interface.
type ErrorHandlerSetter ¶
type ErrorHandlerSetter struct {
ErrorHandler []*ErrorHandler `hcl:"error_handler,block" docs:"Configures an [error handler](/configuration/block/error_handler) (zero or more)."`
}
func (*ErrorHandlerSetter) Set ¶
func (ehs *ErrorHandlerSetter) Set(ehConf *ErrorHandler)
type Files ¶
type Files struct {
AccessControl []string `hcl:"access_control,optional" docs:"Sets predefined access control for this block context."`
BasePath string `hcl:"base_path,optional" docs:"Configures the path prefix for all requests."`
CORS *CORS `hcl:"cors,block" docs:"Configures [CORS](/configuration/block/cors) settings (zero or one)."`
DisableAccessControl []string `hcl:"disable_access_control,optional"`
DocumentRoot string `hcl:"document_root" docs:"Location of the document root (directory)."`
ErrorFile string `hcl:"error_file,optional" docs:"Location of the error file template."`
Name string `hcl:"name,label,optional"`
Remain hcl.Body `hcl:",remain"`
}
Files represents the <Files> object.
type FilesBlocks ¶ added in v1.9.0
type FilesBlocks []*Files
type Health ¶ added in v1.9.0
type Health struct {
FailureThreshold *uint `hcl:"failure_threshold,optional" docs:"Failed checks needed to consider backend unhealthy." default:"2"`
Interval string `hcl:"interval,optional" docs:"Time interval for recheck." default:"1s"`
Timeout string `hcl:"timeout,optional" docs:"Maximum allowed time limit which is bounded by {interval}." default:"1s"`
Path string `hcl:"path,optional" docs:"URL path with query on backend host."`
ExpectedStatus []int `hcl:"expected_status,optional" docs:"One of wanted response status codes." default:"[200, 204, 301]"`
ExpectedText string `hcl:"expected_text,optional" docs:"Text which the response body must contain."`
Headers Headers `hcl:"headers,optional" docs:"Request HTTP header fields."`
Remain hcl.Body `hcl:",remain"`
}
type HealthCheck ¶ added in v1.9.0
type HealthCheck struct {
Context context.Context
ExpectedStatus map[int]bool
ExpectedText string
FailureThreshold uint
Interval time.Duration
Request *http.Request
RequestUIDFormat string
Timeout time.Duration
}
func NewHealthCheck ¶ added in v1.9.0
func NewHealthCheck(baseURL string, options *Health, conf *Couper) (*HealthCheck, error)
type Inline ¶
type Inline interface {
Inline() interface{}
Schema(inline bool) *hcl.BodySchema
}
Inline defines the <Inline> interface.
type JWT ¶
type JWT struct {
ErrorHandlerSetter
BackendName string `` /* 193-byte string literal not displayed */
Claims Claims `` /* 166-byte string literal not displayed */
ClaimsRequired []string `hcl:"required_claims,optional" docs:"List of claim names that must be given for a valid token."`
Cookie string `hcl:"cookie,optional" docs:"Read token value from a cookie. Cannot be used together with {header} or {token_value}"`
DisablePrivateCaching bool `` /* 155-byte string literal not displayed */
Header string `` /* 247-byte string literal not displayed */
JWKsURL string `` /* 129-byte string literal not displayed */
JWKsTTL string `hcl:"jwks_ttl,optional" docs:"Time period the JWK set stays valid and may be cached." type:"duration" default:"1h"`
JWKsMaxStale string `` /* 134-byte string literal not displayed */
Key string `` /* 152-byte string literal not displayed */
KeyFile string `` /* 140-byte string literal not displayed */
Name string `hcl:"name,label"`
Remain hcl.Body `hcl:",remain"`
RolesClaim string `` /* 228-byte string literal not displayed */
RolesMap map[string][]string `` /* 181-byte string literal not displayed */
RolesMapFile string `` /* 160-byte string literal not displayed */
PermissionsClaim string `` /* 211-byte string literal not displayed */
PermissionsMap map[string][]string `` /* 255-byte string literal not displayed */
PermissionsMapFile string `` /* 184-byte string literal not displayed */
SignatureAlgorithm string `` /* 135-byte string literal not displayed */
SigningKey string `` /* 135-byte string literal not displayed */
SigningKeyFile string `` /* 159-byte string literal not displayed */
SigningTTL string `hcl:"signing_ttl,optional" docs:"The token's time-to-live (creates the {exp} claim)." type:"duration"`
TokenValue hcl.Expression `` /* 130-byte string literal not displayed */
// Internally used
Backend *hclsyntax.Body
}
JWT represents the <JWT> object.
func (*JWT) DefaultErrorHandlers ¶ added in v1.12.1
func (j *JWT) DefaultErrorHandlers() []*ErrorHandler
func (*JWT) Prepare ¶ added in v1.9.0
func (j *JWT) Prepare(backendFunc PrepareBackendFunc) (err error)
type JWTSigningProfile ¶
type JWTSigningProfile struct {
Claims Claims `hcl:"claims,optional" docs:"Claims for the JWT payload, claim values are evaluated per request."`
Headers hcl.Expression `` /* 128-byte string literal not displayed */
Key string `` /* 154-byte string literal not displayed */
KeyFile string `` /* 135-byte string literal not displayed */
Name string `hcl:"name,label,optional"`
SignatureAlgorithm string `` /* 177-byte string literal not displayed */
TTL string `hcl:"ttl" docs:"The token's time-to-live, creates the {exp} claim."`
}
type Job ¶ added in v1.12.0
type Job struct {
Interval string `hcl:"interval" docs:"Execution interval." type:"duration"`
Name string `hcl:"name,label"`
Remain hcl.Body `hcl:",remain"`
Requests Requests `hcl:"request,block" docs:"Configures a [request](/configuration/block/request) (zero or more)."`
// Internally used
Endpoint *Endpoint
IntervalDuration time.Duration
}
Job represents the <Job> object.
type OAuth2AC ¶
type OAuth2AC struct {
ErrorHandlerSetter
// AuthorizationEndpoint is used for lib.FnOAuthAuthorizationURL
AuthorizationEndpoint string `hcl:"authorization_endpoint" docs:"The authorization server endpoint URL used for authorization."`
BackendName string `` /* 194-byte string literal not displayed */
ClientID string `hcl:"client_id" docs:"The client identifier."`
ClientSecret string `` /* 127-byte string literal not displayed */
GrantType string `hcl:"grant_type" docs:"The grant type. Required, to be set to: {\"authorization_code\"}"`
JWTSigningProfile *JWTSigningProfile `` /* 250-byte string literal not displayed */
Name string `hcl:"name,label"`
RedirectURI string `` /* 284-byte string literal not displayed */
Remain hcl.Body `hcl:",remain"`
Scope string `hcl:"scope,optional" docs:"A space separated list of requested scope values for the access token."`
TokenEndpoint string `hcl:"token_endpoint" docs:"The authorization server endpoint URL used for requesting the token."`
TokenEndpointAuthMethod *string `` /* 585-byte string literal not displayed */
VerifierMethod string `` /* 226-byte string literal not displayed */
// internally used
Backend *hclsyntax.Body
}
OAuth2AC represents an oauth2 block for an OAuth2 client using the authorization code flow.
func (*OAuth2AC) ClientAuthenticationRequired ¶ added in v1.10.0
func (*OAuth2AC) GetAuthorizationEndpoint ¶
func (*OAuth2AC) GetClientID ¶
func (*OAuth2AC) GetClientSecret ¶
func (*OAuth2AC) GetGrantType ¶
func (*OAuth2AC) GetJWTSigningProfile ¶ added in v1.11.0
func (oa *OAuth2AC) GetJWTSigningProfile() *JWTSigningProfile
func (*OAuth2AC) GetRedirectURI ¶ added in v1.11.0
func (*OAuth2AC) GetTokenEndpoint ¶
func (*OAuth2AC) GetTokenEndpointAuthMethod ¶
func (*OAuth2AC) GetVerifierMethod ¶
GetVerifierMethod retrieves the verifier method (ccm_s256 or state)
func (*OAuth2AC) Inline ¶
func (oa *OAuth2AC) Inline() interface{}
Inline implements the <Inline> interface.
func (*OAuth2AC) Prepare ¶ added in v1.9.0
func (oa *OAuth2AC) Prepare(backendFunc PrepareBackendFunc) (err error)
type OAuth2AcClient ¶
type OAuth2AcClient interface {
Body
OAuth2Client
GetGrantType() string
GetRedirectURI() string
// GetVerifierMethod retrieves the verifier method (ccm_s256, nonce or state)
GetVerifierMethod() (string, error)
}
OAuth2AcClient represents the client configuration for OAuth2 clients using the authorization code flow.
type OAuth2Authorization ¶
type OAuth2Authorization interface {
GetAuthorizationEndpoint() (string, error)
GetClientID() string
GetRedirectURI() string
GetScope() string
GetVerifierMethod() (string, error)
}
OAuth2Authorization represents the configuration for the OAuth2 authorization URL function
type OAuth2Client ¶
type OAuth2Client interface {
ClientAuthenticationRequired() bool
GetClientID() string
GetClientSecret() string
GetJWTSigningProfile() *JWTSigningProfile
GetTokenEndpointAuthMethod() *string
}
OAuth2Client represents the client configuration for OAuth2 clients.
type OAuth2ReqAuth ¶
type OAuth2ReqAuth struct {
AssertionExpr hcl.Expression `` /* 218-byte string literal not displayed */
BackendName string `` /* 194-byte string literal not displayed */
ClientID string `` /* 141-byte string literal not displayed */
ClientSecret string `` /* 200-byte string literal not displayed */
GrantType string `` /* 140-byte string literal not displayed */
JWTSigningProfile *JWTSigningProfile `` /* 382-byte string literal not displayed */
Password string `` /* 126-byte string literal not displayed */
Remain hcl.Body `hcl:",remain"`
Retries *uint8 `` /* 169-byte string literal not displayed */
Scope string `hcl:"scope,optional" docs:"A space separated list of requested scope values for the access token."`
TokenEndpoint string `hcl:"token_endpoint,optional" docs:"URL of the token endpoint at the authorization server."`
TokenEndpointAuthMethod *string `` /* 585-byte string literal not displayed */
Username string `` /* 126-byte string literal not displayed */
}
OAuth2ReqAuth represents the oauth2 block in a backend block.
func (*OAuth2ReqAuth) ClientAuthenticationRequired ¶ added in v1.10.0
func (oa *OAuth2ReqAuth) ClientAuthenticationRequired() bool
func (*OAuth2ReqAuth) GetClientID ¶
func (oa *OAuth2ReqAuth) GetClientID() string
func (*OAuth2ReqAuth) GetClientSecret ¶
func (oa *OAuth2ReqAuth) GetClientSecret() string
func (*OAuth2ReqAuth) GetJWTSigningProfile ¶ added in v1.11.0
func (oa *OAuth2ReqAuth) GetJWTSigningProfile() *JWTSigningProfile
func (*OAuth2ReqAuth) GetTokenEndpoint ¶
func (oa *OAuth2ReqAuth) GetTokenEndpoint() (string, error)
func (*OAuth2ReqAuth) GetTokenEndpointAuthMethod ¶
func (oa *OAuth2ReqAuth) GetTokenEndpointAuthMethod() *string
func (*OAuth2ReqAuth) HCLBody ¶
func (oa *OAuth2ReqAuth) HCLBody() *hclsyntax.Body
HCLBody implements the <Body> interface.
func (*OAuth2ReqAuth) Inline ¶
func (oa *OAuth2ReqAuth) Inline() interface{}
Inline implements the <Inline> interface.
func (*OAuth2ReqAuth) Reference ¶
func (oa *OAuth2ReqAuth) Reference() string
Reference implements the <BackendReference> interface.
func (*OAuth2ReqAuth) Schema ¶
func (oa *OAuth2ReqAuth) Schema(inline bool) *hcl.BodySchema
Schema implements the <Inline> interface.
type OIDC ¶
type OIDC struct {
ErrorHandlerSetter
BackendName string `` /* 243-byte string literal not displayed */
ClientID string `hcl:"client_id" docs:"The client identifier."`
ClientSecret string `` /* 127-byte string literal not displayed */
ConfigurationURL string `hcl:"configuration_url" docs:"The OpenID configuration URL."`
JWKsTTL string `hcl:"jwks_ttl,optional" docs:"Time period the JWK set stays valid and may be cached." type:"duration" default:"1h"`
JWKsMaxStale string `` /* 134-byte string literal not displayed */
JWTSigningProfile *JWTSigningProfile `` /* 236-byte string literal not displayed */
Name string `hcl:"name,label"`
Remain hcl.Body `hcl:",remain"`
RedirectURI string `` /* 284-byte string literal not displayed */
Scope string `hcl:"scope,optional" docs:"A space separated list of requested scope values for the access token."`
TokenEndpointAuthMethod *string `` /* 585-byte string literal not displayed */
ConfigurationTTL string `` /* 147-byte string literal not displayed */
ConfigurationMaxStale string `` /* 151-byte string literal not displayed */
VerifierMethod string `hcl:"verifier_method,optional" docs:"The method to verify the integrity of the authorization code flow."`
// configuration related backends
ConfigurationBackendName string `` /* 182-byte string literal not displayed */
JWKSBackendName string `` /* 161-byte string literal not displayed */
TokenBackendName string `` /* 159-byte string literal not displayed */
UserinfoBackendName string `` /* 165-byte string literal not displayed */
// internally used
Backends map[string]*hclsyntax.Body
}
OIDC represents an oidc block. The backend block will be used as backend template for all configuration related backends. Backend references along with an anonymous one must match the url with the backend origin definition.
func (*OIDC) ClientAuthenticationRequired ¶ added in v1.10.0
func (*OIDC) GetClientID ¶
func (*OIDC) GetClientSecret ¶
func (*OIDC) GetGrantType ¶
func (*OIDC) GetJWTSigningProfile ¶ added in v1.11.0
func (o *OIDC) GetJWTSigningProfile() *JWTSigningProfile
func (*OIDC) GetRedirectURI ¶ added in v1.11.0
func (*OIDC) GetTokenEndpointAuthMethod ¶
func (*OIDC) Prepare ¶ added in v1.9.0
func (o *OIDC) Prepare(backendFunc PrepareBackendFunc) (err error)
type OpenAPI ¶
type OpenAPI struct {
File string `hcl:"file" docs:"OpenAPI YAML definition file."`
IgnoreRequestViolations bool `hcl:"ignore_request_violations,optional" docs:"Logs request validation results, skips error handling."`
IgnoreResponseViolations bool `hcl:"ignore_response_violations,optional" docs:"Logs response validation results, skips error handling."`
}
OpenAPI represents the <OpenAPI> object.
type PrepareBackendFunc ¶ added in v1.9.0
type Proxy ¶
type Proxy struct {
BackendName string `` /* 197-byte string literal not displayed */
Name string `hcl:"name,label,optional"`
Remain hcl.Body `hcl:",remain"`
ReqName string `` /* 132-byte string literal not displayed */
Websockets *bool `` /* 283-byte string literal not displayed */
// internally used
Backend *hclsyntax.Body
}
Proxy represents the <Proxy> object.
type RateLimit ¶ added in v1.10.0
type RateLimit struct {
Mode string `` /* 341-byte string literal not displayed */
Period string `hcl:"period" docs:"Defines the rate limit period." type:"duration"`
PerPeriod uint `hcl:"per_period" docs:"Defines the number of allowed backend requests in a period."`
PeriodWindow string `` /* 374-byte string literal not displayed */
}
RateLimit represents the <config.RateLimit> object.
type RateLimits ¶ added in v1.10.0
type RateLimits []*RateLimit
RateLimits represents a list of <config.RateLimits> objects.
type Request ¶
type Request struct {
BackendName string `` /* 191-byte string literal not displayed */
Name string `hcl:"name,label,optional"`
Remain hcl.Body `hcl:",remain"`
// Internally used
Backend *hclsyntax.Body
}
Request represents the <Request> object.
func (Request) Inline ¶
func (r Request) Inline() interface{}
Inline implements the <Inline> interface.
type Response ¶
type Response struct {
Remain hcl.Body `hcl:",remain"`
}
Response represents the <Response> object.
type SAML ¶
type SAML struct {
ErrorHandlerSetter
ArrayAttributes []string `` /* 181-byte string literal not displayed */
IdpMetadataFile string `hcl:"idp_metadata_file" docs:"File reference to the Identity Provider metadata XML file."`
Name string `hcl:"name,label"`
Remain hcl.Body `hcl:",remain"`
SpAcsURL string `` /* 272-byte string literal not displayed */
SpEntityID string `hcl:"sp_entity_id" docs:"The Service Provider's entity ID."`
// internally used
MetadataBytes []byte
}
SAML represents the <SAML> object.
type Server ¶
type Server struct {
AccessControl []string `` /* 128-byte string literal not displayed */
APIs APIs `hcl:"api,block" docs:"Configures an API (zero or more)."`
BasePath string `hcl:"base_path,optional" docs:"The path prefix for all requests."`
CORS *CORS `hcl:"cors,block" docs:"Configures [CORS](/configuration/block/cors) settings (zero or one)."`
DisableAccessControl []string `hcl:"disable_access_control,optional" docs:"Disables access controls by name."`
Endpoints Endpoints `hcl:"endpoint,block" docs:"Configures a free [endpoint](/configuration/block/endpoint) (zero or more)."`
ErrorFile string `hcl:"error_file,optional" docs:"Location of the error file template."`
Files FilesBlocks `hcl:"files,block" docs:"Configures file serving (zero or more)."`
Hosts []string `hcl:"hosts,optional" docs:"Mandatory, if there is more than one {server} block."`
Name string `hcl:"name,label,optional"`
Remain hcl.Body `hcl:",remain"`
SPAs SPAs `hcl:"spa,block" docs:"Configures an SPA (zero or more)."`
TLS *ServerTLS `hcl:"tls,block" docs:"Configures [server TLS](/configuration/block/server_tls) (zero or one)."`
}
Server represents the <Server> object.
type ServerCertificate ¶ added in v1.11.0
type ServerCertificate struct {
Name string `hcl:",label,optional"`
PublicKey string `` /* 128-byte string literal not displayed */
PublicKeyFile string `` /* 168-byte string literal not displayed */
PrivateKey string `` /* 131-byte string literal not displayed */
PrivateKeyFile string `` /* 171-byte string literal not displayed */
}
type ServerTLS ¶ added in v1.11.0
type ServerTLS struct {
// TBA
//Ocsp bool `hcl:"ocsp,optional"`
//OcspTTL string `hcl:"ocsp_ttl,optional" type:"duration" default:"12h"`
ClientCertificate []*ClientCertificate `` /* 128-byte string literal not displayed */
ServerCertificates []*ServerCertificate `` /* 128-byte string literal not displayed */
}
type Settings ¶
type Settings struct {
AcceptForwarded *AcceptForwarded
Certificate []byte
CAFile string `` /* 141-byte string literal not displayed */
AcceptForwardedURL List `` /* 500-byte string literal not displayed */
DefaultPort int `` /* 150-byte string literal not displayed */
Environment string `hcl:"environment,optional" docs:"The [environment](../command-line#basic-options) Couper is to run in."`
HealthPath string `hcl:"health_path,optional" docs:"Health path for all configured servers and ports." default:"/healthz"`
LogFormat string `hcl:"log_format,optional" docs:"Tab/field based colored logs or JSON logs: {\"common\"} or {\"json\"}." default:"common"`
LogLevel string `` /* 155-byte string literal not displayed */
LogPretty bool `hcl:"log_pretty,optional" docs:"Global option for {json} log format which pretty prints with basic key coloring."`
NoProxyFromEnv bool `` /* 154-byte string literal not displayed */
PProf bool `hcl:"pprof,optional" docs:"Enables [profiling](https://github.com/google/pprof/blob/main/doc/README.md#pprof)."`
PProfPort int `hcl:"pprof_port,optional" docs:"Port for profiling interface." default:"6060"`
RequestIDAcceptFromHeader string `` /* 194-byte string literal not displayed */
RequestIDBackendHeader string `` /* 157-byte string literal not displayed */
RequestIDClientHeader string `` /* 155-byte string literal not displayed */
RequestIDFormat string `` /* 187-byte string literal not displayed */
SecureCookies string `` /* 184-byte string literal not displayed */
SendServerTimings bool `` /* 278-byte string literal not displayed */
TLSDevProxy List `` /* 225-byte string literal not displayed */
TelemetryMetrics bool `hcl:"beta_metrics,optional" docs:"Enables the Prometheus [metrics](/observation/metrics) exporter."`
TelemetryMetricsEndpoint string `hcl:"beta_metrics_endpoint,optional" docs:"" default:""`
TelemetryMetricsExporter string `hcl:"beta_metrics_exporter,optional" docs:"" default:""`
TelemetryMetricsPort int `hcl:"beta_metrics_port,optional" docs:"Prometheus exporter listen port." default:"9090"`
TelemetryServiceName string `hcl:"beta_service_name,optional" docs:"Service name which applies to the {service_name} metric labels." default:"couper"`
TelemetryTraces bool `hcl:"beta_traces,optional" docs:"" default:""`
TelemetryTracesEndpoint string `hcl:"beta_traces_endpoint,optional" docs:"" default:""`
XForwardedHost bool `hcl:"xfh,optional" docs:"Whether to use the {X-Forwarded-Host} header as the request host."`
}
Settings represents the <Settings> object.
func NewDefaultSettings ¶ added in v1.11.0
func NewDefaultSettings() *Settings
func (*Settings) AcceptsForwardedHost ¶
func (*Settings) AcceptsForwardedPort ¶
func (*Settings) AcceptsForwardedProtocol ¶
func (*Settings) ApplyAcceptForwarded ¶ added in v1.11.0
type Spa ¶
type Spa struct {
AccessControl []string `hcl:"access_control,optional" docs:"Sets predefined [access control](../access-control) for {spa} block context."`
BasePath string `hcl:"base_path,optional" docs:"Configures the path prefix for all requests."`
BootStrapDataName string `` /* 130-byte string literal not displayed */
BootstrapData hcl.Expression `hcl:"bootstrap_data,optional" docs:"JSON object which replaces the placeholder from {bootstrap_file} content."`
BootstrapFile string `hcl:"bootstrap_file" docs:"Location of the bootstrap file."`
CORS *CORS `hcl:"cors,block" docs:"Configures [CORS](/configuration/block/cors) settings (zero or one)."`
DisableAccessControl []string `hcl:"disable_access_control,optional" docs:"Disables access controls by name."`
Name string `hcl:"name,label,optional"`
Paths []string `hcl:"paths" docs:"List of SPA paths that need the bootstrap file."`
Remain hcl.Body `hcl:",remain"`
}
Spa represents the <Spa> object.
type TokenRequest ¶ added in v1.10.0
type TokenRequest struct {
BackendName string `` /* 197-byte string literal not displayed */
Name string `hcl:"name,label,optional"`
URL string `` /* 154-byte string literal not displayed */
Remain hcl.Body `hcl:",remain"`
// Internally used
Backend hcl.Body
}
func (*TokenRequest) HCLBody ¶ added in v1.10.0
func (t *TokenRequest) HCLBody() *hclsyntax.Body
HCLBody implements the <Body> interface.
func (*TokenRequest) Inline ¶ added in v1.10.0
func (t *TokenRequest) Inline() interface{}
Inline implements the <Inline> interface.
func (*TokenRequest) Reference ¶ added in v1.10.0
func (t *TokenRequest) Reference() string
Reference implements the <BackendReference> interface.
func (*TokenRequest) Schema ¶ added in v1.10.0
func (t *TokenRequest) Schema(inline bool) *hcl.BodySchema
Schema implements the <Inline> interface.
type Websockets ¶
type Websockets struct {
Remain hcl.Body `hcl:",remain"`
}
func (Websockets) Inline ¶
func (w Websockets) Inline() interface{}
Inline implements the <Inline> interface.
func (Websockets) Schema ¶
func (w Websockets) Schema(inline bool) *hcl.BodySchema
Schema implements the <Inline> interface.
Source Files
¶
- ac_basic_auth.go
- ac_jwt.go
- ac_oauth2.go
- ac_oidc.go
- ac_saml.go
- access_control.go
- api.go
- backend.go
- certificate.go
- const.go
- cors.go
- couper.go
- defaults.go
- definitions.go
- duration.go
- endpoint.go
- error_handler.go
- error_handler_setter.go
- field.go
- files.go
- health_check.go
- inline.go
- job.go
- jwt_signing_profile.go
- oauth2.go
- oauth2ra.go
- openapi.go
- proxy.go
- rate_limit.go
- request.go
- response.go
- server.go
- settings.go
- spa.go
- tls.go
- token_request.go
- websockets.go
Directories
Click to show internal directories.
Click to hide internal directories.