Documentation
¶
Index ¶
- type APIConfiguration
- type AnonymousProviderConfiguration
- type CORSConfiguration
- type CaptchaConfiguration
- type DBConfiguration
- type EmailContentConfiguration
- type EmailProviderConfiguration
- type ExtensibilityPointConfiguration
- type GlobalConfiguration
- type HIBPBloomConfiguration
- type HIBPConfiguration
- type HTTPHookSecrets
- type HookConfiguration
- type JWTConfiguration
- type LoggingConfig
- type MFAConfiguration
- type MailerConfiguration
- type MessagebirdProviderConfiguration
- type MetricsConfig
- type MetricsExporter
- type OAuthProviderConfiguration
- type PasswordConfiguration
- type PasswordRequiredCharacters
- type PhoneProviderConfiguration
- type ProfilerConfig
- type ProviderConfiguration
- type SAMLConfiguration
- type SMTPConfiguration
- type SecurityConfiguration
- type SessionsConfiguration
- type SmsProviderConfiguration
- type TextlocalProviderConfiguration
- type Time
- type TracingConfig
- type TracingExporter
- type TwilioProviderConfiguration
- type TwilioVerifyProviderConfiguration
- type VonageProviderConfiguration
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type APIConfiguration ¶
type APIConfiguration struct {
Host string
Port string `envconfig:"PORT" default:"8081"`
Endpoint string
RequestIDHeader string `envconfig:"REQUEST_ID_HEADER"`
ExternalURL string `json:"external_url" envconfig:"API_EXTERNAL_URL" required:"true"`
}
func (*APIConfiguration) Validate ¶
func (a *APIConfiguration) Validate() error
type AnonymousProviderConfiguration ¶
type AnonymousProviderConfiguration struct {
Enabled bool `json:"enabled" default:"false"`
}
type CORSConfiguration ¶
type CORSConfiguration struct {
AllowedHeaders []string `json:"allowed_headers" split_words:"true"`
}
func (*CORSConfiguration) AllAllowedHeaders ¶
func (c *CORSConfiguration) AllAllowedHeaders(defaults []string) []string
type CaptchaConfiguration ¶
type CaptchaConfiguration struct {
Enabled bool `json:"enabled" default:"false"`
Provider string `json:"provider" default:"hcaptcha"`
Secret string `json:"provider_secret"`
}
func (*CaptchaConfiguration) Validate ¶
func (c *CaptchaConfiguration) Validate() error
type DBConfiguration ¶
type DBConfiguration struct {
Driver string `json:"driver" required:"true"`
URL string `json:"url" envconfig:"DATABASE_URL" required:"true"`
Namespace string `json:"namespace" envconfig:"DB_NAMESPACE" default:"auth"`
// MaxPoolSize defaults to 0 (unlimited).
MaxPoolSize int `json:"max_pool_size" split_words:"true"`
MaxIdlePoolSize int `json:"max_idle_pool_size" split_words:"true"`
ConnMaxLifetime time.Duration `json:"conn_max_lifetime,omitempty" split_words:"true"`
ConnMaxIdleTime time.Duration `json:"conn_max_idle_time,omitempty" split_words:"true"`
HealthCheckPeriod time.Duration `json:"health_check_period" split_words:"true"`
MigrationsPath string `json:"migrations_path" split_words:"true" default:"./migrations"`
CleanupEnabled bool `json:"cleanup_enabled" split_words:"true" default:"false"`
}
DBConfiguration holds all the database related configuration.
func (*DBConfiguration) Validate ¶
func (c *DBConfiguration) Validate() error
type EmailContentConfiguration ¶
type EmailContentConfiguration struct {
Invite string `json:"invite"`
Confirmation string `json:"confirmation"`
Recovery string `json:"recovery"`
EmailChange string `json:"email_change" split_words:"true"`
MagicLink string `json:"magic_link" split_words:"true"`
Reauthentication string `json:"reauthentication"`
}
EmailContentConfiguration holds the configuration for emails, both subjects and template URLs.
type EmailProviderConfiguration ¶
type EmailProviderConfiguration struct {
Enabled bool `json:"enabled" default:"true"`
}
type ExtensibilityPointConfiguration ¶
type ExtensibilityPointConfiguration struct {
URI string `json:"uri"`
Enabled bool `json:"enabled"`
HookName string `json:"hook_name"`
// We use | as a separator for keys and : as a separator for keys within a keypair. For instance: v1,whsec_test|v1a,whpk_myother:v1a,whsk_testkey|v1,whsec_secret3
HTTPHookSecrets []string `json:"secrets" envconfig:"secrets"`
}
func (*ExtensibilityPointConfiguration) PopulateExtensibilityPoint ¶
func (e *ExtensibilityPointConfiguration) PopulateExtensibilityPoint() error
func (*ExtensibilityPointConfiguration) ValidateExtensibilityPoint ¶
func (e *ExtensibilityPointConfiguration) ValidateExtensibilityPoint() error
type GlobalConfiguration ¶
type GlobalConfiguration struct {
API APIConfiguration
DB DBConfiguration
External ProviderConfiguration
Logging LoggingConfig `envconfig:"LOG"`
Profiler ProfilerConfig `envconfig:"PROFILER"`
OperatorToken string `split_words:"true" required:"false"`
Tracing TracingConfig
Metrics MetricsConfig
SMTP SMTPConfiguration
RateLimitHeader string `split_words:"true"`
RateLimitEmailSent float64 `split_words:"true" default:"30"`
RateLimitSmsSent float64 `split_words:"true" default:"30"`
RateLimitVerify float64 `split_words:"true" default:"30"`
RateLimitTokenRefresh float64 `split_words:"true" default:"150"`
RateLimitSso float64 `split_words:"true" default:"30"`
RateLimitAnonymousUsers float64 `split_words:"true" default:"30"`
SiteURL string `json:"site_url" split_words:"true" required:"true"`
URIAllowList []string `json:"uri_allow_list" split_words:"true"`
URIAllowListMap map[string]glob.Glob
Password PasswordConfiguration `json:"password"`
JWT JWTConfiguration `json:"jwt"`
Mailer MailerConfiguration `json:"mailer"`
Sms SmsProviderConfiguration `json:"sms"`
DisableSignup bool `json:"disable_signup" split_words:"true"`
Hook HookConfiguration `json:"hook" split_words:"true"`
Security SecurityConfiguration `json:"security"`
Sessions SessionsConfiguration `json:"sessions"`
MFA MFAConfiguration `json:"MFA"`
Cookie struct {
Key string `json:"key"`
Domain string `json:"domain"`
Duration int `json:"duration"`
} `json:"cookies"`
SAML SAMLConfiguration `json:"saml"`
CORS CORSConfiguration `json:"cors"`
}
GlobalConfiguration holds all the configuration that applies to all instances.
func LoadGlobal ¶
func LoadGlobal(filename string) (*GlobalConfiguration, error)
func (*GlobalConfiguration) ApplyDefaults ¶
func (config *GlobalConfiguration) ApplyDefaults() error
ApplyDefaults sets defaults for a GlobalConfiguration
func (*GlobalConfiguration) Validate ¶
func (c *GlobalConfiguration) Validate() error
Validate validates all of configuration.
type HIBPBloomConfiguration ¶
type HIBPBloomConfiguration struct {
Enabled bool `json:"enabled"`
Items uint `json:"items" default:"100000"`
FalsePositives float64 `json:"false_positives" split_words:"true" default:"0.0000099"`
}
HIBPBloomConfiguration configures a bloom cache for pwned passwords. Use this tool to gauge the Items and FalsePositives values: https://hur.st/bloomfilter
type HIBPConfiguration ¶
type HIBPConfiguration struct {
Enabled bool `json:"enabled"`
FailClosed bool `json:"fail_closed" split_words:"true"`
UserAgent string `json:"user_agent" split_words:"true" default:"https://github.com/supabase/gotrue"`
Bloom HIBPBloomConfiguration `json:"bloom"`
}
type HTTPHookSecrets ¶
type HTTPHookSecrets []string
func (*HTTPHookSecrets) Decode ¶
func (h *HTTPHookSecrets) Decode(value string) error
type HookConfiguration ¶
type HookConfiguration struct {
MFAVerificationAttempt ExtensibilityPointConfiguration `json:"mfa_verification_attempt" split_words:"true"`
PasswordVerificationAttempt ExtensibilityPointConfiguration `json:"password_verification_attempt" split_words:"true"`
CustomAccessToken ExtensibilityPointConfiguration `json:"custom_access_token" split_words:"true"`
CustomSMSProvider ExtensibilityPointConfiguration `json:"custom_sms_provider" split_words:"true"`
}
Moving away from the existing HookConfig so we can get a fresh start.
func (*HookConfiguration) Validate ¶
func (h *HookConfiguration) Validate() error
type JWTConfiguration ¶
type JWTConfiguration struct {
Secret string `json:"secret" required:"true"`
Exp int `json:"exp"`
Aud string `json:"aud"`
AdminGroupName string `json:"admin_group_name" split_words:"true"`
AdminRoles []string `json:"admin_roles" split_words:"true"`
DefaultGroupName string `json:"default_group_name" split_words:"true"`
Issuer string `json:"issuer"`
KeyID string `json:"key_id" split_words:"true"`
}
JWTConfiguration holds all the JWT related configuration.
type LoggingConfig ¶
type LoggingConfig struct {
Level string `mapstructure:"log_level" json:"log_level"`
File string `mapstructure:"log_file" json:"log_file"`
DisableColors bool `mapstructure:"disable_colors" split_words:"true" json:"disable_colors"`
QuoteEmptyFields bool `mapstructure:"quote_empty_fields" split_words:"true" json:"quote_empty_fields"`
TSFormat string `mapstructure:"ts_format" json:"ts_format"`
Fields map[string]interface{} `mapstructure:"fields" json:"fields"`
SQL string `mapstructure:"sql" json:"sql"`
}
type MFAConfiguration ¶
type MFAConfiguration struct {
Enabled bool `default:"false"`
ChallengeExpiryDuration float64 `json:"challenge_expiry_duration" default:"300" split_words:"true"`
FactorExpiryDuration time.Duration `json:"factor_expiry_duration" default:"300s" split_words:"true"`
RateLimitChallengeAndVerify float64 `split_words:"true" default:"15"`
MaxEnrolledFactors float64 `split_words:"true" default:"10"`
MaxVerifiedFactors int `split_words:"true" default:"10"`
}
MFAConfiguration holds all the MFA related Configuration
type MailerConfiguration ¶
type MailerConfiguration struct {
Autoconfirm bool `json:"autoconfirm"`
AllowUnverifiedEmailSignIns bool `json:"allow_unverified_email_sign_ins" split_words:"true" default:"false"`
Subjects EmailContentConfiguration `json:"subjects"`
Templates EmailContentConfiguration `json:"templates"`
URLPaths EmailContentConfiguration `json:"url_paths"`
SecureEmailChangeEnabled bool `json:"secure_email_change_enabled" split_words:"true" default:"true"`
OtpExp uint `json:"otp_exp" split_words:"true"`
OtpLength int `json:"otp_length" split_words:"true"`
}
type MessagebirdProviderConfiguration ¶
type MessagebirdProviderConfiguration struct {
AccessKey string `json:"access_key" split_words:"true"`
Originator string `json:"originator" split_words:"true"`
}
func (*MessagebirdProviderConfiguration) Validate ¶
func (t *MessagebirdProviderConfiguration) Validate() error
type MetricsConfig ¶
type MetricsConfig struct {
Enabled bool
Exporter MetricsExporter `default:"opentelemetry"`
// ExporterProtocol is the OTEL_EXPORTER_OTLP_PROTOCOL env variable,
// only available when exporter is opentelemetry. See:
// https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md
ExporterProtocol string `default:"http/protobuf" envconfig:"OTEL_EXPORTER_OTLP_PROTOCOL"`
PrometheusListenHost string `default:"0.0.0.0" envconfig:"OTEL_EXPORTER_PROMETHEUS_HOST"`
PrometheusListenPort string `default:"9100" envconfig:"OTEL_EXPORTER_PROMETHEUS_PORT"`
}
func (MetricsConfig) Validate ¶
func (mc MetricsConfig) Validate() error
type MetricsExporter ¶
type MetricsExporter = string
const ( Prometheus MetricsExporter = "prometheus" OpenTelemetryMetrics MetricsExporter = "opentelemetry" )
type OAuthProviderConfiguration ¶
type OAuthProviderConfiguration struct {
ClientID []string `json:"client_id" split_words:"true"`
Secret string `json:"secret"`
RedirectURI string `json:"redirect_uri" split_words:"true"`
URL string `json:"url"`
ApiURL string `json:"api_url" split_words:"true"`
Enabled bool `json:"enabled"`
SkipNonceCheck bool `json:"skip_nonce_check" split_words:"true"`
}
OAuthProviderConfiguration holds all config related to external account providers.
func (*OAuthProviderConfiguration) ValidateOAuth ¶
func (o *OAuthProviderConfiguration) ValidateOAuth() error
type PasswordConfiguration ¶
type PasswordConfiguration struct {
MinLength int `json:"min_length" split_words:"true"`
RequiredCharacters PasswordRequiredCharacters `json:"required_characters" split_words:"true"`
HIBP HIBPConfiguration `json:"hibp"`
}
type PasswordRequiredCharacters ¶
type PasswordRequiredCharacters []string
func (*PasswordRequiredCharacters) Decode ¶
func (v *PasswordRequiredCharacters) Decode(value string) error
type PhoneProviderConfiguration ¶
type PhoneProviderConfiguration struct {
Enabled bool `json:"enabled" default:"false"`
}
type ProfilerConfig ¶
type ProviderConfiguration ¶
type ProviderConfiguration struct {
AnonymousUsers AnonymousProviderConfiguration `json:"anonymous_users" split_words:"true"`
Apple OAuthProviderConfiguration `json:"apple"`
Azure OAuthProviderConfiguration `json:"azure"`
Bitbucket OAuthProviderConfiguration `json:"bitbucket"`
Discord OAuthProviderConfiguration `json:"discord"`
Facebook OAuthProviderConfiguration `json:"facebook"`
Figma OAuthProviderConfiguration `json:"figma"`
Fly OAuthProviderConfiguration `json:"fly"`
Github OAuthProviderConfiguration `json:"github"`
Gitlab OAuthProviderConfiguration `json:"gitlab"`
Google OAuthProviderConfiguration `json:"google"`
Kakao OAuthProviderConfiguration `json:"kakao"`
Notion OAuthProviderConfiguration `json:"notion"`
Keycloak OAuthProviderConfiguration `json:"keycloak"`
Linkedin OAuthProviderConfiguration `json:"linkedin"`
LinkedinOIDC OAuthProviderConfiguration `json:"linkedin_oidc" envconfig:"LINKEDIN_OIDC"`
Spotify OAuthProviderConfiguration `json:"spotify"`
Slack OAuthProviderConfiguration `json:"slack"`
Twitter OAuthProviderConfiguration `json:"twitter"`
Twitch OAuthProviderConfiguration `json:"twitch"`
WorkOS OAuthProviderConfiguration `json:"workos"`
Email EmailProviderConfiguration `json:"email"`
Phone PhoneProviderConfiguration `json:"phone"`
Zoom OAuthProviderConfiguration `json:"zoom"`
IosBundleId string `json:"ios_bundle_id" split_words:"true"`
RedirectURL string `json:"redirect_url"`
AllowedIdTokenIssuers []string `json:"allowed_id_token_issuers" split_words:"true"`
FlowStateExpiryDuration time.Duration `json:"flow_state_expiry_duration" split_words:"true"`
}
type SAMLConfiguration ¶
type SAMLConfiguration struct {
Enabled bool `json:"enabled"`
PrivateKey string `json:"-" split_words:"true"`
RelayStateValidityPeriod time.Duration `json:"relay_state_validity_period" split_words:"true"`
RSAPrivateKey *rsa.PrivateKey `json:"-"`
RSAPublicKey *rsa.PublicKey `json:"-"`
Certificate *x509.Certificate `json:"-"`
RateLimitAssertion float64 `default:"15" split_words:"true"`
}
SAMLConfiguration holds configuration for native SAML support.
func (*SAMLConfiguration) PopulateFields ¶
func (c *SAMLConfiguration) PopulateFields(externalURL string) error
PopulateFields fills the configuration details based off the provided parameters.
func (*SAMLConfiguration) Validate ¶
func (c *SAMLConfiguration) Validate() error
type SMTPConfiguration ¶
type SMTPConfiguration struct {
MaxFrequency time.Duration `json:"max_frequency" split_words:"true"`
Host string `json:"host"`
Port int `json:"port,omitempty" default:"587"`
User string `json:"user"`
Pass string `json:"pass,omitempty"`
AdminEmail string `json:"admin_email" split_words:"true"`
SenderName string `json:"sender_name" split_words:"true"`
}
func (*SMTPConfiguration) Validate ¶
func (c *SMTPConfiguration) Validate() error
type SecurityConfiguration ¶
type SecurityConfiguration struct {
Captcha CaptchaConfiguration `json:"captcha"`
RefreshTokenRotationEnabled bool `json:"refresh_token_rotation_enabled" split_words:"true" default:"true"`
RefreshTokenReuseInterval int `json:"refresh_token_reuse_interval" split_words:"true"`
UpdatePasswordRequireReauthentication bool `json:"update_password_require_reauthentication" split_words:"true"`
ManualLinkingEnabled bool `json:"manual_linking_enabled" split_words:"true" default:"false"`
}
func (*SecurityConfiguration) Validate ¶
func (c *SecurityConfiguration) Validate() error
type SessionsConfiguration ¶
type SessionsConfiguration struct {
Timebox *time.Duration `json:"timebox"`
InactivityTimeout *time.Duration `json:"inactivity_timeout,omitempty" split_words:"true"`
SinglePerUser bool `json:"single_per_user" split_words:"true"`
Tags []string `json:"tags,omitempty"`
}
func (*SessionsConfiguration) Validate ¶
func (c *SessionsConfiguration) Validate() error
type SmsProviderConfiguration ¶
type SmsProviderConfiguration struct {
Autoconfirm bool `json:"autoconfirm"`
MaxFrequency time.Duration `json:"max_frequency" split_words:"true"`
OtpExp uint `json:"otp_exp" split_words:"true"`
OtpLength int `json:"otp_length" split_words:"true"`
Provider string `json:"provider"`
Template string `json:"template"`
TestOTP map[string]string `json:"test_otp" split_words:"true"`
TestOTPValidUntil Time `json:"test_otp_valid_until" split_words:"true"`
SMSTemplate *template.Template `json:"-"`
Twilio TwilioProviderConfiguration `json:"twilio"`
TwilioVerify TwilioVerifyProviderConfiguration `json:"twilio_verify" split_words:"true"`
Messagebird MessagebirdProviderConfiguration `json:"messagebird"`
Textlocal TextlocalProviderConfiguration `json:"textlocal"`
Vonage VonageProviderConfiguration `json:"vonage"`
}
func (*SmsProviderConfiguration) GetTestOTP ¶
func (*SmsProviderConfiguration) IsTwilioVerifyProvider ¶
func (t *SmsProviderConfiguration) IsTwilioVerifyProvider() bool
type TextlocalProviderConfiguration ¶
type TextlocalProviderConfiguration struct {
ApiKey string `json:"api_key" split_words:"true"`
Sender string `json:"sender" split_words:"true"`
}
func (*TextlocalProviderConfiguration) Validate ¶
func (t *TextlocalProviderConfiguration) Validate() error
type Time ¶
Time is used to represent timestamps in the configuration, as envconfig has trouble parsing empty strings, due to time.Time.UnmarshalText().
func (*Time) UnmarshalText ¶
type TracingConfig ¶
type TracingConfig struct {
Enabled bool
Exporter TracingExporter `default:"opentelemetry"`
// ExporterProtocol is the OTEL_EXPORTER_OTLP_PROTOCOL env variable,
// only available when exporter is opentelemetry. See:
// https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/protocol/exporter.md
ExporterProtocol string `default:"http/protobuf" envconfig:"OTEL_EXPORTER_OTLP_PROTOCOL"`
// Host is the host of the OpenTracing collector.
Host string
// Port is the port of the OpenTracing collector.
Port string
// ServiceName is the service name to use with OpenTracing.
ServiceName string `default:"gotrue" split_words:"true"`
// Tags are the tags to associate with OpenTracing.
Tags map[string]string
}
func (*TracingConfig) Validate ¶
func (tc *TracingConfig) Validate() error
type TracingExporter ¶
type TracingExporter = string
const (
OpenTelemetryTracing TracingExporter = "opentelemetry"
)
type TwilioProviderConfiguration ¶
type TwilioProviderConfiguration struct {
AccountSid string `json:"account_sid" split_words:"true"`
AuthToken string `json:"auth_token" split_words:"true"`
MessageServiceSid string `json:"message_service_sid" split_words:"true"`
ContentSid string `json:"content_sid" split_words:"true"`
}
func (*TwilioProviderConfiguration) Validate ¶
func (t *TwilioProviderConfiguration) Validate() error
type TwilioVerifyProviderConfiguration ¶
type TwilioVerifyProviderConfiguration struct {
AccountSid string `json:"account_sid" split_words:"true"`
AuthToken string `json:"auth_token" split_words:"true"`
MessageServiceSid string `json:"message_service_sid" split_words:"true"`
}
func (*TwilioVerifyProviderConfiguration) Validate ¶
func (t *TwilioVerifyProviderConfiguration) Validate() error
type VonageProviderConfiguration ¶
type VonageProviderConfiguration struct {
ApiKey string `json:"api_key" split_words:"true"`
ApiSecret string `json:"api_secret" split_words:"true"`
From string `json:"from" split_words:"true"`
}
func (*VonageProviderConfiguration) Validate ¶
func (t *VonageProviderConfiguration) Validate() error
Source Files
Click to show internal directories.
Click to hide internal directories.