config

package
v0.0.0-...-9d1dd97 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 13, 2024 License: AGPL-3.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Matcher             language.Matcher
	DefaultLanguageTags []language.Tag
)

Functions

func GetSkipConsent 

func GetSkipConsent(clientId string) (skip bool)

GetSkipConsent returns a boolean true, if the consent dialog shall be skipped for an OAuth-2 client.

func GetSkipTOTP 

func GetSkipTOTP(clientId string) (skip bool)

GetSkipTOTP returns a boolean true, if TOTP two-factor authentication shall be skipped for an OAuth-2 client.

func ReloadConfigFile 

func ReloadConfigFile() (err error)

ReloadConfigFile is a thread safe function to reload a ConfigFile object.

Types

type BruteForceRule 

type BruteForceRule struct {
	Name           string
	Period         uint
	CIDR           uint
	IPv4           bool
	IPv6           bool
	FailedRequests uint `mapstructure:"failed_requests"`
}

BruteForceRule is the definition of a brute force rule as defined in the configuration file. See the markdown documentation for a description of the field names.

type BruteForceSection 

type BruteForceSection struct {
	IPWhitelist []string         `mapstructure:"ip_whitelist"`
	Buckets     []BruteForceRule `mapstructure:"buckets"`
}

func (*BruteForceSection) String 

func (b *BruteForceSection) String() string

type Config 

type Config struct {

	// InstanceName is the name of the current application instance.
	InstanceName string

	// HTTPAddress is the address where HTTP server should listen.
	// It should be in the format "ip:port".
	HTTPAddress string

	// LogJSON is a flag indicating whether the logs should be in JSON format.
	LogJSON bool

	// Verbosity is a value to set the logging severity level.
	Verbosity

	// SMTPBackendAddress is the address of the SMTP backend server.
	SMTPBackendAddress string

	// SMTPBackendPort is the port of the SMTP backend server.
	SMTPBackendPort int

	// IMAPBackendAddress is the address of the IMAP backend server.
	IMAPBackendAddress string

	// IMAPBackendPort is the port of the IMAP backend server.
	IMAPBackendPort int

	// POP3BackendAddress is the address of the POP3 backend server.
	POP3BackendAddress string

	// POP3BackendPort is the port of the IMAP POP3 server.
	POP3BackendPort int

	// WaitDelay is the time in seconds to wait between connection attempts.
	WaitDelay uint8

	// MaxLoginAttempts is the maximum number of login attempts.
	MaxLoginAttempts uint8

	// ResolveIP is a flag indicating whether to resolve IP addresses to hostnames.
	ResolveIP bool

	// MasterSeparator is the character used to separate master data fields.
	MasterSeparator string

	// RedisAddress is the address of the Redis server for master pool.
	RedisAddress string

	// RedisPort is the port of the Redis server for master pool.
	RedisPort int

	// RedisUsername is the username for authenticating to the Redis server for master pool.
	RedisUsername string

	// RedisPassword is the password for authenticating to the Redis server for master pool.
	RedisPassword string

	// RedisAddressRO is the address of the Redis server for read replica pool.
	RedisAddressRO string

	// RedisPortRO is the port of the Redis server for read replica pool.
	RedisPortRO int

	// RedisSentinels is the list of address of the Redis sentinel servers.
	RedisSentinels []string

	// RedisSentinelMasterName is the name of the Redis sentinel master.
	RedisSentinelMasterName string

	// RedisSentinelUsername is the username for Redis sentinel authentication.
	RedisSentinelUsername string

	// RedisSentinelPassword is the password for Redis sentinel authentication.
	RedisSentinelPassword string

	// RedisPrefix is the prefix to prepend to all Redis keys.
	RedisPrefix string

	// RedisDB is the Redis database number to use.
	RedisDB int

	// RedisPosCacheTTL is the positive response cache time-to-live in Redis.
	RedisPosCacheTTL uint

	// RedisNegCacheTTL is the negative response cache time-to-live in Redis.
	RedisNegCacheTTL uint

	// DNSResolver specifies the DNS resolver to use.
	DNSResolver string

	// DNSTimeout is the DNS resolution timeout in seconds.
	DNSTimeout uint

	// PassDBs is a list of password databases.
	PassDBs []*PassDB

	// Features is a list of enabled application features.
	Features []*Feature

	// BruteForce contains configuration for brute force prevention per each protocol.
	BruteForce []*Protocol

	// DbgModule contains configurations for debugging modules.
	DbgModule []*DbgModule

	// DevMode indicates whether the application is running in developer mode.
	DevMode bool

	// MaxActionWorkers is the maximum number of action workers that can be run simultaneously.
	MaxActionWorkers uint16

	// LocalCacheAuthTTL
	LocalCacheAuthTTL time.Duration

	// LocalCacheAuthLogging indicates wether to log messages for memory-cached logins.
	LocalCacheAuthLogging bool

	// HTTPOptions contains configurations related to HTTP(S) server.
	HTTPOptions
}

Config represents overall configuration settings for the application. 

var EnvConfig *Config //nolint:gochecknoglobals // System wide configuration

EnvConfig represents the environment configuration for the application It is a pointer to Config type

func NewConfig 

func NewConfig() (*Config, error)

NewConfig initializes a new Config struct and sets its values based on environment variables. It calls various methods to set specific configuration options and returns the new Config struct or an error if any configuration fails.

func (*Config) HasFeature 

func (c *Config) HasFeature(feature string) bool

HasFeature checks if the given feature exists in the Config's Features list

func (*Config) String 

func (c *Config) String() string

String returns the name of the Config object excluding the HTTPOptions.

type DbgModule 

type DbgModule struct {
	// contains filtered or unexported fields
}

DbgModule represents a debugging module configuration.

func (*DbgModule) Get 

func (d *DbgModule) Get() string

Get returns the name of the `DbgModule` instance. The name represents the current debug module. It can be used to identify the debug module when needed.

func (*DbgModule) GetModule 

func (d *DbgModule) GetModule() global.DbgModule

GetModule returns the `module` field of the `DbgModule` struct. It is used to retrieve the current debug module.

Usage: 

module := d.GetModule()

Example: 

func main() {
  dbg := &DbgModule{}
  module := dbg.GetModule()
  fmt.Println(module) // Output: 0
}

func (*DbgModule) Set 

func (d *DbgModule) Set(value string) error

Set updates the debug module based on the provided value. It returns an error if the value is not valid. Valid values for the debug module are "none", "all", "auth", "hydra", "webauthn", "statistics", "whitelist", "ldap", "ldappool", "sql", "cache", "bf", "rbl", "action", "feature", and "lua". If the value is valid, the module and name fields are updated accordingly. An error of type ErrWrongDebugModule is returned if the value is not valid.

func (*DbgModule) String 

func (d *DbgModule) String() string

func (*DbgModule) Type 

func (d *DbgModule) Type() string

Type returns the type of the DbgModule, which is always "DebugModule".

type Feature 

type Feature struct {
	// contains filtered or unexported fields
}

Feature is a container for Nauthilus features.

func (*Feature) Get 

func (f *Feature) Get() string

Get gets the name of a feature returned as string.

func (*Feature) Set 

func (f *Feature) Set(value string) error

Set updates the feature name based on the provided value. It returns an error if the value is not a valid feature name. Valid feature names are "tls_encryption", "rbl", "relay_domains", and "lua". If the value is valid, the name field of the Feature struct is updated accordingly. An error of type ErrWrongFeature is returned if the value is not valid.

func (*Feature) String 

func (f *Feature) String() string

func (*Feature) Type 

func (f *Feature) Type() string

Type returns the name of the type.

type File 

type File struct {
	RBLs               *RBLSection          `mapstructure:"realtime_blackhole_lists"`
	ClearTextList      []string             `mapstructure:"cleartext_networks"`
	RelayDomains       *RelayDomainsSection `mapstructure:"relay_domains"`
	NginxMonitoring    *NginxMonitoring     `mapstructure:"nginx_monitoring"`
	BruteForce         *BruteForceSection   `mapstructure:"brute_force"`
	CSRFSecret         string               `mapstructure:"csrf_secret"`
	CookieStoreAuthKey string               `mapstructure:"cookie_store_auth_key"`
	CookieStoreEncKey  string               `mapstructure:"cookie_store_encryption_key"`
	PasswordNonce      string               `mapstructure:"password_nonce"`
	Lua                *LuaSection
	Oauth2             *Oauth2Section
	LDAP               *LDAPSection
	Other              map[string]any `mapstructure:",remain"`
	Mu                 sync.Mutex
}
var LoadableConfig *File //nolint:gochecknoglobals // System wide configuration from nauthilus.yml file

LoadableConfig is a variable of type *File that represents the configuration file that can be loaded.

func NewConfigFile 

func NewConfigFile() (newCfg *File, err error)

NewConfigFile is the constructor for a ConfigFile object.

func (*File) GetAllProtocols 

func (f *File) GetAllProtocols() []string

GetAllProtocols returns a unique slice of strings (a Set) for all defined protocols in the database search sections.

func (*File) GetBruteForceRules 

func (*File) GetBruteForceRules() (rules []BruteForceRule)

GetBruteForceRules is a method on the File struct. It retrieves the brute force rules from the LoadableConfig.BruteForce.Buckets field.

The method checks if LoadableConfig.BruteForce is not nil and if LoadableConfig.BruteForce.Buckets is not empty. If both conditions are met, it assigns LoadableConfig.BruteForce.Buckets to the rules variable and returns it. If the conditions are not met, the method returns an empty []BruteForceRule.

func (*File) GetConfig 

func (f *File) GetConfig(backend global.Backend) any

GetConfig returns the configuration handler for the specified backend. The configuration handler is determined based on the backend type. If the backend is found, it retrieves the configuration handler associated with it and returns the result of calling the GetterHandler() method on the configuration handler. If the configuration handler is not found, it returns nil.

func (*File) GetLDAPConfigAuthIdlePoolSize 

func (f *File) GetLDAPConfigAuthIdlePoolSize() int

GetLDAPConfigAuthIdlePoolSize is a method that operates on a File struct. It retrieves the 'AuthIdlePoolSize' configuration from the LDAP configuration if it exists. If no such configuration is found or the type assertion for LDAPConf fails, it returns a default global LDAP idle pool size.

func (*File) GetLDAPConfigAuthPoolSize 

func (f *File) GetLDAPConfigAuthPoolSize() int

GetLDAPConfigAuthPoolSize is a method of File struct. It returns the LDAP configuration authentication pool size. If the configuration for LDAP backend is nil or not assertable, it returns the default global.LDAPIdlePoolSize value. Otherwise, it returns the AuthPoolSize from the LDAP configuration.

func (*File) GetLDAPConfigBindDN 

func (f *File) GetLDAPConfigBindDN() string

GetLDAPConfigBindDN is a method on the File struct. It retrieves the BindDN field from the LDAP configuration in the File's configuration settings. It will return an empty string if either the config can't be retrieved (nil is returned), or in case the type assertion to an LDAPConf object fails.

func (*File) GetLDAPConfigBindPW 

func (f *File) GetLDAPConfigBindPW() string

GetLDAPConfigBindPW retrieves the binding password from the LDAP Configuration. This method belongs to the File struct and it operates as follows: It retrieves the LDAP configuration using the GetConfig method. If that configuration does not exist, it returns an empty string. If it exists, it attempts to assert this configuration as a pointer to LDAPConf. If this assertion is successful, it returns the BindPW of the LDAPConf. If the assertion fails, it also returns an empty string.

func (*File) GetLDAPConfigLookupIdlePoolSize 

func (f *File) GetLDAPConfigLookupIdlePoolSize() int

GetLDAPConfigLookupIdlePoolSize retrieves the idle pool size for LDAP connections from the config file. If the returned configuration from the config file is nil or if it's not of type *LDAPConf, it will return the default global LDAP idle pool size.

func (*File) GetLDAPConfigLookupPoolSize 

func (f *File) GetLDAPConfigLookupPoolSize() int

GetLDAPConfigLookupPoolSize retrieves the number of connections that should be maintained in the LDAP lookup pool. If the LDAP configuration can be asserted successfully, it returns the LookupPoolSize from the retrieved LDAP configuration. If not, it returns the global constant LDAPIdlePoolSize.

func (*File) GetLDAPConfigSASLExternal 

func (f *File) GetLDAPConfigSASLExternal() bool

GetLDAPConfigSASLExternal checks if SASL External is enabled in the LDAP configuration. It attempts to fetch the global BackendLDAP configuration using the GetConfig method. If the configuration is found and can be asserted as *LDAPConf, it returns the value of the SASLExternal field. If the configuration is not found or can't be asserted as *LDAPConf, it returns false.

func (*File) GetLDAPConfigServerURIs 

func (f *File) GetLDAPConfigServerURIs() []string

GetLDAPConfigServerURIs is a method on the File struct. It returns an array of LDAP server URIs. It first gets the LDAP configuration using the GetConfig method from global.BackendLDAP. If no LDAP configuration is found, it returns an array with a default URI "ldap://localhost". If a valid LDAP configuration is found, it returns the ServerURIs field from the LDAPConf struct. If the configuration is not of type LDAPConf, it also returns an array with a default URI "ldap://localhost". Example usage: 

file := &File{}
serverURIs := file.GetLDAPConfigServerURIs()
for _, uri := range serverURIs {
    fmt.Println(uri)
}

Output: 

ldap://localhost
ldap://example.com:389

func (*File) GetLDAPConfigStartTLS 

func (f *File) GetLDAPConfigStartTLS() bool

GetLDAPConfigStartTLS is a receiver function for the File struct that retrieves LDAP configuration. Specifically, it checks if the configuration recommends starting a TLS (Transport Layer Security) connection. The function returns a boolean value; true if the configuration recommends starting a TLS connection and false otherwise. It first gets the global LDAP configuration by calling the GetConfig function of the File receiver. If the configuration is nil, then the function immediately returns false. If the configuration is not nil, it tries to assert the configuration to be of type LDAPConf. If the assertion is successful (i.e., the configuration is of type LDAPConf), the StartTLS variable of the LDAPConf instance is returned. If the assertion is not successful, the function returns false.

func (*File) GetLDAPConfigTLSCAFile 

func (f *File) GetLDAPConfigTLSCAFile() string

GetLDAPConfigTLSCAFile is a method on the File struct. It retrieves the TLS CA file path for the LDAP configuration. It first retrieves the LDAP configuration using the GetConfig method, passing in the global.BackendLDAP value. If the LDAP configuration is not found or is not of type *LDAPConf, it returns an empty string. Otherwise, it casts the retrieved configuration to *LDAPConf and returns the TLSCAFile field. If the TLSCAFile field is empty, it also returns an empty string. Example usage: filePath := file.GetLDAPConfigTLSCAFile()

func (*File) GetLDAPConfigTLSClientCert 

func (f *File) GetLDAPConfigTLSClientCert() string

GetLDAPConfigTLSClientCert is a method on the File struct. It returns the TLS client certificate path from the LDAP configuration in the File struct. If the LDAP configuration is not found or the TLS client certificate is empty, it returns an empty string.

func (*File) GetLDAPConfigTLSClientKey 

func (f *File) GetLDAPConfigTLSClientKey() string

GetLDAPConfigTLSClientKey is a method on the File struct. It tries to get the LDAP configuration from the file's current configuration. If the configuration is successfully retrieved and is of type LDAPConf, it returns the TLSClientKey from the LDAP configuration.

func (*File) GetLDAPConfigTLSSkipVerify 

func (f *File) GetLDAPConfigTLSSkipVerify() bool

GetLDAPConfigTLSSkipVerify is a method of the File struct. It attempts to retrieve the LDAP configuration and then checks whether TLSSkipVerify is enabled in the LDAP configuration.

It follows the steps: 1. Get the LDAP specific configuration by calling GetConfig with 'global.BackendLDAP'. 2. If no configuration is found, it defaults to returning false. 3. If a configuration is found, it checks whether it can be asserted to a LDAPConf type. 4. If it is successfully asserted to a LDAPConf type, it returns the value of 'TLSSkipVerify'. 5. If the assertion to LDAPConf is unsuccessful, it defaults to returning false.

Returns: The function returns a boolean indicating whether TLSSkipVerify is enabled (true) or not (false).

func (*File) GetLDAPSearchProtocol 

func (f *File) GetLDAPSearchProtocol(protocol string) (*LDAPSearchProtocol, error)

GetLDAPSearchProtocol is a method for the File type. It accepts a string which represents the protocol. The function searches for this protocol in the LDAP protocol list. If it finds it, the method returns a pointer to LDAPSearchProtocol and no error. If it cannot find the protocol, it checks if the default protocol is in use. If not, it returns nil and an error. If the default protocol is used, this method calls itself recursively with the default protocol parameter.

func (*File) GetLuaScriptPath 

func (f *File) GetLuaScriptPath() string

GetLuaScriptPath is a method on the File struct. It returns the Lua script path from the LuaConf field in the File struct. It first calls the GetConfig method with the global.BackendLua parameter to obtain the Lua configuration. If the Lua configuration is nil, it returns an empty string. If the Lua configuration is not nil, it asserts the retrieved configuration as a *LuaConf type. If the assertion is successful, it returns the ScriptPath field from the Lua configuration. If the assertion fails, it returns an empty string.

func (*File) GetLuaSearchProtocol 

func (f *File) GetLuaSearchProtocol(protocol string) (*LuaSearchProtocol, error)

GetLuaSearchProtocol is a method on the File struct. It takes a protocol string as input and returns a pointer to a LuaSearchProtocol struct and an error. This method searches for the specified protocol in the search::protocol sections of the Lua configuration. If the protocol is found, it returns the LuaSearchProtocol containing that protocol. If the protocol is not found and the input protocol is not the default protocol, it recursively calls itself with the default protocol as the input. If the protocol is not found and the input protocol is the default protocol, it returns nil and an error indicating that the search::protocol section is missing and there is no default.

func (*File) GetNginxBackendServer 

func (f *File) GetNginxBackendServer(protocol string) *NginxBackendServer

GetNginxBackendServer is a method of the File struct. It takes a protocol as an argument and returns a pointer to a NginxBackendServer. The method iterates over the Backend Servers of the File instance and returns the first server that matches the provided protocol. If no such server is found, nil is returned.

func (*File) GetNginxBackendServerIP 

func (f *File) GetNginxBackendServerIP(protocol string) string

GetNginxBackendServerIP is a method for the File struct which attempts to get the IP address of an Nginx backend server for a specified protocol. The method first calls GetNginxBackendServer with the given protocol and checks if it returns a non-nil value. If the value is not nil, it retrieves the IP attribute of the backend server. If the returned value is nil, indicating that there is no backend server for the given protocol, the method returns an empty string.

Parameters: 

protocol: A string that specifies the protocol for
          which the backend server's IP address
          is to be retrieved. This could be "http",
          "https", etc.

Returns: 

A string representing the IP address of the backend
server for the given protocol. If there is no backend
server for the specified protocol, the method returns
an empty string.

func (*File) GetNginxBackendServerPort 

func (f *File) GetNginxBackendServerPort(protocol string) int

GetNginxBackendServerPort checks the specific protocol's backend server in the File structure. If the server exists, it returns the port of the server. If the server does not exist, it returns 0.

func (*File) GetNginxBackendServers 

func (f *File) GetNginxBackendServers() []*NginxBackendServer

GetNginxBackendServers method operates on a File receiver 'f'. It checks if the NginxMonitoring property is not null, it returns a pointer to an array of NginxBackendServers, otherwise, it returns an empty array of NginxBackendServer pointers. This method could be used when trying to get all backend servers of an Nginx configuration file.

func (*File) GetNginxMonitoring 

func (f *File) GetNginxMonitoring() *NginxMonitoring

GetNginxMonitoring is a method on the File struct. It returns the NginxMonitoring field from the File struct.

func (*File) GetProtocols 

func (f *File) GetProtocols(backend global.Backend) any

GetProtocols returns the protocol handler for the specified backend. The protocol handler is determined based on the backend type. If the backend is found, it retrieves the protocol handler associated with it and returns the result of calling the ProtoHandler() method on the protocol handler. If the protocol handler is not found, it returns nil.

func (*File) GetSection 

func (f *File) GetSection(backend global.Backend) any

GetSection is a method on the File struct. It takes a backend of type global.Backend as parameter and returns the corresponding section. The method checks the value of the backend parameter and returns the appropriate section. If the backend is global.BackendLDAP, it returns f.LDAP. If the backend is global.BackendMySQL, global.BackendPostgres, or global.BackendSQL, it returns f.SQL. If the backend is global.BackendLua, it returns f.Lua. For any other value of the backend parameter, it returns nil.

func (*File) HaveLua 

func (f *File) HaveLua() bool

HaveLua is a method on the File struct. It checks if the Lua field in the File struct is not nil. It returns a boolean value indicating whether Lua is present or not.

func (*File) HaveLuaActions 

func (f *File) HaveLuaActions() bool

HaveLuaActions is a method on the File struct. It checks if the File struct has Lua actions. It returns true if the File struct has Lua actions, otherwise returns false.

func (*File) HaveLuaFeatures 

func (f *File) HaveLuaFeatures() bool

HaveLuaFeatures is a method on the File struct. It checks if the File struct has Lua features. It returns true if there are Lua features, and false otherwise.

func (*File) HaveLuaFilters 

func (f *File) HaveLuaFilters() bool

HaveLuaFilters is a method on the File struct. It checks if the File struct has Lua filters. It returns true if there are Lua filters, and false otherwise.

func (*File) RetrieveGetterMap 

func (f *File) RetrieveGetterMap() map[global.Backend]GetterHandler

RetrieveGetterMap returns a map of GetterHandler interfaces for each supported backend. It creates a getterMap with a length of 3. If an LDAPSection is found for the LDAP backend, it adds it to the getterMap. If an SQLSection is found for the SQL backend, it adds it to the getterMap. If a LuaSection is found for the Lua backend, it adds it to the getterMap. Finally, it returns the getterMap.

type GetterHandler 

type GetterHandler interface {
	GetConfig() any
	GetProtocols() any
}

GetterHandler is an interface that defines two methods: GetConfig and GetSearch. Any type that implements this interface must provide implementations for both methods. The GetConfig method takes a *File parameter and returns a value of any type. The GetSearch method also takes a *File parameter and returns a value of any type.

type HTTPOptions 

type HTTPOptions struct {
	Auth struct {
		UserName string
		Password string
	}
	X509 struct {
		Cert string
		Key  string
	}
	UseBasicAuth bool
	UseSSL       bool
}

HTTPOptions is a type that holds configurations related to an HTTP(S) server. It contains fields for authentication credentials, X.509 certificate and key paths, and flags for enabling basic authentication and SSL.

func (HTTPOptions) String 

func (h HTTPOptions) String() string

type IdTokenClaims 

type IdTokenClaims struct {
	// Scope: profile.
	Name              string
	GivenName         string `mapstructure:"given_name"`
	FamilyName        string `mapstructure:"family_name"`
	MiddleName        string `mapstructure:"middle_name"`
	NickName          string
	PreferredUserName string `mapstructure:"preferred_username"`
	Profile           string
	Website           string
	Picture           string
	Gender            string
	Birthdate         string
	ZoneInfo          string
	Locale            string
	UpdatedAt         string `mapstructure:"updated_at"`

	// Scope: email.
	Email         string
	EmailVerified string `mapstructure:"email_verified"`

	// Scope: phone.
	PhoneNumber         string `mapstructure:"phone_number"`
	PhoneNumberVerified string `mapstructure:"phone_number_verified"`

	// Scope: address.
	Address string

	// Scope: groups.
	Groups string

	// Scope: user defined.
	CustomClaims map[string]any `mapstructure:",remain"`
}

func (*IdTokenClaims) String 

func (i *IdTokenClaims) String() string

type LDAPAttributeMapping 

type LDAPAttributeMapping struct {
	AccountField      string `mapstructure:"account_field"`
	TOTPSecretField   string `mapstructure:"totp_secret_field"`
	TOTPRecoveryField string `mapstructure:"totp_recovery_field"`
	DisplayNameField  string `mapstructure:"display_name_field"`
	CredentialObject  string `mapstructure:"credential_object"`
	CredentialIDField string `mapstructure:"credential_id_field"`
	PublicKeyField    string `mapstructure:"public_key_field"`
	UniqueUserIDField string `mapstructure:"unique_user_id_field"`
	AAGUIDField       string `mapstructure:"aaguid_field"`
	SignCountField    string `mapstructure:"sign_count_field"`
}

type LDAPConf 

type LDAPConf struct {
	StartTLS      bool
	TLSSkipVerify bool `mapstructure:"tls_skip_verify"`
	SASLExternal  bool `mapstructure:"sasl_external"`

	LookupPoolSize     int `mapstructure:"lookup_pool_size"`
	LookupIdlePoolSize int `mapstructure:"lookup_idle_pool_size"`
	AuthPoolSize       int `mapstructure:"auth_pool_size"`
	AuthIdlePoolSize   int `mapstructure:"auth_idle_pool_size"`

	BindDN        string `mapstructure:"bind_dn"`
	BindPW        string `mapstructure:"bind_pw"`
	TLSCAFile     string `mapstructure:"tls_ca_cert"`
	TLSClientCert string `mapstructure:"tls_client_cert"`
	TLSClientKey  string `mapstructure:"tls_client_key"`

	ServerURIs []string `mapstructure:"server_uri"`
}

func (*LDAPConf) String 

func (l *LDAPConf) String() string

type LDAPFilter 

type LDAPFilter struct {
	User                string
	ListAccounts        string `mapstructure:"list_accounts"`
	WebAuthnCredentials string `mapstructure:"webauthn_credentials"`
}

type LDAPScope 

type LDAPScope struct {
	// contains filtered or unexported fields
}

LDAPScope is the search scope for an LDAP server.

func (*LDAPScope) Get 

func (l *LDAPScope) Get() int

Get returns the numeric LDAP search scope.

func (*LDAPScope) Set 

func (l *LDAPScope) Set(value string) error

Set sets the numeric LDAP search scope by its string representation.

func (*LDAPScope) String 

func (l *LDAPScope) String() string

func (*LDAPScope) Type 

func (l *LDAPScope) Type() string

Type returns the name of the type.

type LDAPSearchProtocol 

type LDAPSearchProtocol struct {
	Protocols []string `mapstructure:"protocol"`
	CacheName string   `mapstructure:"cache_name"`
	BaseDN    string   `mapstructure:"base_dn"`
	Scope     string

	LDAPFilter           `mapstructure:"filter"`
	LDAPAttributeMapping `mapstructure:"mapping"`

	// LDAP result attributes
	Attributes []string `mapstructure:"attribute"`
}

func (*LDAPSearchProtocol) GetAccountField 

func (p *LDAPSearchProtocol) GetAccountField() (string, error)

GetAccountField returns the LDAP attribute for an account. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetAttributes 

func (p *LDAPSearchProtocol) GetAttributes() ([]string, error)

GetAttributes returns a list of attributes that are requested from the LDAP server. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetBaseDN 

func (p *LDAPSearchProtocol) GetBaseDN() (string, error)

GetBaseDN returns the base DN that is used for each specific protocol. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetCacheName 

func (p *LDAPSearchProtocol) GetCacheName() (string, error)

GetCacheName returns the Redis cache domain. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetListAccountsFilter 

func (p *LDAPSearchProtocol) GetListAccountsFilter() (string, error)

GetListAccountsFilter returns an LDAP filter which is used to find all user accounts. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetScope 

func (p *LDAPSearchProtocol) GetScope() (*LDAPScope, error)

GetScope returns an LDAP search scope. If no scope was defined, it automatically sets the subtree scope. If a scope has been defined and is unknown, it returns a DetailedError.

func (*LDAPSearchProtocol) GetUserFilter 

func (p *LDAPSearchProtocol) GetUserFilter() (string, error)

GetUserFilter returns an LDAP search filter to find a user. It returns a DetailedError, if no value has been configured.

type LDAPSection 

type LDAPSection struct {
	Config *LDAPConf
	Search []LDAPSearchProtocol
}

func (*LDAPSection) GetConfig 

func (l *LDAPSection) GetConfig() any

func (*LDAPSection) GetProtocols 

func (l *LDAPSection) GetProtocols() any

func (*LDAPSection) String 

func (l *LDAPSection) String() string

type LuaAction 

type LuaAction struct {
	ActionType string `mapstructure:"type"`
	ScriptPath string `mapstructure:"script_path"`
}

func (*LuaAction) GetAction 

func (l *LuaAction) GetAction() (string, string)

GetAction returns the action type and a path to a Lua script as defined in the LuaAction struct.

func (*LuaAction) String 

func (l *LuaAction) String() string

type LuaConf 

type LuaConf struct {
	ScriptPath string `mapstructure:"script_path"`
}

func (*LuaConf) String 

func (l *LuaConf) String() string

type LuaFeature 

type LuaFeature struct {
	Name       string
	ScriptPath string `mapstructure:"script_path"`
}

func (*LuaFeature) String 

func (l *LuaFeature) String() string

type LuaFilter 

type LuaFilter struct {
	Name       string
	ScriptPath string `mapstructure:"script_path"`
}

func (*LuaFilter) String 

func (l *LuaFilter) String() string

type LuaSearchProtocol 

type LuaSearchProtocol struct {
	Protocols []string `mapstructure:"protocol"`
	CacheName string   `mapstructure:"cache_name"`
}

func (*LuaSearchProtocol) GetCacheName 

func (l *LuaSearchProtocol) GetCacheName() (string, error)

GetCacheName returns the Redis cache domain. It returns a DetailedError, if no value has been configured.

type LuaSection 

type LuaSection struct {
	Actions  []LuaAction
	Features []LuaFeature
	Filters  []LuaFilter
	Config   *LuaConf
	Search   []LuaSearchProtocol
}

func (*LuaSection) GetConfig 

func (l *LuaSection) GetConfig() any

func (*LuaSection) GetProtocols 

func (l *LuaSection) GetProtocols() any

func (*LuaSection) String 

func (l *LuaSection) String() string

type NginxBackendServer 

type NginxBackendServer struct {
	Protocol string
	IP       string
	Port     int
}

func (*NginxBackendServer) String 

func (n *NginxBackendServer) String() string

type NginxMonitoring 

type NginxMonitoring struct {
	NginxBackendServer []*NginxBackendServer `mapstructure:"backend_servers"`
}

type OIDCCustomClaim 

type OIDCCustomClaim struct {
	Name string
	Type string
}

type Oauth2Client 

type Oauth2Client struct {
	SkipConsent bool   `mapstructure:"skip_consent"`
	SkipTOTP    bool   `mapstructure:"skip_totp"`
	ClientName  string `mapstructure:"name"`
	ClientId    string `mapstructure:"client_id"`
	Subject     string
	Claims      IdTokenClaims `mapstructure:"claims"`
}

type Oauth2CustomScope 

type Oauth2CustomScope struct {
	Name        string
	Description string
	Claims      []OIDCCustomClaim
	Other       map[string]any `mapstructure:",remain"`
}

type Oauth2Section 

type Oauth2Section struct {
	CustomScopes []Oauth2CustomScope `mapstructure:"custom_scopes"`
	Clients      []Oauth2Client
}

func (*Oauth2Section) String 

func (o *Oauth2Section) String() string

type PassDB 

type PassDB struct {
	// contains filtered or unexported fields
}

PassDB is a password Database container.

func (*PassDB) Get 

func (p *PassDB) Get() global.Backend

Get gets the name of a password Database.

func (*PassDB) Set 

func (p *PassDB) Set(value string) error

Set updates the backend of the PassDB based on the provided value. It returns an error if the value is not valid. Valid values for the backend are "cache", "ldap", "mysql", "postgresql", "sql", and "lua". If the value is valid, the backend field of PassDB is updated accordingly. An error of type ErrWrongPassDB is returned if the value is not valid.

func (*PassDB) String 

func (p *PassDB) String() string

func (*PassDB) Type 

func (p *PassDB) Type() string

Type returns the name of the type.

type Protocol 

type Protocol struct {
	// contains filtered or unexported fields
}

Protocol is the protocol used between a remote client and a server. This server sets the protocol in an HTTP request header "Auth-Protocol" (Nginx protocol).

func NewProtocol 

func NewProtocol(protocol string) *Protocol

NewProtocol creates a new Protocol object with the given protocol string. It initializes the name field of the Protocol object.

Example usage: protocol := NewProtocol("http")

func (*Protocol) Get 

func (p *Protocol) Get() string

Get returns the string for a protocol.

func (*Protocol) Set 

func (p *Protocol) Set(value string)

Set sets the name of the protocol.

func (*Protocol) String 

func (p *Protocol) String() string

func (*Protocol) Type 

func (p *Protocol) Type() string

Type returns the name of the type.

type RBL 

type RBL struct {
	Name         string
	RBL          string
	IPv4         bool
	IPv6         bool
	AllowFailure bool   `mapstructure:"allow_failure"`
	ReturnCode   string `mapstructure:"return_code"`
	Weight       int
}

type RBLSection 

type RBLSection struct {
	Lists       []RBL
	Threshold   int
	IPWhiteList []string `mapstructure:"ip_whitelist"`
}

func (*RBLSection) String 

func (r *RBLSection) String() string

type RelayDomainsSection 

type RelayDomainsSection struct {
	StaticDomains []string `mapstructure:"static"`
}

func (*RelayDomainsSection) String 

func (r *RelayDomainsSection) String() string

type StringSet 

type StringSet map[string]any

StringSet is a storage container that ensures unique keys.

func NewStringSet 

func NewStringSet() StringSet

NewStringSet constructs a new StringSet

func (*StringSet) GetStringSlice 

func (s *StringSet) GetStringSlice() (result []string)

GetStringSlice returns all values for a StringSet as a slice of strings.

func (*StringSet) Set 

func (s *StringSet) Set(value string)

Set adds an element to the StringSet

type Verbosity 

type Verbosity struct {
	// contains filtered or unexported fields
}

Verbosity is a type that represents the verbosity details.

func (*Verbosity) Get 

func (v *Verbosity) Get() string

Get returns the name of the log level as string.

func (*Verbosity) Level 

func (v *Verbosity) Level() int

Level returns the verbosity level of the Verbosity instance.

func (*Verbosity) Set 

func (v *Verbosity) Set(value string) error

Set updates the verbosity level and name based on the provided value. It returns an error if the value is not valid. Valid values for the verbosity level are "none", "error", "warn", "info", and "debug". If the value is valid, the verboseLevel and name fields are updated accordingly. An error of type ErrWrongVerboseLevel is returned if the value is not valid.

func (*Verbosity) String 

func (v *Verbosity) String() string

func (*Verbosity) Type 

func (v *Verbosity) Type() string

Type returns the type of the Verbosity struct.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.