middleware

package

v0.0.0-...-860e413 Latest Latest Go to latest Published: Oct 21, 2022 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dennigogo/zitadel

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func AssetsCacheInterceptor(maxAge, sharedMaxAge time.Duration) *cacheInterceptor
func CORSInterceptor(h http.Handler) http.Handler
func CORSInterceptorOpts(opts cors.Options, h http.Handler) http.Handler
func CacheInterceptorOpts(cache *Cache) *cacheInterceptor
func DefaultMetricsHandler(handler http.Handler) http.Handler
func DefaultTelemetryHandler(handler http.Handler) http.Handler
func GetNonce(r *http.Request) string
func HostFromRequest(r *http.Request, headerName string) (string, error)
func InstanceInterceptor(verifier authz.InstanceVerifier, headerName string, ignoredPrefixes ...string) *instanceInterceptor
func MetricsHandler(metricTypes []metrics.MetricType, ignoredMethods ...string) func(http.Handler) http.Handler
func NewUserAgentHandler(config *UserAgentCookieConfig, cookieKey []byte, idGenerator id.Generator, ...) (func(http.Handler) http.Handler, error)
func NoCacheInterceptor() *cacheInterceptor
func SecurityHeaders(csp *CSP, errorHandler func(error) http.Handler, nonceLength ...uint) func(http.Handler) http.Handler
func TelemetryHandler(ignoredMethods ...string) func(http.Handler) http.Handler
func UserAgentIDFromCtx(ctx context.Context) (string, bool)
type AuthInterceptor
- func AuthorizationInterceptor(verifier *authz.TokenVerifier, authConfig authz.Config) *AuthInterceptor
- func (a *AuthInterceptor) Handler(next http.Handler) http.Handler
- func (a *AuthInterceptor) HandlerFunc(next http.HandlerFunc) http.HandlerFunc
type CSP
- func (csp *CSP) Value(nonce string, host string) string
type CSPSourceOptions
- func CSPSourceOpts() CSPSourceOptions
- func CSPSourceOptsNone() CSPSourceOptions
- func CSPSourceOptsSelf() CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddEval() CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddHash(alg, b64v string) CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddHost(h ...string) CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddInline() CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddNonce() CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddOwnHost() CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddScheme(s ...string) CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddSelf() CSPSourceOptions
- func (srcOpts CSPSourceOptions) AddStrictDynamic() CSPSourceOptions
- func (srcOpts CSPSourceOptions) String(nonce, host string) string
type Cache
type CacheConfig
type Cacheability
type Revalidation
type UserAgent
type UserAgentCookieConfig

Constants ¶

View Source

const (
	DefaultNonceLength = uint(32)
)

Variables ¶

View Source

var (
	NeverCacheOptions = &Cache{
		NoStore: true,
	}
	AssetOptions = func(maxAge, SharedMaxAge time.Duration) *Cache {
		return &Cache{
			Cacheability: CacheabilityPublic,
			MaxAge:       maxAge,
			SharedMaxAge: SharedMaxAge,
		}
	}
)

View Source

var (
	DefaultCORSOptions = cors.Options{
		AllowCredentials: true,
		AllowedHeaders: []string{
			http_utils.Origin,
			http_utils.ContentType,
			http_utils.Accept,
			http_utils.AcceptLanguage,
			http_utils.Authorization,
			http_utils.ZitadelOrgID,
			http_utils.XUserAgent,
			http_utils.XGrpcWeb,
		},
		AllowedMethods: []string{
			http.MethodOptions,
			http.MethodGet,
			http.MethodHead,
			http.MethodPost,
			http.MethodPut,
			http.MethodPatch,
			http.MethodDelete,
		},
		ExposedHeaders: []string{
			http_utils.Location,
			http_utils.ContentLength,
		},
		AllowOriginFunc: func(_ string) bool {
			return true
		},
	}
)

View Source

var (
	DefaultSCP = CSP{
		DefaultSrc:  CSPSourceOptsNone(),
		ScriptSrc:   CSPSourceOptsSelf(),
		ObjectSrc:   CSPSourceOptsNone(),
		StyleSrc:    CSPSourceOptsSelf(),
		ImgSrc:      CSPSourceOptsSelf(),
		MediaSrc:    CSPSourceOptsNone(),
		FrameSrc:    CSPSourceOptsNone(),
		FontSrc:     CSPSourceOptsSelf(),
		ManifestSrc: CSPSourceOptsSelf(),
		ConnectSrc:  CSPSourceOptsSelf(),
	}
)

Functions ¶

func AssetsCacheInterceptor ¶

func AssetsCacheInterceptor(maxAge, sharedMaxAge time.Duration) *cacheInterceptor

func CORSInterceptor ¶

func CORSInterceptor(h http.Handler) http.Handler

func CORSInterceptorOpts ¶

func CORSInterceptorOpts(opts cors.Options, h http.Handler) http.Handler

func CacheInterceptorOpts ¶

func CacheInterceptorOpts(cache *Cache) *cacheInterceptor

func DefaultMetricsHandler ¶

func DefaultMetricsHandler(handler http.Handler) http.Handler

func DefaultTelemetryHandler ¶

func DefaultTelemetryHandler(handler http.Handler) http.Handler

func GetNonce ¶

func GetNonce(r *http.Request) string

func HostFromRequest ¶

func HostFromRequest(r *http.Request, headerName string) (string, error)

func InstanceInterceptor ¶

func InstanceInterceptor(verifier authz.InstanceVerifier, headerName string, ignoredPrefixes ...string) *instanceInterceptor

func MetricsHandler ¶

func MetricsHandler(metricTypes []metrics.MetricType, ignoredMethods ...string) func(http.Handler) http.Handler

func NewUserAgentHandler ¶

func NewUserAgentHandler(config *UserAgentCookieConfig, cookieKey []byte, idGenerator id.Generator, externalSecure bool, ignoredPrefixes ...string) (func(http.Handler) http.Handler, error)

func NoCacheInterceptor ¶

func NoCacheInterceptor() *cacheInterceptor

func SecurityHeaders ¶

func SecurityHeaders(csp *CSP, errorHandler func(error) http.Handler, nonceLength ...uint) func(http.Handler) http.Handler

func TelemetryHandler ¶

func TelemetryHandler(ignoredMethods ...string) func(http.Handler) http.Handler

func UserAgentIDFromCtx ¶

func UserAgentIDFromCtx(ctx context.Context) (string, bool)

Types ¶

type AuthInterceptor ¶

type AuthInterceptor struct {
	// contains filtered or unexported fields
}

func AuthorizationInterceptor ¶

func AuthorizationInterceptor(verifier *authz.TokenVerifier, authConfig authz.Config) *AuthInterceptor

func (*AuthInterceptor) Handler ¶

func (a *AuthInterceptor) Handler(next http.Handler) http.Handler

func (*AuthInterceptor) HandlerFunc ¶

func (a *AuthInterceptor) HandlerFunc(next http.HandlerFunc) http.HandlerFunc

type CSP ¶

type CSP struct {
	DefaultSrc  CSPSourceOptions
	ScriptSrc   CSPSourceOptions
	ObjectSrc   CSPSourceOptions
	StyleSrc    CSPSourceOptions
	ImgSrc      CSPSourceOptions
	MediaSrc    CSPSourceOptions
	FrameSrc    CSPSourceOptions
	FontSrc     CSPSourceOptions
	ManifestSrc CSPSourceOptions
	ConnectSrc  CSPSourceOptions
	FormAction  CSPSourceOptions
}

func (*CSP) Value ¶

func (csp *CSP) Value(nonce string, host string) string

type CSPSourceOptions ¶

type CSPSourceOptions []string

func CSPSourceOpts ¶

func CSPSourceOpts() CSPSourceOptions

func CSPSourceOptsNone ¶

func CSPSourceOptsNone() CSPSourceOptions

func CSPSourceOptsSelf ¶

func CSPSourceOptsSelf() CSPSourceOptions

func (CSPSourceOptions) AddEval ¶

func (srcOpts CSPSourceOptions) AddEval() CSPSourceOptions

func (CSPSourceOptions) AddHash ¶

func (srcOpts CSPSourceOptions) AddHash(alg, b64v string) CSPSourceOptions

func (CSPSourceOptions) AddHost ¶

func (srcOpts CSPSourceOptions) AddHost(h ...string) CSPSourceOptions

func (CSPSourceOptions) AddInline ¶

func (srcOpts CSPSourceOptions) AddInline() CSPSourceOptions

func (CSPSourceOptions) AddNonce ¶

func (srcOpts CSPSourceOptions) AddNonce() CSPSourceOptions

func (CSPSourceOptions) AddOwnHost ¶

func (srcOpts CSPSourceOptions) AddOwnHost() CSPSourceOptions

func (CSPSourceOptions) AddScheme ¶

func (srcOpts CSPSourceOptions) AddScheme(s ...string) CSPSourceOptions

func (CSPSourceOptions) AddSelf ¶

func (srcOpts CSPSourceOptions) AddSelf() CSPSourceOptions

func (CSPSourceOptions) AddStrictDynamic ¶

func (srcOpts CSPSourceOptions) AddStrictDynamic() CSPSourceOptions

func (CSPSourceOptions) String ¶

func (srcOpts CSPSourceOptions) String(nonce, host string) string

type Cache ¶

type Cache struct {
	Cacheability Cacheability
	NoCache      bool
	NoStore      bool
	MaxAge       time.Duration
	SharedMaxAge time.Duration
	NoTransform  bool
	Revalidation Revalidation
}

type CacheConfig ¶

type CacheConfig struct {
	MaxAge       time.Duration
	SharedMaxAge time.Duration
}

type Cacheability ¶

type Cacheability string

const (
	CacheabilityNotSet  Cacheability = ""
	CacheabilityPublic  Cacheability = "public"
	CacheabilityPrivate Cacheability = "private"
)

type Revalidation ¶

type Revalidation string

const (
	RevalidationNotSet Revalidation = ""
	RevalidationMust   Revalidation = "must-revalidate"
	RevalidationProxy  Revalidation = "proxy-revalidate"
)

type UserAgent ¶

type UserAgent struct {
	ID string
}

type UserAgentCookieConfig ¶

type UserAgentCookieConfig struct {
	Name   string
	MaxAge time.Duration
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL