Documentation
¶
Index ¶
- func AbortWithError(c *gin.Context, err error)
- func AbortWithErrorJSON(c *gin.Context, err error)
- type GetAPIVerifyResponse
- type NewServerOpts
- type ResponseError
- type Server
- func (s *Server) MiddlewareLoadAuthCookie(c *gin.Context)
- func (s *Server) MiddlewareLogger(parentLog *zerolog.Logger) func(c *gin.Context)
- func (s *Server) MiddlewareLoggerMask(exp *regexp.Regexp, replace string) gin.HandlerFunc
- func (s *Server) MiddlewareProxyHeaders(c *gin.Context)
- func (s *Server) MiddlewareRequestId(c *gin.Context)
- func (s *Server) MiddlewareRequireClientCertificate(c *gin.Context)
- func (s *Server) RouteGetAPIVerify(c *gin.Context)
- func (s *Server) RouteGetLogout(c *gin.Context)
- func (s *Server) RouteGetOAuth2Callback(provider auth.OAuth2Provider) func(c *gin.Context)
- func (s *Server) RouteGetOAuth2Root(provider auth.OAuth2Provider) func(c *gin.Context)
- func (s *Server) RouteGetProfile(c *gin.Context)
- func (s *Server) RouteGetSeamlessAuthRoot(provider auth.SeamlessProvider) func(c *gin.Context)
- func (s *Server) RouteHealthzHandler(w http.ResponseWriter, r *http.Request)
- func (s *Server) Run(ctx context.Context) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AbortWithError ¶
AbortWithError aborts a Gin context and sends a response with an error message. Pass an ErrorResponse object to be able to customize the status code; it defaults to 500 otherwise. If the status code is >= 500, the message is not sent to users directly.
func AbortWithErrorJSON ¶
AbortWithErrorJSON aborts a Gin context and sends a response with a JSON error message. Pass an ErrorResponse object to be able to customize the status code; it defaults to 500 otherwise. If the status code is >= 500, the message is not sent to users directly.
Types ¶
type GetAPIVerifyResponse ¶
type GetAPIVerifyResponse struct {
Valid bool `json:"valid"`
Claims map[string]any `json:"claims"`
}
GetAPIVerifyResponse is the response from RouteGetAPIVerify
type NewServerOpts ¶
type NewServerOpts struct {
Log *zerolog.Logger
Auth auth.Provider
// contains filtered or unexported fields
}
NewServerOpts contains options for the NewServer method
type ResponseError ¶
ResponseError is used to send JSON responses with an error
func NewResponseError ¶
func NewResponseError(code int, message string) ResponseError
NewResponseError creates a new ErrorResponse with the code and message
func NewResponseErrorf ¶
func NewResponseErrorf(code int, messageFmt string, args ...any) ResponseError
NewResponseErrorf creates a new ErrorResponse with the code and formatted message
func (ResponseError) Error ¶
func (e ResponseError) Error() string
Error implements the error interface
func (ResponseError) MarshalJSON ¶
func (e ResponseError) MarshalJSON() ([]byte, error)
MarshalJSON implements a JSON marshaller that returns an object with the error key
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is the server based on Gin
func NewServer ¶
func NewServer(opts NewServerOpts) (*Server, error)
NewServer creates a new Server object and initializes it
func (*Server) MiddlewareLoadAuthCookie ¶
MiddlewareLoadAuthCookie is a middleware that checks if the request contains a valid authentication token in the cookie.
func (*Server) MiddlewareLogger ¶
MiddlewareLogger is a Gin middleware that uses zerlog for logging
func (*Server) MiddlewareLoggerMask ¶
MiddlewareLoggerMask returns a Gin middleware that adds the "log-mask" to mask the path using a regular expression
func (*Server) MiddlewareProxyHeaders ¶
MiddlewareProxyHeaders is a middleware that gets values for source IP and port from the headers set by Traefik. It stops the request if the headers aren't set. This middleware should be used first in the chain.
func (*Server) MiddlewareRequestId ¶
MiddlewareRequestId is a middleware that generates a unique request ID for each request
func (*Server) MiddlewareRequireClientCertificate ¶
MiddlewareRequireClientCertificate is a middleware that requires a valid client certificate to be present. This is meant to be used to enforce mTLS on specific routes, when the server's TLS is configured with VerifyClientCertIfGiven.
func (*Server) RouteGetAPIVerify ¶
RouteGetAPIVerify is the handler for GET /api/verify This API validates a token and returns the list of claims The token can be passed in the Authorization header or in the session cookie
func (*Server) RouteGetLogout ¶
RouteGetLogout is the handler for GET /logout This removes the session cookie
func (*Server) RouteGetOAuth2Callback ¶
func (s *Server) RouteGetOAuth2Callback(provider auth.OAuth2Provider) func(c *gin.Context)
RouteGetOAuth2Callback is the handler for GET /oauth2/callback when using an OAuth2-based provider This handles redirects from OAuth2 identity providers after successful callbacks
func (*Server) RouteGetOAuth2Root ¶
func (s *Server) RouteGetOAuth2Root(provider auth.OAuth2Provider) func(c *gin.Context)
RouteGetOAuth2Root is the handler for GET / when using an OAuth2-based provider This handles requests from Traefik and redirects users to auth servers if needed
func (*Server) RouteGetProfile ¶
RouteGetProfile is the handler for GET /profile This handler serves the profile of authenticated users in clear-text
func (*Server) RouteGetSeamlessAuthRoot ¶
func (s *Server) RouteGetSeamlessAuthRoot(provider auth.SeamlessProvider) func(c *gin.Context)
RouteGetSeamlessAuthRoot is the handler for GET / when using a seamless auth provider This handles requests from Traefik
func (*Server) RouteHealthzHandler ¶
func (s *Server) RouteHealthzHandler(w http.ResponseWriter, r *http.Request)
RouteHealthzHandler is the handler for the route GET /healthz - as a http.Handler. It can be used to ping the server and ensure everything is working.
Source Files