Documentation ¶
Index ¶
- func APICSRFHandler(next http.Handler) http.Handler
- func APIHandler() http.Handler
- func APIPanicHandler(rec interface{}, w http.ResponseWriter)
- func BrowserDetectorHandler(next http.Handler) http.Handler
- func CheckSecretFailIfIsNull(s *vault.Secret)
- func NextCSRFHandler(next http.Handler) http.Handler
- func ValidateRegExp(s string, r string) bool
- func ValidateRole(s string)
- func ValidateSecret(secretID string, user string) (vaultSecretPath string)
- func ValidateService(s string)
- func ValidateSubdomain(s string)
- type AdminServiceResource
- type AuthResource
- type ClientServiceResource
- type FlashResource
- type LoginStatus
- type SecretResource
- type ServiceCache
- type ServiceLongDescription
- type ServiceMetadata
- type ServiceResolver
- type ServiceStrategy
- type SimpleLongDescription
- type SpaceResource
- type URLLongDescription
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func APICSRFHandler ¶
APICSRFHandler add csrf protection only for browsers (see BrowserDetectorHandler)
func APIPanicHandler ¶
func APIPanicHandler(rec interface{}, w http.ResponseWriter)
APIPanicHandler handle any panic in the api endpoint
func BrowserDetectorHandler ¶
BrowserDetectorHandler If the vault token is read from the cookie it will assume that is a browser vault token from the cookie will always be selected if both header and cookie are present
func CheckSecretFailIfIsNull ¶
CheckSecretFailIfIsNull panic if vault backend return a empty secret
func NextCSRFHandler ¶
NextCSRFHandler set the next csrf token, js application should read this token and use it in the next request
func ValidateRegExp ¶
ValidateRegExp helper for validate any regexp
func ValidateSecret ¶
ValidateSecret check if a vault secret is associated with the service, panic in case of not
func ValidateSubdomain ¶
func ValidateSubdomain(s string)
ValidateSubdomain subdomain should end with . and only contains alphanumeric characters and -
Types ¶
type AdminServiceResource ¶
type AdminServiceResource struct { ImpersonateWithinRole bool `json:"impersonateWithinRole,omitempty"` IsActive *bool `json:"isActive,omitempty"` SecretPaths []string `json:"secretPaths,omitempty"` FullURL string `json:"fullUrl,omitempty"` Meta *ServiceMetadata `json:"meta,omitempty"` Resolver *ServiceResolver `json:"resolver,omitempty"` Strategy *ServiceStrategy `json:"strategy,omitempty"` Cache *ServiceCache `json:"cache,omitempty"` }
AdminServiceResource service definition struct
func (*AdminServiceResource) Active ¶
func (as *AdminServiceResource) Active() bool
func (*AdminServiceResource) Register ¶
func (as *AdminServiceResource) Register(container *restful.Container)
Register ...
type AuthResource ¶
type AuthResource struct { }
AuthResource ...
func (*AuthResource) Register ¶
func (a *AuthResource) Register(container *restful.Container)
Register ...
type ClientServiceResource ¶
type ClientServiceResource struct { Meta *ServiceMetadata `json:"meta"` ImpersonateWithinRole bool `json:"impersonateWithinRole"` IsActive *bool `json:"isActive"` SecretPaths []string `json:"secretPaths"` FullURL string `json:"fullUrl"` }
ClientServiceResource part of the service that is accessible to not admin users
func (*ClientServiceResource) Register ¶
func (cs *ClientServiceResource) Register(container *restful.Container)
Register ...
type FlashResource ¶
type FlashResource struct {
Flashes []string `json:"flashes"`
}
FlashResource this allow to store some error messages in the cookie only useful in the browser
func (*FlashResource) Register ¶
func (f *FlashResource) Register(container *restful.Container)
Register ...
type LoginStatus ¶
type LoginStatus struct { IsLogged bool `json:"isLogged"` IsAdmin bool `json:"isAdmin"` CanImpersonate bool `json:"canImpersonate"` SessionExpiresAt int64 `json:"sessionExpiresAt"` }
LoginStatus store the vault token state relative to menshend
type SecretResource ¶
type SecretResource struct { }
SecretResource ...
func (*SecretResource) Register ¶
func (s *SecretResource) Register(container *restful.Container)
Register ...
type ServiceCache ¶
type ServiceCache struct { // time to live seconds TTL int `json:"ttl"` }
ServiceCache activate a cache for the resolvers result
type ServiceLongDescription ¶
type ServiceLongDescription struct { Remote *URLLongDescription `json:"remote,omitempty"` Local *SimpleLongDescription `json:"local,omitempty"` }
ServiceLongDescription long description options
func (*ServiceLongDescription) Load ¶
func (sldn *ServiceLongDescription) Load()
Load load long description from remote/local or whatever resource
func (*ServiceLongDescription) LongDescription ¶
func (sldn *ServiceLongDescription) LongDescription() string
LongDescription ...
func (*ServiceLongDescription) Validate ¶
func (sldn *ServiceLongDescription) Validate()
Validate ...
type ServiceMetadata ¶
type ServiceMetadata struct { ID string `json:"id,omitempty"` RoleID string `json:"roleId,omitempty"` SubDomain string `json:"subDomain,omitempty"` Name string `json:"name,omitempty"` Logo string `json:"logo,omitempty"` Description string `json:"description,omitempty"` Tags []string `json:"tags,omitempty"` LongDescription *ServiceLongDescription `json:"longDescription,omitempty"` }
ServiceMetadata ...
type ServiceResolver ¶
type ServiceResolver struct { Yaml *resolvers.YAMLResolver `json:"yaml"` Lua *resolvers.LuaResolver `json:"lua"` }
ServiceResolver ..
func (*ServiceResolver) Get ¶
func (sr *ServiceResolver) Get() resolvers.Resolver
Get returns the active resolver
func (*ServiceResolver) Validate ¶
func (sr *ServiceResolver) Validate()
Validate a service can only contains an resolver (lua, yaml, js, etc..)
type ServiceStrategy ¶
type ServiceStrategy struct { Proxy *strategy.Proxy `json:"proxy,omitempty"` PortForward *strategy.PortForward `json:"portForward,omitempty"` Redirect *strategy.Redirect `json:"redirect,omitempty"` }
ServiceStrategy defines how menshend will handle the user request
func (*ServiceStrategy) Get ¶
func (ss *ServiceStrategy) Get() strategy.Strategy
Get returns the active strategy
func (*ServiceStrategy) Validate ¶
func (ss *ServiceStrategy) Validate()
Validate a service can only contains a strategy
type SimpleLongDescription ¶
type SimpleLongDescription struct {
Content string `json:"content"`
}
SimpleLongDescription the user defines the contents manually - supports markdown
func (*SimpleLongDescription) LongDescription ¶
func (sld *SimpleLongDescription) LongDescription() string
LongDescription ...
type SpaceResource ¶
type SpaceResource struct { Logo string `json:"logo"` Name string `json:"name"` ShortDescription string `json:"shortDescription"` LongDescription string `json:"longDescription"` Host string `json:"host"` }
SpaceResource ...
func (*SpaceResource) Register ¶
func (s *SpaceResource) Register(container *restful.Container)
Register ...
type URLLongDescription ¶
URLLongDescription allow to the user to load the service long description from a remote url a README.md file is preferred
func (*URLLongDescription) Load ¶
func (uld *URLLongDescription) Load()
Load query the remote endpoint and load the content from there
func (*URLLongDescription) LongDescription ¶
func (uld *URLLongDescription) LongDescription() string
LongDescription ...