configuration

package

v0.40.7 Latest Latest Go to latest Published: Feb 29, 2024 License: Apache-2.0 Imports: 27 Imported by: 11

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ory/oathkeeper

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Key
type KoanfProvider
- func NewKoanfProvider(ctx context.Context, flags *pflag.FlagSet, l *logrusx.Logger, ...) (kp *KoanfProvider, err error)
type MatchingStrategy
type Provider
type ProviderAuthenticators
type ProviderAuthorizers
type ProviderErrorHandlers
type ProviderMutators
type SubscriptionID
type TLSConfig
type TLSData

Constants ¶

View Source

const (
	ForbiddenStrategyErrorType = "forbidden"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Key ¶ added in v0.40.0

type Key = string

const (
	ProxyReadTimeout                    Key = "serve.proxy.timeout.read"
	ProxyWriteTimeout                   Key = "serve.proxy.timeout.write"
	ProxyIdleTimeout                    Key = "serve.proxy.timeout.idle"
	ProxyServeAddressHost               Key = "serve.proxy.host"
	ProxyServeAddressPort               Key = "serve.proxy.port"
	ProxyTrustForwardedHeaders          Key = "serve.proxy.trust_forwarded_headers"
	APIServeAddressHost                 Key = "serve.api.host"
	APIServeAddressPort                 Key = "serve.api.port"
	APIReadTimeout                      Key = "serve.api.timeout.read"
	APIWriteTimeout                     Key = "serve.api.timeout.write"
	APIIdleTimeout                      Key = "serve.api.timeout.idle"
	PrometheusServeAddressHost          Key = "serve.prometheus.host"
	PrometheusServeAddressPort          Key = "serve.prometheus.port"
	PrometheusServeMetricsPath          Key = "serve.prometheus.metrics_path"
	PrometheusServeMetricsNamePrefix    Key = "serve.prometheus.metric_name_prefix"
	PrometheusServeHideRequestPaths     Key = "serve.prometheus.hide_request_paths"
	PrometheusServeCollapseRequestPaths Key = "serve.prometheus.collapse_request_paths"
	AccessRuleRepositories              Key = "access_rules.repositories"
	AccessRuleMatchingStrategy          Key = "access_rules.matching_strategy"
)

const (
	AuthorizerAllowIsEnabled            Key = "authorizers.allow.enabled"
	AuthorizerDenyIsEnabled             Key = "authorizers.deny.enabled"
	AuthorizerKetoEngineACPORYIsEnabled Key = "authorizers.keto_engine_acp_ory.enabled"
	AuthorizerRemoteIsEnabled           Key = "authorizers.remote.enabled"
	AuthorizerRemoteJSONIsEnabled       Key = "authorizers.remote_json.enabled"
)

Authorizers

const (
	MutatorCookieIsEnabled   Key = "mutators.cookie.enabled"
	MutatorHeaderIsEnabled   Key = "mutators.header.enabled"
	MutatorNoopIsEnabled     Key = "mutators.noop.enabled"
	MutatorHydratorIsEnabled Key = "mutators.hydrator.enabled"
	MutatorIDTokenIsEnabled  Key = "mutators.id_token.enabled"
	MutatorIDTokenJWKSURL    Key = "mutators.id_token.config.jwks_url"
	MutatorIDTokenIssuerURL  Key = "mutators.id_token.config.issuer_url"
)

Mutators

const (
	// anonymous
	AuthenticatorAnonymousIsEnabled Key = "authenticators.anonymous.enabled"

	// noop
	AuthenticatorNoopIsEnabled Key = "authenticators.noop.enabled"

	// cookie session
	AuthenticatorCookieSessionIsEnabled Key = "authenticators.cookie_session.enabled"

	// jwt
	AuthenticatorJwtIsEnabled  Key = "authenticators.jwt.enabled"
	AuthenticatorJwtJwkMaxWait Key = "authenticators.jwt.config.jwks_max_wait"
	AuthenticatorJwtJwkTtl     Key = "authenticators.jwt.config.jwks_ttl"

	// oauth2_client_credentials
	AuthenticatorOAuth2ClientCredentialsIsEnabled Key = "authenticators.oauth2_client_credentials.enabled"

	// oauth2_token_introspection
	AuthenticatorOAuth2TokenIntrospectionIsEnabled Key = "authenticators.oauth2_introspection.enabled"

	// unauthorized
	AuthenticatorUnauthorizedIsEnabled Key = "authenticators.unauthorized.enabled"
)

Authenticators

const (
	ErrorsHandlers                 Key = "errors.handlers"
	ErrorsFallback                 Key = "errors.fallback"
	ErrorsJSONIsEnabled            Key = ErrorsHandlers + ".json.enabled"
	ErrorsRedirectIsEnabled        Key = ErrorsHandlers + ".redirect.enabled"
	ErrorsWWWAuthenticateIsEnabled Key = ErrorsHandlers + ".www_authenticate.enabled"
)

Errors

type KoanfProvider ¶ added in v0.40.0

type KoanfProvider struct {
	// contains filtered or unexported fields
}

func NewKoanfProvider ¶ added in v0.40.0

func NewKoanfProvider(ctx context.Context, flags *pflag.FlagSet, l *logrusx.Logger, opts ...configx.OptionModifier) (kp *KoanfProvider, err error)

func (*KoanfProvider) APIIdleTimeout ¶ added in v0.40.0

func (v *KoanfProvider) APIIdleTimeout() time.Duration

func (*KoanfProvider) APIReadTimeout ¶ added in v0.40.0

func (v *KoanfProvider) APIReadTimeout() time.Duration

func (*KoanfProvider) APIServeAddress ¶ added in v0.40.0

func (v *KoanfProvider) APIServeAddress() string

func (*KoanfProvider) APIWriteTimeout ¶ added in v0.40.0

func (v *KoanfProvider) APIWriteTimeout() time.Duration

func (*KoanfProvider) AccessRuleMatchingStrategy ¶ added in v0.40.0

func (v *KoanfProvider) AccessRuleMatchingStrategy() MatchingStrategy

AccessRuleMatchingStrategy returns current MatchingStrategy.

func (*KoanfProvider) AccessRuleRepositories ¶ added in v0.40.0

func (v *KoanfProvider) AccessRuleRepositories() []url.URL

func (*KoanfProvider) AddWatcher ¶ added in v0.40.0

func (v *KoanfProvider) AddWatcher(cb callback) SubscriptionID

AddWatcher ensures that the callback is called when the configuration changes. The returned subscription can be used to remove the watcher.

func (*KoanfProvider) AllSettings ¶ added in v0.40.0

func (v *KoanfProvider) AllSettings() map[string]interface{}

func (*KoanfProvider) AuthenticatorConfig ¶ added in v0.40.0

func (v *KoanfProvider) AuthenticatorConfig(id string, override json.RawMessage, dest interface{}) error

func (*KoanfProvider) AuthenticatorIsEnabled ¶ added in v0.40.0

func (v *KoanfProvider) AuthenticatorIsEnabled(id string) bool

func (*KoanfProvider) AuthenticatorJwtJwkMaxWait ¶ added in v0.40.0

func (v *KoanfProvider) AuthenticatorJwtJwkMaxWait() time.Duration

func (*KoanfProvider) AuthenticatorJwtJwkTtl ¶ added in v0.40.0

func (v *KoanfProvider) AuthenticatorJwtJwkTtl() time.Duration

func (*KoanfProvider) AuthorizerConfig ¶ added in v0.40.0

func (v *KoanfProvider) AuthorizerConfig(id string, override json.RawMessage, dest interface{}) error

func (*KoanfProvider) AuthorizerIsEnabled ¶ added in v0.40.0

func (v *KoanfProvider) AuthorizerIsEnabled(id string) bool

func (*KoanfProvider) CORS ¶ added in v0.40.0

func (v *KoanfProvider) CORS(iface string) (cors.Options, bool)

func (*KoanfProvider) CORSEnabled ¶ added in v0.40.0

func (v *KoanfProvider) CORSEnabled(iface string) bool

func (*KoanfProvider) CORSOptions ¶ added in v0.40.0

func (v *KoanfProvider) CORSOptions(iface string) cors.Options

func (*KoanfProvider) ErrorHandlerConfig ¶ added in v0.40.0

func (v *KoanfProvider) ErrorHandlerConfig(id string, override json.RawMessage, dest interface{}) error

func (*KoanfProvider) ErrorHandlerFallbackSpecificity ¶ added in v0.40.0

func (v *KoanfProvider) ErrorHandlerFallbackSpecificity() []string

func (*KoanfProvider) ErrorHandlerIsEnabled ¶ added in v0.40.0

func (v *KoanfProvider) ErrorHandlerIsEnabled(id string) bool

func (*KoanfProvider) Get ¶ added in v0.40.0

func (v *KoanfProvider) Get(k Key) interface{}

func (*KoanfProvider) JSONWebKeyURLs ¶ added in v0.40.0

func (v *KoanfProvider) JSONWebKeyURLs() []string

func (*KoanfProvider) MutatorConfig ¶ added in v0.40.0

func (v *KoanfProvider) MutatorConfig(id string, override json.RawMessage, dest interface{}) error

func (*KoanfProvider) MutatorIsEnabled ¶ added in v0.40.0

func (v *KoanfProvider) MutatorIsEnabled(id string) bool

func (*KoanfProvider) ParseURLs ¶ added in v0.40.0

func (v *KoanfProvider) ParseURLs(sources []string) ([]url.URL, error)

func (*KoanfProvider) PipelineConfig ¶ added in v0.40.0

func (v *KoanfProvider) PipelineConfig(prefix, id string, override json.RawMessage, dest interface{}) error

func (*KoanfProvider) PrometheusCollapseRequestPaths ¶ added in v0.40.0

func (v *KoanfProvider) PrometheusCollapseRequestPaths() bool

func (*KoanfProvider) PrometheusHideRequestPaths ¶ added in v0.40.0

func (v *KoanfProvider) PrometheusHideRequestPaths() bool

func (*KoanfProvider) PrometheusMetricsNamePrefix ¶ added in v0.40.0

func (v *KoanfProvider) PrometheusMetricsNamePrefix() string

func (*KoanfProvider) PrometheusMetricsPath ¶ added in v0.40.0

func (v *KoanfProvider) PrometheusMetricsPath() string

func (*KoanfProvider) PrometheusServeAddress ¶ added in v0.40.0

func (v *KoanfProvider) PrometheusServeAddress() string

func (*KoanfProvider) ProxyIdleTimeout ¶ added in v0.40.0

func (v *KoanfProvider) ProxyIdleTimeout() time.Duration

func (*KoanfProvider) ProxyReadTimeout ¶ added in v0.40.0

func (v *KoanfProvider) ProxyReadTimeout() time.Duration

func (*KoanfProvider) ProxyServeAddress ¶ added in v0.40.0

func (v *KoanfProvider) ProxyServeAddress() string

func (*KoanfProvider) ProxyTrustForwardedHeaders ¶ added in v0.40.5

func (v *KoanfProvider) ProxyTrustForwardedHeaders() bool

func (*KoanfProvider) ProxyWriteTimeout ¶ added in v0.40.0

func (v *KoanfProvider) ProxyWriteTimeout() time.Duration

func (*KoanfProvider) SetForTest ¶ added in v0.40.0

func (v *KoanfProvider) SetForTest(t testing.TB, key string, value interface{})

func (*KoanfProvider) Source ¶ added in v0.40.0

func (v *KoanfProvider) Source() *configx.Provider

func (*KoanfProvider) String ¶ added in v0.40.0

func (v *KoanfProvider) String(k Key) string

func (*KoanfProvider) TLSConfig ¶ added in v0.40.0

func (v *KoanfProvider) TLSConfig(daemon string) *TLSConfig

func (*KoanfProvider) ToScopeStrategy ¶ added in v0.40.0

func (v *KoanfProvider) ToScopeStrategy(value string, key string) fosite.ScopeStrategy

func (*KoanfProvider) TracingConfig ¶ added in v0.40.1

func (v *KoanfProvider) TracingConfig() *otelx.Config

func (*KoanfProvider) TracingServiceName ¶ added in v0.40.0

func (v *KoanfProvider) TracingServiceName() string

type MatchingStrategy ¶

type MatchingStrategy string

MatchingStrategy defines matching strategy such as Regexp or Glob. Empty string defaults to "regexp".

const (
	Regexp                  MatchingStrategy = "regexp"
	Glob                    MatchingStrategy = "glob"
	DefaultMatchingStrategy                  = Regexp
)

Possible matching strategies.

type Provider ¶

type Provider interface {
	Get(k Key) interface{}
	String(k Key) string
	AllSettings() map[string]interface{}
	Source() *configx.Provider

	AddWatcher(cb callback) SubscriptionID

	CORSEnabled(iface string) bool
	CORSOptions(iface string) cors.Options
	CORS(iface string) (cors.Options, bool)

	ProxyTrustForwardedHeaders() bool

	ProviderAuthenticators
	ProviderErrorHandlers
	ProviderAuthorizers
	ProviderMutators

	ProxyReadTimeout() time.Duration
	ProxyWriteTimeout() time.Duration
	ProxyIdleTimeout() time.Duration

	APIReadTimeout() time.Duration
	APIWriteTimeout() time.Duration
	APIIdleTimeout() time.Duration

	AccessRuleRepositories() []url.URL
	AccessRuleMatchingStrategy() MatchingStrategy

	ProxyServeAddress() string
	APIServeAddress() string

	PrometheusServeAddress() string
	PrometheusMetricsPath() string
	PrometheusMetricsNamePrefix() string
	PrometheusHideRequestPaths() bool
	PrometheusCollapseRequestPaths() bool

	ToScopeStrategy(value string, key string) fosite.ScopeStrategy
	ParseURLs(sources []string) ([]url.URL, error)
	JSONWebKeyURLs() []string

	TracingServiceName() string
	TracingConfig() *otelx.Config

	TLSConfig(daemon string) *TLSConfig

	SetForTest(t testing.TB, key string, value interface{})
}

type ProviderAuthenticators ¶

type ProviderAuthenticators interface {
	AuthenticatorConfig(id string, overrides json.RawMessage, destination interface{}) error
	AuthenticatorIsEnabled(id string) bool
	AuthenticatorJwtJwkMaxWait() time.Duration
	AuthenticatorJwtJwkTtl() time.Duration
}

type ProviderAuthorizers ¶

type ProviderAuthorizers interface {
	AuthorizerConfig(id string, overrides json.RawMessage, destination interface{}) error
	AuthorizerIsEnabled(id string) bool
}

type ProviderErrorHandlers ¶

type ProviderErrorHandlers interface {
	ErrorHandlerConfig(id string, override json.RawMessage, dest interface{}) error
	ErrorHandlerIsEnabled(id string) bool
	ErrorHandlerFallbackSpecificity() []string
}

type ProviderMutators ¶

type ProviderMutators interface {
	MutatorConfig(id string, overrides json.RawMessage, destination interface{}) error
	MutatorIsEnabled(id string) bool
}

type SubscriptionID ¶ added in v0.40.0

type SubscriptionID uuid.UUID

type TLSConfig ¶ added in v0.40.0

type TLSConfig struct {
	Key  TLSData `mapstructure:"key"`
	Cert TLSData `mapstructure:"cert"`
}

type TLSData ¶ added in v0.40.0

type TLSData struct {
	Path   string `mapstructure:"path"`
	Base64 string `mapstructure:"base64"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL