Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthServer ¶
type AuthServer struct {
authpb.UnimplementedAuthNServer
// contains filtered or unexported fields
}
func New ¶
func New(db userdb.Backend, conf *Config, features *idp.Features, aud apb.AuditClient, dir string) (*AuthServer, error)
func (*AuthServer) Authenticate ¶
func (*AuthServer) LocalStub ¶
func (s *AuthServer) LocalStub() authpb.AuthNClient
LocalStub returns a wrapper that can turn a local, in-process instance of AuthServer into a authpb.AuthNClient for GRPC clients.
type Config ¶
type Config struct {
// Service-specific configuration.
Services map[string]*ServiceConfig `yaml:"services"`
// Configure the location service.
Location []*location.ZoneMapSpec `yaml:"location"`
ShortTermStorage struct {
MemcacheServers []string `` /* 140-byte string literal not displayed */
} `yaml:"short_term_storage"`
}
type RLOptions ¶
type RLOptions struct {
MaxSize int `yaml:"max_size" doc:"maximum number of tracked entries"`
Skip []string `yaml:"skip" doc:"ignore these IP ranges (addresses or CIDR, default localhost)"`
V4Mask int `yaml:"v4_mask_bits" doc:"bits to mask in IPv4 addresses (default 32)"`
V6Mask int `yaml:"v6_mask_bits" doc:"bits to mask in IPv6 addresses (default 64)"`
GCParams *ratelimit.GCParams `yaml:"gc" doc:"configuration for the rate limiter garbage collector"`
}
type RateLimitConfig ¶
type RateLimitConfig struct {
Volume *struct {
RLOptions `yaml:",inline"`
Threshold int `yaml:"threshold" doc:"threshold"`
IntervalSec int `yaml:"interval" doc:"interval (seconds)"`
} `yaml:"volume" doc:"volume-based rate limiter"`
Cardinality *struct {
RLOptions `yaml:",inline"`
Threshold int `yaml:"threshold" doc:"score threshold"`
IntervalSec int `yaml:"interval" doc:"interval (seconds)"`
BlockIntervalSec int `yaml:"block_interval" doc:"block interval (seconds)"`
Params *ratelimit.CardinalityParams `yaml:"cardinality" doc:"configuration for the cardinality-based rate limiter"`
} `yaml:"cardinality" doc:"cardinality-based rate limiter"`
}
type ServiceConfig ¶
type ServiceConfig struct {
ASPService string `yaml:"asp_service" doc:"service name for app-specific passwords (defaults to the name of the service)"`
IsInteractive bool `yaml:"interactive" doc:"enable for interactive (web) services supporting challenge-response login mechanisms"`
DisableAudit bool `yaml:"disable_audit" doc:"disable audit logging"`
DisableDeviceCheck bool `yaml:"disable_device_check" doc:"disable client device checks"`
FailureDelay time.Duration `yaml:"failure_delay" doc:"how much to delay auth failures"`
Webauthn struct {
DisplayName string `yaml:"display_name" doc:"WebAuthN Display Name"`
RPID string `yaml:"rpid" doc:"WebAuthN RP ID"`
Origin string `yaml:"origin" doc:"WebAuthN origin"`
U2FAppID string `yaml:"legacy_u2f_appid" doc:"AppID for legacy U2F compatibility"`
} `yaml:"webauthn"`
RateLimit RateLimitConfig `yaml:"rate_limit" doc:"configuration of rate limiters"`
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.