middleware

Documentation

Index

• func AuthenticationMiddleware(tokenVerifier OIDCTokenVerifier, gwPwd func(string) (string, bool)) func(http.Handler) http.Handler
• func ContextMiddleware(next http.Handler) http.Handler
• func LoggingMiddleware(next http.Handler) http.Handler
• func MinimalPermissionMiddleware(next http.Handler) http.Handler
• func RealIPMiddleware(next http.Handler) http.Handler
• func RecoveryMiddleware(next http.Handler) http.Handler
• func RequestHasRole(r *http.Request, roles ...string) bool
• type FailoverOIDCTokenVerifier
  • func (v *FailoverOIDCTokenVerifier) Verify(ctx context.Context, tokenStr string) (*oidc.IDToken, error)
• type IDTokenClaims
  • func (c *IDTokenClaims) HasAnyRole(roles ...string) bool
• type OIDCTokenVerifier
  • func NewFailoverOIDCTokenVerifier(issuerUrls []string) (OIDCTokenVerifier, error)
• type RequestContext
  • func ContextFromCtx(ctx context.Context) (*RequestContext, bool)
  • func ContextFromRequest(r *http.Request) (*RequestContext, bool)
• type Roles

Functions

func AuthenticationMiddleware

func AuthenticationMiddleware(tokenVerifier OIDCTokenVerifier, gwPwd func(string) (string, bool)) func(http.Handler) http.Handler

func ContextMiddleware

func ContextMiddleware(next http.Handler) http.Handler

func LoggingMiddleware

func LoggingMiddleware(next http.Handler) http.Handler

func MinimalPermissionMiddleware

func MinimalPermissionMiddleware(next http.Handler) http.Handler

func RealIPMiddleware

func RealIPMiddleware(next http.Handler) http.Handler

func RecoveryMiddleware

func RecoveryMiddleware(next http.Handler) http.Handler

func RequestHasRole

func RequestHasRole(r *http.Request, roles ...string) bool

Types

type FailoverOIDCTokenVerifier

type FailoverOIDCTokenVerifier struct {
	// contains filtered or unexported fields
}

func (*FailoverOIDCTokenVerifier) Verify

func (v *FailoverOIDCTokenVerifier) Verify(ctx context.Context, tokenStr string) (*oidc.IDToken, error)

type IDTokenClaims

type IDTokenClaims struct {
	Acr               string           `json:"acr"`
	AllowedOrigins    []string         `json:"allowed-origins"`
	Aud               interface{}      `json:"aud"`
	AuthTime          int              `json:"auth_time"`
	Azp               string           `json:"azp"`
	Email             string           `json:"email"`
	Exp               int              `json:"exp"`
	FamilyName        string           `json:"family_name"`
	GivenName         string           `json:"given_name"`
	Iat               int              `json:"iat"`
	Iss               string           `json:"iss"`
	Jti               string           `json:"jti"`
	Name              string           `json:"name"`
	Nbf               int              `json:"nbf"`
	Nonce             string           `json:"nonce"`
	PreferredUsername string           `json:"preferred_username"`
	RealmAccess       Roles            `json:"realm_access"`
	ResourceAccess    map[string]Roles `json:"resource_access"`
	SessionState      string           `json:"session_state"`
	Sub               string           `json:"sub"`
	Typ               string           `json:"typ"`
	// contains filtered or unexported fields
}

func (*IDTokenClaims) HasAnyRole

func (c *IDTokenClaims) HasAnyRole(roles ...string) bool

type OIDCTokenVerifier

type OIDCTokenVerifier interface {
	Verify(context.Context, string) (*oidc.IDToken, error)
}

func NewFailoverOIDCTokenVerifier

func NewFailoverOIDCTokenVerifier(issuerUrls []string) (OIDCTokenVerifier, error)

type RequestContext

type RequestContext struct {
	IP          string
	IDClaims    *IDTokenClaims
	ServiceUser bool
	Params      interface{}
	RouteName   string
}

func ContextFromCtx

func ContextFromCtx(ctx context.Context) (*RequestContext, bool)

func ContextFromRequest

func ContextFromRequest(r *http.Request) (*RequestContext, bool)

type Roles

type Roles struct {
	Roles []string `json:"roles"`
}