proxy

Documentation

Index

• func ParseContextFromRequest(req *http.Request, replace bool) string
• func ParseSubjectFromRequest(req *http.Request) string
• type JSONWebKey
• type JWKS
  • func (j *JWKS) Find(s string) *JSONWebKey
• type MiddlewareFunc
  • func WithEmpty() MiddlewareFunc
  • func WithHandler(next http.Handler) MiddlewareFunc
  • func WithHeader() MiddlewareFunc
  • func WithJWT() MiddlewareFunc
  • func WithLogging() MiddlewareFunc
  • func WithOIDC(c OIDCConfig) MiddlewareFunc
  • func WithRS256(c RS256Config) MiddlewareFunc
• type OIDCConfig
• type Proxy
  • func New(c *api.Config) (*Proxy, error)
  • func (p *Proxy) Apply(middleware ...MiddlewareFunc) MiddlewareFunc
  • func (p *Proxy) CacheTTL(d time.Duration)
  • func (p *Proxy) Chain() http.Handler
  • func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request)
  • func (p *Proxy) Use(middleware ...MiddlewareFunc) *Proxy
• type RS256Config
• type Transport
  • func (t *Transport) RoundTrip(req *http.Request) (res *http.Response, err error)

Functions

func ParseContextFromRequest

func ParseContextFromRequest(req *http.Request, replace bool) string

ParseContextFromRequest tries to find the requested context name either by URL or HTTP header. Will return the value of 'Multikube-Context' HTTP header. Will return the first part of the URL path if no headers are set. Set replace to true if the URL path in provided request should be replaced with a path without context name.

func ParseSubjectFromRequest

func ParseSubjectFromRequest(req *http.Request) string

ParseSubjectFromRequest returns a string with the value of ContextKey key from the HTTP request Context (context.Context)

Types

type JSONWebKey

type JSONWebKey struct {
	Kty string   `json:"kty"`
	Kid string   `json:"kid"`
	Use string   `json:"use"`
	N   string   `json:"n"`
	E   string   `json:"e"`
	X5c []string `json:"x5c"`
}

JSONWebKey is a representation of a Json Web Key

type JWKS

type JWKS struct {
	Keys []JSONWebKey `json:"keys"`
}

JWKS is a representation of Json Web Key Store. It holds multiple JWK's in an array

func (*JWKS) Find

func (j *JWKS) Find(s string) *JSONWebKey

Find will loop through the keys on the JWKS and return that which has a matching key id

type MiddlewareFunc

type MiddlewareFunc func(http.Handler) http.Handler

MiddlewareFunc defines a function to process middleware.

func WithEmpty

func WithEmpty() MiddlewareFunc

WithEmpty is an empty handler that does nothing

func WithHandler

func WithHandler(next http.Handler) MiddlewareFunc

WithHandler takes any http.Handler and returns it as a MiddlewareFunc so that it can be used in proxy

func WithHeader

func WithHeader() MiddlewareFunc

WithHeader is a middleware that reads the value of the HTTP header "Multikube-Context" in the request and, if found, sets it's value in the request context.

func WithJWT

func WithJWT() MiddlewareFunc

WithJWT is a middleware that parses a JWT token from the requests and propagates the request context with a claim value.

func WithLogging

func WithLogging() MiddlewareFunc

WithLogging applies access log style logging to the HTTP server

func WithOIDC

func WithOIDC(c OIDCConfig) MiddlewareFunc

WithOIDC is a middleware that validates a JWT token in the http request using an OIDC provider configured in c

func WithRS256

func WithRS256(c RS256Config) MiddlewareFunc

WithRS256 is a middleware that validates a JWT token in the http request using RS256 signing method. It will do so using a rsa public key provided in Config

type OIDCConfig

type OIDCConfig struct {
	OIDCIssuerURL          string
	OIDCUsernameClaim      string
	OIDCPollInterval       time.Duration
	OIDCInsecureSkipVerify bool
	OIDCCa                 *x509.Certificate
	JWKS                   *JWKS
}

OIDCConfig is configuration for OIDC middleware

type Proxy

type Proxy struct {
	// contains filtered or unexported fields
}

Proxy implements an HTTP handler. It has a built-in transport with in-mem cache capabilities.

func New

func New(c *api.Config) (*Proxy, error)

New creates a new Proxy instance

func (*Proxy) Apply

func (p *Proxy) Apply(middleware ...MiddlewareFunc) MiddlewareFunc

Apply chains all middlewares and resturns a MiddlewareFunc that can wrap an http.Handler

func (*Proxy) CacheTTL

func (p *Proxy) CacheTTL(d time.Duration)

CacheTTL sets the TTL value of all transports to d

func (*Proxy) Chain

func (p *Proxy) Chain() http.Handler

Chain is a convenience function that chains all applied middleware and wraps proxy handler with it

func (*Proxy) ServeHTTP

func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP routes the request to an apiserver. It determines, resolves an apiserver using data in the request itsel such as certificate data, authorization bearer tokens, http headers etc.

func (*Proxy) Use

func (p *Proxy) Use(middleware ...MiddlewareFunc) *Proxy

Use adds a middleware

type RS256Config

type RS256Config struct {
	PublicKey *rsa.PublicKey
}

RS256Config is configuration for RS256 middleware

type Transport

type Transport struct {
	Cache           *cache.Cache
	TLSClientConfig *tls.Config
	// contains filtered or unexported fields
}

Transport is an implementation of RoundTripper and extension of http.Transport with the addition of a Cache.

func (*Transport) RoundTrip

func (t *Transport) RoundTrip(req *http.Request) (res *http.Response, err error)

RoundTrip implements http.Transport