Documentation
¶
Index ¶
- Variables
- type AuthServer
- func (as *AuthServer) Authenticate(ar *authRequest) (bool, api.Labels, error)
- func (as *AuthServer) Authorize(ar *authRequest) ([]authzResult, error)
- func (as *AuthServer) CreateToken(ar *authRequest, ares []authzResult) (string, error)
- func (as *AuthServer) ParseRequest(req *http.Request) (*authRequest, error)
- func (as *AuthServer) ServeHTTP(rw http.ResponseWriter, req *http.Request)
- func (as *AuthServer) Stop()
- type Config
- type LetsEncryptConfig
- type ServerConfig
- type TokenConfig
Constants ¶
This section is empty.
Variables ¶
View Source
var TLSCipherSuitesValues = map[string]uint16{ "TLS_RSA_WITH_RC4_128_SHA": tls.TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA": tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA": tls.TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA": tls.TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA256": tls.TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA": tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA": tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_RSA_WITH_RC4_128_SHA": tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305": tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, "TLS_AES_128_GCM_SHA256": tls.TLS_AES_128_GCM_SHA256, "TLS_AES_256_GCM_SHA384": tls.TLS_AES_256_GCM_SHA384, "TLS_CHACHA20_POLY1305_SHA256": tls.TLS_CHACHA20_POLY1305_SHA256, "TLS_FALLBACK_SCSV": tls.TLS_FALLBACK_SCSV, }
TLSCipherSuitesValues maps CipherSuite names as strings to the actual values in the crypto/tls package Taken from https://golang.org/pkg/crypto/tls/#pkg-constants
View Source
var TLSCurveIDValues = map[string]tls.CurveID{ "P256": tls.CurveP256, "P384": tls.CurveP384, "P521": tls.CurveP521, "X25519": tls.X25519, }
TLSCurveIDValues maps CurveID names as strings to the actual values in the crypto/tls package Taken from https://golang.org/pkg/crypto/tls/#CurveID
View Source
var TLSVersionValues = map[string]uint16{ "TLS10": tls.VersionTLS10, "TLS11": tls.VersionTLS11, "TLS12": tls.VersionTLS12, "TLS13": tls.VersionTLS13, "SSL30": tls.VersionSSL30, }
TLSVersionValues maps Version names as strings to the actual values in the crypto/tls package Taken from https://golang.org/pkg/crypto/tls/#pkg-constants
Functions ¶
This section is empty.
Types ¶
type AuthServer ¶
type AuthServer struct {
// contains filtered or unexported fields
}
func NewAuthServer ¶
func NewAuthServer(c *Config) (*AuthServer, error)
func (*AuthServer) Authenticate ¶
func (as *AuthServer) Authenticate(ar *authRequest) (bool, api.Labels, error)
func (*AuthServer) Authorize ¶
func (as *AuthServer) Authorize(ar *authRequest) ([]authzResult, error)
func (*AuthServer) CreateToken ¶
func (as *AuthServer) CreateToken(ar *authRequest, ares []authzResult) (string, error)
https://github.com/docker/distribution/blob/master/docs/spec/auth/token.md#example
func (*AuthServer) ParseRequest ¶
func (as *AuthServer) ParseRequest(req *http.Request) (*authRequest, error)
func (*AuthServer) ServeHTTP ¶
func (as *AuthServer) ServeHTTP(rw http.ResponseWriter, req *http.Request)
func (*AuthServer) Stop ¶
func (as *AuthServer) Stop()
type Config ¶
type Config struct {
Server ServerConfig `yaml:"server"`
Token TokenConfig `yaml:"token"`
Users map[string]*authn.Requirements `yaml:"users,omitempty"`
PluginAuthn *authn.PluginAuthnConfig `yaml:"plugin_authn,omitempty"`
ACL authz.ACL `yaml:"acl,omitempty"`
PluginAuthz *authz.PluginAuthzConfig `yaml:"plugin_authz,omitempty"`
}
func LoadConfig ¶
type LetsEncryptConfig ¶
type ServerConfig ¶
type ServerConfig struct {
ListenAddress string `yaml:"addr,omitempty"`
Net string `yaml:"net,omitempty"`
PathPrefix string `yaml:"path_prefix,omitempty"`
RealIPHeader string `yaml:"real_ip_header,omitempty"`
RealIPPos int `yaml:"real_ip_pos,omitempty"`
CertFile string `yaml:"certificate,omitempty"`
KeyFile string `yaml:"key,omitempty"`
HSTS bool `yaml:"hsts,omitempty"`
TLSMinVersion string `yaml:"tls_min_version,omitempty"`
TLSCurvePreferences []string `yaml:"tls_curve_preferences,omitempty"`
TLSCipherSuites []string `yaml:"tls_cipher_suites,omitempty"`
LetsEncrypt LetsEncryptConfig `yaml:"letsencrypt,omitempty"`
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.