http

package
v0.0.0-...-f5a181e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2024 License: Apache-2.0 Imports: 31 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAuthenticatingHandler 

func NewAuthenticatingHandler(handler http.Handler, authenticator Authenticator) http.Handler

NewAuthenticatingHandler wraps a http.Handler in such a way that all requests are processed by an Authenticator. Upon success, the request is forwarded to the http.Handler. Upon failure, an error message is returned to the client.

func NewHeaderAddingRoundTripper 

func NewHeaderAddingRoundTripper(base http.RoundTripper, headerValues []*pb.ClientConfiguration_HeaderValues) http.RoundTripper

NewHeaderAddingRoundTripper is a decorator for RoundTripper that adds additional HTTP header values to all outgoing requests.

func NewMetricsHandler 

func NewMetricsHandler(base http.Handler, name string) http.Handler

NewMetricsHandler creates an adapter for http.Handler that adds basic instrumentation in the form of Prometheus metrics.

func NewMetricsRoundTripper 

func NewMetricsRoundTripper(base http.RoundTripper, name string) http.RoundTripper

NewMetricsRoundTripper creates an adapter for http.RoundTripper that adds basic instrumentation in the form of Prometheus metrics.

func NewRoundTripperFromConfiguration 

func NewRoundTripperFromConfiguration(configuration *pb.ClientConfiguration) (http.RoundTripper, error)

NewRoundTripperFromConfiguration makes a new HTTP RoundTripper on parameters provided in a configuration file.

func NewServersFromConfigurationAndServe 

func NewServersFromConfigurationAndServe(configurations []*configuration.ServerConfiguration, handler http.Handler, group program.Group)

NewServersFromConfigurationAndServe spawns HTTP servers as part of a program.Group, based on a configuration message. The web servers are automatically terminated if the context associated with the group is canceled.

func StatusCodeFromGRPCCode 

func StatusCodeFromGRPCCode(code codes.Code) int

StatusCodeFromGRPCCode returns the HTTP status code that corresponds to a gRPC status code. The HTTP status codes returned by this function correspond to the values documented in the Protobuf defintions of the Code enum:

https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto

The implementation of gRPC for Go provides no public method for doing this conversion for us.

Types

type Authenticator 

type Authenticator interface {
	Authenticate(w http.ResponseWriter, r *http.Request) (*auth.AuthenticationMetadata, error)
}

Authenticator can be used to grant or deny access to a HTTP server. Implementations may grant access based on TLS connection state, provided headers, source IP address ranges, etc. etc. etc.

func NewAcceptHeaderAuthenticator 

func NewAcceptHeaderAuthenticator(base Authenticator, mediaTypes []string) Authenticator

NewAcceptHeaderAuthenticator creates a decorator for Authenticator that only performs authentication if the HTTP request's "Accept" header contains a matching media type. This can, for example, be used to limit OpenID Connect authentication to requests originating from a web browser.

func NewAllowAuthenticator 

func NewAllowAuthenticator(metadata *auth.AuthenticationMetadata) Authenticator

NewAllowAuthenticator creates an implementation of Authenticator that simply always returns success. This implementation can be used in case a HTTP server needs to be started that does not perform any authentication.

func NewAnyAuthenticator 

func NewAnyAuthenticator(authenticators []Authenticator) Authenticator

NewAnyAuthenticator wraps a series of Authenticators into a single instance. Access is granted only when one or more backing Authenticators permit access, similar to Python's any() function.

func NewAuthenticatorFromConfiguration 

func NewAuthenticatorFromConfiguration(policy *configuration.AuthenticationPolicy, group program.Group) (Authenticator, error)

NewAuthenticatorFromConfiguration creates a tree of Authenticator objects based on a configuration file.

func NewDenyAuthenticator 

func NewDenyAuthenticator(message string) Authenticator

NewDenyAuthenticator creates an Authenticator that always returns an UNAUTHENTICATED error with a fixed error message string. This implementation can be used in case a HTTP server needs to be administratively disabled without shutting it down entirely.

func NewJWTAuthenticator 

func NewJWTAuthenticator(authorizationHeaderParser *jwt.AuthorizationHeaderParser) Authenticator

NewJWTAuthenticator creates an authenticator for incoming HTTP requests that validates requests that contain an "Authorization" of shape "Bearer ${jwt}", where ${jwt} is a valid JSON Web Token.

func NewOIDCAuthenticator 

func NewOIDCAuthenticator(
	oauth2Config *oauth2.Config,
	userInfoURL string,
	metadataExtractor *jmespath.JMESPath,
	httpClient *http.Client,
	randomNumberGenerator random.ThreadSafeGenerator,
	cookieName string,
	cookieAEAD cipher.AEAD,
	clock clock.Clock,
) (Authenticator, error)

NewOIDCAuthenticator creates an Authenticator that enforces that all requests are authorized by an OAuth2 server. Authentication metadata is constructed by obtaining claims through the OpenID Connect user info endpoint, and transforming it using a JMESPath expression.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.