Documentation ¶
Index ¶
- type BaseConfig
- type ClientConfig
- type OidcAuthConsumer
- type OidcAuthProvider
- type OidcClientConfig
- type OidcServerConfig
- type ServerConfig
- type Setter
- type TokenAuthSetterVerifier
- func (auth *TokenAuthSetterVerifier) SetLogin(loginMsg *msg.Login) (err error)
- func (auth *TokenAuthSetterVerifier) SetNewWorkConn(newWorkConnMsg *msg.NewWorkConn) error
- func (auth *TokenAuthSetterVerifier) SetPing(pingMsg *msg.Ping) error
- func (auth *TokenAuthSetterVerifier) VerifyLogin(m *msg.Login) error
- func (auth *TokenAuthSetterVerifier) VerifyNewWorkConn(m *msg.NewWorkConn) error
- func (auth *TokenAuthSetterVerifier) VerifyPing(m *msg.Ping) error
- type TokenConfig
- type Verifier
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BaseConfig ¶
type BaseConfig struct { // AuthenticationMethod specifies what authentication method to use to // authenticate frpc with frps. If "token" is specified - token will be // read into login message. If "oidc" is specified - OIDC (Open ID Connect) // token will be issued using OIDC settings. By default, this value is "token". AuthenticationMethod string `ini:"authentication_method" json:"authentication_method"` // AuthenticateHeartBeats specifies whether to include authentication token in // heartbeats sent to frps. By default, this value is false. AuthenticateHeartBeats bool `ini:"authenticate_heartbeats" json:"authenticate_heartbeats"` // AuthenticateNewWorkConns specifies whether to include authentication token in // new work connections sent to frps. By default, this value is false. AuthenticateNewWorkConns bool `ini:"authenticate_new_work_conns" json:"authenticate_new_work_conns"` }
type ClientConfig ¶
type ClientConfig struct { BaseConfig `ini:",extends"` OidcClientConfig `ini:",extends"` TokenConfig `ini:",extends"` }
func GetDefaultClientConf ¶
func GetDefaultClientConf() ClientConfig
type OidcAuthConsumer ¶
type OidcAuthConsumer struct { BaseConfig // contains filtered or unexported fields }
func NewOidcAuthVerifier ¶
func NewOidcAuthVerifier(baseCfg BaseConfig, cfg OidcServerConfig) *OidcAuthConsumer
func (*OidcAuthConsumer) VerifyLogin ¶
func (auth *OidcAuthConsumer) VerifyLogin(loginMsg *msg.Login) (err error)
func (*OidcAuthConsumer) VerifyNewWorkConn ¶
func (auth *OidcAuthConsumer) VerifyNewWorkConn(newWorkConnMsg *msg.NewWorkConn) (err error)
func (*OidcAuthConsumer) VerifyPing ¶
func (auth *OidcAuthConsumer) VerifyPing(pingMsg *msg.Ping) (err error)
type OidcAuthProvider ¶
type OidcAuthProvider struct { BaseConfig // contains filtered or unexported fields }
func NewOidcAuthSetter ¶
func NewOidcAuthSetter(baseCfg BaseConfig, cfg OidcClientConfig) *OidcAuthProvider
func (*OidcAuthProvider) SetLogin ¶
func (auth *OidcAuthProvider) SetLogin(loginMsg *msg.Login) (err error)
func (*OidcAuthProvider) SetNewWorkConn ¶
func (auth *OidcAuthProvider) SetNewWorkConn(newWorkConnMsg *msg.NewWorkConn) (err error)
type OidcClientConfig ¶
type OidcClientConfig struct { // OidcClientID specifies the client ID to use to get a token in OIDC // authentication if AuthenticationMethod == "oidc". By default, this value // is "". OidcClientID string `ini:"oidc_client_id" json:"oidc_client_id"` // OidcClientSecret specifies the client secret to use to get a token in OIDC // authentication if AuthenticationMethod == "oidc". By default, this value // is "". OidcClientSecret string `ini:"oidc_client_secret" json:"oidc_client_secret"` // OidcAudience specifies the audience of the token in OIDC authentication // if AuthenticationMethod == "oidc". By default, this value is "". OidcAudience string `ini:"oidc_audience" json:"oidc_audience"` // OidcScope specifies the scope of the token in OIDC authentication // if AuthenticationMethod == "oidc". By default, this value is "". OidcScope string `ini:"oidc_scope" json:"oidc_scope"` // OidcTokenEndpointURL specifies the URL which implements OIDC Token Endpoint. // It will be used to get an OIDC token if AuthenticationMethod == "oidc". // By default, this value is "". OidcTokenEndpointURL string `ini:"oidc_token_endpoint_url" json:"oidc_token_endpoint_url"` // OidcAdditionalEndpointParams specifies additional parameters to be sent // this field will be transfer to map[string][]string in OIDC token generator // The field will be set by prefix "oidc_additional_" OidcAdditionalEndpointParams map[string]string `ini:"-" json:"oidc_additional_endpoint_params"` }
type OidcServerConfig ¶
type OidcServerConfig struct { // OidcIssuer specifies the issuer to verify OIDC tokens with. This issuer // will be used to load public keys to verify signature and will be compared // with the issuer claim in the OIDC token. It will be used if // AuthenticationMethod == "oidc". By default, this value is "". OidcIssuer string `ini:"oidc_issuer" json:"oidc_issuer"` // OidcAudience specifies the audience OIDC tokens should contain when validated. // If this value is empty, audience ("client ID") verification will be skipped. // It will be used when AuthenticationMethod == "oidc". By default, this // value is "". OidcAudience string `ini:"oidc_audience" json:"oidc_audience"` // OidcSkipExpiryCheck specifies whether to skip checking if the OIDC token is // expired. It will be used when AuthenticationMethod == "oidc". By default, this // value is false. OidcSkipExpiryCheck bool `ini:"oidc_skip_expiry_check" json:"oidc_skip_expiry_check"` // OidcSkipIssuerCheck specifies whether to skip checking if the OIDC token's // issuer claim matches the issuer specified in OidcIssuer. It will be used when // AuthenticationMethod == "oidc". By default, this value is false. OidcSkipIssuerCheck bool `ini:"oidc_skip_issuer_check" json:"oidc_skip_issuer_check"` }
type ServerConfig ¶
type ServerConfig struct { BaseConfig `ini:",extends"` OidcServerConfig `ini:",extends"` TokenConfig `ini:",extends"` }
func GetDefaultServerConf ¶
func GetDefaultServerConf() ServerConfig
type Setter ¶
type Setter interface { SetLogin(*msg.Login) error SetPing(*msg.Ping) error SetNewWorkConn(*msg.NewWorkConn) error }
func NewAuthSetter ¶
func NewAuthSetter(cfg ClientConfig) (authProvider Setter)
type TokenAuthSetterVerifier ¶
type TokenAuthSetterVerifier struct { BaseConfig // contains filtered or unexported fields }
func NewTokenAuth ¶
func NewTokenAuth(baseCfg BaseConfig, cfg TokenConfig) *TokenAuthSetterVerifier
func (*TokenAuthSetterVerifier) SetLogin ¶
func (auth *TokenAuthSetterVerifier) SetLogin(loginMsg *msg.Login) (err error)
func (*TokenAuthSetterVerifier) SetNewWorkConn ¶
func (auth *TokenAuthSetterVerifier) SetNewWorkConn(newWorkConnMsg *msg.NewWorkConn) error
func (*TokenAuthSetterVerifier) SetPing ¶
func (auth *TokenAuthSetterVerifier) SetPing(pingMsg *msg.Ping) error
func (*TokenAuthSetterVerifier) VerifyLogin ¶
func (auth *TokenAuthSetterVerifier) VerifyLogin(m *msg.Login) error
func (*TokenAuthSetterVerifier) VerifyNewWorkConn ¶
func (auth *TokenAuthSetterVerifier) VerifyNewWorkConn(m *msg.NewWorkConn) error
func (*TokenAuthSetterVerifier) VerifyPing ¶
func (auth *TokenAuthSetterVerifier) VerifyPing(m *msg.Ping) error
type TokenConfig ¶
type TokenConfig struct { // Token specifies the authorization token used to create keys to be sent // to the server. The server must have a matching token for authorization // to succeed. By default, this value is "". Token string `ini:"token" json:"token"` }
type Verifier ¶
type Verifier interface { VerifyLogin(*msg.Login) error VerifyPing(*msg.Ping) error VerifyNewWorkConn(*msg.NewWorkConn) error }
func NewAuthVerifier ¶
func NewAuthVerifier(cfg ServerConfig) (authVerifier Verifier)
Click to show internal directories.
Click to hide internal directories.