Documentation
¶
Index ¶
- type BaseConfig
- type ClientConfig
- type OidcAuthConsumer
- type OidcAuthProvider
- type OidcClientConfig
- type OidcServerConfig
- type ServerConfig
- type Setter
- type TokenAuthSetterVerifier
- func (auth *TokenAuthSetterVerifier) SetLogin(loginMsg *msg.Login) (err error)
- func (auth *TokenAuthSetterVerifier) SetNewWorkConn(newWorkConnMsg *msg.NewWorkConn) error
- func (auth *TokenAuthSetterVerifier) SetPing(pingMsg *msg.Ping) error
- func (auth *TokenAuthSetterVerifier) VerifyLogin(loginMsg *msg.Login) error
- func (auth *TokenAuthSetterVerifier) VerifyNewWorkConn(newWorkConnMsg *msg.NewWorkConn) error
- func (auth *TokenAuthSetterVerifier) VerifyPing(pingMsg *msg.Ping) error
- type TokenConfig
- type Verifier
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BaseConfig ¶
type BaseConfig struct {
// AuthenticationMethod specifies what authentication method to use to
// authenticate frpc with frps. If "token" is specified - token will be
// read into login message. If "oidc" is specified - OIDC (Open ID Connect)
// token will be issued using OIDC settings. By default, this value is "token".
AuthenticationMethod string `ini:"authentication_method" json:"authentication_method"`
// AuthenticateHeartBeats specifies whether to include authentication token in
// heartbeats sent to frps. By default, this value is false.
AuthenticateHeartBeats bool `ini:"authenticate_heartbeats" json:"authenticate_heartbeats"`
// AuthenticateNewWorkConns specifies whether to include authentication token in
// new work connections sent to frps. By default, this value is false.
AuthenticateNewWorkConns bool `ini:"authenticate_new_work_conns" json:"authenticate_new_work_conns"`
}
type ClientConfig ¶
type ClientConfig struct {
BaseConfig `ini:",extends"`
OidcClientConfig `ini:",extends"`
TokenConfig `ini:",extends"`
}
func GetDefaultClientConf ¶
func GetDefaultClientConf() ClientConfig
type OidcAuthConsumer ¶
type OidcAuthConsumer struct {
BaseConfig
// contains filtered or unexported fields
}
func NewOidcAuthVerifier ¶
func NewOidcAuthVerifier(baseCfg BaseConfig, cfg OidcServerConfig) *OidcAuthConsumer
func (*OidcAuthConsumer) VerifyLogin ¶
func (auth *OidcAuthConsumer) VerifyLogin(loginMsg *msg.Login) (err error)
func (*OidcAuthConsumer) VerifyNewWorkConn ¶
func (auth *OidcAuthConsumer) VerifyNewWorkConn(newWorkConnMsg *msg.NewWorkConn) (err error)
func (*OidcAuthConsumer) VerifyPing ¶
func (auth *OidcAuthConsumer) VerifyPing(pingMsg *msg.Ping) (err error)
type OidcAuthProvider ¶
type OidcAuthProvider struct {
BaseConfig
// contains filtered or unexported fields
}
func NewOidcAuthSetter ¶
func NewOidcAuthSetter(baseCfg BaseConfig, cfg OidcClientConfig) *OidcAuthProvider
func (*OidcAuthProvider) SetLogin ¶
func (auth *OidcAuthProvider) SetLogin(loginMsg *msg.Login) (err error)
func (*OidcAuthProvider) SetNewWorkConn ¶
func (auth *OidcAuthProvider) SetNewWorkConn(newWorkConnMsg *msg.NewWorkConn) (err error)
type OidcClientConfig ¶
type OidcClientConfig struct {
// OidcClientID specifies the client ID to use to get a token in OIDC
// authentication if AuthenticationMethod == "oidc". By default, this value
// is "".
OidcClientID string `ini:"oidc_client_id" json:"oidc_client_id"`
// OidcClientSecret specifies the client secret to use to get a token in OIDC
// authentication if AuthenticationMethod == "oidc". By default, this value
// is "".
OidcClientSecret string `ini:"oidc_client_secret" json:"oidc_client_secret"`
// OidcAudience specifies the audience of the token in OIDC authentication
//if AuthenticationMethod == "oidc". By default, this value is "".
OidcAudience string `ini:"oidc_audience" json:"oidc_audience"`
// OidcTokenEndpointURL specifies the URL which implements OIDC Token Endpoint.
// It will be used to get an OIDC token if AuthenticationMethod == "oidc".
// By default, this value is "".
OidcTokenEndpointURL string `ini:"oidc_token_endpoint_url" json:"oidc_token_endpoint_url"`
// OidcAdditionalEndpointParams specifies additional parameters to be sent
// this field will be transfer to map[string][]string in OIDC token generator
// The field will be set by prefix "oidc_additional_"
OidcAdditionalEndpointParams map[string]string `ini:"-" json:"oidc_additional_endpoint_params"`
}
type OidcServerConfig ¶
type OidcServerConfig struct {
// OidcIssuer specifies the issuer to verify OIDC tokens with. This issuer
// will be used to load public keys to verify signature and will be compared
// with the issuer claim in the OIDC token. It will be used if
// AuthenticationMethod == "oidc". By default, this value is "".
OidcIssuer string `ini:"oidc_issuer" json:"oidc_issuer"`
// OidcAudience specifies the audience OIDC tokens should contain when validated.
// If this value is empty, audience ("client ID") verification will be skipped.
// It will be used when AuthenticationMethod == "oidc". By default, this
// value is "".
OidcAudience string `ini:"oidc_audience" json:"oidc_audience"`
// OidcSkipExpiryCheck specifies whether to skip checking if the OIDC token is
// expired. It will be used when AuthenticationMethod == "oidc". By default, this
// value is false.
OidcSkipExpiryCheck bool `ini:"oidc_skip_expiry_check" json:"oidc_skip_expiry_check"`
// OidcSkipIssuerCheck specifies whether to skip checking if the OIDC token's
// issuer claim matches the issuer specified in OidcIssuer. It will be used when
// AuthenticationMethod == "oidc". By default, this value is false.
OidcSkipIssuerCheck bool `ini:"oidc_skip_issuer_check" json:"oidc_skip_issuer_check"`
}
type ServerConfig ¶
type ServerConfig struct {
BaseConfig `ini:",extends"`
OidcServerConfig `ini:",extends"`
TokenConfig `ini:",extends"`
}
func GetDefaultServerConf ¶
func GetDefaultServerConf() ServerConfig
type Setter ¶
type Setter interface {
SetLogin(*msg.Login) error
SetPing(*msg.Ping) error
SetNewWorkConn(*msg.NewWorkConn) error
}
func NewAuthSetter ¶
func NewAuthSetter(cfg ClientConfig) (authProvider Setter)
type TokenAuthSetterVerifier ¶
type TokenAuthSetterVerifier struct {
BaseConfig
// contains filtered or unexported fields
}
func NewTokenAuth ¶
func NewTokenAuth(baseCfg BaseConfig, cfg TokenConfig) *TokenAuthSetterVerifier
func (*TokenAuthSetterVerifier) SetLogin ¶
func (auth *TokenAuthSetterVerifier) SetLogin(loginMsg *msg.Login) (err error)
func (*TokenAuthSetterVerifier) SetNewWorkConn ¶
func (auth *TokenAuthSetterVerifier) SetNewWorkConn(newWorkConnMsg *msg.NewWorkConn) error
func (*TokenAuthSetterVerifier) SetPing ¶
func (auth *TokenAuthSetterVerifier) SetPing(pingMsg *msg.Ping) error
func (*TokenAuthSetterVerifier) VerifyLogin ¶
func (auth *TokenAuthSetterVerifier) VerifyLogin(loginMsg *msg.Login) error
func (*TokenAuthSetterVerifier) VerifyNewWorkConn ¶
func (auth *TokenAuthSetterVerifier) VerifyNewWorkConn(newWorkConnMsg *msg.NewWorkConn) error
func (*TokenAuthSetterVerifier) VerifyPing ¶
func (auth *TokenAuthSetterVerifier) VerifyPing(pingMsg *msg.Ping) error
type TokenConfig ¶
type TokenConfig struct {
// Token specifies the authorization token used to create keys to be sent
// to the server. The server must have a matching token for authorization
// to succeed. By default, this value is "".
Token string `ini:"token" json:"token"`
}
type Verifier ¶
type Verifier interface {
VerifyLogin(*msg.Login) error
VerifyPing(*msg.Ping) error
VerifyNewWorkConn(*msg.NewWorkConn) error
}
func NewAuthVerifier ¶
func NewAuthVerifier(cfg ServerConfig) (authVerifier Verifier)
Source Files
Click to show internal directories.
Click to hide internal directories.