server

package

v0.0.0-...-4b35d5f Latest Latest Go to latest Published: Nov 21, 2023 License: Apache-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/jetstack/jwt-registry-auth

Documentation ¶

Index ¶

Variables
type AuthRequest
type AuthenticationConfig
type AuthorizationConfig
type Config
- func LoadConfig(r io.Reader) (*Config, error)
- func LoadConfigFromFile(filePath string) (*Config, error)
type Provider
- func NewProvider(ctx context.Context, cfg ProviderConfig) (Provider, error)
type ProviderConfig
type Server
- func NewServer(ctx context.Context, cfg *Config) (*Server, error)
- func (h *Server) ListenAndServe() error
type ServerConfig
type StaticKeyConfig
type TokenConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrUnauthorized = fmt.Errorf("unauthorized")

ErrUnauthorized is returned when a request can't be authorized

Functions ¶

This section is empty.

Types ¶

type AuthRequest ¶

type AuthRequest struct {
	Service  string
	Username string
	Password string
	Access   []auth.Access
}

AuthRequest is an authorization request

type AuthenticationConfig ¶

type AuthenticationConfig struct {
	Condition string
}

AuthenticationConfig

type AuthorizationConfig ¶

type AuthorizationConfig struct {
	Condition string
}

AuthorizationConfig

type Config ¶

type Config struct {
	Server    ServerConfig     `yaml:"server"`
	Token     TokenConfig      `yaml:"token"`
	Providers []ProviderConfig `yaml:"providers"`
}

Config configures the auth server

func LoadConfig ¶

func LoadConfig(r io.Reader) (*Config, error)

LoadConfig loads configuration from an io.Reader

func LoadConfigFromFile ¶

func LoadConfigFromFile(filePath string) (*Config, error)

LoadConfigFromFile loads configuration from a file

type Provider ¶

type Provider interface {
	// Authorize a request and return the subset of requested actions it is permitted to
	// perform
	Authorize(ctx context.Context, req AuthRequest) ([]auth.Access, error)
}

Provider authorizes tokens

func NewProvider ¶

func NewProvider(ctx context.Context, cfg ProviderConfig) (Provider, error)

NewProvider returns a new provider

type ProviderConfig ¶

type ProviderConfig struct {
	Name             string               `yaml:"name"`
	OIDCDiscoveryURL string               `yaml:"oidcDiscoveryURL"`
	StaticKeys       []StaticKeyConfig    `yaml:"staticKeys"`
	Authentication   AuthenticationConfig `yaml:"authn"`
	Authorization    AuthorizationConfig  `yaml:"authz"`
}

ProviderConfig configures an authentication provider

type Server ¶

type Server struct {
	// contains filtered or unexported fields
}

Server handles authentication and authorization for registry requests

func NewServer ¶

func NewServer(ctx context.Context, cfg *Config) (*Server, error)

NewServer returns a new token server

func (*Server) ListenAndServe ¶

func (h *Server) ListenAndServe() error

ListenAndServe runs the http server

type ServerConfig ¶

type ServerConfig struct {
	ListenAddress string `yaml:"listenAddress"`
	TokenPath     string `yaml:"tokenPath"`
}

ServerConfig configures the server

type StaticKeyConfig ¶

type StaticKeyConfig struct {
	Key string `yaml:"key"`
}

StaticKeyConfig

type TokenConfig ¶

type TokenConfig struct {
	CertFile string        `yaml:"certificate"`
	Issuer   string        `yaml:"issuer"`
	KeyFile  string        `yaml:"key"`
	Duration time.Duration `yaml:"duration"`
}

TokenConfig configures the tokens issed by the server

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
token

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL