Documentation
¶
Index ¶
- Constants
- func FileDoesNotExist(filePath string) bool
- type AuthenticationConfiguration
- type AuthenticationMethod
- type CacheConfiguration
- type CipherSuite
- type CipherSuiteList
- type EnvironmentAwareCredentials
- type EnvironmentAwareValue
- type IntrospectionConfiguration
- type JWSConfiguration
- type JWTConfiguration
- type SecurityConfiguration
- type TLSAdvancedConfiguration
- type TLSConfiguration
- type TLSConnectionConfiguration
- type TokenValidationConfiguration
Constants ¶
View Source
const ( AMClientSecretBasic = "client_secret_basic" AMClientSecretBasicClientId = "clientId" AMClientSecretBasicClientSecret = "clientSecret" AMClientSecretForm = "client_secret_form" AMClientSecretFormClientId = "clientId" AMClientSecretFormClientSecret = "clientSecret" AMPrivateKey = "private_key" AMPrivateKeyCertFile = "certFile" AMPrivateKeyKeyFile = "keyFile" )
Variables ¶
This section is empty.
Functions ¶
func FileDoesNotExist ¶
Types ¶
type AuthenticationConfiguration ¶
type AuthenticationConfiguration struct {
Method AuthenticationMethod `json:"method"`
Credentials EnvironmentAwareCredentials `json:"credentials"`
}
func (*AuthenticationConfiguration) PrivateKeyFiles ¶
func (ac *AuthenticationConfiguration) PrivateKeyFiles() (certFile string, keyFile string)
func (*AuthenticationConfiguration) UsePrivateKey ¶
func (ac *AuthenticationConfiguration) UsePrivateKey() bool
type AuthenticationMethod ¶
type AuthenticationMethod string
type CacheConfiguration ¶
type CipherSuite ¶
type CipherSuite string
type CipherSuiteList ¶
type CipherSuiteList []CipherSuite
func (CipherSuiteList) ToUint16Array ¶
func (csl CipherSuiteList) ToUint16Array() ([]uint16, error)
func (CipherSuiteList) ToUint32Array ¶
func (csl CipherSuiteList) ToUint32Array() ([]uint32, error)
type EnvironmentAwareCredentials ¶
type EnvironmentAwareCredentials map[string]EnvironmentAwareValue
value can be an URL with 'env' scheme in order to read value from env
type EnvironmentAwareValue ¶
type EnvironmentAwareValue string
support URI format with 'env' scheme during JSON unmarshalling
func (EnvironmentAwareValue) String ¶
func (d EnvironmentAwareValue) String() string
func (*EnvironmentAwareValue) UnmarshalJSON ¶
func (d *EnvironmentAwareValue) UnmarshalJSON(data []byte) error
type IntrospectionConfiguration ¶
type IntrospectionConfiguration struct {
Endpoint string `json:"endpoint"`
// configure how to authenticate with introspection endpoint
AuthenticationConfig *AuthenticationConfiguration `json:"authentication"`
TLSConnectionConfig *TLSConnectionConfiguration `json:"tlsConnection" `
}
type JWSConfiguration ¶
type JWSConfiguration struct {
Endpoint string `json:"endpoint" `
TLSConnectionConfig *TLSConnectionConfiguration `json:"tlsConnection"`
}
JSON Web Signature configuration
type JWTConfiguration ¶
type JWTConfiguration struct {
// define a field name in JWT token used to retrieve scopes/roles
// which are used to perform authorization check
AuthorizationField string `json:"authorizationField"`
// if introspection API is provided, use it instead of JWT
PreferIntrospection bool `json:"preferIntrospection"`
}
JSON Web Token configuration
type SecurityConfiguration ¶
type SecurityConfiguration struct {
TLSConfig *TLSConfiguration `json:"tls"`
TokenValidationConfig *TokenValidationConfiguration `json:"tokenValidation"`
}
main configuration to protect JSON RPC server
func NewSecurityConfiguration ¶
func NewSecurityConfiguration(rawJSON []byte) (*SecurityConfiguration, error)
func (*SecurityConfiguration) SetDefaults ¶
func (c *SecurityConfiguration) SetDefaults()
type TLSAdvancedConfiguration ¶
type TLSAdvancedConfiguration struct {
// preferred cipher suites
CipherSuites CipherSuiteList `json:"cipherSuites"`
}
type TLSConfiguration ¶
type TLSConfiguration struct {
AutoGenerate bool `json:"auto"`
// path to cert file, if auto generate, it's the output file
CertFile EnvironmentAwareValue `json:"certFile"`
// path to key file, if auto generate, it's the output file
KeyFile EnvironmentAwareValue `json:"keyFile"`
// advanced tls configuration
AdvancedConfig *TLSAdvancedConfiguration `json:"advanced"`
}
type TLSConnectionConfiguration ¶
type TLSConnectionConfiguration struct {
InsecureSkipVerify bool `json:"insecureSkipVerify"`
// server certificate
// will be ignored if insecureSkipVerify is true
CertFile EnvironmentAwareValue `json:"certFile"`
// certificate of CA which signs server certificate
// will be ignored if insecureSkipVerify is true
CaFile EnvironmentAwareValue `json:"caFile"`
// advanced configuration for TLS
AdvancedConfig *TLSAdvancedConfiguration `json:"advanced"`
}
type TokenValidationConfiguration ¶
type TokenValidationConfiguration struct {
// name of a node which is the recipient of the token
// we don't allow to configure this, instead, it has to come from geth during initialization
Aud string `json:"-"`
// this corresponds to `iss` claim which identifies the principal
// that issued the token
Issuers []string `json:"issuers"`
CacheConfig *CacheConfiguration `json:"cache"`
IntrospectionConfig *IntrospectionConfiguration `json:"introspect"`
JWSConfig *JWSConfiguration `json:"jws"`
JWTConfig *JWTConfiguration `json:"jwt"`
}
func (*TokenValidationConfiguration) UseIntrospection ¶
func (a *TokenValidationConfiguration) UseIntrospection() bool
func (*TokenValidationConfiguration) UseJWS ¶
func (a *TokenValidationConfiguration) UseJWS() bool
Source Files
Click to show internal directories.
Click to hide internal directories.