config

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 28, 2024 License: Apache-2.0 Imports: 40 Imported by: 1

Documentation

Index

Constants

View Source
const (
	DefaultIdentityTraitsSchemaID                            = "default"
	DefaultBrowserReturnURL                                  = "default_browser_return_url"
	DefaultSQLiteMemoryDSN                                   = "sqlite://file::memory:?_fk=true&cache=shared"
	DefaultPasswordHashingAlgorithm                          = "argon2"
	DefaultCipherAlgorithm                                   = "noop"
	UnknownVersion                                           = "unknown version"
	ViperKeyDSN                                              = "dsn"
	ViperKeyCourierSMTPURL                                   = "courier.smtp.connection_uri"
	ViperKeyCourierSMTPClientCertPath                        = "courier.smtp.client_cert_path"
	ViperKeyCourierSMTPClientKeyPath                         = "courier.smtp.client_key_path"
	ViperKeyCourierTemplatesPath                             = "courier.template_override_path"
	ViperKeyCourierTemplatesRecoveryInvalidEmail             = "courier.templates.recovery.invalid.email"
	ViperKeyCourierTemplatesRecoveryValidEmail               = "courier.templates.recovery.valid.email"
	ViperKeyCourierTemplatesRecoveryCodeInvalidEmail         = "courier.templates.recovery_code.invalid.email"
	ViperKeyCourierTemplatesRecoveryCodeValidEmail           = "courier.templates.recovery_code.valid.email"
	ViperKeyCourierTemplatesVerificationInvalidEmail         = "courier.templates.verification.invalid.email"
	ViperKeyCourierTemplatesVerificationValidEmail           = "courier.templates.verification.valid.email"
	ViperKeyCourierTemplatesVerificationCodeInvalidEmail     = "courier.templates.verification_code.invalid.email"
	ViperKeyCourierTemplatesVerificationCodeValidEmail       = "courier.templates.verification_code.valid.email"
	ViperKeyCourierTemplatesVerificationCodeValidSMS         = "courier.templates.verification_code.valid.sms"
	ViperKeyCourierTemplatesLoginCodeValidSMS                = "courier.templates.login_code.valid.sms"
	ViperKeyCourierDeliveryStrategy                          = "courier.delivery_strategy"
	ViperKeyCourierHTTPRequestConfig                         = "courier.http.request_config"
	ViperKeyCourierTemplatesLoginCodeValidEmail              = "courier.templates.login_code.valid.email"
	ViperKeyCourierTemplatesRegistrationCodeValidEmail       = "courier.templates.registration_code.valid.email"
	ViperKeyCourierSMTP                                      = "courier.smtp"
	ViperKeyCourierSMTPFrom                                  = "courier.smtp.from_address"
	ViperKeyCourierSMTPFromName                              = "courier.smtp.from_name"
	ViperKeyCourierSMTPHeaders                               = "courier.smtp.headers"
	ViperKeyCourierSMTPLocalName                             = "courier.smtp.local_name"
	ViperKeyCourierMessageRetries                            = "courier.message_retries"
	ViperKeyCourierWorkerPullCount                           = "courier.worker.pull_count"
	ViperKeyCourierWorkerPullWait                            = "courier.worker.pull_wait"
	ViperKeyCourierChannels                                  = "courier.channels"
	ViperKeySecretsDefault                                   = "secrets.default"
	ViperKeySecretsCookie                                    = "secrets.cookie"
	ViperKeySecretsCipher                                    = "secrets.cipher"
	ViperKeyDisablePublicHealthRequestLog                    = "serve.public.request_log.disable_for_health"
	ViperKeyPublicBaseURL                                    = "serve.public.base_url"
	ViperKeyPublicPort                                       = "serve.public.port"
	ViperKeyPublicHost                                       = "serve.public.host"
	ViperKeyPublicSocketOwner                                = "serve.public.socket.owner"
	ViperKeyPublicSocketGroup                                = "serve.public.socket.group"
	ViperKeyPublicSocketMode                                 = "serve.public.socket.mode"
	ViperKeyPublicTLSCertBase64                              = "serve.public.tls.cert.base64"
	ViperKeyPublicTLSKeyBase64                               = "serve.public.tls.key.base64"
	ViperKeyPublicTLSCertPath                                = "serve.public.tls.cert.path"
	ViperKeyPublicTLSKeyPath                                 = "serve.public.tls.key.path"
	ViperKeyDisableAdminHealthRequestLog                     = "serve.admin.request_log.disable_for_health"
	ViperKeyAdminBaseURL                                     = "serve.admin.base_url"
	ViperKeyAdminPort                                        = "serve.admin.port"
	ViperKeyAdminHost                                        = "serve.admin.host"
	ViperKeyAdminSocketOwner                                 = "serve.admin.socket.owner"
	ViperKeyAdminSocketGroup                                 = "serve.admin.socket.group"
	ViperKeyAdminSocketMode                                  = "serve.admin.socket.mode"
	ViperKeyAdminTLSCertBase64                               = "serve.admin.tls.cert.base64"
	ViperKeyAdminTLSKeyBase64                                = "serve.admin.tls.key.base64"
	ViperKeyAdminTLSCertPath                                 = "serve.admin.tls.cert.path"
	ViperKeyAdminTLSKeyPath                                  = "serve.admin.tls.key.path"
	ViperKeySessionLifespan                                  = "session.lifespan"
	ViperKeySessionSameSite                                  = "session.cookie.same_site"
	ViperKeySessionDomain                                    = "session.cookie.domain"
	ViperKeySessionName                                      = "session.cookie.name"
	ViperKeySessionPath                                      = "session.cookie.path"
	ViperKeySessionPersistentCookie                          = "session.cookie.persistent"
	ViperKeySessionTokenizerTemplates                        = "session.whoami.tokenizer.templates"
	ViperKeySessionWhoAmIAAL                                 = "session.whoami.required_aal"
	ViperKeySessionWhoAmICaching                             = "feature_flags.cacheable_sessions"
	ViperKeyFeatureFlagFasterSessionExtend                   = "feature_flags.faster_session_extend"
	ViperKeySessionWhoAmICachingMaxAge                       = "feature_flags.cacheable_sessions_max_age"
	ViperKeyUseContinueWithTransitions                       = "feature_flags.use_continue_with_transitions"
	ViperKeySessionRefreshMinTimeLeft                        = "session.earliest_possible_extend"
	ViperKeyCookieSameSite                                   = "cookies.same_site"
	ViperKeyCookieDomain                                     = "cookies.domain"
	ViperKeyCookiePath                                       = "cookies.path"
	ViperKeySelfServiceStrategyConfig                        = "selfservice.methods"
	ViperKeySelfServiceBrowserDefaultReturnTo                = "selfservice." + DefaultBrowserReturnURL
	ViperKeyURLsAllowedReturnToDomains                       = "selfservice.allowed_return_urls"
	ViperKeySelfServiceRegistrationEnabled                   = "selfservice.flows.registration.enabled"
	ViperKeySelfServiceRegistrationLoginHints                = "selfservice.flows.registration.login_hints"
	ViperKeySelfServiceRegistrationEnableLegacyOneStep       = "selfservice.flows.registration.enable_legacy_one_step"
	ViperKeySelfServiceRegistrationUI                        = "selfservice.flows.registration.ui_url"
	ViperKeySelfServiceRegistrationRequestLifespan           = "selfservice.flows.registration.lifespan"
	ViperKeySelfServiceRegistrationAfter                     = "selfservice.flows.registration.after"
	ViperKeySelfServiceRegistrationBeforeHooks               = "selfservice.flows.registration.before.hooks"
	ViperKeySelfServiceLoginUI                               = "selfservice.flows.login.ui_url"
	ViperKeySelfServiceLoginFlowStyle                        = "selfservice.flows.login.style"
	ViperKeySecurityAccountEnumerationMitigate               = "security.account_enumeration.mitigate"
	ViperKeySelfServiceLoginRequestLifespan                  = "selfservice.flows.login.lifespan"
	ViperKeySelfServiceLoginAfter                            = "selfservice.flows.login.after"
	ViperKeySelfServiceLoginBeforeHooks                      = "selfservice.flows.login.before.hooks"
	ViperKeySelfServiceErrorUI                               = "selfservice.flows.error.ui_url"
	ViperKeySelfServiceLogoutBrowserDefaultReturnTo          = "selfservice.flows.logout.after." + DefaultBrowserReturnURL
	ViperKeySelfServiceSettingsURL                           = "selfservice.flows.settings.ui_url"
	ViperKeySelfServiceSettingsAfter                         = "selfservice.flows.settings.after"
	ViperKeySelfServiceSettingsBeforeHooks                   = "selfservice.flows.settings.before.hooks"
	ViperKeySelfServiceSettingsRequestLifespan               = "selfservice.flows.settings.lifespan"
	ViperKeySelfServiceSettingsPrivilegedAuthenticationAfter = "selfservice.flows.settings.privileged_session_max_age"
	ViperKeySelfServiceSettingsRequiredAAL                   = "selfservice.flows.settings.required_aal"
	ViperKeySelfServiceRecoveryAfter                         = "selfservice.flows.recovery.after"
	ViperKeySelfServiceRecoveryBeforeHooks                   = "selfservice.flows.recovery.before.hooks"
	ViperKeySelfServiceRecoveryEnabled                       = "selfservice.flows.recovery.enabled"
	ViperKeySelfServiceRecoveryUse                           = "selfservice.flows.recovery.use"
	ViperKeySelfServiceRecoveryUI                            = "selfservice.flows.recovery.ui_url"
	ViperKeySelfServiceRecoveryRequestLifespan               = "selfservice.flows.recovery.lifespan"
	ViperKeySelfServiceRecoveryBrowserDefaultReturnTo        = "selfservice.flows.recovery.after." + DefaultBrowserReturnURL
	ViperKeySelfServiceRecoveryNotifyUnknownRecipients       = "selfservice.flows.recovery.notify_unknown_recipients"
	ViperKeySelfServiceVerificationEnabled                   = "selfservice.flows.verification.enabled"
	ViperKeySelfServiceVerificationUI                        = "selfservice.flows.verification.ui_url"
	ViperKeySelfServiceVerificationRequestLifespan           = "selfservice.flows.verification.lifespan"
	ViperKeySelfServiceVerificationBrowserDefaultReturnTo    = "selfservice.flows.verification.after." + DefaultBrowserReturnURL
	ViperKeySelfServiceVerificationAfter                     = "selfservice.flows.verification.after"
	ViperKeySelfServiceVerificationBeforeHooks               = "selfservice.flows.verification.before.hooks"
	ViperKeySelfServiceVerificationUse                       = "selfservice.flows.verification.use"
	ViperKeySelfServiceVerificationNotifyUnknownRecipients   = "selfservice.flows.verification.notify_unknown_recipients"
	ViperKeyDefaultIdentitySchemaID                          = "identity.default_schema_id"
	ViperKeyIdentitySchemas                                  = "identity.schemas"
	ViperKeyHasherAlgorithm                                  = "hashers.algorithm"
	ViperKeyHasherArgon2ConfigMemory                         = "hashers.argon2.memory"
	ViperKeyHasherArgon2ConfigIterations                     = "hashers.argon2.iterations"
	ViperKeyHasherArgon2ConfigParallelism                    = "hashers.argon2.parallelism"
	ViperKeyHasherArgon2ConfigSaltLength                     = "hashers.argon2.salt_length"
	ViperKeyHasherArgon2ConfigKeyLength                      = "hashers.argon2.key_length"
	ViperKeyHasherArgon2ConfigExpectedDuration               = "hashers.argon2.expected_duration"
	ViperKeyHasherArgon2ConfigExpectedDeviation              = "hashers.argon2.expected_deviation"
	ViperKeyHasherArgon2ConfigDedicatedMemory                = "hashers.argon2.dedicated_memory"
	ViperKeyHasherBcryptCost                                 = "hashers.bcrypt.cost"
	ViperKeyCipherAlgorithm                                  = "ciphers.algorithm"
	ViperKeyDatabaseCleanupSleepTables                       = "database.cleanup.sleep.tables"
	ViperKeyDatabaseCleanupBatchSize                         = "database.cleanup.batch_size"
	ViperKeyLinkLifespan                                     = "selfservice.methods.link.config.lifespan"
	ViperKeyLinkBaseURL                                      = "selfservice.methods.link.config.base_url"
	ViperKeyCodeLifespan                                     = "selfservice.methods.code.config.lifespan"
	ViperKeyCodeConfigMissingCredentialFallbackEnabled       = "selfservice.methods.code.config.missing_credential_fallback_enabled"
	ViperKeyPasswordHaveIBeenPwnedHost                       = "selfservice.methods.password.config.haveibeenpwned_host"
	ViperKeyPasswordHaveIBeenPwnedEnabled                    = "selfservice.methods.password.config.haveibeenpwned_enabled"
	ViperKeyPasswordMaxBreaches                              = "selfservice.methods.password.config.max_breaches"
	ViperKeyPasswordMinLength                                = "selfservice.methods.password.config.min_password_length"
	ViperKeyPasswordIdentifierSimilarityCheckEnabled         = "selfservice.methods.password.config.identifier_similarity_check_enabled"
	ViperKeyIgnoreNetworkErrors                              = "selfservice.methods.password.config.ignore_network_errors"
	ViperKeyTOTPIssuer                                       = "selfservice.methods.totp.config.issuer"
	ViperKeyOIDCBaseRedirectURL                              = "selfservice.methods.oidc.config.base_redirect_uri"
	ViperKeyWebAuthnRPDisplayName                            = "selfservice.methods.webauthn.config.rp.display_name"
	ViperKeyWebAuthnRPID                                     = "selfservice.methods.webauthn.config.rp.id"
	ViperKeyWebAuthnRPOrigin                                 = "selfservice.methods.webauthn.config.rp.origin"
	ViperKeyWebAuthnRPOrigins                                = "selfservice.methods.webauthn.config.rp.origins"
	ViperKeyWebAuthnPasswordless                             = "selfservice.methods.webauthn.config.passwordless"
	ViperKeyPasskeyEnabled                                   = "selfservice.methods.passkey.enabled"
	ViperKeyPasskeyRPDisplayName                             = "selfservice.methods.passkey.config.rp.display_name"
	ViperKeyPasskeyRPID                                      = "selfservice.methods.passkey.config.rp.id"
	ViperKeyPasskeyRPOrigins                                 = "selfservice.methods.passkey.config.rp.origins"
	ViperKeyOAuth2ProviderURL                                = "oauth2_provider.url"
	ViperKeyOAuth2ProviderHeader                             = "oauth2_provider.headers"
	ViperKeyOAuth2ProviderOverrideReturnTo                   = "oauth2_provider.override_return_to"
	ViperKeyClientHTTPNoPrivateIPRanges                      = "clients.http.disallow_private_ip_ranges"
	ViperKeyClientHTTPPrivateIPExceptionURLs                 = "clients.http.private_ip_exception_urls"
	ViperKeyPreviewDefaultReadConsistencyLevel               = "preview.default_read_consistency_level"
	ViperKeyVersion                                          = "version"
	ViperKeyPasswordMigrationHook                            = "selfservice.methods.password.config.migrate_hook"
)
View Source
const (
	HighestAvailableAAL                 = "highest_available"
	Argon2DefaultMemory                 = 128 * bytesize.MB
	Argon2DefaultIterations      uint32 = 1
	Argon2DefaultSaltLength      uint32 = 16
	Argon2DefaultKeyLength       uint32 = 32
	Argon2DefaultDuration               = 500 * time.Millisecond
	Argon2DefaultDeviation              = 500 * time.Millisecond
	Argon2DefaultDedicatedMemory        = 1 * bytesize.GB
	BcryptDefaultCost            uint32 = 12
)
View Source
const DefaultSessionCookieName = "ory_kratos_session"

DefaultSessionCookieName returns the default cookie name for the kratos session.

View Source
const HookGlobal = "global"

Variables

View Source
var (
	Version = "master"
	Date    = "undefined"
	Commit  = "undefined"
)
View Source
var Argon2DefaultParallelism = uint8(runtime.NumCPU() * 2)

Functions

func HookStrategyKey

func HookStrategyKey(key, strategy string) string

func NewConfigHashHandler

func NewConfigHashHandler(c Provider, router router)

func SetValidateIdentitySchemaResilientClientOptions added in v0.11.0

func SetValidateIdentitySchemaResilientClientOptions(ctx context.Context, options []httpx.ResilientOptions) context.Context

func ToCipherSecrets added in v1.3.0

func ToCipherSecrets(secrets []string) [][32]byte

Types

type Argon2

type Argon2 struct {
	Memory            bytesize.ByteSize `json:"memory"`
	Iterations        uint32            `json:"iterations"`
	Parallelism       uint8             `json:"parallelism"`
	SaltLength        uint32            `json:"salt_length"`
	KeyLength         uint32            `json:"key_length"`
	ExpectedDuration  time.Duration     `json:"expected_duration"`
	ExpectedDeviation time.Duration     `json:"expected_deviation"`
	DedicatedMemory   bytesize.ByteSize `json:"dedicated_memory"`
}

func (*Argon2) MarshalJSON

func (c *Argon2) MarshalJSON() ([]byte, error)

type Bcrypt

type Bcrypt struct {
	Cost uint32 `json:"cost"`
}

type CertFunc added in v0.11.0

type CertFunc = func(*tls.ClientHelloInfo) (*tls.Certificate, error)

type Config

type Config struct {
	// contains filtered or unexported fields
}

func MustNew

func MustNew(t testing.TB, l *logrusx.Logger, stdOutOrErr io.Writer, ctxer contextx.Contextualizer, opts ...configx.OptionModifier) *Config

func New

func New(ctx context.Context, l *logrusx.Logger, stdOutOrErr io.Writer, ctxer contextx.Contextualizer, opts ...configx.OptionModifier) (*Config, error)

func NewCustom added in v0.11.0

func NewCustom(l *logrusx.Logger, p *configx.Provider, stdOutOrErr io.Writer, ctxt contextx.Contextualizer) *Config

func (*Config) AdminListenOn

func (p *Config) AdminListenOn(ctx context.Context) string

func (*Config) AdminSocketPermission

func (p *Config) AdminSocketPermission(ctx context.Context) *configx.UnixPermission

func (*Config) CORS

func (p *Config) CORS(ctx context.Context, iface string) (cors.Options, bool)

func (*Config) CipherAlgorithm

func (p *Config) CipherAlgorithm(ctx context.Context) string

func (*Config) ClientHTTPNoPrivateIPRanges

func (p *Config) ClientHTTPNoPrivateIPRanges(ctx context.Context) bool

func (*Config) ClientHTTPPrivateIPExceptionURLs added in v0.11.0

func (p *Config) ClientHTTPPrivateIPExceptionURLs(ctx context.Context) []string

func (*Config) ConfigVersion

func (p *Config) ConfigVersion(ctx context.Context) string

func (*Config) CookieDomain

func (p *Config) CookieDomain(ctx context.Context) string

func (*Config) CookiePath

func (p *Config) CookiePath(ctx context.Context) string

func (*Config) CookieSameSiteMode

func (p *Config) CookieSameSiteMode(ctx context.Context) http.SameSite

func (*Config) CourierChannels added in v1.1.0

func (p *Config) CourierChannels(ctx context.Context) (ccs []*CourierChannel, _ error)

func (*Config) CourierEmailRequestConfig added in v1.0.0

func (p *Config) CourierEmailRequestConfig(ctx context.Context) json.RawMessage

func (*Config) CourierEmailStrategy added in v1.0.0

func (p *Config) CourierEmailStrategy(ctx context.Context) string

func (*Config) CourierEmailTemplatesHelper added in v1.1.0

func (p *Config) CourierEmailTemplatesHelper(ctx context.Context, key string) *CourierEmailTemplate

func (*Config) CourierExposeMetricsPort

func (p *Config) CourierExposeMetricsPort(ctx context.Context) int

func (*Config) CourierMessageRetries added in v0.11.0

func (p *Config) CourierMessageRetries(ctx context.Context) int

func (*Config) CourierSMSTemplatesHelper added in v1.1.0

func (p *Config) CourierSMSTemplatesHelper(ctx context.Context, key string) *CourierSMSTemplate

func (*Config) CourierSMSTemplatesLoginCodeValid added in v1.1.0

func (p *Config) CourierSMSTemplatesLoginCodeValid(ctx context.Context) *CourierSMSTemplate

func (*Config) CourierSMSTemplatesVerificationCodeValid added in v1.1.0

func (p *Config) CourierSMSTemplatesVerificationCodeValid(ctx context.Context) *CourierSMSTemplate

func (*Config) CourierSMTPHeaders

func (p *Config) CourierSMTPHeaders(ctx context.Context) map[string]string

func (*Config) CourierTemplatesLoginCodeValid added in v1.1.0

func (p *Config) CourierTemplatesLoginCodeValid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesRecoveryCodeInvalid added in v0.11.0

func (p *Config) CourierTemplatesRecoveryCodeInvalid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesRecoveryCodeValid added in v0.11.0

func (p *Config) CourierTemplatesRecoveryCodeValid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesRecoveryInvalid

func (p *Config) CourierTemplatesRecoveryInvalid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesRecoveryValid

func (p *Config) CourierTemplatesRecoveryValid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesRegistrationCodeValid added in v1.1.0

func (p *Config) CourierTemplatesRegistrationCodeValid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesRoot

func (p *Config) CourierTemplatesRoot(ctx context.Context) string

func (*Config) CourierTemplatesVerificationCodeInvalid added in v0.11.0

func (p *Config) CourierTemplatesVerificationCodeInvalid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesVerificationCodeValid added in v0.11.0

func (p *Config) CourierTemplatesVerificationCodeValid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesVerificationInvalid

func (p *Config) CourierTemplatesVerificationInvalid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierTemplatesVerificationValid

func (p *Config) CourierTemplatesVerificationValid(ctx context.Context) *CourierEmailTemplate

func (*Config) CourierWorkerPullCount added in v1.1.0

func (p *Config) CourierWorkerPullCount(ctx context.Context) int

func (*Config) CourierWorkerPullWait added in v1.1.0

func (p *Config) CourierWorkerPullWait(ctx context.Context) time.Duration

func (*Config) DSN

func (p *Config) DSN(ctx context.Context) string

func (*Config) DatabaseCleanupBatchSize added in v0.11.0

func (p *Config) DatabaseCleanupBatchSize(ctx context.Context) int

func (*Config) DatabaseCleanupSleepTables added in v0.11.0

func (p *Config) DatabaseCleanupSleepTables(ctx context.Context) time.Duration

func (*Config) DefaultConsistencyLevel added in v1.1.0

func (p *Config) DefaultConsistencyLevel(ctx context.Context) crdbx.ConsistencyLevel

func (*Config) DefaultIdentityTraitsSchemaID

func (p *Config) DefaultIdentityTraitsSchemaID(ctx context.Context) string

func (*Config) DefaultIdentityTraitsSchemaURL

func (p *Config) DefaultIdentityTraitsSchemaURL(ctx context.Context) (*url.URL, error)

func (*Config) DisableAPIFlowEnforcement

func (p *Config) DisableAPIFlowEnforcement(ctx context.Context) bool

func (*Config) DisableAdminHealthRequestLog

func (p *Config) DisableAdminHealthRequestLog(ctx context.Context) bool

func (*Config) DisablePublicHealthRequestLog

func (p *Config) DisablePublicHealthRequestLog(ctx context.Context) bool

func (*Config) FeatureFlagFasterSessionExtend added in v1.3.0

func (p *Config) FeatureFlagFasterSessionExtend(ctx context.Context) bool

func (*Config) GetProvider added in v0.11.0

func (p *Config) GetProvider(ctx context.Context) *configx.Provider

func (*Config) GetTLSCertificatesForAdmin added in v0.11.0

func (p *Config) GetTLSCertificatesForAdmin(ctx context.Context) CertFunc

func (*Config) GetTLSCertificatesForPublic added in v0.11.0

func (p *Config) GetTLSCertificatesForPublic(ctx context.Context) CertFunc

func (*Config) HasherArgon2

func (p *Config) HasherArgon2(ctx context.Context) *Argon2

func (*Config) HasherBcrypt

func (p *Config) HasherBcrypt(ctx context.Context) *Bcrypt

func (*Config) HasherPasswordHashingAlgorithm

func (p *Config) HasherPasswordHashingAlgorithm(ctx context.Context) string

func (*Config) IdentityTraitsSchemas

func (p *Config) IdentityTraitsSchemas(ctx context.Context) (ss Schemas, err error)

func (*Config) IsBackgroundCourierEnabled

func (p *Config) IsBackgroundCourierEnabled(ctx context.Context) bool

func (*Config) IsInsecureDevMode

func (p *Config) IsInsecureDevMode(ctx context.Context) bool

func (*Config) MetricsListenOn

func (p *Config) MetricsListenOn(ctx context.Context) string

func (*Config) MustSet deprecated

func (p *Config) MustSet(_ context.Context, key string, value interface{})

Deprecated: use context-based WithConfigValue instead

func (*Config) OAuth2ProviderHeader added in v0.11.0

func (p *Config) OAuth2ProviderHeader(ctx context.Context) http.Header

func (*Config) OAuth2ProviderOverrideReturnTo added in v1.0.0

func (p *Config) OAuth2ProviderOverrideReturnTo(ctx context.Context) bool

func (*Config) OAuth2ProviderURL added in v0.11.0

func (p *Config) OAuth2ProviderURL(ctx context.Context) *url.URL

func (*Config) OIDCRedirectURIBase

func (p *Config) OIDCRedirectURIBase(ctx context.Context) *url.URL

func (*Config) ParseAbsoluteOrRelativeURI

func (p *Config) ParseAbsoluteOrRelativeURI(rawUrl string) (*url.URL, error)

func (*Config) ParseAbsoluteOrRelativeURIOrFail

func (p *Config) ParseAbsoluteOrRelativeURIOrFail(ctx context.Context, key string) *url.URL

func (*Config) ParseURI

func (p *Config) ParseURI(rawUrl string) (*url.URL, error)

func (*Config) ParseURIOrFail

func (p *Config) ParseURIOrFail(ctx context.Context, key string) *url.URL

func (*Config) PasskeyConfig added in v1.2.0

func (p *Config) PasskeyConfig(ctx context.Context) *webauthn.Config

func (*Config) PasswordMigrationHook added in v1.3.0

func (p *Config) PasswordMigrationHook(ctx context.Context) *PasswordMigrationHook

func (*Config) PasswordPolicyConfig

func (p *Config) PasswordPolicyConfig(ctx context.Context) *PasswordPolicy

func (*Config) PublicListenOn

func (p *Config) PublicListenOn(ctx context.Context) string

func (*Config) PublicSocketPermission

func (p *Config) PublicSocketPermission(ctx context.Context) *configx.UnixPermission

func (*Config) SecretsCipher

func (p *Config) SecretsCipher(ctx context.Context) [][32]byte

func (*Config) SecretsDefault

func (p *Config) SecretsDefault(ctx context.Context) [][]byte

func (*Config) SecretsSession

func (p *Config) SecretsSession(ctx context.Context) [][]byte

func (*Config) SecurityAccountEnumerationMitigate added in v1.3.0

func (p *Config) SecurityAccountEnumerationMitigate(ctx context.Context) bool

func (*Config) SelfAdminURL

func (p *Config) SelfAdminURL(ctx context.Context) *url.URL

func (*Config) SelfPublicURL

func (p *Config) SelfPublicURL(ctx context.Context) *url.URL

func (*Config) SelfServiceBrowserAllowedReturnToDomains

func (p *Config) SelfServiceBrowserAllowedReturnToDomains(ctx context.Context) (us []url.URL)

func (*Config) SelfServiceBrowserDefaultReturnTo

func (p *Config) SelfServiceBrowserDefaultReturnTo(ctx context.Context) *url.URL

func (*Config) SelfServiceCodeMethodLifespan added in v0.11.0

func (p *Config) SelfServiceCodeMethodLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceCodeMethodMissingCredentialFallbackEnabled added in v1.3.0

func (p *Config) SelfServiceCodeMethodMissingCredentialFallbackEnabled(ctx context.Context) bool

func (*Config) SelfServiceCodeStrategy added in v1.1.0

func (p *Config) SelfServiceCodeStrategy(ctx context.Context) *SelfServiceStrategyCode

func (*Config) SelfServiceFlowErrorURL

func (p *Config) SelfServiceFlowErrorURL(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowLoginAfterHooks

func (p *Config) SelfServiceFlowLoginAfterHooks(ctx context.Context, strategy string) []SelfServiceHook

func (*Config) SelfServiceFlowLoginBeforeHooks

func (p *Config) SelfServiceFlowLoginBeforeHooks(ctx context.Context) []SelfServiceHook

func (*Config) SelfServiceFlowLoginRequestLifespan

func (p *Config) SelfServiceFlowLoginRequestLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceFlowLoginReturnTo

func (p *Config) SelfServiceFlowLoginReturnTo(ctx context.Context, strategy string) *url.URL

func (*Config) SelfServiceFlowLoginUI

func (p *Config) SelfServiceFlowLoginUI(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowLogoutRedirectURL

func (p *Config) SelfServiceFlowLogoutRedirectURL(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowRecoveryAfterHooks

func (p *Config) SelfServiceFlowRecoveryAfterHooks(ctx context.Context, strategy string) []SelfServiceHook

func (*Config) SelfServiceFlowRecoveryBeforeHooks added in v0.11.0

func (p *Config) SelfServiceFlowRecoveryBeforeHooks(ctx context.Context) []SelfServiceHook

func (*Config) SelfServiceFlowRecoveryEnabled

func (p *Config) SelfServiceFlowRecoveryEnabled(ctx context.Context) bool

func (*Config) SelfServiceFlowRecoveryNotifyUnknownRecipients added in v0.13.0

func (p *Config) SelfServiceFlowRecoveryNotifyUnknownRecipients(ctx context.Context) bool

func (*Config) SelfServiceFlowRecoveryRequestLifespan

func (p *Config) SelfServiceFlowRecoveryRequestLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceFlowRecoveryReturnTo

func (p *Config) SelfServiceFlowRecoveryReturnTo(ctx context.Context, defaultReturnTo *url.URL) *url.URL

func (*Config) SelfServiceFlowRecoveryUI

func (p *Config) SelfServiceFlowRecoveryUI(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowRecoveryUse added in v0.11.0

func (p *Config) SelfServiceFlowRecoveryUse(ctx context.Context) string

func (*Config) SelfServiceFlowRegistrationAfterHooks

func (p *Config) SelfServiceFlowRegistrationAfterHooks(ctx context.Context, strategy string) []SelfServiceHook

func (*Config) SelfServiceFlowRegistrationBeforeHooks

func (p *Config) SelfServiceFlowRegistrationBeforeHooks(ctx context.Context) []SelfServiceHook

func (*Config) SelfServiceFlowRegistrationEnabled

func (p *Config) SelfServiceFlowRegistrationEnabled(ctx context.Context) bool

func (*Config) SelfServiceFlowRegistrationLoginHints added in v1.1.0

func (p *Config) SelfServiceFlowRegistrationLoginHints(ctx context.Context) bool

func (*Config) SelfServiceFlowRegistrationRequestLifespan

func (p *Config) SelfServiceFlowRegistrationRequestLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceFlowRegistrationReturnTo

func (p *Config) SelfServiceFlowRegistrationReturnTo(ctx context.Context, strategy string) *url.URL

func (*Config) SelfServiceFlowRegistrationTwoSteps added in v1.2.0

func (p *Config) SelfServiceFlowRegistrationTwoSteps(ctx context.Context) bool

func (*Config) SelfServiceFlowRegistrationUI

func (p *Config) SelfServiceFlowRegistrationUI(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowSettingsAfterHooks

func (p *Config) SelfServiceFlowSettingsAfterHooks(ctx context.Context, strategy string) []SelfServiceHook

func (*Config) SelfServiceFlowSettingsBeforeHooks added in v0.11.0

func (p *Config) SelfServiceFlowSettingsBeforeHooks(ctx context.Context) []SelfServiceHook

func (*Config) SelfServiceFlowSettingsFlowLifespan

func (p *Config) SelfServiceFlowSettingsFlowLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceFlowSettingsPrivilegedSessionMaxAge

func (p *Config) SelfServiceFlowSettingsPrivilegedSessionMaxAge(ctx context.Context) time.Duration

func (*Config) SelfServiceFlowSettingsReturnTo

func (p *Config) SelfServiceFlowSettingsReturnTo(ctx context.Context, strategy string, defaultReturnTo *url.URL) *url.URL

func (*Config) SelfServiceFlowSettingsUI

func (p *Config) SelfServiceFlowSettingsUI(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowVerificationAfterHooks

func (p *Config) SelfServiceFlowVerificationAfterHooks(ctx context.Context, strategy string) []SelfServiceHook

func (*Config) SelfServiceFlowVerificationBeforeHooks added in v0.11.0

func (p *Config) SelfServiceFlowVerificationBeforeHooks(ctx context.Context) []SelfServiceHook

func (*Config) SelfServiceFlowVerificationEnabled

func (p *Config) SelfServiceFlowVerificationEnabled(ctx context.Context) bool

func (*Config) SelfServiceFlowVerificationNotifyUnknownRecipients added in v0.13.0

func (p *Config) SelfServiceFlowVerificationNotifyUnknownRecipients(ctx context.Context) bool

func (*Config) SelfServiceFlowVerificationRequestLifespan

func (p *Config) SelfServiceFlowVerificationRequestLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceFlowVerificationReturnTo

func (p *Config) SelfServiceFlowVerificationReturnTo(ctx context.Context, defaultReturnTo *url.URL) *url.URL

func (*Config) SelfServiceFlowVerificationUI

func (p *Config) SelfServiceFlowVerificationUI(ctx context.Context) *url.URL

func (*Config) SelfServiceFlowVerificationUse added in v0.11.0

func (p *Config) SelfServiceFlowVerificationUse(ctx context.Context) string

func (*Config) SelfServiceLinkMethodBaseURL

func (p *Config) SelfServiceLinkMethodBaseURL(ctx context.Context) *url.URL

func (*Config) SelfServiceLinkMethodLifespan

func (p *Config) SelfServiceLinkMethodLifespan(ctx context.Context) time.Duration

func (*Config) SelfServiceLoginFlowIdentifierFirstEnabled added in v1.3.0

func (p *Config) SelfServiceLoginFlowIdentifierFirstEnabled(ctx context.Context) bool

func (*Config) SelfServiceSettingsRequiredAAL

func (p *Config) SelfServiceSettingsRequiredAAL(ctx context.Context) string

func (*Config) SelfServiceStrategy

func (p *Config) SelfServiceStrategy(ctx context.Context, strategy string) *SelfServiceStrategy

func (*Config) SessionDomain

func (p *Config) SessionDomain(ctx context.Context) string

func (*Config) SessionLifespan

func (p *Config) SessionLifespan(ctx context.Context) time.Duration

SessionLifespan returns time.Hour*24 when the value is not set.

func (*Config) SessionName

func (p *Config) SessionName(ctx context.Context) string

func (*Config) SessionPath

func (p *Config) SessionPath(ctx context.Context) string

func (*Config) SessionPersistentCookie

func (p *Config) SessionPersistentCookie(ctx context.Context) bool

func (*Config) SessionRefreshMinTimeLeft

func (p *Config) SessionRefreshMinTimeLeft(ctx context.Context) time.Duration

func (*Config) SessionSameSiteMode

func (p *Config) SessionSameSiteMode(ctx context.Context) http.SameSite

func (*Config) SessionWhoAmIAAL

func (p *Config) SessionWhoAmIAAL(ctx context.Context) string

func (*Config) SessionWhoAmICaching added in v0.11.0

func (p *Config) SessionWhoAmICaching(ctx context.Context) bool

func (*Config) SessionWhoAmICachingMaxAge added in v1.2.0

func (p *Config) SessionWhoAmICachingMaxAge(ctx context.Context) time.Duration

func (*Config) Set deprecated

func (p *Config) Set(_ context.Context, key string, value interface{}) error

Deprecated: use context-based WithConfigValue instead

func (*Config) TOTPIssuer

func (p *Config) TOTPIssuer(ctx context.Context) string

func (*Config) TokenizeTemplate added in v1.1.0

func (p *Config) TokenizeTemplate(ctx context.Context, key string) (_ *SessionTokenizeFormat, err error)

func (*Config) Tracing

func (p *Config) Tracing(ctx context.Context) *otelx.Config

func (*Config) UseContinueWithTransitions added in v1.1.0

func (p *Config) UseContinueWithTransitions(ctx context.Context) bool

func (*Config) WebAuthnConfig

func (p *Config) WebAuthnConfig(ctx context.Context) *webauthn.Config

func (*Config) WebAuthnForPasswordless

func (p *Config) WebAuthnForPasswordless(ctx context.Context) bool

type CourierChannel added in v1.1.0

type CourierChannel struct {
	ID               string          `json:"id" koanf:"id"`
	Type             string          `json:"type" koanf:"type"`
	SMTPConfig       *SMTPConfig     `json:"smtp_config" koanf:"smtp_config"`
	RequestConfig    json.RawMessage `json:"request_config" koanf:"-"`
	RequestConfigRaw map[string]any  `json:"-" koanf:"request_config"`
}

type CourierConfigs

type CourierConfigs interface {
	CourierTemplatesRoot(ctx context.Context) string
	CourierTemplatesVerificationInvalid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesVerificationValid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesRecoveryInvalid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesRecoveryValid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesRecoveryCodeInvalid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesRecoveryCodeValid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesVerificationCodeInvalid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesVerificationCodeValid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesLoginCodeValid(ctx context.Context) *CourierEmailTemplate
	CourierTemplatesRegistrationCodeValid(ctx context.Context) *CourierEmailTemplate
	CourierSMSTemplatesVerificationCodeValid(ctx context.Context) *CourierSMSTemplate
	CourierSMSTemplatesLoginCodeValid(ctx context.Context) *CourierSMSTemplate
	CourierMessageRetries(ctx context.Context) int
	CourierWorkerPullCount(ctx context.Context) int
	CourierWorkerPullWait(ctx context.Context) time.Duration
	CourierChannels(context.Context) ([]*CourierChannel, error)
}

type CourierEmailBodyTemplate

type CourierEmailBodyTemplate struct {
	PlainText string `json:"plaintext"`
	HTML      string `json:"html"`
}

type CourierEmailTemplate

type CourierEmailTemplate struct {
	Body    *CourierEmailBodyTemplate `json:"body"`
	Subject string                    `json:"subject"`
}

type CourierSMSTemplate added in v1.1.0

type CourierSMSTemplate struct {
	Body *CourierSMSTemplateBody `json:"body"`
}

type CourierSMSTemplateBody added in v1.1.0

type CourierSMSTemplateBody struct {
	PlainText string `json:"plaintext"`
}

type PasswordMigrationHook added in v1.3.0

type PasswordMigrationHook struct {
	Enabled bool            `json:"enabled" koanf:"enabled"`
	Config  json.RawMessage `json:"config" koanf:"config"`
}

type PasswordPolicy

type PasswordPolicy struct {
	HaveIBeenPwnedHost               string `json:"haveibeenpwned_host"`
	HaveIBeenPwnedEnabled            bool   `json:"haveibeenpwned_enabled"`
	MaxBreaches                      uint   `json:"max_breaches"`
	IgnoreNetworkErrors              bool   `json:"ignore_network_errors"`
	MinPasswordLength                uint   `json:"min_password_length"`
	IdentifierSimilarityCheckEnabled bool   `json:"identifier_similarity_check_enabled"`
}

type Provider

type Provider interface {
	Config() *Config
}

type SMTPConfig added in v1.1.0

type SMTPConfig struct {
	ConnectionURI  string            `json:"connection_uri" koanf:"connection_uri"`
	ClientCertPath string            `json:"client_cert_path" koanf:"client_cert_path"`
	ClientKeyPath  string            `json:"client_key_path" koanf:"client_key_path"`
	FromAddress    string            `json:"from_address" koanf:"from_address"`
	FromName       string            `json:"from_name" koanf:"from_name"`
	Headers        map[string]string `json:"headers" koanf:"headers"`
	LocalName      string            `json:"local_name" koanf:"local_name"`
}

type Schema

type Schema struct {
	ID  string `json:"id" koanf:"id"`
	URL string `json:"url" koanf:"url"`
}

type Schemas

type Schemas []Schema

func (Schemas) FindSchemaByID

func (s Schemas) FindSchemaByID(id string) (*Schema, error)

type SelfServiceHook

type SelfServiceHook struct {
	Name   string          `json:"hook"`
	Config json.RawMessage `json:"config"`
}

type SelfServiceStrategy

type SelfServiceStrategy struct {
	Enabled bool            `json:"enabled"`
	Config  json.RawMessage `json:"config"`
}

type SelfServiceStrategyCode added in v1.1.0

type SelfServiceStrategyCode struct {
	*SelfServiceStrategy
	PasswordlessEnabled bool `json:"passwordless_enabled"`
	MFAEnabled          bool `json:"mfa_enabled"`
}

type SessionTokenizeFormat added in v1.1.0

type SessionTokenizeFormat struct {
	TTL             time.Duration `koanf:"ttl" json:"ttl"`
	ClaimsMapperURL string        `koanf:"claims_mapper_url" json:"claims_mapper_url"`
	JWKSURL         string        `koanf:"jwks_url" json:"jwks_url"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL