Documentation
¶
Index ¶
- Constants
- Variables
- type Selector
- func LoadSelector(cfg *config.PolicySelector) (Selector, error)
- func NewClaimsSelector(cfg *config.ClaimsSelectorConf) Selector
- func NewMigrationSelector(cfg *config.MigrationSelectorConf, ss accountssvc.AccountsService) Selector
- func NewRegexSelector(cfg *config.RegexSelectorConf) Selector
- func NewStaticSelector(cfg *config.StaticSelectorConf) Selector
Constants ¶
const (
SelectorCookieName = "owncloud-selector"
)
Variables ¶
var ( // ErrMultipleSelectors in case there is more then one selector configured. ErrMultipleSelectors = fmt.Errorf("only one type of policy-selector (static, migration, claim or regex) can be configured") // ErrSelectorConfigIncomplete if policy_selector conf is missing ErrSelectorConfigIncomplete = fmt.Errorf("missing either \"static\", \"migration\", \"claim\" or \"regex\" configuration in policy_selector config ") // ErrUnexpectedConfigError unexpected config error ErrUnexpectedConfigError = fmt.Errorf("could not initialize policy-selector for given config") )
Functions ¶
This section is empty.
Types ¶
type Selector ¶
Selector is a function which selects a proxy-policy based on the request.
A policy is a random name which identifies a set of proxy-routes:
{
"policies": [
{
"name": "us-east-1",
"routes": [
{
"endpoint": "/",
"backend": "https://backend.us.example.com:8080/app"
}
]
},
{
"name": "eu-ams-1",
"routes": [
{
"endpoint": "/",
"backend": "https://backend.eu.example.com:8080/app"
}
]
}
]
}
func LoadSelector ¶
func LoadSelector(cfg *config.PolicySelector) (Selector, error)
LoadSelector constructs a specific policy-selector from a given configuration
func NewClaimsSelector ¶
func NewClaimsSelector(cfg *config.ClaimsSelectorConf) Selector
NewClaimsSelector selects the policy based on the "ocis.routing.policy" claim The policy for corner cases is configurable:
"policy_selector": {
"migration": {
"default_policy" : "ocis",
"unauthenticated_policy": "oc10"
}
},
This selector can be used in migration-scenarios where some users have already migrated from ownCloud10 to OCIS and
func NewMigrationSelector ¶
func NewMigrationSelector(cfg *config.MigrationSelectorConf, ss accountssvc.AccountsService) Selector
NewMigrationSelector selects the policy based on the existence of the oidc "preferred_username" claim in the accounts-service. The policy for each case is configurable:
"policy_selector": {
"migration": {
"acc_found_policy" : "ocis",
"acc_not_found_policy": "oc10",
"unauthenticated_policy": "oc10"
}
},
This selector can be used in migration-scenarios where some users have already migrated from ownCloud10 to OCIS and thus have an entry in ocis-accounts. All users without accounts entry are routed to the legacy ownCloud10 instance.
func NewRegexSelector ¶
func NewRegexSelector(cfg *config.RegexSelectorConf) Selector
NewRegexSelector selects the policy based on a user property The policy for each case is configurable:
"policy_selector": {
"regex": {
"matches_policies": [
{"priority": 10, "property": "mail", "match": "marie@example.org", "policy": "ocis"},
{"priority": 20, "property": "mail", "match": "[^@]+@example.org", "policy": "oc10"},
{"priority": 30, "property": "username", "match": "(einstein|feynman)", "policy": "ocis"},
{"priority": 40, "property": "username", "match": ".+", "policy": "oc10"},
{"priority": 50, "property": "id", "match": "4c510ada-c86b-4815-8820-42cdf82c3d51", "policy": "ocis"},
{"priority": 60, "property": "id", "match": "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", "policy": "oc10"}
],
"unauthenticated_policy": "oc10"
}
},
This selector can be used in migration-scenarios where some users have already migrated from ownCloud10 to OCIS and
func NewStaticSelector ¶
func NewStaticSelector(cfg *config.StaticSelectorConf) Selector
NewStaticSelector returns a selector which uses a pre-configured policy.
Configuration:
"policy_selector": {
"static": {"policy" : "ocis"}
},
Source Files