middleware

package
v1.14.0-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 27, 2021 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// SupportedAuthStrategies stores configured challenges.
	SupportedAuthStrategies []string

	// ProxyWwwAuthenticate is a list of endpoints that do not rely on reva underlying authentication, such as ocs.
	// services that fallback to reva authentication are declared in the "frontend" command on oCIS. It is a list of strings
	// to be regexp compiled.
	ProxyWwwAuthenticate = []string{"/ocs/v[12].php/cloud/"}

	// WWWAuthenticate captures the Www-Authenticate header string.
	WWWAuthenticate = "Www-Authenticate"
)

Functions

func AccessLog 

func AccessLog(logger log.Logger) func(http.Handler) http.Handler

AccessLog is a middleware to log http requests at info level logging.

func AccountResolver 

func AccountResolver(optionSetters ...Option) func(next http.Handler) http.Handler

AccountResolver provides a middleware which mints a jwt and adds it to the proxied request based on the oidc-claims

func Authentication 

func Authentication(opts ...Option) func(next http.Handler) http.Handler

Authentication is a higher order authentication middleware.

func BasicAuth 

func BasicAuth(optionSetters ...Option) func(next http.Handler) http.Handler

BasicAuth provides a middleware to check if BasicAuth is provided

func CreateHome 

func CreateHome(optionSetters ...Option) func(next http.Handler) http.Handler

CreateHome provides a middleware which sends a CreateHome request to the reva gateway

func HTTPSRedirect 

func HTTPSRedirect(next http.Handler) http.Handler

HTTPSRedirect redirects insecure requests to https

func OIDCAuth 

func OIDCAuth(optionSetters ...Option) func(next http.Handler) http.Handler

OIDCAuth provides a middleware to check access secured by a static token.

func PublicShareAuth added in v1.14.0 

func PublicShareAuth(opts ...Option) func(next http.Handler) http.Handler

PublicShareAuth ...

func SelectorCookie 

func SelectorCookie(optionSetters ...Option) func(next http.Handler) http.Handler

SelectorCookie provides a middleware which

func SignedURLAuth 

func SignedURLAuth(optionSetters ...Option) func(next http.Handler) http.Handler

SignedURLAuth provides a middleware to check access secured by a signed URL.

Types

type OIDCProvider 

type OIDCProvider interface {
	UserInfo(ctx context.Context, ts oauth2.TokenSource) (*gOidc.UserInfo, error)
}

OIDCProvider used to mock the oidc provider during tests

type Option 

type Option func(o *Options)

Option defines a single option function.

func AccountsClient 

func AccountsClient(ac acc.AccountsService) Option

AccountsClient provides a function to set the accounts client config option.

func AutoprovisionAccounts 

func AutoprovisionAccounts(val bool) Option

AutoprovisionAccounts provides a function to set the AutoprovisionAccounts config

func CredentialsByUserAgent 

func CredentialsByUserAgent(v map[string]string) Option

CredentialsByUserAgent sets UserAgentChallenges.

func EnableBasicAuth 

func EnableBasicAuth(enableBasicAuth bool) Option

EnableBasicAuth provides a function to set the EnableBasicAuth config

func HTTPClient 

func HTTPClient(c *http.Client) Option

HTTPClient provides a function to set the http client config option.

func Logger 

func Logger(l log.Logger) Option

Logger provides a function to set the logger option.

func OIDCIss 

func OIDCIss(iss string) Option

OIDCIss sets the oidcAuth issuer url

func OIDCProviderFunc 

func OIDCProviderFunc(f func() (OIDCProvider, error)) Option

OIDCProviderFunc provides a function to set the the oidc provider function option.

func PolicySelectorConfig 

func PolicySelectorConfig(cfg config.PolicySelector) Option

PolicySelectorConfig provides a function to set the policy selector config option.

func PreSignedURLConfig 

func PreSignedURLConfig(cfg config.PreSignedURL) Option

PreSignedURLConfig provides a function to set the PreSignedURL config

func RevaGatewayClient 

func RevaGatewayClient(gc gateway.GatewayAPIClient) Option

RevaGatewayClient provides a function to set the the reva gateway service client option.

func SettingsRoleService 

func SettingsRoleService(rc settings.RoleService) Option

SettingsRoleService provides a function to set the role service option.

func Store 

func Store(sc storepb.StoreService) Option

Store provides a function to set the store option.

func TokenCacheSize 

func TokenCacheSize(size int) Option

TokenCacheSize provides a function to set the TokenCacheSize

func TokenCacheTTL 

func TokenCacheTTL(ttl time.Duration) Option

TokenCacheTTL provides a function to set the TokenCacheTTL

func TokenManagerConfig 

func TokenManagerConfig(cfg config.TokenManager) Option

TokenManagerConfig provides a function to set the token manger config option.

func UserCS3Claim 

func UserCS3Claim(val string) Option

UserCS3Claim provides a function to set the UserClaimType config

func UserOIDCClaim 

func UserOIDCClaim(val string) Option

UserOIDCClaim provides a function to set the UserClaim config

func UserProvider 

func UserProvider(up backend.UserBackend) Option

UserProvider sets the accounts user provider

type Options 

type Options struct {
	// Logger to use for logging, must be set
	Logger log.Logger
	// TokenManagerConfig for communicating with the reva token manager
	TokenManagerConfig config.TokenManager
	// PolicySelectorConfig for using the policy selector
	PolicySelector config.PolicySelector
	// HTTPClient to use for communication with the oidcAuth provider
	HTTPClient *http.Client
	// AccountsClient for resolving accounts
	AccountsClient acc.AccountsService
	// UP
	UserProvider backend.UserBackend
	// SettingsRoleService for the roles API in settings
	SettingsRoleService settings.RoleService
	// OIDCProviderFunc to lazily initialize an oidc provider, must be set for the oidc_auth middleware
	OIDCProviderFunc func() (OIDCProvider, error)
	// OIDCIss is the oidcAuth-issuer
	OIDCIss string
	// RevaGatewayClient to send requests to the reva gateway
	RevaGatewayClient gateway.GatewayAPIClient
	// Store for persisting data
	Store storepb.StoreService
	// PreSignedURLConfig to configure the middleware
	PreSignedURLConfig config.PreSignedURL
	// UserOIDCClaim to read from the oidc claims
	UserOIDCClaim string
	// UserCS3Claim to use when looking up a user in the CS3 API
	UserCS3Claim string
	// AutoprovisionAccounts when an accountResolver does not exist.
	AutoprovisionAccounts bool
	// EnableBasicAuth to allow basic auth
	EnableBasicAuth bool
	// UserinfoCacheSize defines the max number of entries in the userinfo cache, intended for the oidc_auth middleware
	UserinfoCacheSize int
	// UserinfoCacheTTL sets the max cache duration for the userinfo cache, intended for the oidc_auth middleware
	UserinfoCacheTTL time.Duration
	// CredentialsByUserAgent sets the auth challenges on a per user-agent basis
	CredentialsByUserAgent map[string]string
}

Options defines the available options for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.