pomerium

module
v0.10.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 28, 2020 License: Apache-2.0

README

pomerium logo

pomerium chat Travis CI Go Report Card GoDoc LICENSE codecov Docker Pulls

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.

Pomerium can be used to:

  • provide a single-sign-on gateway to internal applications.
  • enforce dynamic access policy based on context, identity, and device state.
  • aggregate access logs and telemetry data.
  • a VPN alternative.

Docs

For comprehensive docs, and tutorials see our documentation.

Directories

Path Synopsis
Package authenticate is a pomerium service that handles user authentication and refersh (AuthN).
Package authenticate is a pomerium service that handles user authentication and refersh (AuthN).
Package authorize is a pomerium service that is responsible for determining if a given request should be authorized (AuthZ).
Package authorize is a pomerium service that is responsible for determining if a given request should be authorized (AuthZ).
evaluator
Package evaluator defines a Evaluator interfaces that can be implemented by a policy evaluator framework.
Package evaluator defines a Evaluator interfaces that can be implemented by a policy evaluator framework.
evaluator/opa
Package opa implements the policy evaluator interface to make authorization decisions.
Package opa implements the policy evaluator interface to make authorization decisions.
Package cache is a pomerium service that handles the storage of user session state.
Package cache is a pomerium service that handles the storage of user session state.
cmd
Package config is a configuration abstraction that facilitates enabling Pomerium settings forvarious encoding types (JSON/YAML/ENVARS) and methods.
Package config is a configuration abstraction that facilitates enabling Pomerium settings forvarious encoding types (JSON/YAML/ENVARS) and methods.
examples
integration
internal/cluster
Package cluster is used to configure a kubernetes cluster for testing.
Package cluster is used to configure a kubernetes cluster for testing.
internal/flows
Package flows has helper functions for working with pomerium end-user use-case flows.
Package flows has helper functions for working with pomerium end-user use-case flows.
internal/forms
Package forms has helper functions for working with HTML forms.
Package forms has helper functions for working with HTML forms.
internal/netutil
Package netutil has helper types for working with network connections.
Package netutil has helper types for working with network connections.
internal
autocert
Package autocert implements automatic management of TLS certificates.
Package autocert implements automatic management of TLS certificates.
cmd/pomerium
Package pomerium houses the main pomerium CLI command.
Package pomerium houses the main pomerium CLI command.
controlplane
Package controlplane contains the HTTP and gRPC base servers and the xDS gRPC implementation for envoy.
Package controlplane contains the HTTP and gRPC base servers and the xDS gRPC implementation for envoy.
databroker
Package databroker contains a data broker implementation.
Package databroker contains a data broker implementation.
directory
Package directory implements the user group directory service.
Package directory implements the user group directory service.
directory/azure
Package azure contains an azure active directory directory provider.
Package azure contains an azure active directory directory provider.
directory/github
Package github contains a directory provider for github.
Package github contains a directory provider for github.
directory/gitlab
Package gitlab contains a directory provider for gitlab.
Package gitlab contains a directory provider for gitlab.
directory/google
Package google contains the Google directory provider.
Package google contains the Google directory provider.
directory/okta
Package okta contains the Okta directory provider.
Package okta contains the Okta directory provider.
directory/onelogin
Package onelogin contains the onelogin directory provider.
Package onelogin contains the onelogin directory provider.
encoding
Package encoding defines interfaces shared by other packages that convert data to and from byte-level and textual representations.
Package encoding defines interfaces shared by other packages that convert data to and from byte-level and textual representations.
encoding/ecjson
Package ecjson represents encrypted and compressed content using JSON-based
Package ecjson represents encrypted and compressed content using JSON-based
encoding/jws
Package jws represents content secured with digitalsignatures using JSON-based data structures as specified by rfc7515
Package jws represents content secured with digitalsignatures using JSON-based data structures as specified by rfc7515
encoding/mock
Package mock implements a mock implementation of MarshalUnmarshaler.
Package mock implements a mock implementation of MarshalUnmarshaler.
envoy
Package envoy creates and configures an envoy server.
Package envoy creates and configures an envoy server.
fileutil
Package fileutil provides file utility functions, complementing the lower level abstractions found in the standard library.
Package fileutil provides file utility functions, complementing the lower level abstractions found in the standard library.
frontend
Package frontend handles the generation, and instantiation of Pomerium's html templates.
Package frontend handles the generation, and instantiation of Pomerium's html templates.
hashutil
Package hashutil provides NON-CRYPTOGRAPHIC utility functions for hashing
Package hashutil provides NON-CRYPTOGRAPHIC utility functions for hashing
httputil
Package httputil provides HTTP utility functions, complementing the more common ones in the net/http package
Package httputil provides HTTP utility functions, complementing the more common ones in the net/http package
identity
Package identity provides support for making OpenID Connect (OIDC) and OAuth2 authenticated HTTP requests with third party identity providers.
Package identity provides support for making OpenID Connect (OIDC) and OAuth2 authenticated HTTP requests with third party identity providers.
identity/manager
Package manager contains an identity manager responsible for refreshing sessions and creating users.
Package manager contains an identity manager responsible for refreshing sessions and creating users.
identity/oauth
Package oauth provides support for making OAuth2 authorized and authenticated HTTP requests, as specified in RFC 6749.
Package oauth provides support for making OAuth2 authorized and authenticated HTTP requests, as specified in RFC 6749.
identity/oauth/github
Package github implements OAuth2 based authentication for github https://www.pomerium.io/docs/identity-providers/github.html
Package github implements OAuth2 based authentication for github https://www.pomerium.io/docs/identity-providers/github.html
identity/oidc
Package oidc implements a generic OpenID Connect provider.
Package oidc implements a generic OpenID Connect provider.
identity/oidc/azure
Package azure implements OpenID Connect for Microsoft Azure https://www.pomerium.io/docs/identity-providers/azure.html
Package azure implements OpenID Connect for Microsoft Azure https://www.pomerium.io/docs/identity-providers/azure.html
identity/oidc/gitlab
Package gitlab implements OpenID Connect for Gitlab https://www.pomerium.io/docs/identity-providers/gitlab.html
Package gitlab implements OpenID Connect for Gitlab https://www.pomerium.io/docs/identity-providers/gitlab.html
identity/oidc/google
Package google implements OpenID Connect for Google and GSuite.
Package google implements OpenID Connect for Google and GSuite.
identity/oidc/okta
Package okta implements OpenID Connect for okta https://www.pomerium.io/docs/identity-providers/okta.html
Package okta implements OpenID Connect for okta https://www.pomerium.io/docs/identity-providers/okta.html
identity/oidc/onelogin
Package onelogin implements OpenID Connect for OneLogin https://www.pomerium.io/docs/identity-providers/one-login.html
Package onelogin implements OpenID Connect for OneLogin https://www.pomerium.io/docs/identity-providers/one-login.html
log
Package log provides a global logger for zerolog.
Package log provides a global logger for zerolog.
middleware
Package middleware provides a standard set of middleware for pomerium.
Package middleware provides a standard set of middleware for pomerium.
middleware/responsewriter
Package responsewriter contains helper functions that useful for hooking into various parts of a response.
Package responsewriter contains helper functions that useful for hooking into various parts of a response.
protoutil
Package protoutil contains helper functions for protobufs.
Package protoutil contains helper functions for protobufs.
scheduler
Package scheduler contains a priority queue based on time.
Package scheduler contains a priority queue based on time.
sessions
Package sessions handles the storage, management, and validation of pomerium user sessions.
Package sessions handles the storage, management, and validation of pomerium user sessions.
sessions/cookie
Package cookie provides a cookie based implementation of session store and loader.
Package cookie provides a cookie based implementation of session store and loader.
sessions/header
Package header provides a request header based implementation of a session loader.
Package header provides a request header based implementation of a session loader.
sessions/mock
Package mock provides a mock implementation of session store and loader.
Package mock provides a mock implementation of session store and loader.
sessions/queryparam
Package queryparam provides a query param based implementation of a both as session store and loader.
Package queryparam provides a query param based implementation of a both as session store and loader.
signal
Package signal provides mechanism for notifying multiple listeners when something happened.
Package signal provides mechanism for notifying multiple listeners when something happened.
telemetry
Package telemetry contains metrics and tracing constructs
Package telemetry contains metrics and tracing constructs
telemetry/metrics
Package metrics contains support for OpenCensus distributed metrics.
Package metrics contains support for OpenCensus distributed metrics.
telemetry/requestid
Package requestid has functions for working with x-request-id in http/gRPC requests.
Package requestid has functions for working with x-request-id in http/gRPC requests.
telemetry/trace
Package trace contains support for OpenCensus distributed tracing.
Package trace contains support for OpenCensus distributed tracing.
testutil
Package testutil contains helper functions for unit tests.
Package testutil contains helper functions for unit tests.
tripper
Package tripper provides utility functions for working with the http.RoundTripper interface.
Package tripper provides utility functions for working with the http.RoundTripper interface.
urlutil
Package urlutil provides utility functions for working with go urls.
Package urlutil provides utility functions for working with go urls.
version
Package version enables setting build-time version using ldflags.
Package version enables setting build-time version using ldflags.
pkg
cryptutil
Package cryptutil provides cryptographic utility functions, complementing the lower level abstractions found in the standard library.
Package cryptutil provides cryptographic utility functions, complementing the lower level abstractions found in the standard library.
grpc
Package grpc provides gRPC utility functions, complementing the more common ones in the github.com/grpc/grpc-go package
Package grpc provides gRPC utility functions, complementing the more common ones in the github.com/grpc/grpc-go package
grpc/databroker
Package databroker contains databroker protobuf definitions.
Package databroker contains databroker protobuf definitions.
grpc/directory
Package directory contains protobuf types for directory users.
Package directory contains protobuf types for directory users.
grpc/session
Package session contains protobuf types for sessions.
Package session contains protobuf types for sessions.
grpc/user
Package user contains protobuf types for users.
Package user contains protobuf types for users.
grpcutil
Package grpcutil contains functions for interacting with gRPC.
Package grpcutil contains functions for interacting with gRPC.
storage
Package storage provide generic interface to interact with storage backend.
Package storage provide generic interface to interact with storage backend.
storage/inmemory
Package inmemory is the in-memory database using b-trees.
Package inmemory is the in-memory database using b-trees.
storage/redis
Package redis is the redis database, implements storage.Backend interface.
Package redis is the redis database, implements storage.Backend interface.
Package proxy is a pomerium service that provides reverse proxying of internal routes.
Package proxy is a pomerium service that provides reverse proxying of internal routes.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL