Affected by 
Documentation
¶
Overview ¶
Package httputil provides HTTP utility functions, complementing the more common ones in the net/http package
Index ¶
- Constants
- Variables
- func CSRFFailureHandler(w http.ResponseWriter, r *http.Request) error
- func Client(ctx context.Context, method, endpoint, userAgent string, ...) error
- func HealthCheck(w http.ResponseWriter, r *http.Request)
- func NewError(status int, err error) error
- func NewRouter() *mux.Router
- func NewServer(opt *ServerOptions, h http.Handler, wg *sync.WaitGroup) (*http.Server, error)
- func PomeriumJWTHeaderName(claim string) string
- func Redirect(w http.ResponseWriter, r *http.Request, url string, code int)
- func RedirectHandler() http.Handler
- func RenderJSON(w http.ResponseWriter, code int, v interface{})
- func Shutdown(srv *http.Server)
- type HTTPError
- type HandlerFunc
- type ServerOptions
Constants ¶
const ( // HeaderPomeriumResponse is set when pomerium itself creates a response, // as opposed to the upstream application and can be used to distinguish // between an application error, and a pomerium related error when debugging. // Especially useful when working with single page apps (SPA). HeaderPomeriumResponse = "x-pomerium-intercepted-response" // HeaderPomeriumJWTAssertion is the header key containing JWT signed user details. HeaderPomeriumJWTAssertion = "x-pomerium-jwt-assertion" )
Pomerium headers contain information added to a request.
const ( HeaderForwardedFor = "X-Forwarded-For" HeaderForwardedHost = "X-Forwarded-Host" HeaderForwardedMethod = "X-Forwarded-Method" // traefik HeaderForwardedPort = "X-Forwarded-Port" HeaderForwardedProto = "X-Forwarded-Proto" HeaderForwardedServer = "X-Forwarded-Server" HeaderForwardedURI = "X-Forwarded-Uri" // traefik HeaderOriginalMethod = "X-Original-Method" // nginx HeaderOriginalURL = "X-Original-Url" // nginx HeaderRealIP = "X-Real-Ip" HeaderSentFrom = "X-Sent-From" )
Forward headers contains information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
https://tools.ietf.org/html/rfc7239 https://en.wikipedia.org/wiki/X-Forwarded-For
const AuthorizationTypePomerium = "Pomerium"
AuthorizationTypePomerium is for Authorization: Pomerium JWT... headers
const (
HeaderReferrer = "Referer"
)
Standard headers
const StatusInvalidClientCertificate = 495
StatusInvalidClientCertificate is the status code returned when a client's certificate is invalid. This is the same status code used by nginx for this purpose.
Variables ¶
var DefaultClient = &httpClient{ &http.Client{Timeout: 1 * time.Minute}, requestid.NewRoundTripper(http.DefaultTransport), }
DefaultClient avoids leaks by setting an upper limit for timeouts.
var ErrTokenRevoked = errors.New("token expired or revoked")
ErrTokenRevoked signifies a token revokation or expiration error
var HeadersContentSecurityPolicy = map[string]string{
"Content-Security-Policy": "default-src 'none'; style-src 'self' data:; img-src * data:;",
"Referrer-Policy": "Same-origin",
}
HeadersContentSecurityPolicy are the content security headers added to the service's handlers by default includes profile photo exceptions for supported identity providers. https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
var HeadersXForwarded = []string{ HeaderForwardedFor, HeaderForwardedHost, HeaderForwardedMethod, HeaderForwardedPort, HeaderForwardedProto, HeaderForwardedServer, HeaderForwardedURI, HeaderOriginalMethod, HeaderOriginalURL, HeaderRealIP, HeaderSentFrom, }
HeadersXForwarded is the slice of the header keys used to contain information from the client-facing side of proxy servers that is altered or lost when a proxy is involved in the path of the request.
https://tools.ietf.org/html/rfc7239 https://en.wikipedia.org/wiki/X-Forwarded-For
Functions ¶
func CSRFFailureHandler ¶ added in v0.4.0
func CSRFFailureHandler(w http.ResponseWriter, r *http.Request) error
CSRFFailureHandler sets a HTTP 403 Forbidden status and writes the CSRF failure reason to the response.
func Client ¶
func Client(ctx context.Context, method, endpoint, userAgent string, headers map[string]string, params url.Values, response interface{}) error
Client provides a simple helper interface to make HTTP requests
func HealthCheck ¶ added in v0.4.0
func HealthCheck(w http.ResponseWriter, r *http.Request)
HealthCheck is a simple healthcheck handler that responds to GET and HEAD http requests.
func NewServer ¶ added in v0.4.0
NewServer creates a new HTTP server given a set of options, handler, and waitgroup. It is the callers responsibility to close the resturned server.
func PomeriumJWTHeaderName ¶ added in v0.10.0
PomeriumJWTHeaderName returns the header name set by pomerium for given JWT claim field.
func Redirect ¶ added in v0.5.0
Redirect wraps the std libs's redirect method indicating that pomerium is the origin of the response.
func RedirectHandler ¶ added in v0.2.0
RedirectHandler takes an incoming request and redirects to its HTTPS counterpart
func RenderJSON ¶ added in v0.11.0
func RenderJSON(w http.ResponseWriter, code int, v interface{})
RenderJSON replies to the request with the specified struct as JSON and HTTP code. It does not otherwise end the request; the caller should ensure no further writes are done to w. The error message should be application/json.
func Shutdown ¶ added in v0.2.0
Shutdown attempts to shut down the server when a os interrupt or sigterm signal are received without interrupting any active connections. Shutdown works by first closing all open listeners, then closing all idle connections, and then waiting indefinitely for connections to return to idle and then shut down. If the provided context expires before the shutdown is complete, Shutdown returns the context's error, otherwise it returns any error returned from closing the Server's underlying Listener(s).
When Shutdown is called, Serve, ListenAndServe, and ListenAndServeTLS immediately return ErrServerClosed.
Types ¶
type HTTPError ¶
type HTTPError struct {
// HTTP status codes as registered with IANA.
Status int
// Err is the wrapped error
Err error
}
HTTPError contains an HTTP status code and wrapped error.
func (*HTTPError) ErrorResponse ¶ added in v0.6.0
func (e *HTTPError) ErrorResponse(w http.ResponseWriter, r *http.Request)
ErrorResponse replies to the request with the specified error message and HTTP code. It does not otherwise end the request; the caller should ensure no further writes are done to w.
type HandlerFunc ¶ added in v0.6.0
type HandlerFunc func(http.ResponseWriter, *http.Request) error
The HandlerFunc type is an adapter to allow the use of ordinary functions as HTTP handlers. If f is a function with the appropriate signature, HandlerFunc(f) is a Handler that calls f.
adapted from std library to suppport error wrapping
func (HandlerFunc) ServeHTTP ¶ added in v0.6.0
func (f HandlerFunc) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP calls f(w, r) error.
type ServerOptions ¶ added in v0.2.0
type ServerOptions struct {
// Addr specifies the host and port on which the server should serve
// HTTPS requests. If empty, ":443" is used.
Addr string
// TLSConfig is the tls configuration used to setup the HTTPS server.
TLSConfig *tls.Config
// InsecureServer when enabled disables all transport security.
// In this mode, Pomerium is susceptible to man-in-the-middle attacks.
// This should be used only for testing.
Insecure bool
// Service is an optional field that helps define what the server's role is.
Service string
// Timeouts
ReadHeaderTimeout time.Duration
ReadTimeout time.Duration
WriteTimeout time.Duration
IdleTimeout time.Duration
}
ServerOptions contains the configurations settings for a http server.
Source Files