config

package
v0.386.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 23, 2024 License: AGPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// 24 hours is the default access token expiry period
	DefaultAccessTokenExpiry time.Duration = time.Hour * 24
	// 3 months is the default refresh token expiry period
	DefaultRefreshTokenExpiry time.Duration = time.Hour * 24 * 90
)
View Source 
const (
	GoogleProvider        = "google"
	FacebookProvider      = "facebook"
	GitLabProvider        = "gitlab"
	SlackProvider         = "slack"
	OpenIdConnectProvider = "oidc"
	OAuthProvider         = "oauth"
)
View Source 
const (
	ConfigDuplicateErrorString                       = "environment variable %s has a duplicate set in environment: %s"
	ConfigRequiredErrorString                        = "environment variable %s is required but not defined in the following environments: %s"
	ConfigIncorrectNamingErrorString                 = "%s must be written in upper snakecase"
	ConfigReservedNameErrorString                    = "environment variable %s cannot start with %s as it is reserved"
	ConfigAuthTokenExpiryMustBePositive              = "%s token lifespan cannot be negative or zero for field: %s"
	ConfigAuthProviderInvalidName                    = "auth provider name '%s' must only include alphanumeric characters and underscores, and cannot start with a number"
	ConfigAuthProviderReservedPrefex                 = "cannot use reserved 'keel_' prefix in auth provider name: %s"
	ConfigAuthProviderMissingFieldAtIndexErrorString = "auth provider at index %v is missing field: %s"
	ConfigAuthProviderMissingFieldErrorString        = "auth provider '%s' is missing field: %s"
	ConfigAuthProviderInvalidTypeErrorString         = "auth provider '%s' has invalid type '%s' which must be one of: %s"
	ConfigAuthProviderDuplicateErrorString           = "auth provider name '%s' has been defined more than once, but must be unique"
	ConfigAuthProviderInvalidHttpUrlErrorString      = "auth provider '%s' has missing or invalid https url for field: %s"
	ConfigAuthInvalidRedirectUrlErrorString          = "auth redirectUrl '%s' is not a valid url"
)
View Source 
const Empty = ""
View Source 
const ProviderSecretPrefix = "AUTH_PROVIDER_SECRET_"
View Source 
const ReservedProviderNamePrefix = "keel_"

Variables

View Source 
var (
	SupportedProviderTypes = []string{
		GoogleProvider,
		FacebookProvider,
		GitLabProvider,
		SlackProvider,
		OpenIdConnectProvider,
	}
)

Functions

This section is empty.

Types

type AuthConfig added in v0.372.0 

type AuthConfig struct {
	Tokens      TokensConfig    `yaml:"tokens"`
	RedirectUrl *string         `yaml:"redirectUrl,omitempty"`
	Providers   []Provider      `yaml:"providers"`
	Claims      []IdentityClaim `yaml:"claims"`
}

func (*AuthConfig) AccessTokenExpiry added in v0.372.0 

func (c *AuthConfig) AccessTokenExpiry() time.Duration

AccessTokenExpiry retrieves the configured or default access token expiry

func (*AuthConfig) AddOidcProvider added in v0.373.0 

func (c *AuthConfig) AddOidcProvider(name string, issuerUrl string, clientId string) error

AddOidcProvider adds an OpenID Connect provider to the list of supported authentication providers

func (*AuthConfig) GetOAuthProviders added in v0.372.0 

func (c *AuthConfig) GetOAuthProviders() []Provider

func (*AuthConfig) GetOidcProviders added in v0.372.0 

func (c *AuthConfig) GetOidcProviders() []Provider

GetOidcProviders returns all OpenID Connect compatible authentication providers

func (*AuthConfig) GetOidcProvidersByIssuer added in v0.372.0 

func (c *AuthConfig) GetOidcProvidersByIssuer(issuer string) ([]Provider, error)

GetOidcProvidersByIssuer gets all OpenID Connect providers by issuer url. It's possible that multiple providers from the same issuer are configured.

func (*AuthConfig) GetProvider added in v0.373.0 

func (c *AuthConfig) GetProvider(name string) *Provider

GetProvider retrieves the provider by its name (case insensitive)

func (*AuthConfig) RefreshTokenExpiry added in v0.372.0 

func (c *AuthConfig) RefreshTokenExpiry() time.Duration

RefreshTokenExpiry retrieves the configured or default refresh token expiry

func (*AuthConfig) RefreshTokenRotationEnabled added in v0.372.0 

func (c *AuthConfig) RefreshTokenRotationEnabled() bool

RefreshTokenRotationEnabled retrieves the configured or default refresh token rotation

type ConfigError 

type ConfigError struct {
	Type    string `json:"type,omitempty"`
	Message string `json:"message,omitempty"`
}

func (ConfigError) Error 

func (c ConfigError) Error() string

type ConfigErrors 

type ConfigErrors struct {
	Errors []*ConfigError `json:"errors"`
}

func Validate 

func Validate(config *ProjectConfig) *ConfigErrors

func (ConfigErrors) Error 

func (c ConfigErrors) Error() string

type EnvironmentConfig 

type EnvironmentConfig struct {
	Default     []Input `yaml:"default"`
	Development []Input `yaml:"development"`
	Staging     []Input `yaml:"staging"`
	Production  []Input `yaml:"production"`
	Test        []Input `yaml:"test"`
}

EnvironmentConfig is the configuration for a keel environment default, staging, production

type IdentityClaim added in v0.386.0 

type IdentityClaim struct {
	Key   string `yaml:"key"`
	Field string `yaml:"field"`
}

type Input 

type Input struct {
	Name     string   `yaml:"name"`
	Value    string   `yaml:"value,omitempty"`
	Required []string `yaml:"required,omitempty"`
}

Input is the configuration for a keel environment variable or secret

type ProjectConfig 

type ProjectConfig struct {
	Environment   EnvironmentConfig `yaml:"environment"`
	UseDefaultApi *bool             `yaml:"useDefaultApi,omitempty"`
	Secrets       []Input           `yaml:"secrets"`
	Auth          AuthConfig        `yaml:"auth"`
	DisableAuth   bool              `yaml:"disableKeelAuth"`
}

ProjectConfig is the configuration for a keel project

func Load 

func Load(dir string) (*ProjectConfig, error)

func LoadFromBytes 

func LoadFromBytes(data []byte) (*ProjectConfig, error)

func (*ProjectConfig) AllEnvironmentVariables 

func (c *ProjectConfig) AllEnvironmentVariables() []string

AllEnvironmentVariables returns a slice of all of the unique environment variable key names defined across all environments

func (*ProjectConfig) AllSecrets 

func (c *ProjectConfig) AllSecrets() []string

func (*ProjectConfig) DefaultApi added in v0.377.0 

func (c *ProjectConfig) DefaultApi() bool

DefaultApi provides the value of useDefaultApi from the config or a default value of true if no value is specified in the config

func (*ProjectConfig) GetEnvVars 

func (p *ProjectConfig) GetEnvVars(env string) map[string]string

func (*ProjectConfig) ValidateSecrets 

func (c *ProjectConfig) ValidateSecrets(localSecrets map[string]string) (bool, []string)

type Provider added in v0.372.0 

type Provider struct {
	Type             string `yaml:"type"`
	Name             string `yaml:"name"`
	ClientId         string `yaml:"clientId"`
	IssuerUrl        string `yaml:"issuerUrl"`
	TokenUrl         string `yaml:"tokenUrl"`
	AuthorizationUrl string `yaml:"authorizationUrl"`
}

func (*Provider) GetAuthorizationUrl added in v0.372.0 

func (p *Provider) GetAuthorizationUrl() (string, bool)

func (*Provider) GetAuthorizeUrl added in v0.373.0 

func (p *Provider) GetAuthorizeUrl() (*url.URL, error)

GetAuthorizeUrl retrieves the authorize URL for this provider

func (*Provider) GetCallbackUrl added in v0.373.0 

func (p *Provider) GetCallbackUrl() (*url.URL, error)

GetCallbackUrl retrieves the callback URL for this provider

func (*Provider) GetClientSecretName added in v0.373.0 

func (p *Provider) GetClientSecretName() string

GetClientSecret generates the name of the client secret

func (*Provider) GetIssuerUrl added in v0.373.0 

func (p *Provider) GetIssuerUrl() (string, bool)

GetIssuerUrl retrieves the issuer URL for the provider

func (*Provider) GetTokenUrl added in v0.372.0 

func (p *Provider) GetTokenUrl() (string, bool)

type TokensConfig added in v0.372.0 

type TokensConfig struct {
	AccessTokenExpiry           *int  `yaml:"accessTokenExpiry,omitempty"`
	RefreshTokenExpiry          *int  `yaml:"refreshTokenExpiry,omitempty"`
	RefreshTokenRotationEnabled *bool `yaml:"refreshTokenRotationEnabled,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.