Documentation ¶
Index ¶
- Constants
- Variables
- type AuthConfig
- func (c *AuthConfig) AccessTokenExpiry() time.Duration
- func (c *AuthConfig) AddOidcProvider(name string, issuerUrl string, clientId string) error
- func (c *AuthConfig) GetOAuthProviders() []Provider
- func (c *AuthConfig) GetOidcProviders() []Provider
- func (c *AuthConfig) GetOidcProvidersByIssuer(issuer string) ([]Provider, error)
- func (c *AuthConfig) GetProvider(name string) *Provider
- func (c *AuthConfig) RefreshTokenExpiry() time.Duration
- func (c *AuthConfig) RefreshTokenRotationEnabled() bool
- type ConfigError
- type ConfigErrors
- type EnvironmentConfig
- type IdentityClaim
- type Input
- type ProjectConfig
- func (c *ProjectConfig) AllEnvironmentVariables() []string
- func (c *ProjectConfig) AllSecrets() []string
- func (c *ProjectConfig) DefaultApi() bool
- func (p *ProjectConfig) GetEnvVars(env string) map[string]string
- func (c *ProjectConfig) ValidateSecrets(localSecrets map[string]string) (bool, []string)
- type Provider
- func (p *Provider) GetAuthorizationUrl() (string, bool)
- func (p *Provider) GetAuthorizeUrl() (*url.URL, error)
- func (p *Provider) GetCallbackUrl() (*url.URL, error)
- func (p *Provider) GetClientSecretName() string
- func (p *Provider) GetIssuerUrl() (string, bool)
- func (p *Provider) GetTokenUrl() (string, bool)
- type TokensConfig
Constants ¶
const ( // 24 hours is the default access token expiry period DefaultAccessTokenExpiry time.Duration = time.Hour * 24 // 3 months is the default refresh token expiry period DefaultRefreshTokenExpiry time.Duration = time.Hour * 24 * 90 )
const ( GoogleProvider = "google" FacebookProvider = "facebook" GitLabProvider = "gitlab" SlackProvider = "slack" OpenIdConnectProvider = "oidc" OAuthProvider = "oauth" )
const ( ConfigDuplicateErrorString = "environment variable %s has a duplicate set in environment: %s" ConfigRequiredErrorString = "environment variable %s is required but not defined in the following environments: %s" ConfigIncorrectNamingErrorString = "%s must be written in upper snakecase" ConfigReservedNameErrorString = "environment variable %s cannot start with %s as it is reserved" ConfigAuthTokenExpiryMustBePositive = "%s token lifespan cannot be negative or zero for field: %s" ConfigAuthProviderInvalidName = "auth provider name '%s' must only include alphanumeric characters and underscores, and cannot start with a number" ConfigAuthProviderReservedPrefex = "cannot use reserved 'keel_' prefix in auth provider name: %s" ConfigAuthProviderMissingFieldAtIndexErrorString = "auth provider at index %v is missing field: %s" ConfigAuthProviderMissingFieldErrorString = "auth provider '%s' is missing field: %s" ConfigAuthProviderInvalidTypeErrorString = "auth provider '%s' has invalid type '%s' which must be one of: %s" ConfigAuthProviderDuplicateErrorString = "auth provider name '%s' has been defined more than once, but must be unique" ConfigAuthProviderInvalidHttpUrlErrorString = "auth provider '%s' has missing or invalid https url for field: %s" ConfigAuthInvalidRedirectUrlErrorString = "auth redirectUrl '%s' is not a valid url" )
const Empty = ""
const ProviderSecretPrefix = "AUTH_PROVIDER_SECRET_"
const ReservedProviderNamePrefix = "keel_"
Variables ¶
var ( SupportedProviderTypes = []string{ GoogleProvider, FacebookProvider, GitLabProvider, SlackProvider, OpenIdConnectProvider, } )
Functions ¶
This section is empty.
Types ¶
type AuthConfig ¶ added in v0.372.0
type AuthConfig struct { Tokens TokensConfig `yaml:"tokens"` RedirectUrl *string `yaml:"redirectUrl,omitempty"` Providers []Provider `yaml:"providers"` Claims []IdentityClaim `yaml:"claims"` }
func (*AuthConfig) AccessTokenExpiry ¶ added in v0.372.0
func (c *AuthConfig) AccessTokenExpiry() time.Duration
AccessTokenExpiry retrieves the configured or default access token expiry
func (*AuthConfig) AddOidcProvider ¶ added in v0.373.0
func (c *AuthConfig) AddOidcProvider(name string, issuerUrl string, clientId string) error
AddOidcProvider adds an OpenID Connect provider to the list of supported authentication providers
func (*AuthConfig) GetOAuthProviders ¶ added in v0.372.0
func (c *AuthConfig) GetOAuthProviders() []Provider
func (*AuthConfig) GetOidcProviders ¶ added in v0.372.0
func (c *AuthConfig) GetOidcProviders() []Provider
GetOidcProviders returns all OpenID Connect compatible authentication providers
func (*AuthConfig) GetOidcProvidersByIssuer ¶ added in v0.372.0
func (c *AuthConfig) GetOidcProvidersByIssuer(issuer string) ([]Provider, error)
GetOidcProvidersByIssuer gets all OpenID Connect providers by issuer url. It's possible that multiple providers from the same issuer are configured.
func (*AuthConfig) GetProvider ¶ added in v0.373.0
func (c *AuthConfig) GetProvider(name string) *Provider
GetProvider retrieves the provider by its name (case insensitive)
func (*AuthConfig) RefreshTokenExpiry ¶ added in v0.372.0
func (c *AuthConfig) RefreshTokenExpiry() time.Duration
RefreshTokenExpiry retrieves the configured or default refresh token expiry
func (*AuthConfig) RefreshTokenRotationEnabled ¶ added in v0.372.0
func (c *AuthConfig) RefreshTokenRotationEnabled() bool
RefreshTokenRotationEnabled retrieves the configured or default refresh token rotation
type ConfigError ¶
type ConfigError struct { Type string `json:"type,omitempty"` Message string `json:"message,omitempty"` }
func (ConfigError) Error ¶
func (c ConfigError) Error() string
type ConfigErrors ¶
type ConfigErrors struct {
Errors []*ConfigError `json:"errors"`
}
func Validate ¶
func Validate(config *ProjectConfig) *ConfigErrors
func (ConfigErrors) Error ¶
func (c ConfigErrors) Error() string
type EnvironmentConfig ¶
type EnvironmentConfig struct { Default []Input `yaml:"default"` Development []Input `yaml:"development"` Staging []Input `yaml:"staging"` Production []Input `yaml:"production"` Test []Input `yaml:"test"` }
EnvironmentConfig is the configuration for a keel environment default, staging, production
type IdentityClaim ¶ added in v0.386.0
type Input ¶
type Input struct { Name string `yaml:"name"` Value string `yaml:"value,omitempty"` Required []string `yaml:"required,omitempty"` }
Input is the configuration for a keel environment variable or secret
type ProjectConfig ¶
type ProjectConfig struct { Environment EnvironmentConfig `yaml:"environment"` UseDefaultApi *bool `yaml:"useDefaultApi,omitempty"` Secrets []Input `yaml:"secrets"` Auth AuthConfig `yaml:"auth"` DisableAuth bool `yaml:"disableKeelAuth"` }
ProjectConfig is the configuration for a keel project
func Load ¶
func Load(dir string) (*ProjectConfig, error)
func LoadFromBytes ¶
func LoadFromBytes(data []byte) (*ProjectConfig, error)
func (*ProjectConfig) AllEnvironmentVariables ¶
func (c *ProjectConfig) AllEnvironmentVariables() []string
AllEnvironmentVariables returns a slice of all of the unique environment variable key names defined across all environments
func (*ProjectConfig) AllSecrets ¶
func (c *ProjectConfig) AllSecrets() []string
func (*ProjectConfig) DefaultApi ¶ added in v0.377.0
func (c *ProjectConfig) DefaultApi() bool
DefaultApi provides the value of useDefaultApi from the config or a default value of true if no value is specified in the config
func (*ProjectConfig) GetEnvVars ¶
func (p *ProjectConfig) GetEnvVars(env string) map[string]string
func (*ProjectConfig) ValidateSecrets ¶
func (c *ProjectConfig) ValidateSecrets(localSecrets map[string]string) (bool, []string)
type Provider ¶ added in v0.372.0
type Provider struct { Type string `yaml:"type"` Name string `yaml:"name"` ClientId string `yaml:"clientId"` IssuerUrl string `yaml:"issuerUrl"` TokenUrl string `yaml:"tokenUrl"` AuthorizationUrl string `yaml:"authorizationUrl"` }
func (*Provider) GetAuthorizationUrl ¶ added in v0.372.0
func (*Provider) GetAuthorizeUrl ¶ added in v0.373.0
GetAuthorizeUrl retrieves the authorize URL for this provider
func (*Provider) GetCallbackUrl ¶ added in v0.373.0
GetCallbackUrl retrieves the callback URL for this provider
func (*Provider) GetClientSecretName ¶ added in v0.373.0
GetClientSecret generates the name of the client secret
func (*Provider) GetIssuerUrl ¶ added in v0.373.0
GetIssuerUrl retrieves the issuer URL for the provider