Documentation
¶
Index ¶
- Constants
- Variables
- type AuthConfig
- func (c *AuthConfig) AccessTokenExpiry() time.Duration
- func (c *AuthConfig) AddOidcProvider(name string, issuerUrl string, clientId string) error
- func (c *AuthConfig) EnabledHooks() []FunctionHook
- func (c *AuthConfig) GetOidcProviders() []Provider
- func (c *AuthConfig) GetOidcProvidersByIssuer(issuer string) ([]Provider, error)
- func (c *AuthConfig) GetProvider(name string) *Provider
- func (c *AuthConfig) RefreshTokenExpiry() time.Duration
- func (c *AuthConfig) RefreshTokenRotationEnabled() bool
- type ConfigError
- type ConfigErrors
- type ConfigFile
- type EnvironmentVariable
- type FunctionHook
- type IdentityClaim
- type Position
- type ProjectConfig
- func (c *ProjectConfig) AllEnvironmentVariables() []string
- func (c *ProjectConfig) AllSecrets() []string
- func (c *ProjectConfig) DefaultApi() bool
- func (p *ProjectConfig) GetEnvVars() map[string]string
- func (c *ProjectConfig) UsesAuthHook(hook FunctionHook) bool
- func (c *ProjectConfig) ValidateSecrets(localSecrets map[string]string) (bool, []string)
- type Provider
- func (p *Provider) GetAuthorizationUrl() (string, bool)
- func (p *Provider) GetAuthorizeUrl() (*url.URL, error)
- func (p *Provider) GetCallbackUrl() (*url.URL, error)
- func (p *Provider) GetClientSecretName() string
- func (p *Provider) GetIssuerUrl() (string, bool)
- func (p *Provider) GetTokenUrl() (string, bool)
- type Secret
- type TokensConfig
- type ValidationFunc
Constants ¶
View Source
const ( // 24 hours is the default access token expiry period DefaultAccessTokenExpiry time.Duration = time.Hour * 24 // 3 months is the default refresh token expiry period DefaultRefreshTokenExpiry time.Duration = time.Hour * 24 * 90 )
View Source
const ( GoogleProvider = "google" FacebookProvider = "facebook" GitLabProvider = "gitlab" SlackProvider = "slack" OpenIdConnectProvider = "oidc" )
View Source
const ( ConfigAuthProviderInvalidName = "auth provider name '%s' must only include alphanumeric characters and underscores, and cannot start with a number" ConfigAuthProviderDuplicateErrorString = "auth provider name '%s' has been defined more than once, but must be unique" )
View Source
const Empty = ""
View Source
const ProviderSecretPrefix = "AUTH_PROVIDER_SECRET_"
View Source
const ReservedProviderNamePrefix = "keel_"
Variables ¶
View Source
var ReservedPrefixes = []string{"KEEL_", "OTEL_", "AWS_"}
View Source
var ( SupportedProviderTypes = []string{ GoogleProvider, FacebookProvider, GitLabProvider, SlackProvider, OpenIdConnectProvider, } )
Functions ¶
This section is empty.
Types ¶
type AuthConfig ¶ added in v0.372.0
type AuthConfig struct {
Tokens TokensConfig `yaml:"tokens"`
RedirectUrl *string `yaml:"redirectUrl,omitempty"`
Providers []Provider `yaml:"providers"`
Claims []IdentityClaim `yaml:"claims"`
Hooks []FunctionHook `yaml:"hooks"`
}
func (*AuthConfig) AccessTokenExpiry ¶ added in v0.372.0
func (c *AuthConfig) AccessTokenExpiry() time.Duration
AccessTokenExpiry retrieves the configured or default access token expiry
func (*AuthConfig) AddOidcProvider ¶ added in v0.373.0
func (c *AuthConfig) AddOidcProvider(name string, issuerUrl string, clientId string) error
AddOidcProvider adds an OpenID Connect provider to the list of supported authentication providers
func (*AuthConfig) EnabledHooks ¶ added in v0.389.0
func (c *AuthConfig) EnabledHooks() []FunctionHook
func (*AuthConfig) GetOidcProviders ¶ added in v0.372.0
func (c *AuthConfig) GetOidcProviders() []Provider
GetOidcProviders returns all OpenID Connect compatible authentication providers
func (*AuthConfig) GetOidcProvidersByIssuer ¶ added in v0.372.0
func (c *AuthConfig) GetOidcProvidersByIssuer(issuer string) ([]Provider, error)
GetOidcProvidersByIssuer gets all OpenID Connect providers by issuer url. It's possible that multiple providers from the same issuer are configured.
func (*AuthConfig) GetProvider ¶ added in v0.373.0
func (c *AuthConfig) GetProvider(name string) *Provider
GetProvider retrieves the provider by its name (case insensitive)
func (*AuthConfig) RefreshTokenExpiry ¶ added in v0.372.0
func (c *AuthConfig) RefreshTokenExpiry() time.Duration
RefreshTokenExpiry retrieves the configured or default refresh token expiry
func (*AuthConfig) RefreshTokenRotationEnabled ¶ added in v0.372.0
func (c *AuthConfig) RefreshTokenRotationEnabled() bool
RefreshTokenRotationEnabled retrieves the configured or default refresh token rotation
type ConfigError ¶
type ConfigError struct {
Filename string `json:"filename"`
Type string `json:"type"`
Message string `json:"message,omitempty"`
Field string `json:"field"`
Pos *Position `json:"pos"`
EndPos *Position `json:"endPos"`
AnnotatedSource string `json:"-"`
}
func (ConfigError) Error ¶
func (c ConfigError) Error() string
type ConfigErrors ¶
type ConfigErrors struct {
Errors []*ConfigError `json:"errors"`
}
func ToConfigErrors ¶ added in v0.396.0
func ToConfigErrors(err error) *ConfigErrors
func (ConfigErrors) Error ¶
func (c ConfigErrors) Error() string
type ConfigFile ¶ added in v0.396.0
type ConfigFile struct {
Filename string
Env string
Config *ProjectConfig
Errors *ConfigErrors
}
func LoadAll ¶ added in v0.396.0
func LoadAll(dir string) ([]*ConfigFile, error)
type EnvironmentVariable ¶ added in v0.396.0
EnvironmentVariable is the configuration for a keel environment variable or secret
type FunctionHook ¶ added in v0.389.0
type FunctionHook string
const ( HookAfterAuthentication FunctionHook = "afterAuthentication" HookAfterIdentityCreated FunctionHook = "afterIdentityCreated" )
type IdentityClaim ¶ added in v0.386.0
type ProjectConfig ¶
type ProjectConfig struct {
Environment []EnvironmentVariable `yaml:"environment"`
UseDefaultApi *bool `yaml:"useDefaultApi,omitempty"`
Secrets []Secret `yaml:"secrets"`
Auth AuthConfig `yaml:"auth"`
DisableAuth bool `yaml:"disableKeelAuth"`
}
ProjectConfig is the configuration for a keel project
func Load ¶
func Load(dir string) (*ProjectConfig, error)
func LoadFromBytes ¶
func LoadFromBytes(data []byte, filename string) (*ProjectConfig, error)
func (*ProjectConfig) AllEnvironmentVariables ¶
func (c *ProjectConfig) AllEnvironmentVariables() []string
AllEnvironmentVariables returns a slice of all of the unique environment variable key names defined across all environments
func (*ProjectConfig) AllSecrets ¶
func (c *ProjectConfig) AllSecrets() []string
func (*ProjectConfig) DefaultApi ¶ added in v0.377.0
func (c *ProjectConfig) DefaultApi() bool
DefaultApi provides the value of useDefaultApi from the config or a default value of true if no value is specified in the config
func (*ProjectConfig) GetEnvVars ¶
func (p *ProjectConfig) GetEnvVars() map[string]string
func (*ProjectConfig) UsesAuthHook ¶ added in v0.389.0
func (c *ProjectConfig) UsesAuthHook(hook FunctionHook) bool
func (*ProjectConfig) ValidateSecrets ¶
func (c *ProjectConfig) ValidateSecrets(localSecrets map[string]string) (bool, []string)
type Provider ¶ added in v0.372.0
type Provider struct {
Type string `yaml:"type"`
Name string `yaml:"name"`
ClientId string `yaml:"clientId"`
IssuerUrl string `yaml:"issuerUrl"`
TokenUrl string `yaml:"tokenUrl"`
AuthorizationUrl string `yaml:"authorizationUrl"`
}
func (*Provider) GetAuthorizationUrl ¶ added in v0.372.0
func (*Provider) GetAuthorizeUrl ¶ added in v0.373.0
GetAuthorizeUrl retrieves the authorize URL for this provider
func (*Provider) GetCallbackUrl ¶ added in v0.373.0
GetCallbackUrl retrieves the callback URL for this provider
func (*Provider) GetClientSecretName ¶ added in v0.373.0
GetClientSecret generates the name of the client secret
func (*Provider) GetIssuerUrl ¶ added in v0.373.0
GetIssuerUrl retrieves the issuer URL for the provider
func (*Provider) GetTokenUrl ¶ added in v0.372.0
type TokensConfig ¶ added in v0.372.0
type ValidationFunc ¶ added in v0.396.0
type ValidationFunc func(c *ProjectConfig) []*ConfigError
Source Files
Click to show internal directories.
Click to hide internal directories.