Documentation ¶
Index ¶
- Constants
- Variables
- func Configure()
- func DecryptionKey() (interface{}, error)
- func Get(key string) string
- func InitForTestPurposes()
- func InitForTestPurposesWithProvider(provider string)
- func SigningKey() (interface{}, error)
- func TLSConfig(profile string) *tls.Config
- func UnmarshalKey(key string, rawVal interface{}) error
- func ValidateConfiguration() error
- type Config
- type OAuthProviders
Constants ¶
const ( // ErrCtxKey set or check the http request context to see if it has errored // see `responses.Error401` and `jwtmanager.JWTCacheHandler` for example ErrCtxKey ctxKey = 0 )
Variables ¶
var ( // Branding that's our name Branding = branding{"vouch", "VOUCH", "Vouch", "Vouch Proxy", "https://github.com/vouch/vouch-proxy"} // RootDir is where Vouch Proxy looks for ./config/config.yml and ./data RootDir string // CmdLine command line arguments CmdLine = &cmdLineFlags{ IsHealthCheck: flag.Bool("healthcheck", false, "invoke healthcheck (check process return value)"), port: flag.Int("port", -1, "port"), configFile: flag.String("config", "", "specify alternate config.yml file as command line arg"), logLevel: zap.LevelFlag("loglevel", cmdLineLoggingDefault, "set log level to one of: panic, error, warn, info, debug"), logTest: flag.Bool("logtest", false, "print a series of log messages and exit (used for testing)"), } // Cfg the main exported config variable Cfg = &Config{} // IsHealthCheck see main.go IsHealthCheck = false // Templates are loaded from the file system with a go:embed directive in main.go Templates embed.FS // Defaults are loaded from the file system with a go:embed directive in main.go Defaults embed.FS )
var ( // GenOAuth exported OAuth config variable // TODO: GenOAuth and OAuthClient should be combined GenOAuth = &oauthConfig{} // OAuthClient is the configured client which will call the provider // this actually carries the oauth2 client ala oauthclient.Client(oauth2.NoContext, providerToken) OAuthClient *oauth2.Config // OAuthopts authentication options OAuthopts oauth2.AuthCodeOption // Providers static strings to test against Providers = &OAuthProviders{ Google: "google", GitHub: "github", IndieAuth: "indieauth", ADFS: "adfs", Azure: "azure", OIDC: "oidc", HomeAssistant: "homeassistant", OpenStax: "openstax", Nextcloud: "nextcloud", Alibaba: "alibaba", } )
var ( // Logging is the public interface to logging Logging = &logging{ AtomicLogLevel: zap.NewAtomicLevel(), DefaultLogLevel: zap.InfoLevel, } )
Functions ¶
func Configure ¶ added in v0.9.0
func Configure()
Configure called at the very top of main() the order of config follows the Viper conventions...
The priority of the sources is the following: 1. command line flags 2. env. variables 3. config file 4. defaults
so we process these in backwards order (defaults then config file)
func DecryptionKey ¶ added in v0.26.0
func DecryptionKey() (interface{}, error)
func InitForTestPurposes ¶ added in v0.5.8
func InitForTestPurposes()
InitForTestPurposes is called by most *_testing.go files in Vouch Proxy
func InitForTestPurposesWithProvider ¶ added in v0.7.0
func InitForTestPurposesWithProvider(provider string)
InitForTestPurposesWithProvider just for testing
func SigningKey ¶ added in v0.26.0
func SigningKey() (interface{}, error)
func TLSConfig ¶ added in v0.19.0
TLSConfig config returns a *tls.Config with the specified profile (modern, intermediate, old, default) configuration.
func UnmarshalKey ¶
UnmarshalKey populate struct from contents of cfg tree at key
func ValidateConfiguration ¶ added in v0.12.0
func ValidateConfiguration() error
ValidateConfiguration confirm the Configuration is valid
Types ¶
type Config ¶ added in v0.9.0
type Config struct { LogLevel string `mapstructure:"logLevel"` Listen string `mapstructure:"listen"` Port int `mapstructure:"port"` Domains []string `mapstructure:"domains"` WhiteList []string `mapstructure:"whitelist"` TeamWhiteList []string `mapstructure:"teamWhitelist"` AllowAllUsers bool `mapstructure:"allowAllUsers"` PublicAccess bool `mapstructure:"publicAccess"` TLS struct { Cert string `mapstructure:"cert"` Key string `mapstructure:"key"` Profile string `mapstructure:"profile"` } JWT struct { SigningMethod string `mapstructure:"signing_method"` MaxAge int `mapstructure:"maxAge"` // in minutes Issuer string `mapstructure:"issuer"` Secret string `mapstructure:"secret"` PrivateKeyFile string `mapstructure:"private_key_file"` PublicKeyFile string `mapstructure:"public_key_file"` Compress bool `mapstructure:"compress"` } Cookie struct { Name string `mapstructure:"name"` Domain string `mapstructure:"domain"` Secure bool `mapstructure:"secure"` HTTPOnly bool `mapstructure:"httpOnly"` MaxAge int `mapstructure:"maxage"` SameSite string `mapstructure:"sameSite"` } Headers struct { JWT string `mapstructure:"jwt"` User string `mapstructure:"user"` QueryString string `mapstructure:"querystring"` Redirect string `mapstructure:"redirect"` Success string `mapstructure:"success"` Error string `mapstructure:"error"` ClaimHeader string `mapstructure:"claimheader"` Claims []string `mapstructure:"claims"` AccessToken string `mapstructure:"accesstoken"` IDToken string `mapstructure:"idtoken"` ClaimsCleaned map[string]string // the rawClaim is mapped to the actual claims header } Session struct { Name string `mapstructure:"name"` Key string `mapstructure:"key"` } TestURL string `mapstructure:"test_url"` TestURLs []string `mapstructure:"test_urls"` Testing bool `mapstructure:"testing"` LogoutRedirectURLs []string `mapstructure:"post_logout_redirect_uris" envconfig:"post_logout_redirect_uris"` }
Config vouch jwt cookie configuration Note to developers! Any new config elements should use `snake_case` such as `post_logout_redirect_uris` in certain situations you'll need to add both a `mapstructure` tag used by viper as well as a `envconfig` tag used by https://github.com/kelseyhightower/envconfig though most of the time envconfig will use the struct key's name: VOUCH_PORT VOUCH_JWT_MAXAGE