middleware

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 22, 2026 License: Apache-2.0 Imports: 31 Imported by: 0

Documentation

Index

Constants

View Source
const HeaderTraceID = "X-AG-Trace-Id"

HeaderTraceID is the response header the proxy sets with the request trace id. A gateway-specific name avoids the upstream X-Request-Id some providers emit.

Variables

View Source
var StrippedProxyResponseHeaders = map[string]struct{}{
	"X-Request-Id": {},
}

StrippedProxyResponseHeaders lists upstream headers that must not be forwarded to clients.

Functions

This section is empty.

Types

type AccessLogMiddleware

type AccessLogMiddleware struct {
	// contains filtered or unexported fields
}

func NewAccessLogMiddleware

func NewAccessLogMiddleware(logger *slog.Logger) *AccessLogMiddleware

func (*AccessLogMiddleware) Middleware

func (m *AccessLogMiddleware) Middleware() fiber.Handler

type AdminAuthMiddleware

type AdminAuthMiddleware struct {
	// contains filtered or unexported fields
}

func NewAdminAuthMiddleware

func NewAdminAuthMiddleware(logger *slog.Logger, jwtManager jwt.Manager) *AdminAuthMiddleware

func (*AdminAuthMiddleware) Middleware

func (m *AdminAuthMiddleware) Middleware() fiber.Handler

type AuthMiddleware

type AuthMiddleware struct {
	// contains filtered or unexported fields
}

func NewAuthMiddleware

func NewAuthMiddleware(
	identityResolver resolver.IdentityResolver,
	dataFinder appconsumer.DataFinder,
	gatewayResolver resolver.GatewayResolver,
	roleResolver approle.OIDCResolver,
	logger *slog.Logger,
) *AuthMiddleware

func (*AuthMiddleware) Middleware

func (m *AuthMiddleware) Middleware() fiber.Handler

type CORSMiddleware

type CORSMiddleware struct {
	// contains filtered or unexported fields
}

func NewCORSMiddleware

func NewCORSMiddleware(cfg *config.Config) *CORSMiddleware

func (*CORSMiddleware) Middleware

func (m *CORSMiddleware) Middleware() fiber.Handler

type Identity

type Identity struct {
	GatewayID ids.GatewayID
	AuthID    ids.AuthID
	Principal *identitydomain.Principal
}

Identity is the MCP-plane authentication result: the auth record that matched plus the verified principal (carrying the raw token for passthrough/exchange flows).

type IdentityResolver

type IdentityResolver interface {
	Resolve(c *fiber.Ctx) (Identity, error)
}

func NewChainIdentityResolver

func NewChainIdentityResolver(
	apiKeys appauth.APIKeyFinder,
	credentials appauth.CredentialFinder,
	paths appconsumer.PathResolver,
	jwtValidator appauth.JWTValidator,
	introValidator appauth.IntrospectionValidator,
	mtlsValidator appauth.MTLSValidator,
	certExtractor appauth.ClientCertificateExtractor,
	trustXFCCFrom []string,
) IdentityResolver

type MCPAuthMiddleware

type MCPAuthMiddleware struct {
	// contains filtered or unexported fields
}

MCPAuthMiddleware guards the MCP server plane. Unlike the proxy-plane AuthMiddleware (slug-routed, role-aware), it authenticates via the chain resolver (mTLS > bearer > API key) and scopes the request to the gateway the matched auth record belongs to.

func NewMCPAuthMiddleware

func NewMCPAuthMiddleware(
	identityResolver IdentityResolver,
	dataFinder appconsumer.DataFinder,
	gateways appgateway.Finder,
) *MCPAuthMiddleware

func (*MCPAuthMiddleware) Middleware

func (m *MCPAuthMiddleware) Middleware() fiber.Handler

type MCPMetricsMiddleware

type MCPMetricsMiddleware struct {
	// contains filtered or unexported fields
}

func NewMCPMetricsMiddleware

func NewMCPMetricsMiddleware(worker appmetrics.Worker, cfg *config.Config) *MCPMetricsMiddleware

func (*MCPMetricsMiddleware) Middleware

func (m *MCPMetricsMiddleware) Middleware() fiber.Handler

type MetricsMiddleware

type MetricsMiddleware struct {
	// contains filtered or unexported fields
}

func NewMetricsMiddleware

func NewMetricsMiddleware(worker appmetrics.Worker, cfg *config.Config) *MetricsMiddleware

func (*MetricsMiddleware) Middleware

func (m *MetricsMiddleware) Middleware() fiber.Handler

type Middleware

type Middleware interface {
	Middleware() fiber.Handler
}

type OAuthChallengeMiddleware

type OAuthChallengeMiddleware struct{}

func NewOAuthChallengeMiddleware

func NewOAuthChallengeMiddleware() *OAuthChallengeMiddleware

func (*OAuthChallengeMiddleware) Middleware

func (m *OAuthChallengeMiddleware) Middleware() fiber.Handler

type PanicRecoverMiddleware

type PanicRecoverMiddleware struct {
	// contains filtered or unexported fields
}

func NewPanicRecoverMiddleware

func NewPanicRecoverMiddleware(logger *slog.Logger) *PanicRecoverMiddleware

func (*PanicRecoverMiddleware) Middleware

func (m *PanicRecoverMiddleware) Middleware() fiber.Handler

type RequestIDMiddleware

type RequestIDMiddleware struct{}

func NewRequestIDMiddleware

func NewRequestIDMiddleware() *RequestIDMiddleware

func (*RequestIDMiddleware) Middleware

func (m *RequestIDMiddleware) Middleware() fiber.Handler

type SecurityHeadersMiddleware

type SecurityHeadersMiddleware struct{}

func NewSecurityHeadersMiddleware

func NewSecurityHeadersMiddleware() *SecurityHeadersMiddleware

func (*SecurityHeadersMiddleware) Middleware

func (m *SecurityHeadersMiddleware) Middleware() fiber.Handler

type SessionMiddleware

type SessionMiddleware struct {
	// contains filtered or unexported fields
}

func NewSessionMiddleware

func NewSessionMiddleware(logger *slog.Logger, finder appgateway.Finder) *SessionMiddleware

func (*SessionMiddleware) Middleware

func (m *SessionMiddleware) Middleware() fiber.Handler

type Transport

type Transport struct {
	Middlewares []Middleware
}

func NewTransport

func NewTransport(middlewares ...Middleware) *Transport

func (*Transport) GetMiddlewares

func (t *Transport) GetMiddlewares() []fiber.Handler

func (*Transport) RegisterMiddleware

func (t *Transport) RegisterMiddleware(m Middleware)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL