config

package
v1.11.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 25, 2025 License: GPL-3.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	Matcher             language.Matcher
	DefaultLanguageTags []language.Tag
)
View Source 
var ConfigFilePath string

ConfigFilePath stores the path to the configuration file specified via the -config flag

Functions

func IsFileLoaded added in v1.10.0 

func IsFileLoaded() bool

IsFileLoaded reports whether a FileSettings configuration has been loaded.

func ReloadConfigFile 

func ReloadConfigFile() (err error)

ReloadConfigFile is a thread safe function to reload a ConfigFile object.

func SetTestEnvironmentConfig added in v1.5.4 

func SetTestEnvironmentConfig(env Environment)

SetTestEnvironmentConfig sets the environment configuration for the test environment using the provided Environment interface.

func SetTestFile added in v1.4.10 

func SetTestFile(testFile File)

SetTestFile sets the global `file` variable to the provided `testFile` implementing the `File` interface.

Types

type Backend 

type Backend struct {
	// contains filtered or unexported fields
}

Backend is a password Database container.

func (*Backend) Get 

func (b *Backend) Get() definitions.Backend

Get gets the name of a password Database.

func (*Backend) GetName added in v1.5.0 

func (b *Backend) GetName() string

GetName returns the name of the Backend instance or an empty string if the instance is nil.

func (*Backend) Set 

func (b *Backend) Set(value string) error

Set updates the backend of the Backend based on the provided value. It returns an error if the value is not valid. Valid values for the backend are "cache", "ldap" and "lua". If the value is valid, the backend field of Backend is updated accordingly. An error of type ErrWrongPassDB is returned if the value is not valid.

func (*Backend) String 

func (b *Backend) String() string

func (*Backend) Type 

func (b *Backend) Type() string

Type returns the name of the type.

type BackendServer 

type BackendServer struct {
	Protocol      string `mapstructure:"protocol" validate:"required,oneof=imap pop3 lmtp smtp sieve http"`
	Host          string `mapstructure:"host" validate:"required,hostname_rfc1123_with_opt_trailing_dot|ip"`
	DeepCheck     bool   `mapstructure:"deep_check"`
	RequestURI    string `mapstructure:"request_uri" validate:"omitempty,url_encoded"`
	TestUsername  string `mapstructure:"test_username" validate:"omitempty,excludesall= "`
	TestPassword  string `mapstructure:"test_password" validate:"omitempty,excludesall= "`
	Port          int    `mapstructure:"port" validate:"omitempty,min=1,max=65535"`
	TLS           bool   `mapstructure:"tls"`
	TLSSkipVerify bool   `mapstructure:"tls_skip_verify"`
	HAProxyV2     bool   `mapstructure:"haproxy_v2"`
}

func (*BackendServer) GetHost added in v1.7.7 

func (n *BackendServer) GetHost() string

GetHost retrieves the host value from the BackendServer. Returns an empty string if the BackendServer is nil.

func (*BackendServer) GetPort added in v1.7.7 

func (n *BackendServer) GetPort() int

GetPort retrieves the port number from the BackendServer. Returns 0 if the BackendServer is nil.

func (*BackendServer) GetProtocol added in v1.7.7 

func (n *BackendServer) GetProtocol() string

GetProtocol retrieves the protocol value from the BackendServer. Returns an empty string if the BackendServer is nil.

func (*BackendServer) GetRequestURI added in v1.7.7 

func (n *BackendServer) GetRequestURI() string

GetRequestURI retrieves the request URI from the BackendServer. Returns an empty string if the BackendServer is nil.

func (*BackendServer) GetTestPassword added in v1.7.7 

func (n *BackendServer) GetTestPassword() string

GetTestPassword retrieves the test password from the BackendServer. Returns an empty string if the BackendServer is nil.

func (*BackendServer) GetTestUsername added in v1.7.7 

func (n *BackendServer) GetTestUsername() string

GetTestUsername retrieves the test username from the BackendServer. Returns an empty string if the BackendServer is nil.

func (*BackendServer) IsDeepCheck added in v1.7.7 

func (n *BackendServer) IsDeepCheck() bool

IsDeepCheck checks if deep checking is enabled for the BackendServer. Returns false if the BackendServer is nil.

func (*BackendServer) IsHAProxyV2 added in v1.7.7 

func (n *BackendServer) IsHAProxyV2() bool

IsHAProxyV2 checks if HAProxy protocol version 2 is enabled for the BackendServer. Returns false if the BackendServer is nil.

func (*BackendServer) IsTLS added in v1.7.7 

func (n *BackendServer) IsTLS() bool

IsTLS checks if TLS is enabled for the BackendServer. Returns false if the BackendServer is nil.

func (*BackendServer) IsTLSSkipVerify added in v1.7.7 

func (n *BackendServer) IsTLSSkipVerify() bool

IsTLSSkipVerify checks if TLS verification should be skipped for the BackendServer. Returns false if the BackendServer is nil.

func (*BackendServer) String 

func (n *BackendServer) String() string

type BackendServerMonitoring 

type BackendServerMonitoring struct {
	BackendServers []*BackendServer `mapstructure:"backend_servers" validate:"required,dive"`
}

func (*BackendServerMonitoring) GetBackendServers added in v1.7.7 

func (n *BackendServerMonitoring) GetBackendServers() []*BackendServer

GetBackendServers retrieves the list of backend servers from the BackendServerMonitoring. Returns an empty slice if the BackendServerMonitoring is nil.

func (*BackendServerMonitoring) String added in v1.3.5 

func (n *BackendServerMonitoring) String() string

type BasicAuth 

type BasicAuth struct {
	Enabled  bool   `mapstructure:"enabled"`
	Username string `mapstructure:"username" validate:"omitempty,excludesall= "`
	Password string `mapstructure:"password" validate:"omitempty,min=16,alphanumsymbol,excludesall= "`
}

BasicAuth represents the configuration for basic HTTP authentication.

func (*BasicAuth) GetPassword added in v1.4.11 

func (b *BasicAuth) GetPassword() string

GetPassword retrieves the password for the BasicAuth configuration. Returns an empty string if the BasicAuth is nil.

func (*BasicAuth) GetUsername added in v1.4.11 

func (b *BasicAuth) GetUsername() string

GetUsername returns the username configured for basic HTTP authentication. Returns an empty string if the BasicAuth is nil.

func (*BasicAuth) IsEnabled added in v1.4.11 

func (b *BasicAuth) IsEnabled() bool

IsEnabled returns true if basic HTTP authentication is enabled, otherwise false. Returns false if the BasicAuth is nil.

type BruteForceRule 

type BruteForceRule struct {
	Name             string        `mapstructure:"name" validate:"required"`
	Period           time.Duration `mapstructure:"period" validate:"required,gt=0,max=8760h"`
	CIDR             uint          `mapstructure:"cidr" validate:"required,min=1,max=128"`
	IPv4             bool
	IPv6             bool
	FailedRequests   uint     `mapstructure:"failed_requests" validate:"required,min=1"`
	FilterByProtocol []string `mapstructure:"filter_by_protocol" validate:"omitempty"`
	FilterByOIDCCID  []string `mapstructure:"filter_by_oidc_cid" validate:"omitempty"`
}

BruteForceRule is the definition of a brute force rule as defined in the configuration file. See the markdown documentation for a description of the field names.

func (*BruteForceRule) GetCIDR added in v1.7.7 

func (b *BruteForceRule) GetCIDR() uint

GetCIDR retrieves the CIDR value for the brute force rule. Returns 0 if the BruteForceRule is nil.

func (*BruteForceRule) GetFailedRequests added in v1.7.7 

func (b *BruteForceRule) GetFailedRequests() uint

GetFailedRequests retrieves the number of failed requests threshold for the brute force rule. Returns 0 if the BruteForceRule is nil.

func (*BruteForceRule) GetFilterByOIDCCID added in v1.7.7 

func (b *BruteForceRule) GetFilterByOIDCCID() []string

GetFilterByOIDCCID retrieves the list of OIDC client IDs to filter by for the brute force rule. Returns an empty slice if the BruteForceRule is nil.

func (*BruteForceRule) GetFilterByProtocol added in v1.7.7 

func (b *BruteForceRule) GetFilterByProtocol() []string

GetFilterByProtocol retrieves the list of protocols to filter by for the brute force rule. Returns an empty slice if the BruteForceRule is nil.

func (*BruteForceRule) GetName added in v1.7.7 

func (b *BruteForceRule) GetName() string

GetName retrieves the name of the brute force rule. Returns an empty string if the BruteForceRule is nil.

func (*BruteForceRule) GetPeriod added in v1.7.7 

func (b *BruteForceRule) GetPeriod() time.Duration

GetPeriod retrieves the period duration for the brute force rule. Returns 0 if the BruteForceRule is nil.

func (*BruteForceRule) IsIPv4 added in v1.7.7 

func (b *BruteForceRule) IsIPv4() bool

IsIPv4 checks if the brute force rule is configured for IPv4. Returns false if the BruteForceRule is nil.

func (*BruteForceRule) IsIPv6 added in v1.7.7 

func (b *BruteForceRule) IsIPv6() bool

IsIPv6 checks if the brute force rule is configured for IPv6. Returns false if the BruteForceRule is nil.

func (*BruteForceRule) String added in v1.4.9 

func (b *BruteForceRule) String() string

type BruteForceSection 

type BruteForceSection struct {
	SoftWhitelist      `mapstructure:"soft_whitelist"`
	IPWhitelist        []string         `mapstructure:"ip_whitelist" validate:"omitempty,dive,ip_addr|cidr"`
	Buckets            []BruteForceRule `mapstructure:"buckets" validate:"required,dive"`
	Learning           []*Feature       `mapstructure:"learning" validate:"omitempty,dive"`
	ToleratePercent    uint8            `mapstructure:"tolerate_percent" validate:"omitempty,min=0,max=100"`
	CustomTolerations  []Tolerate       `mapstructure:"custom_tolerations" validate:"omitempty,dive"`
	TolerateTTL        time.Duration    `mapstructure:"tolerate_ttl" validate:"omitempty,gt=0,max=8760h"`
	AdaptiveToleration bool             `mapstructure:"adaptive_toleration"`
	MinToleratePercent uint8            `mapstructure:"min_tolerate_percent" validate:"omitempty,min=0,max=100"`
	MaxToleratePercent uint8            `mapstructure:"max_tolerate_percent" validate:"omitempty,min=0,max=100"`
	ScaleFactor        float64          `mapstructure:"scale_factor" validate:"omitempty,min=0.1,max=10"`

	// Reduce PW_HIST write amplification while an IP/net is already blocked:
	// If true, account-scoped PW_HIST entries are only written for known accounts (no fallback to username)
	// when the request is served from an already-triggered (cached) brute-force block.
	LogHistoryForKnownAccounts bool `mapstructure:"pw_history_for_known_accounts"`

	// IPv6 scoping options for features that use password-history (PW_HIST), e.g., repeating-wrong-password.
	// If set to >0, IPv6 addresses will be considered on the given CIDR instead of /128 for the respective context.
	IPScoping IPScoping `mapstructure:"ip_scoping"`

	// Cold-start grace: one-time grace for known accounts without negative PW history.
	ColdStartGraceEnabled bool          `mapstructure:"cold_start_grace_enabled"`
	ColdStartGraceTTL     time.Duration `mapstructure:"cold_start_grace_ttl" validate:"omitempty,gt=0,max=8760h"`

	// RWP allowance: tolerate up to N unique wrong password hashes in a time window
	AllowedUniqueWrongPWHashes uint          `mapstructure:"rwp_allowed_unique_hashes" validate:"omitempty,min=1,max=100"`
	RWPWindow                  time.Duration `mapstructure:"rwp_window" validate:"omitempty,gt=0,max=8760h"`
}

func (*BruteForceSection) GetAdaptiveToleration added in v1.7.7 

func (b *BruteForceSection) GetAdaptiveToleration() bool

GetAdaptiveToleration retrieves the AdaptiveToleration value from the BruteForceSection instance. Returns false if the receiver is nil.

func (*BruteForceSection) GetBuckets added in v1.7.7 

func (b *BruteForceSection) GetBuckets() []BruteForceRule

GetBuckets retrieves the list of brute force rules from the BruteForceSection. Returns an empty slice if the BruteForceSection is nil.

func (*BruteForceSection) GetColdStartGraceEnabled added in v1.9.10 

func (b *BruteForceSection) GetColdStartGraceEnabled() bool

GetColdStartGraceEnabled tells whether the one-time cold-start grace is enabled.

func (*BruteForceSection) GetColdStartGraceTTL added in v1.9.10 

func (b *BruteForceSection) GetColdStartGraceTTL() time.Duration

GetColdStartGraceTTL returns the TTL for the cold-start grace. Defaults to 120s if not set or invalid.

func (*BruteForceSection) GetCustomTolerations added in v1.5.1 

func (b *BruteForceSection) GetCustomTolerations() []Tolerate

GetCustomTolerations returns the CustomTolerations slice from the BruteForceSection. Returns an empty slice if the receiver is nil.

func (*BruteForceSection) GetIPScoping added in v1.9.4 

func (b *BruteForceSection) GetIPScoping() IPScoping

GetIPScoping returns the IPScoping settings or a zero-value if not present.

func (*BruteForceSection) GetIPWhitelist added in v1.7.7 

func (b *BruteForceSection) GetIPWhitelist() []string

GetIPWhitelist retrieves the IP whitelist from the BruteForceSection. Returns an empty slice if the BruteForceSection is nil.

func (*BruteForceSection) GetMaxToleratePercent added in v1.7.7 

func (b *BruteForceSection) GetMaxToleratePercent() uint8

GetMaxToleratePercent retrieves the MaxToleratePercent value from the BruteForceSection instance. Returns 50 as default if not set or if the receiver is nil.

func (*BruteForceSection) GetMinToleratePercent added in v1.7.7 

func (b *BruteForceSection) GetMinToleratePercent() uint8

GetMinToleratePercent retrieves the MinToleratePercent value from the BruteForceSection instance. Returns 10 as default if not set or if the receiver is nil.

func (*BruteForceSection) GetPWHistKnownAccountsOnlyOnAlreadyTriggered added in v1.9.4 

func (b *BruteForceSection) GetPWHistKnownAccountsOnlyOnAlreadyTriggered() bool

GetPWHistKnownAccountsOnlyOnAlreadyTriggered returns whether per-account PW_HIST should be limited to known accounts (no username fallback) when a request is already cached-blocked. Supports both the new short key (pw_hist_known_cached) and the legacy long key (pw_hist_known_accounts_only_on_already_triggered) for backward compatibility.

func (*BruteForceSection) GetRWPAllowedUniqueHashes added in v1.10.0 

func (b *BruteForceSection) GetRWPAllowedUniqueHashes() uint

GetRWPAllowedUniqueHashes returns how many distinct wrong password hashes are tolerated within the window. Defaults to 3 if not set or if the receiver is nil.

func (*BruteForceSection) GetRWPIPv6CIDR added in v1.9.4 

func (b *BruteForceSection) GetRWPIPv6CIDR() uint

GetRWPIPv6CIDR returns the CIDR to use for IPv6 in the repeating-wrong-password context (0 disables).

func (*BruteForceSection) GetRWPWindow added in v1.10.0 

func (b *BruteForceSection) GetRWPWindow() time.Duration

GetRWPWindow returns the time window for tracking tolerated unique wrong password hashes. Defaults to 15 minutes if not set or invalid.

func (*BruteForceSection) GetScaleFactor added in v1.7.7 

func (b *BruteForceSection) GetScaleFactor() float64

GetScaleFactor retrieves the ScaleFactor value from the BruteForceSection instance. Returns 1.0 as default if not set or if the receiver is nil.

func (*BruteForceSection) GetSoftWhitelist added in v1.7.7 

func (b *BruteForceSection) GetSoftWhitelist() SoftWhitelist

GetSoftWhitelist retrieves the SoftWhitelist from the BruteForceSection. Returns an empty map if the BruteForceSection is nil.

func (*BruteForceSection) GetToleratePercent added in v1.5.1 

func (b *BruteForceSection) GetToleratePercent() uint8

GetToleratePercent retrieves the ToleratePercent value from the BruteForceSection instance. Returns 0 if the receiver is nil.

func (*BruteForceSection) GetTolerateTTL added in v1.5.1 

func (b *BruteForceSection) GetTolerateTTL() time.Duration

GetTolerateTTL retrieves the TolerateTTL value from the BruteForceSection instance. Returns 0 if the receiver is nil.

func (*BruteForceSection) GetTolerationsIPv6CIDR added in v1.9.4 

func (b *BruteForceSection) GetTolerationsIPv6CIDR() uint

GetTolerationsIPv6CIDR returns the CIDR to use for IPv6 in the tolerations context (0 disables).

func (*BruteForceSection) LearnFromFeature added in v1.3.5 

func (b *BruteForceSection) LearnFromFeature(input string) bool

LearnFromFeature checks if the given feature is present in the Learning slice of the BruteForceSection. It returns true if the feature is found, otherwise false.

func (*BruteForceSection) String 

func (b *BruteForceSection) String() string

type Cluster 

type Cluster struct {
	Addresses            []string      `mapstructure:"addresses" validate:"required,dive,hostname_port"`
	Username             string        `mapstructure:"username" validate:"omitempty,excludesall= "`
	Password             string        `mapstructure:"password" validate:"omitempty,excludesall= "`
	RouteByLatency       bool          `mapstructure:"route_by_latency"`
	RouteRandomly        bool          `mapstructure:"route_randomly"`
	ReadOnly             bool          `mapstructure:"read_only"` // Deprecated: Use RouteReadsToReplicas instead
	RouteReadsToReplicas bool          `mapstructure:"route_reads_to_replicas"`
	MaxRedirects         int           `mapstructure:"max_redirects" validate:"omitempty,gte=0"`
	ReadTimeout          time.Duration `mapstructure:"read_timeout" validate:"omitempty"`
	WriteTimeout         time.Duration `mapstructure:"write_timeout" validate:"omitempty"`
}

Cluster represents the configuration for a Redis cluster setup.

func (*Cluster) GetAddresses added in v1.4.11 

func (c *Cluster) GetAddresses() []string

GetAddresses retrieves the list of Redis cluster addresses configured in the Cluster instance. Returns an empty slice if the Cluster is nil.

func (*Cluster) GetMaxRedirects added in v1.7.1 

func (c *Cluster) GetMaxRedirects() int

GetMaxRedirects returns the maximum number of redirects to follow. Returns 0 if the Cluster is nil.

func (*Cluster) GetPassword added in v1.4.11 

func (c *Cluster) GetPassword() string

GetPassword retrieves the password configured for the Redis cluster. Returns an empty string if the Cluster is nil.

func (*Cluster) GetReadOnly added in v1.7.1 

func (c *Cluster) GetReadOnly() bool

GetReadOnly returns whether read-only commands should be allowed from replicas. Returns false if the Cluster is nil. Deprecated: Use GetRouteReadsToReplicas instead.

func (*Cluster) GetReadTimeout added in v1.7.1 

func (c *Cluster) GetReadTimeout() time.Duration

GetReadTimeout returns the timeout for read operations. Returns 0 if the Cluster is nil.

func (*Cluster) GetRouteByLatency added in v1.7.1 

func (c *Cluster) GetRouteByLatency() bool

GetRouteByLatency returns whether commands should be routed to the closest node. Returns false if the Cluster is nil.

func (*Cluster) GetRouteRandomly added in v1.7.1 

func (c *Cluster) GetRouteRandomly() bool

GetRouteRandomly returns whether commands should be routed randomly across nodes. Returns false if the Cluster is nil.

func (*Cluster) GetRouteReadsToReplicas added in v1.7.11 

func (c *Cluster) GetRouteReadsToReplicas() bool

GetRouteReadsToReplicas returns whether read commands should be routed to replica nodes. Returns false if the Cluster is nil.

func (*Cluster) GetUsername added in v1.4.11 

func (c *Cluster) GetUsername() string

GetUsername retrieves the username configured for the Redis cluster. Returns an empty string if the Cluster is nil.

func (*Cluster) GetWriteTimeout added in v1.7.1 

func (c *Cluster) GetWriteTimeout() time.Duration

GetWriteTimeout returns the timeout for write operations. Returns 0 if the Cluster is nil.

type Compression added in v1.7.3 

type Compression struct {
	Enabled bool `mapstructure:"enabled"`
	// Deprecated: level is deprecated in favor of level_gzip since 1.9.9. It will be removed in a future release.
	Level int `mapstructure:"level" validate:"omitempty,gte=1,lte=9"`

	// LevelGzip defines the gzip compression level (1-9, where 1 is fastest and 9 is best compression).
	// If not set (0), the server will fall back to the deprecated 'level' value for backward compatibility.
	LevelGzip int `mapstructure:"level_gzip" validate:"omitempty,gte=1,lte=9"`

	// LevelZstd configures the zstd compression level mapping (0=Default, 1=BestSpeed, 2=BetterCompression, 3=BestCompression).
	LevelZstd int `mapstructure:"level_zstd" validate:"omitempty,gte=0,lte=3"`

	// LevelBrotli configures the brotli compression level mapping (0=Default, 1=BestSpeed, 2=BetterCompression, 3=BestCompression).
	LevelBrotli int `mapstructure:"level_brotli" validate:"omitempty,gte=0,lte=3"`

	// MinLength specifies the minimum content length (in bytes) required for compression to be applied. Defaults to 0.
	MinLength int `mapstructure:"min_length" validate:"omitempty,gte=0"`

	// Deprecated: content_types has no effect since 1.9.2 and will be removed in a future release.
	ContentTypes []string `mapstructure:"content_types" validate:"omitempty,dive,printascii"`

	// Algorithms defines the enabled compression algorithms in order of preference, e.g. ["br", "zstd", "gzip"].
	Algorithms []string `mapstructure:"algorithms" validate:"omitempty,dive,printascii"`
}

Compression represents the configuration for HTTP response compression.

func (*Compression) GetAlgorithms added in v1.9.8 

func (c *Compression) GetAlgorithms() []string

GetAlgorithms returns the enabled compression algorithms in order of preference. Returns an empty slice if the Compression is nil.

func (*Compression) GetContentTypes added in v1.7.3 

func (c *Compression) GetContentTypes() []string

GetContentTypes returns the list of content types that should be compressed. Returns an empty slice if the Compression is nil.

func (*Compression) GetLevel added in v1.7.3 

func (c *Compression) GetLevel() int

GetLevel returns the (deprecated) gzip compression level (1-9). Deprecated: Use GetLevelGzip() instead. This remains for backward compatibility. Returns 0 if the Compression is nil.

func (*Compression) GetLevelBrotli added in v1.9.9 

func (c *Compression) GetLevelBrotli() int

GetLevelBrotli returns the configured Brotli compression level (1-11). Returns 0 if the Compression is nil.

func (*Compression) GetLevelGzip added in v1.9.8 

func (c *Compression) GetLevelGzip() int

GetLevelGzip returns the configured gzip compression level (1-9). If LevelGzip is not set (>0), it falls back to the deprecated Level field for backward compatibility. Returns 0 if the Compression is nil.

func (*Compression) GetLevelZstd added in v1.9.8 

func (c *Compression) GetLevelZstd() int

GetLevelZstd returns the configured zstd compression level mapping. Returns 0 if the Compression is nil.

func (*Compression) GetMinLength added in v1.7.3 

func (c *Compression) GetMinLength() int

GetMinLength returns the minimum content length required for compression. Returns 0 if the Compression is nil.

func (*Compression) IsEnabled added in v1.7.3 

func (c *Compression) IsEnabled() bool

IsEnabled returns true if compression is enabled, otherwise false. Returns false if the Compression is nil.

type DNS 

type DNS struct {
	Resolver        string        `mapstructure:"resolver" validate:"omitempty,tcp_addr"`
	Timeout         time.Duration `mapstructure:"timeout" validate:"omitempty,gt=0,max=30s"`
	ResolveClientIP bool          `mapstructure:"resolve_client_ip"`
}

DNS represents the Domain Name System configuration settings, including resolver, timeout, and client IP resolution options.

func (*DNS) GetResolveClientIP added in v1.4.11 

func (d *DNS) GetResolveClientIP() bool

GetResolveClientIP returns the value of the ResolveClientIP field indicating whether client IP resolution is enabled. Returns false if the DNS is nil.

func (*DNS) GetResolver added in v1.4.11 

func (d *DNS) GetResolver() string

GetResolver returns the configured DNS resolver address as a string. Returns an empty string if the DNS is nil.

func (*DNS) GetTimeout added in v1.4.11 

func (d *DNS) GetTimeout() time.Duration

GetTimeout returns the timeout duration configured for the DNS resolver. Returns 0 if the DNS is nil.

type DbgModule 

type DbgModule struct {
	// contains filtered or unexported fields
}

DbgModule represents a debugging module configuration.

func (*DbgModule) Get 

func (d *DbgModule) Get() string

Get returns the name of the `DbgModule` instance. The name represents the current debug module. It can be used to identify the debug module when needed.

func (*DbgModule) GetModule 

func (d *DbgModule) GetModule() definitions.DbgModule

GetModule returns the `module` field of the `DbgModule` struct. It is used to retrieve the current debug module.

Usage: 

module := d.GetModule()

Example: 

func main() {
  dbg := &DbgModule{}
  module := dbg.GetModule()
  fmt.Println(module) // Output: 0
}

func (*DbgModule) Set 

func (d *DbgModule) Set(value string) error

Set updates the debug module based on the provided value. It returns an error if the value is not valid. Valid values for the debug module are "none", "all", "auth", "hydra", "webauthn", "statistics", "whitelist", "ldap", "ldappool", "sql", "cache", "bf", "rbl", "action", "feature", and "lua". If the value is valid, the module and name fields are updated accordingly. An error of type ErrWrongDebugModule is returned if the value is not valid.

func (*DbgModule) String 

func (d *DbgModule) String() string

func (*DbgModule) Type 

func (d *DbgModule) Type() string

Type returns the type of the DbgModule, which is always "DebugModule".

type Dedup added in v1.10.0 

type Dedup struct {
	// Deprecated: no longer used. Kept for backward compatibility with existing configs.
	DistributedEnabled bool `mapstructure:"distributed_enabled"`
	// Controls in-process singleflight dedup (within one instance). Default: true.
	InProcessEnabled *bool `mapstructure:"in_process_enabled"`
}

Dedup controls in-process request deduplication behavior. NOTE: distributed (Redis-based) deduplication has been removed and the option 'server.dedup.distributed_enabled' is deprecated and ignored. Only in-process (singleflight) dedup remains supported.

func (*Dedup) IsDistributedEnabled added in v1.10.0 

func (d *Dedup) IsDistributedEnabled() bool

IsDistributedEnabled reports whether distributed (Redis) deduplication is enabled. Deprecated: Distributed deduplication has been removed; this always returns false.

func (*Dedup) IsInProcessEnabled added in v1.10.0 

func (d *Dedup) IsInProcessEnabled() bool

IsInProcessEnabled reports whether in-process singleflight deduplication is enabled. Default is true unless explicitly configured.

type DefaultHTTPRequestHeader added in v1.3.0 

type DefaultHTTPRequestHeader struct {
	Username           string `mapstructure:"username" validate:"omitempty,printascii,excludesall= "`
	Password           string `mapstructure:"password" validate:"omitempty,printascii,excludesall= "`
	PasswordEncoded    string `mapstructure:"password_encoded" validate:"omitempty,printascii,excludesall= "`
	Protocol           string `mapstructure:"protocol" validate:"omitempty,printascii,excludesall= "`
	LoginAttempt       string `mapstructure:"login_attempt" validate:"omitempty,printascii,excludesall= "`
	AuthMethod         string `mapstructure:"auth_method" validate:"omitempty,printascii,excludesall= "`
	LocalIP            string `mapstructure:"local_ip" validate:"omitempty,printascii,excludesall= "`
	LocalPort          string `mapstructure:"local_port" validate:"omitempty,printascii,excludesall= "`
	ClientIP           string `mapstructure:"client_ip" validate:"omitempty,printascii,excludesall= "`
	ClientPort         string `mapstructure:"client_port" validate:"omitempty,printascii,excludesall= "`
	ClientHost         string `mapstructure:"client_host" validate:"omitempty,printascii,excludesall= "`
	ClientID           string `mapstructure:"client_id" validate:"omitempty,printascii,excludesall= "`
	SSL                string `mapstructure:"ssl" validate:"omitempty,printascii,excludesall= "`
	SSLSessionID       string `mapstructure:"ssl_session_id" validate:"omitempty,printascii,excludesall= "`
	SSLVerify          string `mapstructure:"ssl_verify" validate:"omitempty,printascii,excludesall= "`
	SSLSubject         string `mapstructure:"ssl_subject" validate:"omitempty,printascii,excludesall= "`
	SSLClientCN        string `mapstructure:"ssl_client_cn" validate:"omitempty,printascii,excludesall= "`
	SSLIssuer          string `mapstructure:"ssl_issuer" validate:"omitempty,printascii,excludesall= "`
	SSLClientNotBefore string `mapstructure:"ssl_client_not_before" validate:"omitempty,printascii,excludesall= "`
	SSLClientNotAfter  string `mapstructure:"ssl_client_not_after" validate:"omitempty,printascii,excludesall= "`
	SSLSubjectDN       string `mapstructure:"ssl_subject_dn" validate:"omitempty,printascii,excludesall= "`
	SSLIssuerDN        string `mapstructure:"ssl_issuer_dn" validate:"omitempty,printascii,excludesall= "`
	SSLClientSubjectDN string `mapstructure:"ssl_client_subject_dn" validate:"omitempty,printascii,excludesall= "`
	SSLClientIssuerDN  string `mapstructure:"ssl_client_issuer_dn" validate:"omitempty,printascii,excludesall= "`
	SSLCipher          string `mapstructure:"ssl_cipher" validate:"omitempty,printascii,excludesall= "`
	SSLProtocol        string `mapstructure:"ssl_protocol" validate:"omitempty,printascii,excludesall= "`
	SSLSerial          string `mapstructure:"ssl_serial" validate:"omitempty,printascii,excludesall= "`
	SSLFingerprint     string `mapstructure:"ssl_fingerprint" validate:"omitempty,printascii,excludesall= "`
	OIDCCID            string `mapstructure:"oidc_cid" validate:"omitempty,printascii,excludesall= "`
}

DefaultHTTPRequestHeader represents the default headers to include in every HTTP request. This struct includes fields for authentication, SSL/TLS, and client/server metadata.

func (*DefaultHTTPRequestHeader) GetAuthMethod added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetAuthMethod() string

GetAuthMethod retrieves the authentication method value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetClientHost added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetClientHost() string

GetClientHost retrieves the client host value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetClientID added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetClientID() string

GetClientID retrieves the client identifier from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetClientIP added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetClientIP() string

GetClientIP retrieves the client's IP address from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetClientPort added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetClientPort() string

GetClientPort retrieves the client port value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetLocalIP added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetLocalIP() string

GetLocalIP retrieves the local IP address from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetLocalPort added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetLocalPort() string

GetLocalPort retrieves the local port value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetLoginAttempt added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetLoginAttempt() string

GetLoginAttempt retrieves the login attempt value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetOIDCCID added in v1.7.5 

func (d *DefaultHTTPRequestHeader) GetOIDCCID() string

GetOIDCCID retrieves the OIDC Client ID value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetPassword added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetPassword() string

GetPassword retrieves the password value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetPasswordEncoded added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetPasswordEncoded() string

GetPasswordEncoded retrieves the encoded password value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetProtocol added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetProtocol() string

GetProtocol retrieves the protocol value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSL added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSL() string

GetSSL retrieves the SSL value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLCipher added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLCipher() string

GetSSLCipher retrieves the SSL cipher value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLClientCN added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLClientCN() string

GetSSLClientCN retrieves the Common Name (CN) from the SSL client certificate in the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLClientIssuerDN added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLClientIssuerDN() string

GetSSLClientIssuerDN retrieves the SSL client issuer distinguished name (DN) from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLClientNotAfter added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLClientNotAfter() string

GetSSLClientNotAfter retrieves the SSL client certificate expiration date from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLClientNotBefore added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLClientNotBefore() string

GetSSLClientNotBefore retrieves the SSL client certificate start date from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLClientSubjectDN added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLClientSubjectDN() string

GetSSLClientSubjectDN retrieves the SSL client subject distinguished name (DN) from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLFingerprint added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLFingerprint() string

GetSSLFingerprint retrieves the SSL fingerprint value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLIssuer added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLIssuer() string

GetSSLIssuer retrieves the SSL issuer value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLIssuerDN added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLIssuerDN() string

GetSSLIssuerDN retrieves the SSL issuer distinguished name (DN) from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLProtocol added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLProtocol() string

GetSSLProtocol retrieves the SSL protocol value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLSerial added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLSerial() string

GetSSLSerial retrieves the SSL serial number from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLSessionID added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLSessionID() string

GetSSLSessionID retrieves the SSL session ID from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLSubject added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLSubject() string

GetSSLSubject retrieves the SSL subject value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLSubjectDN added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLSubjectDN() string

GetSSLSubjectDN retrieves the SSL subject distinguished name (DN) from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetSSLVerify added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetSSLVerify() string

GetSSLVerify retrieves the SSL verification setting from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

func (*DefaultHTTPRequestHeader) GetUsername added in v1.4.11 

func (d *DefaultHTTPRequestHeader) GetUsername() string

GetUsername retrieves the username value from the DefaultHTTPRequestHeader struct. Returns an empty string if the DefaultHTTPRequestHeader is nil.

type Endpoint added in v1.4.9 

type Endpoint struct {
	AuthHeader    bool `mapstructure:"auth_header"`
	AuthJSON      bool `mapstructure:"auth_json"`
	AuthBasic     bool `mapstructure:"auth_basic"`
	AuthNginx     bool `mapstructure:"auth_nginx"`
	AuthSASLAuthd bool `mapstructure:"auth_saslauthd"`
	AuthJWT       bool `mapstructure:"auth_jwt"`
	CustomHooks   bool `mapstructure:"custom_hooks"`
	Configuration bool `mapstructure:"configuration"`
}

Endpoint defines a structure for configuring various types of authentication and custom hooks.

func (*Endpoint) IsAuthBasicDisabled added in v1.7.0 

func (e *Endpoint) IsAuthBasicDisabled() bool

IsAuthBasicDisabled checks if Basic authentication is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsAuthHeaderDisabled added in v1.7.0 

func (e *Endpoint) IsAuthHeaderDisabled() bool

IsAuthHeaderDisabled checks if header-based authentication is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsAuthJSONDisabled added in v1.7.0 

func (e *Endpoint) IsAuthJSONDisabled() bool

IsAuthJSONDisabled checks if JSON-based authentication is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsAuthJWTDisabled added in v1.7.0 

func (e *Endpoint) IsAuthJWTDisabled() bool

IsAuthJWTDisabled checks if JWT authentication is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsAuthNginxDisabled added in v1.7.0 

func (e *Endpoint) IsAuthNginxDisabled() bool

IsAuthNginxDisabled checks if Nginx-based authentication is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsAuthSASLAuthdDisabled added in v1.7.0 

func (e *Endpoint) IsAuthSASLAuthdDisabled() bool

IsAuthSASLAuthdDisabled checks if SASL authentication is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsConfigurationDisabled added in v1.7.11 

func (e *Endpoint) IsConfigurationDisabled() bool

IsConfigurationDisabled checks if the configuration setting is enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

func (*Endpoint) IsCustomHooksDisabled added in v1.7.0 

func (e *Endpoint) IsCustomHooksDisabled() bool

IsCustomHooksDisabled checks if custom hooks are enabled for the endpoint and returns the corresponding boolean value. Returns false if the Endpoint is nil.

type Environment added in v1.4.10 

type Environment interface {
	// GetSMTPBackendAddress returns the address of the SMTP backend server.
	GetSMTPBackendAddress() string

	// GetSMTPBackendPort returns the port of the SMTP backend server.
	GetSMTPBackendPort() int

	// GetIMAPBackendAddress returns the address of the IMAP backend server.
	GetIMAPBackendAddress() string

	// GetIMAPBackendPort returns the port of the IMAP backend server.
	GetIMAPBackendPort() int

	// GetPOP3BackendAddress returns the address of the POP3 backend server.
	GetPOP3BackendAddress() string

	// GetPOP3BackendPort returns the port of the IMAP POP3 server.
	GetPOP3BackendPort() int

	// GetWaitDelay returns the delay between connection attempts in seconds.
	GetWaitDelay() uint8

	// GetMaxLoginAttempts returns the maximum number of allowed login attempts.
	GetMaxLoginAttempts() uint8

	// GetDevMode indicates whether the application is in developer mode.
	GetDevMode() bool

	// GetLocalCacheAuthTTL returns the time-to-live duration for local cache authentication.
	GetLocalCacheAuthTTL() time.Duration
}

Environment defines methods for accessing application configuration settings.

func GetEnvironment added in v1.4.10 

func GetEnvironment() Environment

GetEnvironment returns the singleton instance of the environmentSettings configuration. Panics if the environment is uninitialized.

func NewEnvironmentConfig added in v1.4.10 

func NewEnvironmentConfig() Environment

NewEnvironmentConfig initializes and returns a singleton instance of EnvironmentSettings, setting default and custom configurations.

func NewTestEnvironmentConfig added in v1.5.4 

func NewTestEnvironmentConfig() Environment

NewTestEnvironmentConfig creates and returns a new instance of Environment with default settings.

type EnvironmentSettings added in v1.4.10 

type EnvironmentSettings struct {
	// SMTPBackendAddress is the address of the SMTP backend server.
	SMTPBackendAddress string

	// SMTPBackendPort is the port of the SMTP backend server.
	SMTPBackendPort int

	// IMAPBackendAddress is the address of the IMAP backend server.
	IMAPBackendAddress string

	// IMAPBackendPort is the port of the IMAP backend server.
	IMAPBackendPort int

	// POP3BackendAddress is the address of the POP3 backend server.
	POP3BackendAddress string

	// POP3BackendPort is the port of the IMAP POP3 server.
	POP3BackendPort int

	// WaitDelay is the time in seconds to wait between connection attempts.
	WaitDelay uint8

	// MaxLoginAttempts is the maximum number of login attempts.
	MaxLoginAttempts uint8

	// DevMode indicates whether the application is running in developer mode.
	DevMode bool

	// LocalCacheAuthTTL
	LocalCacheAuthTTL time.Duration
}

EnvironmentSettings represents overall configuration settings for the application.

func (*EnvironmentSettings) GetDevMode added in v1.4.10 

func (env *EnvironmentSettings) GetDevMode() bool

GetDevMode returns the DevMode value, indicating whether the application is running in developer mode.

func (*EnvironmentSettings) GetIMAPBackendAddress added in v1.4.10 

func (env *EnvironmentSettings) GetIMAPBackendAddress() string

GetIMAPBackendAddress retrieves the address of the IMAP backend server from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetIMAPBackendPort added in v1.4.10 

func (env *EnvironmentSettings) GetIMAPBackendPort() int

GetIMAPBackendPort retrieves the port of the IMAP backend server from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetLocalCacheAuthTTL added in v1.4.10 

func (env *EnvironmentSettings) GetLocalCacheAuthTTL() time.Duration

GetLocalCacheAuthTTL retrieves the time-to-live duration for local cache authentication from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetMaxLoginAttempts added in v1.4.10 

func (env *EnvironmentSettings) GetMaxLoginAttempts() uint8

GetMaxLoginAttempts retrieves the maximum allowed number of login attempts from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetPOP3BackendAddress added in v1.4.10 

func (env *EnvironmentSettings) GetPOP3BackendAddress() string

GetPOP3BackendAddress retrieves the address of the POP3 backend server from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetPOP3BackendPort added in v1.4.10 

func (env *EnvironmentSettings) GetPOP3BackendPort() int

GetPOP3BackendPort retrieves the port of the POP3 backend server from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetSMTPBackendAddress added in v1.4.10 

func (env *EnvironmentSettings) GetSMTPBackendAddress() string

GetSMTPBackendAddress retrieves the address of the SMTP backend server from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetSMTPBackendPort added in v1.4.10 

func (env *EnvironmentSettings) GetSMTPBackendPort() int

GetSMTPBackendPort retrieves the port of the SMTP backend server from the EnvironmentSettings instance.

func (*EnvironmentSettings) GetWaitDelay added in v1.4.10 

func (env *EnvironmentSettings) GetWaitDelay() uint8

GetWaitDelay retrieves the wait delay in seconds between connection attempts from the EnvironmentSettings instance.

func (*EnvironmentSettings) String added in v1.4.10 

func (env *EnvironmentSettings) String() string

String returns the name of the Config object excluding the HTTPOptions.

type Feature 

type Feature struct {
	// contains filtered or unexported fields
}

Feature is a container for Nauthilus features.

func (*Feature) Get 

func (f *Feature) Get() string

Get gets the name of a feature returned as string.

func (*Feature) Set 

func (f *Feature) Set(value string) error

Set updates the feature name based on the provided value. It returns an error if the value is not a valid feature name. Valid feature names are "tls_encryption", "rbl", "relay_domains", and "lua". If the value is valid, the name field of the Feature struct is updated accordingly. An error of type ErrWrongFeature is returned if the value is not valid.

func (*Feature) String 

func (f *Feature) String() string

func (*Feature) Type 

func (f *Feature) Type() string

Type returns the name of the type.

type File 

type File interface {

	// HandleFile processes the configuration file.
	HandleFile() error

	// GetConfigFileAsJSON returns the configuration file contents as a JSON-formatted string. An error is returned if conversion fails.
	GetConfigFileAsJSON() ([]byte, error)

	// HaveLuaFeatures checks if Lua features are available.
	HaveLuaFeatures() bool

	// HaveLuaFilters checks if Lua filters are active.
	HaveLuaFilters() bool

	// HaveLuaActions checks if Lua actions are enabled.
	HaveLuaActions() bool

	// HaveLuaHooks checks if Lua hooks are being used.
	HaveLuaHooks() bool

	// HaveLuaInit checks if a Lua initialization script exists.
	HaveLuaInit() bool

	// HaveLua checks if Lua-based configuration in general is available.
	HaveLua() bool

	// HaveLuaBackend returns a boolean indicating whether a Lua backend is available in the current configuration.
	HaveLuaBackend() bool

	// GetLuaInitScriptPath returns the path to the Lua initialization script.
	GetLuaInitScriptPath() string

	// GetLuaInitScriptPaths returns all paths to Lua initialization scripts.
	GetLuaInitScriptPaths() []string

	// GetLuaPackagePath retrieves the Lua package path from the configuration.
	GetLuaPackagePath() string

	// GetLuaNumberOfWorkers returns the number of Lua workers configured for handling Lua scripts.
	GetLuaNumberOfWorkers() int

	// GetLuaActionNumberOfWorkers returns the number of Lua Action workers.
	GetLuaActionNumberOfWorkers() int

	// GetLuaFeatureVMPoolSize returns the VM pool size for Lua features.
	GetLuaFeatureVMPoolSize() int

	// GetLuaFilterVMPoolSize returns the VM pool size for Lua filters.
	GetLuaFilterVMPoolSize() int

	// GetLuaHookVMPoolSize returns the VM pool size for Lua hooks.
	GetLuaHookVMPoolSize() int

	// GetLuaScriptPath returns the path to the Lua script.
	GetLuaScriptPath() string

	// GetLuaSearchProtocol retrieves the Lua search protocol for a given protocol name.
	GetLuaSearchProtocol(protocol string, backendName string) (*LuaSearchProtocol, error)

	// GetLuaOptionalBackends retrieves a map of Lua configurations for optional backends, indexed by their names.
	GetLuaOptionalBackends() map[string]*LuaConf

	// HaveLDAPBackend checks if an LDAP backend is being used.
	HaveLDAPBackend() bool

	// LDAPHavePoolOnly checks whether LDAP connections are only handled via a pool.
	LDAPHavePoolOnly(backendName string) bool

	// GetLDAPConfigLookupPoolSize returns the pool size for LDAP lookups.
	GetLDAPConfigLookupPoolSize() int

	// GetLDAPConfigAuthPoolSize returns the pool size for LDAP authentication.
	GetLDAPConfigAuthPoolSize() int

	// GetLDAPConfigConnectAbortTimeout retrieves the timeout duration for aborting LDAP connect attempts.
	GetLDAPConfigConnectAbortTimeout() time.Duration

	// GetLDAPConfigLookupIdlePoolSize retrieves the idle pool size for LDAP lookups.
	GetLDAPConfigLookupIdlePoolSize() int

	// GetLDAPConfigAuthIdlePoolSize retrieves the idle pool size for LDAP authentication.
	GetLDAPConfigAuthIdlePoolSize() int

	// GetLDAPConfigBindDN returns the Bind DN for LDAP.
	GetLDAPConfigBindDN() string

	// GetLDAPConfigBindPW retrieves the password for the LDAP bind.
	GetLDAPConfigBindPW() string

	// GetLDAPConfigTLSCAFile returns the TLS CA file for LDAP.
	GetLDAPConfigTLSCAFile() string

	// GetLDAPConfigTLSClientCert retrieves the TLS client certificate for LDAP.
	GetLDAPConfigTLSClientCert() string

	// GetLDAPConfigTLSClientKey returns the TLS client key for LDAP.
	GetLDAPConfigTLSClientKey() string

	// GetLDAPConfigNumberOfWorkers returns the configured number of worker threads for LDAP processing.
	GetLDAPConfigNumberOfWorkers() int

	// GetLDAPConfigServerURIs retrieves a list of LDAP server URIs.
	GetLDAPConfigServerURIs() []string

	// GetLDAPConfigStartTLS indicates if StartTLS is enabled for LDAP.
	GetLDAPConfigStartTLS() bool

	// GetLDAPConfigTLSSkipVerify checks whether TLS verification for LDAP is skipped.
	GetLDAPConfigTLSSkipVerify() bool

	// GetLDAPConfigSASLExternal checks if SASL External is configured for LDAP.
	GetLDAPConfigSASLExternal() bool

	// GetLDAPSearchProtocol retrieves the LDAP search protocol for a given protocol name.
	GetLDAPSearchProtocol(protocol string, poolName string) (*LDAPSearchProtocol, error)

	// GetLDAPOptionalPools returns a map of optional LDAP pool configurations, indexed by their respective keys.
	GetLDAPOptionalPools() map[string]*LDAPConf

	// GetBackendServers returns a list of backend servers.
	GetBackendServers() []*BackendServer

	// GetBackendServerMonitoring provides the configuration and status of server monitoring.
	GetBackendServerMonitoring() *BackendServerMonitoring

	// HasFeature checks whether a specific feature is available.
	HasFeature(feature string) bool

	// GetClientHost returns the client's hostname.
	GetClientHost() string

	// GetOIDCCID returns the OpenID Connect Client ID as a string.
	GetOIDCCID() string

	// GetClientIP retrieves the client's IP address.
	GetClientIP() string

	// GetClientPort returns the client's port.
	GetClientPort() string

	// GetClientID retrieves the client's ID.
	GetClientID() string

	// GetUsername returns the username of the currently authenticated user.
	GetUsername() string

	// GetPassword retrieves the user's password.
	GetPassword() string

	// GetPasswordEncoded returns the encoded password.
	GetPasswordEncoded() string

	// GetLoginAttempt retrieves the current login attempt.
	GetLoginAttempt() string

	// GetAuthMethod provides the authentication method used.
	GetAuthMethod() string

	// GetSkipTOTP checks if TOTP (Two-Factor Authentication) is skipped.
	GetSkipTOTP(string) bool

	// GetSkipConsent checks if consent is skipped.
	GetSkipConsent(string) bool

	// GetLocalIP returns the local IP address.
	GetLocalIP() string

	// GetLocalPort retrieves the local port.
	GetLocalPort() string

	// GetProtocol returns the protocol as a string, typically used to retrieve and determine the communication protocol in use.
	GetProtocol() string

	// GetAllProtocols returns all available protocols.
	GetAllProtocols() []string

	// GetBruteForceRules retrieves the brute force protection rules.
	GetBruteForceRules() []BruteForceRule

	// GetServer retrieves the server section of the configuration.
	GetServer() *ServerSection

	// GetRBLs retrieves the Realtime Block Lists (RBL).
	GetRBLs() *RBLSection

	// GetClearTextList returns a list of clear-text entries configured for the application.
	GetClearTextList() []string

	// GetRelayDomains retrieves the relay domains configuration section of the file.
	GetRelayDomains() *RelayDomainsSection

	// GetBruteForce retrieves the BruteForceSection configuration, containing brute force protection rules and settings.
	GetBruteForce() *BruteForceSection

	// GetLua retrieves the LuaSection from the configuration, containing actions, features, filters, hooks, and related config.
	GetLua() *LuaSection

	// GetOauth2 retrieves the Oauth2Section configuration, containing custom scopes and clients for OAuth2 authentication.
	GetOauth2() *Oauth2Section

	// GetLDAP returns the LDAPSection object containing configuration and search definitions for LDAP operations.
	GetLDAP() *LDAPSection
}

File represents an interface encapsulating various methods for configuration, file handling, and related operations.

func GetFile added in v1.4.10 

func GetFile() File

GetFile returns the loaded FileSettings configuration instance.

func NewFile added in v1.4.10 

func NewFile() (newCfg File, err error)

NewFile is the constructor for a ConfigFile object.

type FileSettings added in v1.4.10 

type FileSettings struct {
	Server                  *ServerSection           `mapstructure:"server" valdiate:"required"`
	RBLs                    *RBLSection              `mapstructure:"realtime_blackhole_lists" valdiate:"omitempty"`
	ClearTextList           []string                 `mapstructure:"cleartext_networks" valdiate:"omitempty,dive"`
	RelayDomains            *RelayDomainsSection     `mapstructure:"relay_domains" valdiate:"omitempty"`
	BackendServerMonitoring *BackendServerMonitoring `mapstructure:"backend_server_monitoring" valdiate:"omitempty"`
	BruteForce              *BruteForceSection       `mapstructure:"brute_force" valdiate:"omitempty"`
	Lua                     *LuaSection              `mapstructure:"lua" valdiate:"omitempty"`
	LDAP                    *LDAPSection             `mapstructure:"ldap" valdiate:"omitempty"`
	Oauth2                  *Oauth2Section           `mapstructure:"oauth2" valdiate:"omitempty"`
	Other                   map[string]any           `mapstructure:",remain"`
	Mu                      sync.Mutex
}

FileSettings represents a comprehensive configuration structure utilized to manage server settings, blackhole lists, brute force, Lua scripting, OAuth2, LDAP, and other miscellaneous configurations. It includes synchronization via a mutex.

func (*FileSettings) GetAllProtocols added in v1.4.10 

func (f *FileSettings) GetAllProtocols() []string

GetAllProtocols returns a unique slice of strings (a Set) for all defined protocols in the database search sections. Returns an empty slice if the FileSettings is nil.

func (*FileSettings) GetAuthMethod added in v1.4.10 

func (f *FileSettings) GetAuthMethod() string

GetAuthMethod returns the HTTP request header for the auth mechanism LOGIN or PLAIN

func (*FileSettings) GetBackendServer added in v1.4.10 

func (f *FileSettings) GetBackendServer(protocol string) *BackendServer

GetBackendServer retrieves the first BackendServer that matches the specified protocol from the FileSettings's backend servers. Returns an empty BackendServer if no matching server is found or if the FileSettings object is nil.

func (*FileSettings) GetBackendServerMonitoring added in v1.4.10 

func (f *FileSettings) GetBackendServerMonitoring() *BackendServerMonitoring

GetBackendServerMonitoring is a method on the FileSettings struct. It returns the BackendServerMonitoring field from the FileSettings struct. Returns an empty BackendServerMonitoring if the FileSettings is nil or if the BackendServerMonitoring field is nil.

func (*FileSettings) GetBackendServers added in v1.4.10 

func (f *FileSettings) GetBackendServers() []*BackendServer

GetBackendServers retrieves the list of backend servers for the FileSettings instance or returns an empty list if none are configured.

func (*FileSettings) GetBruteForce added in v1.4.10 

func (f *FileSettings) GetBruteForce() *BruteForceSection

GetBruteForce returns the BruteForceSection associated with the FileSettings instance. Returns nil if the instance is nil.

func (*FileSettings) GetBruteForceRules added in v1.4.10 

func (f *FileSettings) GetBruteForceRules() []BruteForceRule

GetBruteForceRules retrieves the list of brute force rules defined in the configuration file. If no rules are defined or the FileSettings instance is nil, it returns an empty slice.

func (*FileSettings) GetClearTextList added in v1.4.10 

func (f *FileSettings) GetClearTextList() []string

GetClearTextList retrieves a list of clear text strings from the FileSettings instance. Returns nil if the FileSettings instance is nil.

func (*FileSettings) GetClientHost added in v1.4.10 

func (f *FileSettings) GetClientHost() string

GetClientHost returns the HTTP request header used to retrieve an optional client hostname

func (*FileSettings) GetClientID added in v1.4.10 

func (f *FileSettings) GetClientID() string

GetClientID returns the HTTP request header used to retrieve an optional client ID

func (*FileSettings) GetClientIP added in v1.4.10 

func (f *FileSettings) GetClientIP() string

GetClientIP returns the HTTP request header that holds the client IP of the request

func (*FileSettings) GetClientPort added in v1.4.10 

func (f *FileSettings) GetClientPort() string

GetClientPort returns the HTTP request header that holds the client TCP port of the request

func (*FileSettings) GetConfig added in v1.4.10 

func (f *FileSettings) GetConfig(backend definitions.Backend) any

GetConfig retrieves the configuration for a given backend from the FileSettings receiver or returns nil if unavailable.

func (*FileSettings) GetConfigFileAsJSON added in v1.7.11 

func (f *FileSettings) GetConfigFileAsJSON() ([]byte, error)

GetConfigFileAsJSON returns the current configuration settings as a JSON string, ensuring thread safety with a mutex lock.

func (*FileSettings) GetLDAP added in v1.4.10 

func (f *FileSettings) GetLDAP() *LDAPSection

GetLDAP retrieves the LDAPSection from the FileSettings instance. Returns nil if the FileSettings is nil.

func (*FileSettings) GetLDAPConfigAuthIdlePoolSize added in v1.4.10 

func (f *FileSettings) GetLDAPConfigAuthIdlePoolSize() int

GetLDAPConfigAuthIdlePoolSize retrieves the authentication idle pool size for the LDAP configuration. It returns the default value if the configuration is nil or not properly set.

func (*FileSettings) GetLDAPConfigAuthPoolSize added in v1.4.10 

func (f *FileSettings) GetLDAPConfigAuthPoolSize() int

GetLDAPConfigAuthPoolSize returns the authentication pool size configured for an LDAP backend or a default value if not set.

func (*FileSettings) GetLDAPConfigBindDN added in v1.4.10 

func (f *FileSettings) GetLDAPConfigBindDN() string

GetLDAPConfigBindDN returns the BindDN value from the LDAP configuration if available, otherwise it returns an empty string.

func (*FileSettings) GetLDAPConfigBindPW added in v1.4.10 

func (f *FileSettings) GetLDAPConfigBindPW() string

GetLDAPConfigBindPW retrieves the BindPW (bind password) from the LDAP configuration if available, or returns an empty string.

func (*FileSettings) GetLDAPConfigConnectAbortTimeout added in v1.5.0 

func (f *FileSettings) GetLDAPConfigConnectAbortTimeout() time.Duration

GetLDAPConfigConnectAbortTimeout retrieves the abort timeout duration from the LDAP configuration, or returns 0 if not applicable.

func (*FileSettings) GetLDAPConfigLookupIdlePoolSize added in v1.4.10 

func (f *FileSettings) GetLDAPConfigLookupIdlePoolSize() int

GetLDAPConfigLookupIdlePoolSize returns the configured idle connection pool size for LDAP lookups or a default value if unset.

func (*FileSettings) GetLDAPConfigLookupPoolSize added in v1.4.10 

func (f *FileSettings) GetLDAPConfigLookupPoolSize() int

GetLDAPConfigLookupPoolSize returns the size of the LDAP lookup connection pool, or a default if no configuration exists.

func (*FileSettings) GetLDAPConfigNumberOfWorkers added in v1.6.5 

func (f *FileSettings) GetLDAPConfigNumberOfWorkers() int

GetLDAPConfigNumberOfWorkers retrieves the number of workers for the LDAP configuration. Defaults to a predefined value.

func (*FileSettings) GetLDAPConfigSASLExternal added in v1.4.10 

func (f *FileSettings) GetLDAPConfigSASLExternal() bool

GetLDAPConfigSASLExternal checks if the LDAP configuration uses SASL External authentication and returns its status. It returns false if the FileSettings receiver or the LDAP configuration is nil, or if the type assertion fails.

func (*FileSettings) GetLDAPConfigServerURIs added in v1.4.10 

func (f *FileSettings) GetLDAPConfigServerURIs() []string

GetLDAPConfigServerURIs retrieves the LDAP server URIs from the configuration or returns "ldap://localhost" as a default value.

func (*FileSettings) GetLDAPConfigStartTLS added in v1.4.10 

func (f *FileSettings) GetLDAPConfigStartTLS() bool

GetLDAPConfigStartTLS determines if StartTLS is enabled for the LDAP configuration in the provided file. Returns false if the file or configuration is nil or not of type *LDAPConf.

func (*FileSettings) GetLDAPConfigTLSCAFile added in v1.4.10 

func (f *FileSettings) GetLDAPConfigTLSCAFile() string

GetLDAPConfigTLSCAFile retrieves the TLS CA file for the LDAP configuration if available, returning an empty string if not.

func (*FileSettings) GetLDAPConfigTLSClientCert added in v1.4.10 

func (f *FileSettings) GetLDAPConfigTLSClientCert() string

GetLDAPConfigTLSClientCert retrieves the TLS client certificate for the LDAP configuration. Returns an empty string if the file or configuration is nil, or if the assertion of the config type fails.

func (*FileSettings) GetLDAPConfigTLSClientKey added in v1.4.10 

func (f *FileSettings) GetLDAPConfigTLSClientKey() string

GetLDAPConfigTLSClientKey retrieves the TLS client key for the LDAP configuration. Returns an empty string if not set.

func (*FileSettings) GetLDAPConfigTLSSkipVerify added in v1.4.10 

func (f *FileSettings) GetLDAPConfigTLSSkipVerify() bool

GetLDAPConfigTLSSkipVerify retrieves the TLSSkipVerify value from the LDAP configuration in the file. Returns false if the file or configuration is nil or not of type *LDAPConf.

func (*FileSettings) GetLDAPOptionalPools added in v1.5.0 

func (f *FileSettings) GetLDAPOptionalPools() map[string]*LDAPConf

GetLDAPOptionalPools retrieves a map of optional LDAP pool configurations from the file settings. Returns an empty map if the file settings or LDAP section is not properly configured.

func (*FileSettings) GetLDAPSearchProtocol added in v1.4.10 

func (f *FileSettings) GetLDAPSearchProtocol(protocol string, poolName string) (*LDAPSearchProtocol, error)

GetLDAPSearchProtocol retrieves the LDAPSearchProtocol configuration based on the specified protocol. If the protocol is not found, it falls back to the default protocol. Returns an error if the configuration or default protocol is missing. Returns nil if no matching protocol is found and there's no error.

func (*FileSettings) GetLocalIP added in v1.4.10 

func (f *FileSettings) GetLocalIP() string

GetLocalIP returns the HTTP request header that represents the local IP address for the server that accepts client requests

func (*FileSettings) GetLocalPort added in v1.4.10 

func (f *FileSettings) GetLocalPort() string

GetLocalPort returns the HTTP request header that represents the local TCP port for the server that accepts client requests

func (*FileSettings) GetLoginAttempt added in v1.4.10 

func (f *FileSettings) GetLoginAttempt() string

GetLoginAttempt returns the HTTP request header for login-attempts

func (*FileSettings) GetLua added in v1.4.10 

func (f *FileSettings) GetLua() *LuaSection

GetLua retrieves the LuaSection from the FileSettings instance. Returns nil if the FileSettings instance is nil.

func (*FileSettings) GetLuaActionNumberOfWorkers added in v1.10.0 

func (f *FileSettings) GetLuaActionNumberOfWorkers() int

GetLuaActionNumberOfWorkers retrieves the number of workers configured for Lua actions or returns default (10) if unset.

func (*FileSettings) GetLuaFeatureVMPoolSize added in v1.10.0 

func (f *FileSettings) GetLuaFeatureVMPoolSize() int

GetLuaFeatureVMPoolSize returns the VM pool size for Lua features.

func (*FileSettings) GetLuaFilterVMPoolSize added in v1.10.0 

func (f *FileSettings) GetLuaFilterVMPoolSize() int

GetLuaFilterVMPoolSize returns the VM pool size for Lua filters.

func (*FileSettings) GetLuaHookVMPoolSize added in v1.10.0 

func (f *FileSettings) GetLuaHookVMPoolSize() int

GetLuaHookVMPoolSize returns the VM pool size for Lua hooks.

func (*FileSettings) GetLuaInitScriptPath added in v1.4.10 

func (f *FileSettings) GetLuaInitScriptPath() string

GetLuaInitScriptPath returns the path to the Lua init script specified in the configuration. If the configuration or LuaConf is nil, it returns an empty string. If InitScriptPaths is set, it returns the first path from that list. Otherwise, it returns the value of InitScriptPath.

func (*FileSettings) GetLuaInitScriptPaths added in v1.7.7 

func (f *FileSettings) GetLuaInitScriptPaths() []string

GetLuaInitScriptPaths returns all paths to Lua init scripts specified in the configuration. It combines both the single InitScriptPath and the list in InitScriptPaths. If the configuration or LuaConf is nil, it returns an empty slice.

func (*FileSettings) GetLuaNumberOfWorkers added in v1.6.5 

func (f *FileSettings) GetLuaNumberOfWorkers() int

GetLuaNumberOfWorkers retrieves the number of workers configured for the Lua backend or returns the default if unset.

func (*FileSettings) GetLuaOptionalBackends added in v1.5.0 

func (f *FileSettings) GetLuaOptionalBackends() map[string]*LuaConf

GetLuaOptionalBackends retrieves the optional Lua backends configuration from FileSettings. Returns an empty map if unavailable.

func (*FileSettings) GetLuaPackagePath added in v1.4.10 

func (f *FileSettings) GetLuaPackagePath() string

GetLuaPackagePath returns the Lua package path based on the file configuration or a default path if not specified.

func (*FileSettings) GetLuaScriptPath added in v1.4.10 

func (f *FileSettings) GetLuaScriptPath() string

GetLuaScriptPath retrieves the backend Lua script file path from the configuration. Returns an empty string if unavailable.

func (*FileSettings) GetLuaSearchProtocol added in v1.4.10 

func (f *FileSettings) GetLuaSearchProtocol(protocol string, backendName string) (*LuaSearchProtocol, error)

GetLuaSearchProtocol retrieves a LuaSearchProtocol configuration matching the specified protocol. Returns a default LuaSearchProtocol if the protocol cannot be found and protocol is set to ProtoDefault. Returns a DetailedError if the protocol cannot be found and no default is configured. Returns nil if no matching protocol is found and there's no error. Accepts a string representing the protocol to search for.

func (*FileSettings) GetOIDCCID added in v1.7.5 

func (f *FileSettings) GetOIDCCID() string

GetOIDCCID retrieves the OIDC Client ID from the FileSettings' DefaultHTTPRequestHeader. Returns an empty string if nil.

func (*FileSettings) GetOauth2 added in v1.4.10 

func (f *FileSettings) GetOauth2() *Oauth2Section

GetOauth2 returns the Oauth2Section of the FileSettings instance. Returns nil if the FileSettings instance is nil.

func (*FileSettings) GetPassword added in v1.4.10 

func (f *FileSettings) GetPassword() string

GetPassword returns the HTTP request header for the password

func (*FileSettings) GetPasswordEncoded added in v1.4.10 

func (f *FileSettings) GetPasswordEncoded() string

GetPasswordEncoded returns the HTTP request header to indicate if the password was encoded

func (*FileSettings) GetProtocol added in v1.4.10 

func (f *FileSettings) GetProtocol() string

GetProtocol returns the HTTP request header for the used protocol

func (*FileSettings) GetProtocols added in v1.4.10 

func (f *FileSettings) GetProtocols(backend definitions.Backend) any

GetProtocols retrieves protocol configurations for the specified backend type. Returns nil if the backend is not found or has no associated protocols.

func (*FileSettings) GetRBLs added in v1.4.10 

func (f *FileSettings) GetRBLs() *RBLSection

GetRBLs retrieves the RBLSection configuration from the FileSettings instance. Returns nil if the FileSettings instance is nil.

func (*FileSettings) GetRelayDomains added in v1.4.10 

func (f *FileSettings) GetRelayDomains() *RelayDomainsSection

GetRelayDomains retrieves the RelayDomainsSection from the FileSettings. Returns nil if the FileSettings is nil.

func (*FileSettings) GetSSL added in v1.4.10 

func (f *FileSettings) GetSSL() string

GetSSL returns the HTTP request header used to indicate SSL security for the current client connection

func (*FileSettings) GetSSLCipher added in v1.4.10 

func (f *FileSettings) GetSSLCipher() string

GetSSLCipher retrieves the SSL cipher from the default HTTP request header of the server configuration. Returns an empty string if the FileSettings instance is nil.

func (*FileSettings) GetSSLClientCN added in v1.4.10 

func (f *FileSettings) GetSSLClientCN() string

GetSSLClientCN retrieves the SSL client common name (CN) from the default HTTP request header.

func (*FileSettings) GetSSLClientIssuerDN added in v1.4.10 

func (f *FileSettings) GetSSLClientIssuerDN() string

GetSSLClientIssuerDN returns the distinguished name (DN) of the SSL client issuer from the default HTTP request header.

func (*FileSettings) GetSSLClientNotAfter added in v1.4.10 

func (f *FileSettings) GetSSLClientNotAfter() string

GetSSLClientNotAfter retrieves the SSL client certificate's "not after" expiration date as a string. Returns an empty string if the FileSettings is nil.

func (*FileSettings) GetSSLClientNotBefore added in v1.4.10 

func (f *FileSettings) GetSSLClientNotBefore() string

GetSSLClientNotBefore retrieves the "SSLClientNotBefore" value from the default HTTP request header of the server. Returns an empty string if the FileSettings instance is nil.

func (*FileSettings) GetSSLClientSubjectDN added in v1.4.10 

func (f *FileSettings) GetSSLClientSubjectDN() string

GetSSLClientSubjectDN returns the SSL client subject distinguished name from the default HTTP request header. If the FileSettings receiver is nil, it returns an empty string.

func (*FileSettings) GetSSLFingerprint added in v1.4.10 

func (f *FileSettings) GetSSLFingerprint() string

GetSSLFingerprint retrieves the SSL fingerprint from the server's default HTTP request header. If the FileSettings is nil, it returns an empty string.

func (*FileSettings) GetSSLIssuer added in v1.4.10 

func (f *FileSettings) GetSSLIssuer() string

GetSSLIssuer retrieves the SSL certificate issuer from the default HTTP request header of the server configuration.

func (*FileSettings) GetSSLIssuerDN added in v1.4.10 

func (f *FileSettings) GetSSLIssuerDN() string

GetSSLIssuerDN retrieves the Distinguished Name (DN) of the SSL issuer from the default HTTP request header.

func (*FileSettings) GetSSLProtocol added in v1.4.10 

func (f *FileSettings) GetSSLProtocol() string

GetSSLProtocol retrieves the SSL protocol from the DefaultHTTPRequestHeader of the Server configuration.

func (*FileSettings) GetSSLSerial added in v1.4.10 

func (f *FileSettings) GetSSLSerial() string

GetSSLSerial retrieves the SSL serial number from the default HTTP request header of the server configuration. Returns an empty string if the FileSettings receiver is nil.

func (*FileSettings) GetSSLSessionID added in v1.4.10 

func (f *FileSettings) GetSSLSessionID() string

GetSSLSessionID retrieves the SSL session ID from the file's default HTTP request header. Returns an empty string if the file is nil.

func (*FileSettings) GetSSLSubject added in v1.4.10 

func (f *FileSettings) GetSSLSubject() string

GetSSLSubject retrieves the SSL subject from the default HTTP request header. Returns an empty string if the file is nil.

func (*FileSettings) GetSSLSubjectDN added in v1.4.10 

func (f *FileSettings) GetSSLSubjectDN() string

GetSSLSubjectDN returns the SSL subject distinguished name from the Server's default HTTP request header.

func (*FileSettings) GetSSLVerify added in v1.4.10 

func (f *FileSettings) GetSSLVerify() string

GetSSLVerify retrieves the SSL verification status from the default HTTP request header configuration. If the FileSettings receiver is nil, it returns an empty string.

func (*FileSettings) GetSection added in v1.4.10 

func (f *FileSettings) GetSection(backend definitions.Backend) any

GetSection retrieves the section corresponding to the provided backend type from the FileSettings. Returns nil if not found.

func (*FileSettings) GetServer added in v1.4.10 

func (f *FileSettings) GetServer() *ServerSection

GetServer retrieves the ServerSection from the FileSettings. Returns an empty ServerSection if the FileSettings is nil or if no Server is present.

func (*FileSettings) GetSkipConsent added in v1.4.10 

func (f *FileSettings) GetSkipConsent(clientId string) (skip bool)

GetSkipConsent returns a boolean true, if the consent dialog shall be skipped for an OAuth-2 client.

func (*FileSettings) GetSkipTOTP added in v1.4.10 

func (f *FileSettings) GetSkipTOTP(clientId string) (skip bool)

GetSkipTOTP returns a boolean true, if TOTP two-factor authentication shall be skipped for an OAuth-2 client.

func (*FileSettings) GetUsername added in v1.4.10 

func (f *FileSettings) GetUsername() string

GetUsername returns the HTTP request header for the username

func (*FileSettings) HandleFile added in v1.4.10 

func (f *FileSettings) HandleFile() (err error)

HandleFile applies the configuration settings loaded from the configuration file. It does sanity checks to make sure Nauthilus has a working configuration.

func (*FileSettings) HasFeature added in v1.4.10 

func (f *FileSettings) HasFeature(feature string) bool

HasFeature checks if the given feature exists in the LoadableConfig's Features list

func (*FileSettings) HaveLDAPBackend added in v1.4.10 

func (f *FileSettings) HaveLDAPBackend() bool

HaveLDAPBackend checks if the configuration includes an LDAP backend and returns true if it exists, otherwise false.

func (*FileSettings) HaveLua added in v1.4.10 

func (f *FileSettings) HaveLua() bool

HaveLua is a method on the FileSettings struct. It checks if the Lua field in the FileSettings struct is not nil. It returns a boolean value indicating whether Lua is present or not.

func (*FileSettings) HaveLuaActions added in v1.4.10 

func (f *FileSettings) HaveLuaActions() bool

HaveLuaActions is a method on the FileSettings struct. It checks if the FileSettings struct has Lua actions. It returns true if the FileSettings struct has Lua actions, otherwise returns false.

func (*FileSettings) HaveLuaBackend added in v1.6.9 

func (f *FileSettings) HaveLuaBackend() bool

HaveLuaBackend checks if the FileSettings instance has a Lua backend configured and returns true if found, otherwise false.

func (*FileSettings) HaveLuaFeatures added in v1.4.10 

func (f *FileSettings) HaveLuaFeatures() bool

HaveLuaFeatures is a method on the FileSettings struct. It checks if the FileSettings struct has Lua features. It returns true if there are Lua features, and false otherwise.

func (*FileSettings) HaveLuaFilters added in v1.4.10 

func (f *FileSettings) HaveLuaFilters() bool

HaveLuaFilters is a method on the FileSettings struct. It checks if the FileSettings struct has Lua filters. It returns true if there are Lua filters, and false otherwise.

func (*FileSettings) HaveLuaHooks added in v1.4.10 

func (f *FileSettings) HaveLuaHooks() bool

HaveLuaHooks returns true if the FileSettings instance has Lua hooks associated with it, otherwise returns false.

func (*FileSettings) HaveLuaInit added in v1.4.10 

func (f *FileSettings) HaveLuaInit() bool

HaveLuaInit checks if any Lua initialization script paths are set in the configuration. It first confirms that the FileSettings instance supports Lua by invoking HaveLua method. Then, it retrieves the Lua configuration using GetConfig with the definitions.BackendLua constant. If the retrieved configuration is of type *LuaConf and either InitScriptPath is not empty or InitScriptPaths contains at least one entry, it returns true. Otherwise, it returns false.

func (*FileSettings) HaveServer added in v1.4.10 

func (f *FileSettings) HaveServer() bool

HaveServer is a method on the FileSettings struct. It returns true if the Server field in the FileSettings struct is not nil, indicating that a server exists.

func (*FileSettings) LDAPHavePoolOnly added in v1.4.10 

func (f *FileSettings) LDAPHavePoolOnly(backendName string) bool

LDAPHavePoolOnly checks if the LDAP configuration is set to use the `PoolOnly` mode. Returns false if any element is nil.

func (*FileSettings) RetrieveGetterMap added in v1.4.10 

func (f *FileSettings) RetrieveGetterMap() map[definitions.Backend]GetterHandler

RetrieveGetterMap returns a map associating each supported backend with its corresponding GetterHandler implementation. This method initializes a new map for the backends, and populates it by checking if certain backend sections exist. If the provided FileSettings object is nil, it returns an empty map.

type Frontend added in v1.1.0 

type Frontend struct {
	Enabled            bool   `mapstructure:"enabled"`
	CSRFSecret         string `mapstructure:"csrf_secret" validate:"omitempty,len=32,alphanumsymbol,excludesall= "`
	CookieStoreAuthKey string `mapstructure:"cookie_store_auth_key" validate:"omitempty,len=32,alphanumsymbol,excludesall= "`
	CookieStoreEncKey  string `mapstructure:"cookie_store_encryption_key" validate:"omitempty,alphanumsymbol,excludesall= ,validateCookieStoreEncKey"`
}

Frontend represents configuration options for the frontend of the application.

func (*Frontend) GetCSRFSecret added in v1.7.7 

func (f *Frontend) GetCSRFSecret() string

GetCSRFSecret retrieves the CSRF secret from the Frontend configuration. Returns an empty string if the Frontend is nil.

func (*Frontend) GetCookieStoreAuthKey added in v1.7.7 

func (f *Frontend) GetCookieStoreAuthKey() string

GetCookieStoreAuthKey retrieves the cookie store authentication key from the Frontend configuration. Returns an empty string if the Frontend is nil.

func (*Frontend) GetCookieStoreEncKey added in v1.7.7 

func (f *Frontend) GetCookieStoreEncKey() string

GetCookieStoreEncKey retrieves the cookie store encryption key from the Frontend configuration. Returns an empty string if the Frontend is nil.

func (*Frontend) IsEnabled added in v1.7.7 

func (f *Frontend) IsEnabled() bool

IsEnabled checks if the Frontend is enabled. Returns false if the Frontend is nil.

type GetterHandler 

type GetterHandler interface {
	// GetConfig retrieves the configuration associated with the implementing object or returns nil if unavailable.
	GetConfig() any

	// GetProtocols retrieves protocol configurations associated with the implementing object or returns nil if unavailable.
	GetProtocols() any
}

GetterHandler is an interface that provides methods to retrieve configuration and protocol information.

type HTTPClient added in v1.3.0 

type HTTPClient struct {
	MaxConnsPerHost     int           `mapstructure:"max_connections_per_host" validate:"omitempty,gte=1"`
	MaxIdleConns        int           `mapstructure:"max_idle_connections" validate:"omitempty,gte=1"`
	MaxIdleConnsPerHost int           `mapstructure:"max_idle_connections_per_host" validate:"omitempty,gte=0"`
	IdleConnTimeout     time.Duration `mapstructure:"idle_connection_timeout" validate:"omitempty,gte=0"`
	Proxy               string        `mapstructure:"proxy"`
	TLS                 TLS           `mapstructure:"tls"`
}

func (*HTTPClient) GetIdleConnTimeout added in v1.4.11 

func (c *HTTPClient) GetIdleConnTimeout() time.Duration

GetIdleConnTimeout returns the idle connection timeout duration configured for the HTTP client. Returns 0 if the HTTPClient is nil.

func (*HTTPClient) GetMaxConnsPerHost added in v1.4.11 

func (c *HTTPClient) GetMaxConnsPerHost() int

GetMaxConnsPerHost returns the maximum number of connections allowed per host for the HTTP client. Returns 0 if the HTTPClient is nil.

func (*HTTPClient) GetMaxIdleConns added in v1.4.11 

func (c *HTTPClient) GetMaxIdleConns() int

GetMaxIdleConns returns the maximum number of idle connections allowed for the HTTP client. Returns 0 if the HTTPClient is nil.

func (*HTTPClient) GetMaxIdleConnsPerHost added in v1.4.11 

func (c *HTTPClient) GetMaxIdleConnsPerHost() int

GetMaxIdleConnsPerHost returns the maximum number of idle connections allowed per host for the HTTP client. Returns 0 if the HTTPClient is nil.

func (*HTTPClient) GetProxy added in v1.4.11 

func (c *HTTPClient) GetProxy() string

GetProxy returns the proxy URL configured for the HTTP client. Returns an empty string if the HTTPClient is nil.

func (*HTTPClient) GetTLS added in v1.7.11 

func (c *HTTPClient) GetTLS() *TLS

GetTLS returns the TLS configuration associated with the HTTP client. Returns an empty TLS struct if the receiver is nil.

type IPScoping added in v1.9.4 

type IPScoping struct {
	// RepeatingWrongPasswordIPv6CIDR defines the IPv6 CIDR to use when evaluating/storing
	// password-history for repeating-wrong-password detection. 0 disables special handling (default /128).
	RepeatingWrongPasswordIPv6CIDR uint `mapstructure:"rwp_ipv6_cidr" validate:"omitempty,min=1,max=128"`

	// TolerationsIPv6CIDR defines the IPv6 CIDR to use for tolerations buckets. 0 disables (default /128).
	TolerationsIPv6CIDR uint `mapstructure:"tolerations_ipv6_cidr" validate:"omitempty,min=1,max=128"`
}

IPScoping configures how client IPs are normalized/scoped for different contexts. This is intentionally generic to allow reuse by tolerations in the future.

type IdTokenClaims 

type IdTokenClaims struct {
	// Scope: profile.
	Name              string `mapstructure:"name" validate:"omitempty,printascii,excludesall= "`
	GivenName         string `mapstructure:"given_name" validate:"omitempty,printascii,excludesall= "`
	FamilyName        string `mapstructure:"family_name" validate:"omitempty,printascii,excludesall= "`
	MiddleName        string `mapstructure:"middle_name" validate:"omitempty,printascii,excludesall= "`
	NickName          string `mapstructure:"nickname" validate:"omitempty,printascii,excludesall= "`
	PreferredUserName string `mapstructure:"preferred_username" validate:"omitempty,printascii,excludesall= "`
	Profile           string `mapstructure:"profile" validate:"omitempty,printascii,excludesall= "`
	Website           string `mapstructure:"website" validate:"omitempty,printascii,excludesall= "`
	Picture           string `mapstructure:"picture" validate:"omitempty,printascii,excludesall= "`
	Gender            string `mapstructure:"gender" validate:"omitempty,printascii,excludesall= "`
	Birthdate         string `mapstructure:"birthdate" validate:"omitempty,printascii,excludesall= "`
	ZoneInfo          string `mapstructure:"zoneinfo" validate:"omitempty,printascii,excludesall= "`
	Locale            string `mapstructure:"locale" validate:"omitempty,printascii,excludesall= "`
	UpdatedAt         string `mapstructure:"updated_at" validate:"omitempty,printascii,excludesall= "`

	// Scope: email.
	Email         string `mapstructure:"email" validate:"omitempty,printascii,excludesall= "`
	EmailVerified string `mapstructure:"email_verified" validate:"omitempty,printascii,excludesall= "`

	// Scope: phone.
	PhoneNumber         string `mapstructure:"phone_number" validate:"omitempty,printascii,excludesall= "`
	PhoneNumberVerified string `mapstructure:"phone_number_verified" validate:"omitempty,printascii,excludesall= "`

	// Scope: address.
	Address string `mapstructure:"address" validate:"omitempty,printascii,excludesall= "`

	// Scope: groups.
	Groups string `mapstructure:"groups" validate:"omitempty,printascii,excludesall= "`

	// Scope: user defined.
	CustomClaims map[string]any `mapstructure:",remain"`
}

func (*IdTokenClaims) GetAddress added in v1.7.7 

func (i *IdTokenClaims) GetAddress() string

GetAddress retrieves the address claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetBirthdate added in v1.7.7 

func (i *IdTokenClaims) GetBirthdate() string

GetBirthdate retrieves the birthdate claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetCustomClaims added in v1.7.7 

func (i *IdTokenClaims) GetCustomClaims() map[string]any

GetCustomClaims retrieves the custom claims from the IdTokenClaims. Returns nil if the IdTokenClaims is nil.

func (*IdTokenClaims) GetEmail added in v1.7.7 

func (i *IdTokenClaims) GetEmail() string

GetEmail retrieves the email claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetEmailVerified added in v1.7.7 

func (i *IdTokenClaims) GetEmailVerified() string

GetEmailVerified retrieves the email_verified claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetFamilyName added in v1.7.7 

func (i *IdTokenClaims) GetFamilyName() string

GetFamilyName retrieves the family name claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetGender added in v1.7.7 

func (i *IdTokenClaims) GetGender() string

GetGender retrieves the gender claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetGivenName added in v1.7.7 

func (i *IdTokenClaims) GetGivenName() string

GetGivenName retrieves the given name claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetGroups added in v1.7.7 

func (i *IdTokenClaims) GetGroups() string

GetGroups retrieves the groups claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetLocale added in v1.7.7 

func (i *IdTokenClaims) GetLocale() string

GetLocale retrieves the locale claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetMiddleName added in v1.7.7 

func (i *IdTokenClaims) GetMiddleName() string

GetMiddleName retrieves the middle name claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetName added in v1.7.7 

func (i *IdTokenClaims) GetName() string

GetName retrieves the name claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetNickName added in v1.7.7 

func (i *IdTokenClaims) GetNickName() string

GetNickName retrieves the nickname claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetPhoneNumber added in v1.7.7 

func (i *IdTokenClaims) GetPhoneNumber() string

GetPhoneNumber retrieves the phone_number claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetPhoneNumberVerified added in v1.7.7 

func (i *IdTokenClaims) GetPhoneNumberVerified() string

GetPhoneNumberVerified retrieves the phone_number_verified claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetPicture added in v1.7.7 

func (i *IdTokenClaims) GetPicture() string

GetPicture retrieves the picture claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetPreferredUserName added in v1.7.7 

func (i *IdTokenClaims) GetPreferredUserName() string

GetPreferredUserName retrieves the preferred username claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetProfile added in v1.7.7 

func (i *IdTokenClaims) GetProfile() string

GetProfile retrieves the profile claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetUpdatedAt added in v1.7.7 

func (i *IdTokenClaims) GetUpdatedAt() string

GetUpdatedAt retrieves the updated_at claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetWebsite added in v1.7.7 

func (i *IdTokenClaims) GetWebsite() string

GetWebsite retrieves the website claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) GetZoneInfo added in v1.7.7 

func (i *IdTokenClaims) GetZoneInfo() string

GetZoneInfo retrieves the zoneinfo claim from the IdTokenClaims. Returns an empty string if the IdTokenClaims is nil.

func (*IdTokenClaims) String 

func (i *IdTokenClaims) String() string

type Insights 

type Insights struct {
	EnablePprof        bool `mapstructure:"enable_pprof"`
	EnableBlockProfile bool `mapstructure:"enable_block_profile"`
	MonitorConnections bool `mapstructure:"monitor_connections"`
}

Insights is a configuration structure for enabling profiling, block profiling, and connection monitoring capabilities.

func (*Insights) IsBlockProfileEnabled added in v1.4.11 

func (i *Insights) IsBlockProfileEnabled() bool

IsBlockProfileEnabled checks if block profiling is enabled in the Insights configuration. Returns false if the Insights is nil.

func (*Insights) IsMonitorConnectionsEnabled added in v1.7.4 

func (i *Insights) IsMonitorConnectionsEnabled() bool

IsMonitorConnectionsEnabled returns true if connection monitoring is enabled. Returns false if the Insights is nil.

func (*Insights) IsPprofEnabled added in v1.4.11 

func (i *Insights) IsPprofEnabled() bool

IsPprofEnabled checks if pprof profiling is enabled in the Insights configuration. Returns false if the Insights is nil.

type JWTAuth added in v1.7.0 

type JWTAuth struct {
	Enabled            bool          `mapstructure:"enabled"`
	SecretKey          string        `mapstructure:"secret_key" validate:"omitempty,min=32,alphanumsymbol,excludesall= "`
	TokenExpiry        time.Duration `mapstructure:"token_expiry" validate:"omitempty,gt=0"`
	RefreshToken       bool          `mapstructure:"refresh_token"`
	RefreshTokenExpiry time.Duration `mapstructure:"refresh_token_expiry" validate:"omitempty,gt=0"`
	Users              []*JWTUser    `mapstructure:"users" validate:"omitempty,dive"`
	StoreInRedis       bool          `mapstructure:"store_in_redis"`
}

JWTAuth represents the configuration for JWT authentication.

func (*JWTAuth) GetRefreshTokenExpiry added in v1.7.2 

func (j *JWTAuth) GetRefreshTokenExpiry() time.Duration

GetRefreshTokenExpiry returns the refresh token expiry duration. Returns 0 if the JWTAuth is nil.

func (*JWTAuth) GetSecretKey added in v1.7.0 

func (j *JWTAuth) GetSecretKey() string

GetSecretKey returns the secret key used for JWT signing. Returns an empty string if the JWTAuth is nil.

func (*JWTAuth) GetTokenExpiry added in v1.7.0 

func (j *JWTAuth) GetTokenExpiry() time.Duration

GetTokenExpiry returns the token expiry duration. Returns 0 if the JWTAuth is nil.

func (*JWTAuth) GetUsers added in v1.7.0 

func (j *JWTAuth) GetUsers() []*JWTUser

GetUsers returns the list of JWT users. Returns an empty slice if the JWTAuth is nil.

func (*JWTAuth) IsEnabled added in v1.7.0 

func (j *JWTAuth) IsEnabled() bool

IsEnabled returns true if JWT authentication is enabled, otherwise false. Returns false if the JWTAuth is nil.

func (*JWTAuth) IsRefreshTokenEnabled added in v1.7.0 

func (j *JWTAuth) IsRefreshTokenEnabled() bool

IsRefreshTokenEnabled returns true if refresh tokens are enabled. Returns false if the JWTAuth is nil.

func (*JWTAuth) IsStoreInRedisEnabled added in v1.7.0 

func (j *JWTAuth) IsStoreInRedisEnabled() bool

IsStoreInRedisEnabled returns true if tokens should be stored in Redis. Returns false if the JWTAuth is nil.

type JWTUser added in v1.7.0 

type JWTUser struct {
	Username string   `mapstructure:"username" validate:"required,excludesall= "`
	Password string   `mapstructure:"password" validate:"required,min=8,excludesall= "`
	Roles    []string `mapstructure:"roles" validate:"omitempty,dive"`
}

JWTUser represents a user configuration for JWT authentication.

func (*JWTUser) GetPassword added in v1.7.0 

func (u *JWTUser) GetPassword() string

GetPassword returns the password of the JWT user. Returns an empty string if the JWTUser is nil.

func (*JWTUser) GetRoles added in v1.7.0 

func (u *JWTUser) GetRoles() []string

GetRoles returns the roles of the JWT user. Returns an empty slice if the JWTUser is nil.

func (*JWTUser) GetUsername added in v1.7.0 

func (u *JWTUser) GetUsername() string

GetUsername returns the username of the JWT user. Returns an empty string if the JWTUser is nil.

type KeepAlive added in v1.7.3 

type KeepAlive struct {
	Enabled             bool          `mapstructure:"enabled"`
	Timeout             time.Duration `mapstructure:"timeout" validate:"omitempty,gt=0"`
	MaxIdleConns        int           `mapstructure:"max_idle_connections" validate:"omitempty,gte=1"`
	MaxIdleConnsPerHost int           `mapstructure:"max_idle_connections_per_host" validate:"omitempty,gte=0"`
}

KeepAlive represents the configuration for HTTP connection keep-alive optimization.

func (*KeepAlive) GetMaxIdleConns added in v1.7.3 

func (k *KeepAlive) GetMaxIdleConns() int

GetMaxIdleConns returns the maximum number of idle connections. Returns 0 if the KeepAlive is nil.

func (*KeepAlive) GetMaxIdleConnsPerHost added in v1.7.3 

func (k *KeepAlive) GetMaxIdleConnsPerHost() int

GetMaxIdleConnsPerHost returns the maximum number of idle connections per host. Returns 0 if the KeepAlive is nil.

func (*KeepAlive) GetTimeout added in v1.7.3 

func (k *KeepAlive) GetTimeout() time.Duration

GetTimeout returns the keep-alive timeout duration. Returns 0 if the KeepAlive is nil.

func (*KeepAlive) IsEnabled added in v1.7.3 

func (k *KeepAlive) IsEnabled() bool

IsEnabled returns true if keep-alive optimization is enabled, otherwise false. Returns false if the KeepAlive is nil.

type LDAPAttributeMapping 

type LDAPAttributeMapping struct {
	AccountField      string `mapstructure:"account_field" validate:"required"` // Webauthn is not implemented, yet.
	TOTPSecretField   string `mapstructure:"totp_secret_field" validate:"omitempty"`
	TOTPRecoveryField string `mapstructure:"totp_recovery_field" validate:"omitempty"`
	DisplayNameField  string `mapstructure:"display_name_field" validate:"omitempty"`
	CredentialObject  string `mapstructure:"credential_object" validate:"omitempty"`
	CredentialIDField string `mapstructure:"credential_id_field" validate:"omitempty"`
	PublicKeyField    string `mapstructure:"public_key_field" validate:"omitempty"`
	UniqueUserIDField string `mapstructure:"unique_user_id_field" validate:"omitempty"`
	AAGUIDField       string `mapstructure:"aaguid_field" validate:"omitempty"`
	SignCountField    string `mapstructure:"sign_count_field" validate:"omitempty"`
}

func (*LDAPAttributeMapping) GetAAGUIDField added in v1.7.7 

func (m *LDAPAttributeMapping) GetAAGUIDField() string

GetAAGUIDField retrieves the AAGUID field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetCredentialIDField added in v1.7.7 

func (m *LDAPAttributeMapping) GetCredentialIDField() string

GetCredentialIDField retrieves the credential ID field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetCredentialObject added in v1.7.7 

func (m *LDAPAttributeMapping) GetCredentialObject() string

GetCredentialObject retrieves the credential object field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetDisplayNameField added in v1.7.7 

func (m *LDAPAttributeMapping) GetDisplayNameField() string

GetDisplayNameField retrieves the display name field from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetPublicKeyField added in v1.7.7 

func (m *LDAPAttributeMapping) GetPublicKeyField() string

GetPublicKeyField retrieves the public key field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetSignCountField added in v1.7.7 

func (m *LDAPAttributeMapping) GetSignCountField() string

GetSignCountField retrieves the sign count field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetTOTPRecoveryField added in v1.7.7 

func (m *LDAPAttributeMapping) GetTOTPRecoveryField() string

GetTOTPRecoveryField retrieves the TOTP recovery field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetTOTPSecretField added in v1.7.7 

func (m *LDAPAttributeMapping) GetTOTPSecretField() string

GetTOTPSecretField retrieves the TOTP secret field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

func (*LDAPAttributeMapping) GetUniqueUserIDField added in v1.7.7 

func (m *LDAPAttributeMapping) GetUniqueUserIDField() string

GetUniqueUserIDField retrieves the unique user ID field name from the LDAPAttributeMapping. Returns an empty string if the LDAPAttributeMapping is nil.

type LDAPConf 

type LDAPConf struct {
	// Deprecated: use lookup_pool_only
	PoolOnly       bool `mapstructure:"pool_only"`
	LookupPoolOnly bool `mapstructure:"lookup_pool_only"`
	StartTLS       bool
	TLSSkipVerify  bool `mapstructure:"tls_skip_verify"`
	SASLExternal   bool `mapstructure:"sasl_external"`

	NumberOfWorkers    int `mapstructure:"number_of_workers" validate:"omitempty,min=1,max=1000000"`
	LookupPoolSize     int `mapstructure:"lookup_pool_size" validate:"required,min=1"`
	LookupIdlePoolSize int `mapstructure:"lookup_idle_pool_size" validate:"omitempty,min=0"`
	AuthPoolSize       int `mapstructure:"auth_pool_size" validate:"validateAuthPoolRequired"`
	AuthIdlePoolSize   int `mapstructure:"auth_idle_pool_size" validate:"omitempty,min=0"`
	LookupQueueLength  int `mapstructure:"lookup_queue_length" validate:"omitempty,min=0"`
	AuthQueueLength    int `mapstructure:"auth_queue_length" validate:"omitempty,min=0"`

	BindDN        string `mapstructure:"bind_dn" validate:"omitempty,printascii"`
	BindPW        string `mapstructure:"bind_pw" validate:"omitempty"`
	TLSCAFile     string `mapstructure:"tls_ca_cert" validate:"omitempty,file"`
	TLSClientCert string `mapstructure:"tls_client_cert" validate:"omitempty,file"`
	TLSClientKey  string `mapstructure:"tls_client_key" validate:"omitempty,file"`

	ConnectAbortTimeout time.Duration `mapstructure:"connect_abort_timeout" validate:"omitempty,max=10m"`
	// Operation-specific timeouts (0 = library default)
	SearchTimeout time.Duration `mapstructure:"search_timeout" validate:"omitempty,max=10m"`
	BindTimeout   time.Duration `mapstructure:"bind_timeout" validate:"omitempty,max=10m"`
	ModifyTimeout time.Duration `mapstructure:"modify_timeout" validate:"omitempty,max=10m"`
	// Guardrails for search
	SearchSizeLimit int           `mapstructure:"search_size_limit" validate:"omitempty,min=0,max=100000"`
	SearchTimeLimit time.Duration `mapstructure:"search_time_limit" validate:"omitempty,max=10m"`
	// Retry/backoff configuration
	RetryMax        int           `mapstructure:"retry_max" validate:"omitempty,min=0,max=10"`
	RetryBase       time.Duration `mapstructure:"retry_base" validate:"omitempty,max=1m"`
	RetryMaxBackoff time.Duration `mapstructure:"retry_max_backoff" validate:"omitempty,max=5m"`
	// Circuit breaker configuration
	CBFailureThreshold int           `mapstructure:"cb_failure_threshold" validate:"omitempty,min=1,max=1000"`
	CBCooldown         time.Duration `mapstructure:"cb_cooldown" validate:"omitempty,max=10m"`
	CBHalfOpenMax      int           `mapstructure:"cb_half_open_max" validate:"omitempty,min=1,max=100"`

	// Health check configuration
	HealthCheckInterval time.Duration `mapstructure:"health_check_interval" validate:"omitempty,max=10m"`
	HealthCheckTimeout  time.Duration `mapstructure:"health_check_timeout" validate:"omitempty,max=1m"`

	// A8 cache options
	DNCacheTTL         time.Duration `mapstructure:"dn_cache_ttl" validate:"omitempty,max=10m"`
	MembershipCacheTTL time.Duration `mapstructure:"membership_cache_ttl" validate:"omitempty,max=10m"`
	NegativeCacheTTL   time.Duration `mapstructure:"negative_cache_ttl" validate:"omitempty,max=10m"`
	CacheMaxEntries    int           `mapstructure:"cache_max_entries" validate:"omitempty,min=0,max=10000000"`
	CacheImpl          string        `mapstructure:"cache_impl" validate:"omitempty,oneof=lru ttl"`
	IncludeRawResult   bool          `mapstructure:"include_raw_result"`

	// A9 optional auth rate limiting (per pool)
	AuthRateLimitPerSecond float64 `mapstructure:"auth_rate_limit_per_second" validate:"omitempty,min=0"`
	AuthRateLimitBurst     int     `mapstructure:"auth_rate_limit_burst" validate:"omitempty,min=0"`

	ServerURIs []string `mapstructure:"server_uri" validate:"required,dive,uri"`
	// Internal: set by pool to label metrics
	PoolName string `mapstructure:"-"`
}

func (*LDAPConf) GetAuthIdlePoolSize added in v1.7.7 

func (l *LDAPConf) GetAuthIdlePoolSize() int

GetAuthIdlePoolSize retrieves the authentication idle pool size from the LDAPConf. Returns definitions.LDAPIdlePoolSize if the LDAPConf is nil.

func (*LDAPConf) GetAuthPoolSize added in v1.7.7 

func (l *LDAPConf) GetAuthPoolSize() int

GetAuthPoolSize retrieves the authentication pool size from the LDAPConf. Returns definitions.LDAPIdlePoolSize if the LDAPConf is nil.

func (*LDAPConf) GetAuthQueueLength added in v1.10.0 

func (l *LDAPConf) GetAuthQueueLength() int

GetAuthQueueLength returns the maximum queue length for auth requests. Zero means unlimited.

func (*LDAPConf) GetAuthRateLimitBurst added in v1.10.0 

func (l *LDAPConf) GetAuthRateLimitBurst() int

GetAuthRateLimitBurst returns burst size for auth limiter.

func (*LDAPConf) GetAuthRateLimitPerSecond added in v1.10.0 

func (l *LDAPConf) GetAuthRateLimitPerSecond() float64

GetAuthRateLimitPerSecond returns tokens per second for auth limiter.

func (*LDAPConf) GetBindDN added in v1.7.7 

func (l *LDAPConf) GetBindDN() string

GetBindDN retrieves the bind DN from the LDAPConf. Returns an empty string if the LDAPConf is nil.

func (*LDAPConf) GetBindPW added in v1.7.7 

func (l *LDAPConf) GetBindPW() string

GetBindPW retrieves the bind password from the LDAPConf. Returns an empty string if the LDAPConf is nil.

func (*LDAPConf) GetBindTimeout added in v1.10.0 

func (l *LDAPConf) GetBindTimeout() time.Duration

GetBindTimeout returns the bind timeout duration.

func (*LDAPConf) GetCBCooldown added in v1.10.0 

func (l *LDAPConf) GetCBCooldown() time.Duration

GetCBCooldown returns the cooldown period for the breaker to remain open. Default 30s.

func (*LDAPConf) GetCBFailureThreshold added in v1.10.0 

func (l *LDAPConf) GetCBFailureThreshold() int

GetCBFailureThreshold returns the number of failures before opening the breaker. Default 5.

func (*LDAPConf) GetCBHalfOpenMax added in v1.10.0 

func (l *LDAPConf) GetCBHalfOpenMax() int

GetCBHalfOpenMax returns the number of half-open probes allowed before deciding state. Default 1.

func (*LDAPConf) GetCacheImpl added in v1.10.0 

func (l *LDAPConf) GetCacheImpl() string

GetCacheImpl returns selected cache implementation: "lru" or "ttl". Default "ttl".

func (*LDAPConf) GetCacheMaxEntries added in v1.10.0 

func (l *LDAPConf) GetCacheMaxEntries() int

GetCacheMaxEntries returns max entries for LRU caches. Default 5000.

func (*LDAPConf) GetConnectAbortTimeout added in v1.7.7 

func (l *LDAPConf) GetConnectAbortTimeout() time.Duration

GetConnectAbortTimeout retrieves the connect abort timeout duration from the LDAPConf. Returns 0 if the LDAPConf is nil.

func (*LDAPConf) GetHealthCheckInterval added in v1.10.0 

func (l *LDAPConf) GetHealthCheckInterval() time.Duration

GetHealthCheckInterval returns the interval for active LDAP health probes. Default 10s.

func (*LDAPConf) GetHealthCheckTimeout added in v1.10.0 

func (l *LDAPConf) GetHealthCheckTimeout() time.Duration

GetHealthCheckTimeout returns the per-probe timeout for LDAP health checks. Default 1.5s.

func (*LDAPConf) GetIncludeRawResult added in v1.10.0 

func (l *LDAPConf) GetIncludeRawResult() bool

GetIncludeRawResult returns whether raw LDAP search entries should be included in replies. Default false.

func (*LDAPConf) GetLookupIdlePoolSize added in v1.7.7 

func (l *LDAPConf) GetLookupIdlePoolSize() int

GetLookupIdlePoolSize retrieves the lookup idle pool size from the LDAPConf. Returns definitions.LDAPIdlePoolSize if the LDAPConf is nil.

func (*LDAPConf) GetLookupPoolSize added in v1.7.7 

func (l *LDAPConf) GetLookupPoolSize() int

GetLookupPoolSize retrieves the lookup pool size from the LDAPConf. Returns definitions.LDAPIdlePoolSize if the LDAPConf is nil.

func (*LDAPConf) GetLookupQueueLength added in v1.10.0 

func (l *LDAPConf) GetLookupQueueLength() int

GetLookupQueueLength returns the maximum queue length for lookup requests. Zero means unlimited.

func (*LDAPConf) GetModifyTimeout added in v1.10.0 

func (l *LDAPConf) GetModifyTimeout() time.Duration

GetModifyTimeout returns the modify timeout duration.

func (*LDAPConf) GetNegativeCacheTTL added in v1.10.0 

func (l *LDAPConf) GetNegativeCacheTTL() time.Duration

GetNegativeCacheTTL returns TTL for negative cache entries. Default 20s.

func (*LDAPConf) GetNumberOfWorkers added in v1.6.5 

func (l *LDAPConf) GetNumberOfWorkers() int

GetNumberOfWorkers returns the number of workers configured in the LDAPConf. Returns 0 if the LDAPConf is nil.

func (*LDAPConf) GetPoolName added in v1.10.0 

func (l *LDAPConf) GetPoolName() string

GetPoolName returns the pool name label set internally.

func (*LDAPConf) GetRetryBase added in v1.10.0 

func (l *LDAPConf) GetRetryBase() time.Duration

GetRetryBase returns the base backoff duration for retries. Default 200ms if unset.

func (*LDAPConf) GetRetryMax added in v1.10.0 

func (l *LDAPConf) GetRetryMax() int

GetRetryMax returns the maximum number of retries for transient errors. Default 2 if unset.

func (*LDAPConf) GetRetryMaxBackoff added in v1.10.0 

func (l *LDAPConf) GetRetryMaxBackoff() time.Duration

GetRetryMaxBackoff returns the max backoff duration for retries. Default 2s if unset.

func (*LDAPConf) GetSearchSizeLimit added in v1.10.0 

func (l *LDAPConf) GetSearchSizeLimit() int

GetSearchSizeLimit returns LDAP size limit; 0 means server default (unlimited).

func (*LDAPConf) GetSearchTimeLimit added in v1.10.0 

func (l *LDAPConf) GetSearchTimeLimit() time.Duration

GetSearchTimeLimit returns LDAP time limit as a duration; 0 means default.

func (*LDAPConf) GetSearchTimeout added in v1.10.0 

func (l *LDAPConf) GetSearchTimeout() time.Duration

GetSearchTimeout returns the search timeout duration.

func (*LDAPConf) GetServerURIs added in v1.7.7 

func (l *LDAPConf) GetServerURIs() []string

GetServerURIs retrieves the server URIs from the LDAPConf. Returns []string{"ldap://localhost"} slice if the LDAPConf is nil.

func (*LDAPConf) GetTLSCAFile added in v1.7.7 

func (l *LDAPConf) GetTLSCAFile() string

GetTLSCAFile retrieves the TLS CA certificate file path from the LDAPConf. Returns an empty string if the LDAPConf is nil.

func (*LDAPConf) GetTLSClientCert added in v1.7.7 

func (l *LDAPConf) GetTLSClientCert() string

GetTLSClientCert retrieves the TLS client certificate file path from the LDAPConf. Returns an empty string if the LDAPConf is nil.

func (*LDAPConf) GetTLSClientKey added in v1.7.7 

func (l *LDAPConf) GetTLSClientKey() string

GetTLSClientKey retrieves the TLS client key file path from the LDAPConf. Returns an empty string if the LDAPConf is nil.

func (*LDAPConf) IsPoolOnly added in v1.7.7 

func (l *LDAPConf) IsPoolOnly() bool

IsPoolOnly determines the effective pool-only mode. Rule: If deprecated 'pool_only' is set, it wins. Otherwise use 'lookup_pool_only'.

func (*LDAPConf) IsSASLExternal added in v1.7.7 

func (l *LDAPConf) IsSASLExternal() bool

IsSASLExternal checks if SASL External authentication is enabled in the LDAPConf. Returns false if the LDAPConf is nil.

func (*LDAPConf) IsStartTLS added in v1.7.7 

func (l *LDAPConf) IsStartTLS() bool

IsStartTLS checks if StartTLS is enabled in the LDAPConf. Returns false if the LDAPConf is nil.

func (*LDAPConf) IsTLSSkipVerify added in v1.7.7 

func (l *LDAPConf) IsTLSSkipVerify() bool

IsTLSSkipVerify checks if TLS verification should be skipped in the LDAPConf. Returns false if the LDAPConf is nil.

func (*LDAPConf) String 

func (l *LDAPConf) String() string

type LDAPFilter 

type LDAPFilter struct {
	User                string `mapstructure:"user" validate:"omitempty"`
	ListAccounts        string `mapstructure:"list_accounts" validate:"omitempty"`
	WebAuthnCredentials string `mapstructure:"webauthn_credentials" validate:"omitempty"`
}

func (*LDAPFilter) GetWebAuthnCredentialsFilter added in v1.7.7 

func (f *LDAPFilter) GetWebAuthnCredentialsFilter() string

GetWebAuthnCredentialsFilter returns an LDAP filter which is used to find WebAuthn credentials. Returns an empty string if the LDAPFilter is nil.

type LDAPScope 

type LDAPScope struct {
	// contains filtered or unexported fields
}

LDAPScope is the search scope for an LDAP server.

func (*LDAPScope) Get 

func (l *LDAPScope) Get() int

Get returns the numeric LDAP search scope.

func (*LDAPScope) Set 

func (l *LDAPScope) Set(value string) error

Set sets the numeric LDAP search scope by its string representation.

func (*LDAPScope) String 

func (l *LDAPScope) String() string

func (*LDAPScope) Type 

func (l *LDAPScope) Type() string

Type returns the name of the type.

type LDAPSearchProtocol 

type LDAPSearchProtocol struct {
	Protocols []string `mapstructure:"protocol" validate:"required"`
	CacheName string   `mapstructure:"cache_name" validate:"required,printascii,excludesall= "`
	PoolName  string   `mapstructure:"pool_name" validate:"omitempty,printascii,excludesall= "`
	BaseDN    string   `mapstructure:"base_dn" validate:"required,printascii"`
	Scope     string   `mapstructure:"scope" validate:"omitempty,oneof=base one sub"`

	LDAPFilter           `mapstructure:"filter" validate:"required"`
	LDAPAttributeMapping `mapstructure:"mapping" validate:"required"`

	// LDAP result attributes
	Attributes []string `mapstructure:"attribute" validate:"required,dive,printascii,excludesall= "`
}

func (*LDAPSearchProtocol) GetAccountField 

func (p *LDAPSearchProtocol) GetAccountField() (string, error)

GetAccountField returns the LDAP attribute for an account. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetAttributes 

func (p *LDAPSearchProtocol) GetAttributes() ([]string, error)

GetAttributes returns a list of attributes that are requested from the LDAP server. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetBaseDN 

func (p *LDAPSearchProtocol) GetBaseDN() (string, error)

GetBaseDN returns the base DN that is used for each specific protocol. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetCacheName 

func (p *LDAPSearchProtocol) GetCacheName() (string, error)

GetCacheName returns the Redis cache domain. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetListAccountsFilter 

func (p *LDAPSearchProtocol) GetListAccountsFilter() (string, error)

GetListAccountsFilter returns an LDAP filter which is used to find all user accounts. It returns a DetailedError, if no value has been configured.

func (*LDAPSearchProtocol) GetPoolName added in v1.5.0 

func (p *LDAPSearchProtocol) GetPoolName() string

GetPoolName returns the configured pool name. If no pool name is configured, it defaults to DefaultBackendName.

func (*LDAPSearchProtocol) GetProtocols added in v1.7.7 

func (p *LDAPSearchProtocol) GetProtocols() []string

GetProtocols retrieves the list of protocols from the LDAPSearchProtocol. Returns an empty slice if the LDAPSearchProtocol is nil or if the Protocols field is nil.

func (*LDAPSearchProtocol) GetScope 

func (p *LDAPSearchProtocol) GetScope() (*LDAPScope, error)

GetScope returns an LDAP search scope. If no scope was defined, it automatically sets the subtree scope. If a scope has been defined and is unknown, it returns a DetailedError.

func (*LDAPSearchProtocol) GetUserFilter 

func (p *LDAPSearchProtocol) GetUserFilter() (string, error)

GetUserFilter returns an LDAP search filter to find a user. It returns a DetailedError, if no value has been configured.

type LDAPSection 

type LDAPSection struct {
	Config            *LDAPConf            `mapstructure:"config" validate:"required"`
	OptionalLDAPPools map[string]*LDAPConf `mapstructure:"optional_ldap_pools" validate:"omitempty,dive,validatDefaultBackendName"`
	Search            []LDAPSearchProtocol `mapstructure:"search" validate:"omitempty,dive"`
}

func (*LDAPSection) GetConfig 

func (l *LDAPSection) GetConfig() any

GetConfig retrieves the LDAP configuration from the receiver. Returns nil if the receiver is nil.

func (*LDAPSection) GetOptionalLDAPPools added in v1.5.0 

func (l *LDAPSection) GetOptionalLDAPPools() map[string]*LDAPConf

GetOptionalLDAPPools returns a map of LDAP pool configurations if available, or an empty map if the receiver is nil.

func (*LDAPSection) GetProtocols 

func (l *LDAPSection) GetProtocols() any

GetProtocols returns the search protocols of the LDAP configuration, or an empty slice if the receiver is nil.

func (*LDAPSection) GetSearch added in v1.7.7 

func (l *LDAPSection) GetSearch() []LDAPSearchProtocol

GetSearch returns the LDAP search protocols if available, or an empty slice if the receiver is nil.

func (*LDAPSection) String 

func (l *LDAPSection) String() string

type Log 

type Log struct {
	JSON       bool         `mapstructure:"json"`
	Color      bool         `mapstructure:"color"`
	Level      Verbosity    `mapstructure:"level"`
	AddSource  bool         `mapstructure:"add_source"`
	DbgModules []*DbgModule `mapstructure:"debug_modules" validate:"omitempty,dive"`
}

Log represents the configuration for logging.

func (*Log) GetDebugModules added in v1.4.11 

func (l *Log) GetDebugModules() []*DbgModule

GetDebugModules retrieves the list of debug modules configured in the Log instance. Returns an empty slice if the Log is nil.

func (*Log) GetLogLevel added in v1.4.11 

func (l *Log) GetLogLevel() int

GetLogLevel returns the name of the current logging level configured in the Log instance. Returns 0 if the Log is nil or the Level is nil.

func (*Log) GetLogLevelName added in v1.4.11 

func (l *Log) GetLogLevelName() string

GetLogLevelName returns the name of the current logging level as a string. Returns an empty string if the Log is nil or the Level is nil.

func (*Log) IsAddSourceEnabled added in v1.10.0 

func (l *Log) IsAddSourceEnabled() bool

IsAddSourceEnabled indicates whether slog should add source information (file:line) to log records. Returns false if Log is nil; default behavior is configured via config defaults.

func (*Log) IsLogFormatJSON added in v1.4.11 

func (l *Log) IsLogFormatJSON() bool

IsLogFormatJSON indicates whether the log format is set to JSON based on the `JSON` field in the `Log` struct. Returns false if the Log is nil.

func (*Log) IsLogUsesColor added in v1.4.11 

func (l *Log) IsLogUsesColor() bool

IsLogUsesColor determines if colored output is enabled for logging. Returns false if the Log is nil.

type LuaAction 

type LuaAction struct {
	ActionType string `mapstructure:"type" validate:"required,oneof=brute_force rbl tls_encryption relay_domains lua post"`
	ScriptName string `mapstructure:"name" validate:"required"`
	ScriptPath string `mapstructure:"script_path" validate:"required,file"`
}

func (*LuaAction) GetAction 

func (l *LuaAction) GetAction() (string, string, string)

GetAction returns the ActionType, ScriptName, and ScriptPath of a LuaAction. It is a method of the LuaAction struct. The ActionType field represents the type of the Lua action. The ScriptName field represents the name of the Lua script. The ScriptPath field represents the path to the Lua script file. It returns these values as strings.

func (*LuaAction) GetActionType added in v1.7.7 

func (l *LuaAction) GetActionType() string

GetActionType retrieves the ActionType from the LuaAction. Returns an empty string if the LuaAction is nil.

func (*LuaAction) GetScriptName added in v1.7.7 

func (l *LuaAction) GetScriptName() string

GetScriptName retrieves the ScriptName from the LuaAction. Returns an empty string if the LuaAction is nil.

func (*LuaAction) GetScriptPath added in v1.7.7 

func (l *LuaAction) GetScriptPath() string

GetScriptPath retrieves the ScriptPath from the LuaAction. Returns an empty string if the LuaAction is nil.

func (*LuaAction) String 

func (l *LuaAction) String() string

type LuaConf 

type LuaConf struct {
	NumberOfWorkers        int      `mapstructure:"number_of_workers" validate:"omitempty,min=1,max=1000000"`
	BackendNumberOfWorkers int      `mapstructure:"backend_number_of_workers" validate:"omitempty,min=1,max=1000000"`
	QueueLength            int      `mapstructure:"queue_length" validate:"omitempty,min=0"`
	PackagePath            string   `mapstructure:"package_path"`
	BackendScriptPath      string   `mapstructure:"backend_script_path" validate:"omitempty,file"`
	InitScriptPath         string   `mapstructure:"init_script_path" validate:"omitempty,file"`
	InitScriptPaths        []string `mapstructure:"init_script_paths" validate:"omitempty,dive,file"`
	ActionNumberOfWorkers  int      `mapstructure:"action_number_of_workers" validate:"omitempty,min=1,max=1000000"`
	FeatureVMPoolSize      int      `mapstructure:"feature_vm_pool_size" validate:"omitempty,min=1,max=1000000"`
	FilterVMPoolSize       int      `mapstructure:"filter_vm_pool_size" validate:"omitempty,min=1,max=1000000"`
	HookVMPoolSize         int      `mapstructure:"hook_vm_pool_size" validate:"omitempty,min=1,max=1000000"`

	// Optional: generic IP scoping for Lua-driven features/metrics
	LuaIPv6CIDR uint `mapstructure:"ip_scoping_v6_cidr" validate:"omitempty,min=1,max=128"`
	LuaIPv4CIDR uint `mapstructure:"ip_scoping_v4_cidr" validate:"omitempty,min=1,max=32"`
}

func (*LuaConf) GetActionNumberOfWorkers added in v1.10.0 

func (l *LuaConf) GetActionNumberOfWorkers() int

GetActionNumberOfWorkers returns the configured number of action workers or a sane default (definitions.MaxActionWorkers) if unset.

func (*LuaConf) GetBackendScriptPath added in v1.7.7 

func (l *LuaConf) GetBackendScriptPath() string

GetBackendScriptPath retrieves the BackendScriptPath from the LuaConf. Returns an empty string if the LuaConf is nil.

func (*LuaConf) GetFeatureVMPoolSize added in v1.10.0 

func (l *LuaConf) GetFeatureVMPoolSize() int

GetFeatureVMPoolSize retrieves the configured feature VM pool size or falls back to the worker count if unset or invalid.

func (*LuaConf) GetFilterVMPoolSize added in v1.10.0 

func (l *LuaConf) GetFilterVMPoolSize() int

GetFilterVMPoolSize returns the configured filter VM pool size or falls back to the number of workers if unset or invalid.

func (*LuaConf) GetHookVMPoolSize added in v1.10.0 

func (l *LuaConf) GetHookVMPoolSize() int

GetHookVMPoolSize retrieves the hook VM pool size or defaults to the number of workers if unset or invalid.

func (*LuaConf) GetInitScriptPath added in v1.7.7 

func (l *LuaConf) GetInitScriptPath() string

GetInitScriptPath retrieves the InitScriptPath from the LuaConf. Returns an empty string if the LuaConf is nil.

func (*LuaConf) GetInitScriptPaths added in v1.7.7 

func (l *LuaConf) GetInitScriptPaths() []string

GetInitScriptPaths retrieves the InitScriptPaths from the LuaConf. Returns an empty slice if the LuaConf is nil.

func (*LuaConf) GetLuaIPv4CIDR added in v1.10.0 

func (l *LuaConf) GetLuaIPv4CIDR() uint

GetLuaIPv4CIDR returns the configured IPv4 CIDR for generic Lua scoping; 0 means disabled.

func (*LuaConf) GetLuaIPv6CIDR added in v1.10.0 

func (l *LuaConf) GetLuaIPv6CIDR() uint

GetLuaIPv6CIDR returns the configured IPv6 CIDR for generic Lua scoping; 0 means disabled.

func (*LuaConf) GetNumberOfWorkers added in v1.6.5 

func (l *LuaConf) GetNumberOfWorkers() int

GetNumberOfWorkers returns the number of backend workers. Preference order (v1.10.0+): 1) BackendNumberOfWorkers (new) 2) NumberOfWorkers (deprecated) 3) Default

func (*LuaConf) GetPackagePath added in v1.7.7 

func (l *LuaConf) GetPackagePath() string

GetPackagePath retrieves the PackagePath from the LuaConf. Returns an empty string if the LuaConf is nil.

func (*LuaConf) GetQueueLength added in v1.10.0 

func (l *LuaConf) GetQueueLength() int

GetQueueLength returns the max queue length for Lua backend requests; 0 means unlimited.

func (*LuaConf) String 

func (l *LuaConf) String() string

type LuaFeature 

type LuaFeature struct {
	Name       string `mapstructure:"name" validate:"required"`
	ScriptPath string `mapstructure:"script_path" validate:"required,file"`
}

func (*LuaFeature) GetName added in v1.7.7 

func (l *LuaFeature) GetName() string

GetName retrieves the Name from the LuaFeature. Returns an empty string if the LuaFeature is nil.

func (*LuaFeature) GetScriptPath added in v1.7.7 

func (l *LuaFeature) GetScriptPath() string

GetScriptPath retrieves the ScriptPath from the LuaFeature. Returns an empty string if the LuaFeature is nil.

func (*LuaFeature) String 

func (l *LuaFeature) String() string

type LuaFilter 

type LuaFilter struct {
	Name                string `mapstructure:"name" validate:"required"`
	ScriptPath          string `mapstructure:"script_path" validate:"required,file"`
	WhenAuthenticated   bool   `mapstructure:"when_authenticated"`
	WhenUnauthenticated bool   `mapstructure:"when_unauthenticated"`
	WhenNoAuth          bool   `mapstructure:"when_no_auth"`
}

func (*LuaFilter) GetName added in v1.7.7 

func (l *LuaFilter) GetName() string

GetName retrieves the Name from the LuaFilter. Returns an empty string if the LuaFilter is nil.

func (*LuaFilter) GetScriptPath added in v1.7.7 

func (l *LuaFilter) GetScriptPath() string

GetScriptPath retrieves the ScriptPath from the LuaFilter. Returns an empty string if the LuaFilter is nil.

func (*LuaFilter) String 

func (l *LuaFilter) String() string

type LuaHooks added in v1.3.9 

type LuaHooks struct {
	Location    string   `mapstructure:"http_location" validate:"required,printascii,excludesall= "`
	Method      string   `mapstructure:"http_method" validate:"required,oneof=HEAD GET POST PUT DELETE PATCH"`
	ContentType string   `mapstructure:"content_type" validate:"omitempty,printascii,excludesall= "`
	ScriptPath  string   `mapstructure:"script_path" validate:"required,file"`
	Roles       []string `mapstructure:"roles"`
}

func (*LuaHooks) GetContentType added in v1.7.11 

func (l *LuaHooks) GetContentType() string

GetContentType retrieves the Content-Type from the LuaHooks. Returns "application/json" if the LuaHooks is nil or the ContentType is an empty string

func (*LuaHooks) GetLocation added in v1.7.7 

func (l *LuaHooks) GetLocation() string

GetLocation retrieves the Location from the LuaHooks. Returns an empty string if the LuaHooks is nil.

func (*LuaHooks) GetMethod added in v1.7.7 

func (l *LuaHooks) GetMethod() string

GetMethod retrieves the Method from the LuaHooks. Returns an empty string if the LuaHooks is nil.

func (*LuaHooks) GetRoles added in v1.7.0 

func (l *LuaHooks) GetRoles() []string

GetRoles returns the roles configured for the hook. If no roles are configured, it returns an empty slice.

func (*LuaHooks) GetScriptPath added in v1.7.7 

func (l *LuaHooks) GetScriptPath() string

GetScriptPath retrieves the ScriptPath from the LuaHooks. Returns an empty string if the LuaHooks is nil.

func (*LuaHooks) String added in v1.3.9 

func (l *LuaHooks) String() string

type LuaSearchProtocol 

type LuaSearchProtocol struct {
	Protocols   []string `mapstructure:"protocol"`
	CacheName   string   `mapstructure:"cache_name" validate:"required,printascii,excludesall= "`
	BackendName string   `mapstructure:"backend_name" validate:"omitempty,printascii,excludesall= "`
}

func (*LuaSearchProtocol) GetBackendName added in v1.5.0 

func (l *LuaSearchProtocol) GetBackendName() string

GetBackendName returns the backend name configured in LuaSearchProtocol or a default value if not specified.

func (*LuaSearchProtocol) GetCacheName 

func (l *LuaSearchProtocol) GetCacheName() (string, error)

GetCacheName returns the Redis cache domain. It returns a DetailedError, if no value has been configured.

func (*LuaSearchProtocol) GetProtocols added in v1.7.7 

func (l *LuaSearchProtocol) GetProtocols() []string

GetProtocols retrieves the list of protocols from the LuaSearchProtocol. Returns an empty slice if the LuaSearchProtocol is nil or if the Protocols field is nil.

type LuaSection 

type LuaSection struct {
	Actions             []LuaAction         `mapstructure:"actions" validate:"omitempty,dive"`
	Features            []LuaFeature        `mapstructure:"features" validate:"omitempty,dive"`
	Filters             []LuaFilter         `mapstructure:"filters" validate:"omitempty,dive"`
	Hooks               []LuaHooks          `mapstructure:"custom_hooks" validate:"omitempty,dive"`
	Config              *LuaConf            `mapstructure:"config" validate:"omitempty"`
	OptionalLuaBackends map[string]*LuaConf `mapstructure:"optional_lua_backends" validate:"omitempty,dive,validateOptionalLuaBackend"`
	Search              []LuaSearchProtocol `mapstructure:"search" validate:"omitempty,dive"`
}

func (*LuaSection) GetActions added in v1.7.7 

func (l *LuaSection) GetActions() []LuaAction

GetActions retrieves the list of LuaAction from the LuaSection. Returns an empty slice if the LuaSection is nil.

func (*LuaSection) GetConfig 

func (l *LuaSection) GetConfig() any

GetConfig retrieves the `Config` field from the LuaSection. Returns an empty LuaConf if the LuaSection is nil.

func (*LuaSection) GetFeatures added in v1.7.7 

func (l *LuaSection) GetFeatures() []LuaFeature

GetFeatures retrieves the list of LuaFeature from the LuaSection. Returns an empty slice if the LuaSection is nil.

func (*LuaSection) GetFilters added in v1.7.7 

func (l *LuaSection) GetFilters() []LuaFilter

GetFilters retrieves the list of LuaFilter from the LuaSection. Returns an empty slice if the LuaSection is nil.

func (*LuaSection) GetHooks added in v1.7.7 

func (l *LuaSection) GetHooks() []LuaHooks

GetHooks retrieves the list of LuaHooks from the LuaSection. Returns an empty slice if the LuaSection is nil.

func (*LuaSection) GetOptionalLuaBackends added in v1.5.0 

func (l *LuaSection) GetOptionalLuaBackends() map[string]*LuaConf

GetOptionalLuaBackends retrieves the `OptionalLuaBackends` field from the LuaSection. Returns an empty map if the LuaSection is nil.

func (*LuaSection) GetProtocols 

func (l *LuaSection) GetProtocols() any

GetProtocols retrieves the search protocols from the LuaSection. Returns an empty slice if the LuaSection is nil.

func (*LuaSection) String 

func (l *LuaSection) String() string

type Master 

type Master struct {
	Address  string `mapstructure:"address" validate:"omitempty,hostname_port"`
	Username string `mapstructure:"username" validate:"omitempty,excludesall= "`
	Password string `mapstructure:"password" validate:"omitempty,excludesall= "`
}

Master represents the configuration for the master Redis instance. Includes fields for address, username, and password for the master instance.

func (Master) GetAddress added in v1.4.11 

func (m Master) GetAddress() string

GetAddress returns the address of the master Redis instance stored in the Master struct.

func (Master) GetPassword added in v1.4.11 

func (m Master) GetPassword() string

GetPassword returns the password of the master Redis instance stored in the Master struct.

func (Master) GetUsername added in v1.4.11 

func (m Master) GetUsername() string

GetUsername returns the username of the master Redis instance stored in the Master struct.

type MasterUser 

type MasterUser struct {
	Enabled   bool   `mapstructure:"enabled"`
	Delimiter string `mapstructure:"delimiter" validate:"omitempty,len=1,printascii"`
}

MasterUser represents a user configuration with flags for enabling and setting delimiters.

func (*MasterUser) GetDelimiter added in v1.4.11 

func (m *MasterUser) GetDelimiter() string

GetDelimiter retrieves the delimiter value associated with the MasterUser configuration. Returns an empty string if the MasterUser is nil.

func (*MasterUser) IsEnabled added in v1.4.11 

func (m *MasterUser) IsEnabled() bool

IsEnabled determines if the MasterUser is enabled by checking the Enabled field. Returns false if the MasterUser is nil.

type OIDCCustomClaim 

type OIDCCustomClaim struct {
	Name string
	Type string
}

func (*OIDCCustomClaim) GetName added in v1.7.7 

func (c *OIDCCustomClaim) GetName() string

GetName retrieves the name of the custom claim. Returns an empty string if the OIDCCustomClaim is nil.

func (*OIDCCustomClaim) GetType added in v1.7.7 

func (c *OIDCCustomClaim) GetType() string

GetType retrieves the type of the custom claim. Returns an empty string if the OIDCCustomClaim is nil.

type Oauth2Client 

type Oauth2Client struct {
	SkipConsent bool          `mapstructure:"skip_consent"`
	SkipTOTP    bool          `mapstructure:"skip_totp"`
	ClientName  string        `mapstructure:"name" validate:"required"`
	ClientId    string        `mapstructure:"client_id" validate:"required"`
	Subject     string        `mapstructure:"subject" validate:"required,alphanumunicode,excludesall= "`
	Claims      IdTokenClaims `mapstructure:"claims" validate:"required"`
}

func (*Oauth2Client) GetClaims added in v1.7.7 

func (c *Oauth2Client) GetClaims() IdTokenClaims

GetClaims retrieves the ID token claims from the Oauth2Client. Returns an empty IdTokenClaims struct if the Oauth2Client is nil.

func (*Oauth2Client) GetClientId added in v1.7.7 

func (c *Oauth2Client) GetClientId() string

GetClientId retrieves the client ID from the Oauth2Client. Returns an empty string if the Oauth2Client is nil.

func (*Oauth2Client) GetClientName added in v1.7.7 

func (c *Oauth2Client) GetClientName() string

GetClientName retrieves the client name from the Oauth2Client. Returns an empty string if the Oauth2Client is nil.

func (*Oauth2Client) GetSubject added in v1.7.7 

func (c *Oauth2Client) GetSubject() string

GetSubject retrieves the subject from the Oauth2Client. Returns an empty string if the Oauth2Client is nil.

func (*Oauth2Client) IsSkipConsent added in v1.7.7 

func (c *Oauth2Client) IsSkipConsent() bool

IsSkipConsent checks if consent should be skipped for this client. Returns false if the Oauth2Client is nil.

func (*Oauth2Client) IsSkipTOTP added in v1.7.7 

func (c *Oauth2Client) IsSkipTOTP() bool

IsSkipTOTP checks if TOTP verification should be skipped for this client. Returns false if the Oauth2Client is nil.

type Oauth2CustomScope 

type Oauth2CustomScope struct {
	Name        string            `mapstructure:"name" validate:"required,alphanumunicode,excludesall= "`
	Description string            `mapstructure:"description" validate:"required"`
	Claims      []OIDCCustomClaim `mapstructure:"claims" validate:"required,dive"`
	Other       map[string]any    `mapstructure:",remain"`
}

func (*Oauth2CustomScope) GetClaims added in v1.7.7 

func (s *Oauth2CustomScope) GetClaims() []OIDCCustomClaim

GetClaims retrieves the list of custom claims for this scope. Returns an empty slice if the Oauth2CustomScope is nil.

func (*Oauth2CustomScope) GetDescription added in v1.7.7 

func (s *Oauth2CustomScope) GetDescription() string

GetDescription retrieves the description of the custom scope. Returns an empty string if the Oauth2CustomScope is nil.

func (*Oauth2CustomScope) GetName added in v1.7.7 

func (s *Oauth2CustomScope) GetName() string

GetName retrieves the name of the custom scope. Returns an empty string if the Oauth2CustomScope is nil.

func (*Oauth2CustomScope) GetOther added in v1.7.7 

func (s *Oauth2CustomScope) GetOther() map[string]any

GetOther retrieves the map of additional properties for this scope. Returns nil if the Oauth2CustomScope is nil.

type Oauth2Section 

type Oauth2Section struct {
	CustomScopes []Oauth2CustomScope `mapstructure:"custom_scopes" validate:"omitempty,dive"`
	Clients      []Oauth2Client      `mapstructure:"clients" validate:"omitempty,dive"`
}

func (*Oauth2Section) GetClients added in v1.7.7 

func (o *Oauth2Section) GetClients() []Oauth2Client

GetClients retrieves the list of clients from the Oauth2Section. Returns an empty slice if the Oauth2Section is nil.

func (*Oauth2Section) GetCustomScopes added in v1.7.7 

func (o *Oauth2Section) GetCustomScopes() []Oauth2CustomScope

GetCustomScopes retrieves the list of custom scopes from the Oauth2Section. Returns an empty slice if the Oauth2Section is nil.

func (*Oauth2Section) String 

func (o *Oauth2Section) String() string

type PrometheusTimer added in v1.1.0 

type PrometheusTimer struct {
	Enabled bool     `mapstructure:"enabled"`
	Labels  []string `` /* 138-byte string literal not displayed */
}

PrometheusTimer is a configuration structure for enabling and setting labels for Prometheus metrics timers.

func (*PrometheusTimer) GetLabels added in v1.4.11 

func (p *PrometheusTimer) GetLabels() []string

GetLabels returns the list of labels configured for the PrometheusTimer. Returns an empty slice if the PrometheusTimer is nil.

func (*PrometheusTimer) IsEnabled added in v1.4.11 

func (p *PrometheusTimer) IsEnabled() bool

IsEnabled indicates whether the Prometheus timer is enabled based on the Enabled property of PrometheusTimer. Returns false if the PrometheusTimer is nil.

type Protocol 

type Protocol struct {
	// contains filtered or unexported fields
}

Protocol is the protocol used between a remote client and a server. This server sets the protocol in an HTTP request header "Auth-Protocol" (Nginx protocol).

func NewProtocol 

func NewProtocol(protocol string) *Protocol

NewProtocol creates a new Protocol object with the given protocol string. It initializes the name field of the Protocol object.

Example usage: protocol := NewProtocol("http")

func (*Protocol) Get 

func (p *Protocol) Get() string

Get returns the string for a protocol.

func (*Protocol) Set 

func (p *Protocol) Set(value string)

Set sets the name of the protocol.

func (*Protocol) String 

func (p *Protocol) String() string

func (*Protocol) Type 

func (p *Protocol) Type() string

Type returns the name of the type.

type RBL 

type RBL struct {
	Name         string `mapstructure:"name" validate:"required"`
	RBL          string `mapstructure:"rbl" validate:"required,hostname_rfc1123_with_opt_trailing_dot"`
	IPv4         bool
	IPv6         bool
	AllowFailure bool     `mapstructure:"allow_failure"`
	ReturnCode   string   `mapstructure:"return_code" validate:"omitempty,ip4_addr"`
	ReturnCodes  []string `mapstructure:"return_codes" validate:"required,dive,ip4_addr"`
	Weight       int      `mapstructure:"weight" validate:"omitempty,min=-100,max=100"`
}

func (*RBL) GetName added in v1.7.7 

func (r *RBL) GetName() string

GetName retrieves the name of the RBL. Returns an empty string if the RBL is nil.

func (*RBL) GetRBL added in v1.7.7 

func (r *RBL) GetRBL() string

GetRBL retrieves the RBL hostname. Returns an empty string if the RBL is nil.

func (*RBL) GetReturnCode added in v1.7.7 

func (r *RBL) GetReturnCode() string

GetReturnCode retrieves the return code for the RBL. Returns an empty string if the RBL is nil. Deprecated: Use GetReturnCodes() instead

func (*RBL) GetReturnCodes added in v1.7.11 

func (r *RBL) GetReturnCodes() []string

GetReturnCodes retrieves the list of return codes for the RBL. Returns an empty slice if the RBL is nil.

func (*RBL) GetWeight added in v1.7.7 

func (r *RBL) GetWeight() int

GetWeight retrieves the weight value for the RBL. Returns 0 if the RBL is nil.

func (*RBL) IsAllowFailure added in v1.7.7 

func (r *RBL) IsAllowFailure() bool

IsAllowFailure checks if failures are allowed for this RBL. Returns false if the RBL is nil.

func (*RBL) IsIPv4 added in v1.7.7 

func (r *RBL) IsIPv4() bool

IsIPv4 checks if the RBL is configured for IPv4. Returns false if the RBL is nil.

func (*RBL) IsIPv6 added in v1.7.7 

func (r *RBL) IsIPv6() bool

IsIPv6 checks if the RBL is configured for IPv6. Returns false if the RBL is nil.

type RBLSection 

type RBLSection struct {
	SoftWhitelist `mapstructure:"soft_whitelist"`
	Lists         []RBL    `mapstructure:"lists" validate:"required,dive"`
	Threshold     int      `mapstructure:"threshold" validate:"omitempty,min=0,max=100"`
	IPWhiteList   []string `mapstructure:"ip_whitelist" validate:"omitempty,dive,ip_addr|cidr"`
}

func (*RBLSection) GetIPWhiteList added in v1.7.7 

func (r *RBLSection) GetIPWhiteList() []string

GetIPWhiteList retrieves the IP whitelist from the RBLSection. Returns an empty slice if the RBLSection is nil.

func (*RBLSection) GetLists added in v1.7.7 

func (r *RBLSection) GetLists() []RBL

GetLists retrieves the list of RBL configurations from the RBLSection. Returns an empty slice if the RBLSection is nil.

func (*RBLSection) GetSoftWhitelist added in v1.7.7 

func (r *RBLSection) GetSoftWhitelist() SoftWhitelist

GetSoftWhitelist retrieves the SoftWhitelist from the RBLSection. Returns nil if the RBLSection is nil.

func (*RBLSection) GetThreshold added in v1.7.7 

func (r *RBLSection) GetThreshold() int

GetThreshold retrieves the threshold value from the RBLSection. Returns 0 as a default value if the RBLSection is nil.

func (*RBLSection) String 

func (r *RBLSection) String() string

type Redis 

type Redis struct {
	DatabaseNmuber int           `mapstructure:"database_number" validate:"omitempty,gte=0,lte=15"`
	Prefix         string        `mapstructure:"prefix" validate:"omitempty,printascii,excludesall= "`
	PasswordNonce  string        `mapstructure:"password_nonce" validate:"omitempty,min=16,alphanumsymbol,excludesall= "`
	PoolSize       int           `mapstructure:"pool_size" validate:"omitempty,gte=1"`
	IdlePoolSize   int           `mapstructure:"idle_pool_size" validate:"omitempty,gte=0"`
	TLS            TLS           `mapstructure:"tls" validate:"omitempty"`
	PosCacheTTL    time.Duration `mapstructure:"positive_cache_ttl" validate:"omitempty,max=8760h"`
	NegCacheTTL    time.Duration `mapstructure:"negative_cache_ttl" validate:"omitempty,max=8760h"`
	Master         Master        `mapstructure:"master" validate:"omitempty"`
	Replica        Replica       `mapstructure:"replica" validate:"omitempty"`
	Sentinels      Sentinels     `mapstructure:"sentinels" validate:"omitempty"`
	Cluster        Cluster       `mapstructure:"cluster" validate:"omitempty"`

	// Connection/timeout tuning; defaults mirror previous hard-coded values
	// Sensible bounds via validator tags to avoid extreme misconfiguration
	// PoolTimeout: time to wait for a free connection from the pool (1ms–30s)
	PoolTimeout *time.Duration `mapstructure:"pool_timeout" validate:"omitempty,min=1ms,max=30s"`
	// DialTimeout: TCP connect timeout (1ms–60s)
	DialTimeout *time.Duration `mapstructure:"dial_timeout" validate:"omitempty,min=1ms,max=60s"`
	// ReadTimeout: per-read operation timeout (1ms–60s)
	ReadTimeout *time.Duration `mapstructure:"read_timeout" validate:"omitempty,min=1ms,max=60s"`
	// WriteTimeout: per-write operation timeout (1ms–60s)
	WriteTimeout *time.Duration `mapstructure:"write_timeout" validate:"omitempty,min=1ms,max=60s"`
	PoolFIFO     *bool          `mapstructure:"pool_fifo" validate:"omitempty"`
	// ConnMaxIdleTime: maximum time a connection may remain idle before being closed (0s–24h)
	ConnMaxIdleTime *time.Duration `mapstructure:"conn_max_idle_time" validate:"omitempty,min=0s,max=24h"`
	MaxRetries      *int           `mapstructure:"max_retries" validate:"omitempty,gte=0"`
}

Redis represents the configuration settings for a Redis instance, including master, replica, sentinel, and cluster setups.

func (*Redis) GetCluster added in v1.4.11 

func (r *Redis) GetCluster() *Cluster

GetCluster returns a pointer to the Cluster configuration of the Redis instance. Returns a new empty Cluster struct if the Redis is nil.

func (*Redis) GetConnMaxIdleTime added in v1.11.0 

func (r *Redis) GetConnMaxIdleTime() time.Duration

GetConnMaxIdleTime returns the maximum idle time for a connection or the default of 90s.

func (*Redis) GetDatabaseNumber added in v1.4.11 

func (r *Redis) GetDatabaseNumber() int

GetDatabaseNumber retrieves the configured database number for the Redis instance. Returns 0 if the Redis is nil.

func (*Redis) GetDialTimeout added in v1.11.0 

func (r *Redis) GetDialTimeout() time.Duration

GetDialTimeout returns the configured dial timeout or the default of 200ms.

func (*Redis) GetIdlePoolSize added in v1.4.11 

func (r *Redis) GetIdlePoolSize() int

GetIdlePoolSize retrieves the number of idle connections allowed in the connection pool. Returns 0 if the Redis is nil.

func (*Redis) GetMaxRetries added in v1.11.0 

func (r *Redis) GetMaxRetries() int

GetMaxRetries returns the maximum retry count or the default of 1.

func (*Redis) GetNegCacheTTL added in v1.4.11 

func (r *Redis) GetNegCacheTTL() time.Duration

GetNegCacheTTL retrieves the negative cache time-to-live (TTL) duration configured for the Redis instance. Returns 0 if the Redis is nil.

func (*Redis) GetPasswordNonce added in v1.4.11 

func (r *Redis) GetPasswordNonce() string

GetPasswordNonce retrieves the password nonce configured for the Redis instance. Returns an empty string if the Redis is nil.

func (*Redis) GetPoolFIFO added in v1.11.0 

func (r *Redis) GetPoolFIFO() bool

GetPoolFIFO returns whether FIFO should be used in the connection pool. Defaults to true.

func (*Redis) GetPoolSize added in v1.4.11 

func (r *Redis) GetPoolSize() int

GetPoolSize retrieves the size of the connection pool configured for the Redis instance. Returns 0 if the Redis is nil.

func (*Redis) GetPoolTimeout added in v1.11.0 

func (r *Redis) GetPoolTimeout() time.Duration

GetPoolTimeout returns the configured pool timeout or the default of 80ms.

func (*Redis) GetPosCacheTTL added in v1.4.11 

func (r *Redis) GetPosCacheTTL() time.Duration

GetPosCacheTTL retrieves the positive cache time-to-live (TTL) duration configured for the Redis instance. Returns 0 if the Redis is nil.

func (*Redis) GetPrefix added in v1.4.11 

func (r *Redis) GetPrefix() string

GetPrefix retrieves the prefix associated with the Redis instance configuration. Returns an empty string if the Redis is nil.

func (*Redis) GetReadTimeout added in v1.11.0 

func (r *Redis) GetReadTimeout() time.Duration

GetReadTimeout returns the configured read timeout or the default of 100ms.

func (*Redis) GetSentinel added in v1.4.11 

func (r *Redis) GetSentinel() *Sentinels

GetSentinel returns a pointer to the Sentinels configuration of the Redis instance. Returns a new empty Sentinels struct if the Redis is nil.

func (*Redis) GetStandaloneMaster added in v1.4.11 

func (r *Redis) GetStandaloneMaster() Master

GetStandaloneMaster returns a pointer to the Master configuration of the Redis instance. Returns an empty Master struct if the Redis is nil.

func (*Redis) GetStandaloneReplica added in v1.4.11 

func (r *Redis) GetStandaloneReplica() Replica

GetStandaloneReplica returns a pointer to the Replica configuration of the Redis instance. Returns an empty Replica struct if the Redis is nil.

func (*Redis) GetTLS added in v1.4.11 

func (r *Redis) GetTLS() *TLS

GetTLS returns a pointer to the TLS configuration of the Redis instance. Returns a new empty TLS struct if the Redis is nil.

func (*Redis) GetWriteTimeout added in v1.11.0 

func (r *Redis) GetWriteTimeout() time.Duration

GetWriteTimeout returns the configured write timeout or the default of 100ms.

type RelayDomainsSection 

type RelayDomainsSection struct {
	SoftWhitelist `mapstructure:"soft_whitelist"`
	StaticDomains []string `mapstructure:"static" validate:"required,dive,hostname_rfc1123_with_opt_trailing_dot"`
}

func (*RelayDomainsSection) GetSoftWhitelist added in v1.7.7 

func (r *RelayDomainsSection) GetSoftWhitelist() SoftWhitelist

GetSoftWhitelist retrieves the SoftWhitelist from the RelayDomainsSection. Returns an empty map if the RelayDomainsSection is nil.

func (*RelayDomainsSection) GetStaticDomains added in v1.7.7 

func (r *RelayDomainsSection) GetStaticDomains() []string

GetStaticDomains retrieves the list of static domains from the RelayDomainsSection. Returns an empty slice if the RelayDomainsSection is nil.

func (*RelayDomainsSection) String 

func (r *RelayDomainsSection) String() string

type Replica 

type Replica struct {
	Address   string   `mapstructure:"address" validate:"omitempty,hostname_port"`
	Addresses []string `mapstructure:"addresses" validate:"omitempty,dive,hostname_port"`
}

Replica represents the configuration for a Redis replica instance.

func (Replica) GetAddress added in v1.4.11 

func (r Replica) GetAddress() string

GetAddress returns the address of the Redis replica instance as a string. Deprecated: Use GetAddresses() instead for retrieving all replica addresses

func (Replica) GetAddresses added in v1.4.11 

func (r Replica) GetAddresses() []string

GetAddresses retrieves the list of addresses associated with the Redis replica instance.

type Sentinels 

type Sentinels struct {
	Master    string   `mapstructure:"master" validate:"required,printascii,excludesall= "`
	Addresses []string `mapstructure:"addresses" validate:"required,dive,hostname_port"`
	Username  string   `mapstructure:"username" validate:"omitempty,excludesall= "`
	Password  string   `mapstructure:"password" validate:"omitempty,excludesall= "`
}

Sentinels represents the configuration for Redis Sentinel.

func (*Sentinels) GetAddresses added in v1.4.11 

func (s *Sentinels) GetAddresses() []string

GetAddresses returns the list of addresses for the Redis Sentinel configuration. Returns an empty slice if the Sentinels is nil.

func (*Sentinels) GetMasterName added in v1.4.11 

func (s *Sentinels) GetMasterName() string

GetMasterName returns the name of the master Redis instance configured in the Sentinels struct. Returns an empty string if the Sentinels is nil.

func (*Sentinels) GetPassword added in v1.4.11 

func (s *Sentinels) GetPassword() string

GetPassword retrieves the password configured for the Redis Sentinel connection. Returns an empty string if the Sentinels is nil.

func (*Sentinels) GetUsername added in v1.4.11 

func (s *Sentinels) GetUsername() string

GetUsername retrieves the username configured for the Redis Sentinel connection. Returns an empty string if the Sentinels is nil.

type ServerSection 

type ServerSection struct {
	Address                   string                   `mapstructure:"address" validate:"omitempty,tcp_addr"`
	MaxConcurrentRequests     int32                    `mapstructure:"max_concurrent_requests" validate:"omitempty,gte=1"`
	MaxPasswordHistoryEntries int32                    `mapstructure:"max_password_history_entries" validate:"omitempty,gte=1"`
	HTTP3                     bool                     `mapstructure:"http3"`
	HAproxyV2                 bool                     `mapstructure:"haproxy_v2"`
	DisabledEndpoints         Endpoint                 `mapstructure:"disabled_endpoints" validate:"omitempty"`
	TLS                       TLS                      `mapstructure:"tls" validate:"omitempty"`
	BasicAuth                 BasicAuth                `mapstructure:"basic_auth" validate:"omitempty"`
	JWTAuth                   JWTAuth                  `mapstructure:"jwt_auth" validate:"omitempty"`
	InstanceName              string                   `mapstructure:"instance_name" validate:"omitempty,max=255,printascii"`
	Log                       Log                      `mapstructure:"log" validate:"omitempty"`
	Backends                  []*Backend               `mapstructure:"backends" validate:"omitempty,dive"`
	Features                  []*Feature               `mapstructure:"features" validate:"omitempty,dive"`
	BruteForceProtocols       []*Protocol              `mapstructure:"brute_force_protocols" validate:"omitempty,dive"`
	HydraAdminUrl             string                   `mapstructure:"ory_hydra_admin_url" validate:"omitempty,http_url"`
	DNS                       DNS                      `mapstructure:"dns" validate:"omitempty"`
	Insights                  Insights                 `mapstructure:"insights" validate:"omitempty"`
	Redis                     Redis                    `mapstructure:"redis" vslidate:"required"`
	MasterUser                MasterUser               `mapstructure:"master_user" validate:"omitempty"`
	Frontend                  Frontend                 `mapstructure:"frontend" validate:"omitempty"`
	Dedup                     Dedup                    `mapstructure:"dedup" validate:"omitempty"`
	PrometheusTimer           PrometheusTimer          `mapstructure:"prometheus_timer" validate:"omitempty"`
	DefaultHTTPRequestHeader  DefaultHTTPRequestHeader `mapstructure:"default_http_request_header" validate:"omitempty"`
	HTTPClient                HTTPClient               `mapstructure:"http_client" validate:"omitempty"`
	Compression               Compression              `mapstructure:"compression" validate:"omitempty"`
	KeepAlive                 KeepAlive                `mapstructure:"keep_alive" validate:"omitempty"`
	Timeouts                  Timeouts                 `mapstructure:"timeouts" validate:"omitempty"`
}

ServerSection represents the configuration for a server, including network settings, TLS, logging, backends, features, protocol handling, and integrations with other systems such as Redis and Prometheus.

func (*ServerSection) GetBackends added in v1.4.11 

func (s *ServerSection) GetBackends() []*Backend

GetBackends retrieves the list of backends configured in the ServerSection instance. Returns an empty slice if the ServerSection is nil.

func (*ServerSection) GetBasicAuth added in v1.4.11 

func (s *ServerSection) GetBasicAuth() *BasicAuth

GetBasicAuth retrieves a pointer to the BasicAuth configuration from the ServerSection instance. Returns a new empty BasicAuth struct if the ServerSection is nil.

func (*ServerSection) GetBruteForceProtocols added in v1.4.11 

func (s *ServerSection) GetBruteForceProtocols() []*Protocol

GetBruteForceProtocols retrieves the list of brute force protection protocols configured in the ServerSection. Returns an empty slice if the ServerSection is nil.

func (*ServerSection) GetCompression added in v1.7.3 

func (s *ServerSection) GetCompression() *Compression

GetCompression retrieves a pointer to the Compression configuration from the ServerSection instance. Returns a new empty Compression struct if the ServerSection is nil.

func (*ServerSection) GetDNS added in v1.4.11 

func (s *ServerSection) GetDNS() *DNS

GetDNS retrieves the DNS configuration from the ServerSection instance. Returns a new empty DNS struct if the ServerSection is nil.

func (*ServerSection) GetDedup added in v1.10.0 

func (s *ServerSection) GetDedup() *Dedup

GetDedup returns the Dedup configuration section. If ServerSection is nil, it returns a zero-value Dedup.

func (*ServerSection) GetDefaultHTTPRequestHeader added in v1.4.11 

func (s *ServerSection) GetDefaultHTTPRequestHeader() *DefaultHTTPRequestHeader

GetDefaultHTTPRequestHeader retrieves a pointer to the DefaultHTTPRequestHeader configuration from the ServerSection instance. Returns a new empty DefaultHTTPRequestHeader struct if the ServerSection is nil.

func (*ServerSection) GetEndpoint added in v1.4.11 

func (s *ServerSection) GetEndpoint() *Endpoint

GetEndpoint retrieves a pointer to the DisabledEndpoints configuration from the ServerSection instance. Returns a new empty Endpoint struct if the ServerSection is nil.

func (*ServerSection) GetFeatures added in v1.4.11 

func (s *ServerSection) GetFeatures() []*Feature

GetFeatures retrieves the list of features configured in the ServerSection instance. Returns an empty slice if the ServerSection is nil.

func (*ServerSection) GetHTTPClient added in v1.4.11 

func (s *ServerSection) GetHTTPClient() *HTTPClient

GetHTTPClient retrieves the HTTP client configuration from the ServerSection instance. Returns a new empty HTTPClient struct if the ServerSection is nil.

func (*ServerSection) GetInsights added in v1.4.11 

func (s *ServerSection) GetInsights() *Insights

GetInsights retrieves a pointer to the Insights configuration from the ServerSection instance. Returns a new empty Insights struct if the ServerSection is nil.

func (*ServerSection) GetInstanceName added in v1.4.11 

func (s *ServerSection) GetInstanceName() string

GetInstanceName retrieves the instance name defined in the ServerSection configuration. Returns definitions.InstanceName as a default value if the ServerSection is nil.

func (*ServerSection) GetJWTAuth added in v1.7.0 

func (s *ServerSection) GetJWTAuth() *JWTAuth

GetJWTAuth retrieves a pointer to the JWTAuth configuration from the ServerSection instance. Returns a new empty JWTAuth struct if the ServerSection is nil.

func (*ServerSection) GetKeepAlive added in v1.7.3 

func (s *ServerSection) GetKeepAlive() *KeepAlive

GetKeepAlive retrieves a pointer to the KeepAlive configuration from the ServerSection instance. Returns a new empty KeepAlive struct if the ServerSection is nil.

func (*ServerSection) GetListenAddress added in v1.4.11 

func (s *ServerSection) GetListenAddress() string

GetListenAddress retrieves the server's listen address from the ServerSection configuration. Returns an empty string if the ServerSection is nil.

func (*ServerSection) GetLog added in v1.4.11 

func (s *ServerSection) GetLog() *Log

GetLog retrieves the logging configuration of the ServerSection instance. Returns a new empty Log struct if the ServerSection is nil.

func (*ServerSection) GetMasterUser added in v1.4.11 

func (s *ServerSection) GetMasterUser() *MasterUser

GetMasterUser retrieves a pointer to the MasterUser configuration from the ServerSection instance. Returns a new empty MasterUser struct if the ServerSection is nil.

func (*ServerSection) GetMaxConcurrentRequests added in v1.4.11 

func (s *ServerSection) GetMaxConcurrentRequests() int32

GetMaxConcurrentRequests retrieves the maximum number of concurrent requests allowed as configured in ServerSection. Returns 10 as a default value if the ServerSection is nil.

func (*ServerSection) GetMaxPasswordHistoryEntries added in v1.4.11 

func (s *ServerSection) GetMaxPasswordHistoryEntries() int32

GetMaxPasswordHistoryEntries retrieves the maximum number of password history entries defined in the ServerSection configuration. Returns definitions.MaxPasswordHistoryEntries as a default value if the ServerSection is nil.

func (*ServerSection) GetPrometheusTimer added in v1.4.11 

func (s *ServerSection) GetPrometheusTimer() *PrometheusTimer

GetPrometheusTimer retrieves a pointer to the PrometheusTimer configuration from the ServerSection instance. Returns a new empty PrometheusTimer struct if the ServerSection is nil.

func (*ServerSection) GetRedis added in v1.4.11 

func (s *ServerSection) GetRedis() *Redis

GetRedis returns a pointer to the Redis configuration of the ServerSection instance. Returns a new empty Redis struct if the ServerSection is nil.

func (*ServerSection) GetTLS added in v1.4.11 

func (s *ServerSection) GetTLS() *TLS

GetTLS retrieves the TLS configuration from the ServerSection instance. Returns a new empty TLS struct if the ServerSection is nil.

func (*ServerSection) GetTimeouts added in v1.10.0 

func (s *ServerSection) GetTimeouts() *Timeouts

GetTimeouts retrieves the Timeouts configuration section from ServerSection.

func (*ServerSection) IsHAproxyProtocolEnabled added in v1.4.11 

func (s *ServerSection) IsHAproxyProtocolEnabled() bool

IsHAproxyProtocolEnabled checks if the HAProxy protocol (version 2) is enabled in the server configuration and returns the result. Returns false as a default value if the ServerSection is nil.

func (*ServerSection) IsHTTP3Enabled added in v1.4.11 

func (s *ServerSection) IsHTTP3Enabled() bool

IsHTTP3Enabled checks if HTTP/3 protocol support is enabled in the server configuration and returns the corresponding boolean value. Returns false as a default value if the ServerSection is nil.

type SoftWhitelist added in v1.4.0 

type SoftWhitelist map[string][]string

SoftWhitelist is a type that represents a map linking a string key to a slice of string values. Typically used to associate users with a list of CIDR networks.

func NewSoftWhitelist added in v1.4.0 

func NewSoftWhitelist() SoftWhitelist

NewSoftWhitelist creates and returns a new instance of SoftWhitelist initialized as an empty map of string slices.

func (SoftWhitelist) Delete added in v1.4.0 

func (s SoftWhitelist) Delete(username, network string)

Delete removes the specified network from the user's whitelist in the SoftWhitelist. If the network is the only entry, the user is removed from the whitelist. The function does nothing if the whitelist is nil or if the user does not exist.

func (SoftWhitelist) Get added in v1.4.0 

func (s SoftWhitelist) Get(username string) []string

Get retrieves the list of networks associated with the specified username from the SoftWhitelist. If the SoftWhitelist is nil or the username does not exist, it returns nil.

func (SoftWhitelist) HasSoftWhitelist added in v1.4.0 

func (s SoftWhitelist) HasSoftWhitelist() bool

HasSoftWhitelist checks if the SoftWhitelist is non-nil and contains at least one entry.

func (SoftWhitelist) Set added in v1.4.0 

func (s SoftWhitelist) Set(username, network string)

Set adds a specified network to a user's whitelist if the network is valid and the username is not empty.

func (SoftWhitelist) String added in v1.4.0 

func (s SoftWhitelist) String() string

type SoftWhitelistProvider added in v1.4.0 

type SoftWhitelistProvider interface {
	// HasSoftWhitelist checks if there is at least one entry in the soft whitelist, returning true if it exists, otherwise false.
	HasSoftWhitelist() bool

	// Get retrieves the list of networks associated with the given username from the soft whitelist.
	Get(username string) []string

	// Set adds a specified network to a user's whitelist if the network is valid and the username is not empty.
	Set(username, network string)

	// Delete removes a specified network from the user's soft whitelist identified by the provided username.
	Delete(username, network string)
}

SoftWhitelistProvider defines the methods for managing a soft whitelist of networks associated with usernames. The interface allows checking the existence of a whitelist, retrieving, setting, and deleting networks.

type StringSet 

type StringSet map[string]any

StringSet is a storage container that ensures unique keys.

func NewStringSet 

func NewStringSet() StringSet

NewStringSet constructs a new StringSet

func (*StringSet) GetStringSlice 

func (s *StringSet) GetStringSlice() []string

GetStringSlice returns all values for a StringSet as a slice of strings. Returns an empty slice if the StringSet is nil.

func (*StringSet) Set 

func (s *StringSet) Set(value string)

Set adds an element to the StringSet

func (*StringSet) String added in v1.3.5 

func (s *StringSet) String() string

type TLS 

type TLS struct {
	Enabled              bool     `mapstructure:"enabled"`
	SkipVerify           bool     `mapstructure:"skip_verify"`
	HTTPClientSkipVerify bool     `mapstructure:"http_client_skip_verify"`
	MinTLSVersion        string   `mapstructure:"min_tls_version" validate:"omitempty,oneof=TLS1.2 TLS1.3"`
	Cert                 string   `mapstructure:"cert" validate:"omitempty,file"`
	Key                  string   `mapstructure:"key" validate:"omitempty,file"`
	CAFile               string   `mapstructure:"ca_file" validate:"omitempty,file"`
	CipherSuites         []string `mapstructure:"cipher_suites" validate:"omitempty,dive,alphanumsymbol"`
}

TLS represents the configuration for enabling TLS and managing certificates.

func (*TLS) GetCAFile added in v1.7.11 

func (t *TLS) GetCAFile() string

GetCAFile returns the CA certificate file path as a string. Returns an empty string if the TLS receiver is nil.

func (*TLS) GetCert added in v1.4.11 

func (t *TLS) GetCert() string

GetCert returns the TLS certificate as a string. Returns an empty string if the TLS is nil.

func (*TLS) GetCipherSuites added in v1.7.11 

func (t *TLS) GetCipherSuites() []string

GetCipherSuites returns the list of configured cipher suites as a slice of strings. Returns an empty slice if the TLS is nil.

func (*TLS) GetHTTPClientSkipVerify added in v1.4.11 

func (t *TLS) GetHTTPClientSkipVerify() bool

GetHTTPClientSkipVerify returns the value of the HTTPClientSkipVerify field, indicating whether TLS verification is skipped. Returns false if the TLS is nil. Deprecated: Use GetSkipVerify() instead

func (*TLS) GetKey added in v1.4.11 

func (t *TLS) GetKey() string

GetKey returns the TLS key as a string. Returns an empty string if the TLS is nil.

func (*TLS) GetMinTLSVersion added in v1.7.11 

func (t *TLS) GetMinTLSVersion() string

GetMinTLSVersion returns the minimum TLS version configured. Defaults to "TLS1.2" if unset or if the receiver is nil.

func (*TLS) GetSkipVerify added in v1.7.11 

func (t *TLS) GetSkipVerify() bool

GetSkipVerify returns the value of the SkipVerify field, indicating whether TLS certificate verification is skipped. Returns false if the TLS receiver is nil.

func (*TLS) IsEnabled added in v1.4.11 

func (t *TLS) IsEnabled() bool

IsEnabled returns true if TLS is enabled, otherwise false. Returns false if the TLS is nil.

type Timeouts added in v1.10.0 

type Timeouts struct {
	RedisRead        time.Duration `mapstructure:"redis_read"`
	RedisWrite       time.Duration `mapstructure:"redis_write"`
	LDAPSearch       time.Duration `mapstructure:"ldap_search"`
	LDAPBind         time.Duration `mapstructure:"ldap_bind"`
	LDAPModify       time.Duration `mapstructure:"ldap_modify"`
	SingleflightWork time.Duration `mapstructure:"singleflight_work"`
	LuaBackend       time.Duration `mapstructure:"lua_backend"`
}

Timeouts groups operation-specific timeouts under server.timeouts in the config.

func (*Timeouts) GetLDAPBind added in v1.10.0 

func (t *Timeouts) GetLDAPBind() time.Duration

GetLDAPBind returns timeout for LDAP bind/auth operations. Defaults to 3s if unset/invalid.

func (*Timeouts) GetLDAPModify added in v1.10.0 

func (t *Timeouts) GetLDAPModify() time.Duration

GetLDAPModify returns timeout for LDAP modify operations. Defaults to 5s if unset/invalid.

func (*Timeouts) GetLDAPSearch added in v1.10.0 

func (t *Timeouts) GetLDAPSearch() time.Duration

GetLDAPSearch returns timeout for LDAP search operations. Defaults to 3s if unset/invalid.

func (*Timeouts) GetLuaBackend added in v1.10.0 

func (t *Timeouts) GetLuaBackend() time.Duration

GetLuaBackend returns timeout for Lua backend operations. Defaults to 5s if unset/invalid.

func (*Timeouts) GetRedisRead added in v1.10.0 

func (t *Timeouts) GetRedisRead() time.Duration

GetRedisRead returns the timeout for Redis read operations. Defaults to 1s if unset/invalid.

func (*Timeouts) GetRedisWrite added in v1.10.0 

func (t *Timeouts) GetRedisWrite() time.Duration

GetRedisWrite returns the timeout for Redis write operations. Defaults to 2s if unset/invalid.

func (*Timeouts) GetSingleflightWork added in v1.10.0 

func (t *Timeouts) GetSingleflightWork() time.Duration

GetSingleflightWork returns timeout for the actual singleflight leader work. Defaults to the larger of LDAP search/bind timeouts, or 3s if unset.

type Tolerate added in v1.5.1 

type Tolerate struct {
	IPAddress          string        `mapstructure:"ip_address" validate:"required,ip_addr|cidr"`
	ToleratePercent    uint8         `mapstructure:"tolerate_percent" validate:"required,min=0,max=100"`
	TolerateTTL        time.Duration `mapstructure:"tolerate_ttl" validate:"required,gt=0,max=8760h"`
	AdaptiveToleration bool          `mapstructure:"adaptive_toleration"`
	MinToleratePercent uint8         `mapstructure:"min_tolerate_percent" validate:"omitempty,min=0,max=100"`
	MaxToleratePercent uint8         `mapstructure:"max_tolerate_percent" validate:"omitempty,min=0,max=100"`
	ScaleFactor        float64       `mapstructure:"scale_factor" validate:"omitempty,min=0.1,max=10"`
}

Tolerate represents a configuration item for toleration settings based on IP, percentage, and Time-to-Live (TTL).

func (*Tolerate) GetAdaptiveToleration added in v1.7.7 

func (t *Tolerate) GetAdaptiveToleration() bool

GetAdaptiveToleration checks if adaptive toleration is enabled in the Tolerate configuration. Returns false if the Tolerate is nil.

func (*Tolerate) GetIPAddress added in v1.7.7 

func (t *Tolerate) GetIPAddress() string

GetIPAddress retrieves the IP address from the Tolerate configuration. Returns an empty string if the Tolerate is nil.

func (*Tolerate) GetMaxToleratePercent added in v1.7.7 

func (t *Tolerate) GetMaxToleratePercent() uint8

GetMaxToleratePercent retrieves the maximum tolerate percent value from the Tolerate configuration. Returns 50 as default if not set or if the Tolerate is nil.

func (*Tolerate) GetMinToleratePercent added in v1.7.7 

func (t *Tolerate) GetMinToleratePercent() uint8

GetMinToleratePercent retrieves the minimum tolerate percent value from the Tolerate configuration. Returns 10 as default if not set or if the Tolerate is nil.

func (*Tolerate) GetScaleFactor added in v1.7.7 

func (t *Tolerate) GetScaleFactor() float64

GetScaleFactor retrieves the scale factor value from the Tolerate configuration. Returns 1.0 as default if not set or if the Tolerate is nil.

func (*Tolerate) GetToleratePercent added in v1.7.7 

func (t *Tolerate) GetToleratePercent() uint8

GetToleratePercent retrieves the tolerate percent value from the Tolerate configuration. Returns 0 if the Tolerate is nil.

func (*Tolerate) GetTolerateTTL added in v1.7.7 

func (t *Tolerate) GetTolerateTTL() time.Duration

GetTolerateTTL retrieves the tolerate TTL duration from the Tolerate configuration. Returns 0 if the Tolerate is nil.

type Verbosity 

type Verbosity struct {
	// contains filtered or unexported fields
}

Verbosity is a type that represents the verbosity details.

func (*Verbosity) Get 

func (v *Verbosity) Get() string

Get returns the name of the log level as string.

func (*Verbosity) Level 

func (v *Verbosity) Level() int

Level returns the verbosity level of the Verbosity instance.

func (*Verbosity) Set 

func (v *Verbosity) Set(value string) error

Set updates the verbosity level and name based on the provided value. It returns an error if the value is not valid. Valid values for the verbosity level are "none", "error", "warn", "info", and "debug". If the value is valid, the verboseLevel and name fields are updated accordingly. An error of type ErrWrongVerboseLevel is returned if the value is not valid.

func (*Verbosity) String 

func (v *Verbosity) String() string

func (*Verbosity) Type 

func (v *Verbosity) Type() string

Type returns the type of the Verbosity struct.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.