config

package
v0.1.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 6, 2025 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrServiceNameRequired is returned when service name is not provided
	ErrServiceNameRequired = errors.New("service name is required")

	// ErrCookieSecretRequired is returned when cookie secret is not provided
	ErrCookieSecretRequired = errors.New("cookie secret is required")

	// ErrCookieSecretTooShort is returned when cookie secret is too short
	ErrCookieSecretTooShort = errors.New("cookie secret must be at least 32 characters")

	// ErrNoEnabledProviders is returned when no OAuth2 providers are enabled
	ErrNoEnabledProviders = errors.New("at least one OAuth2 provider must be enabled")

	// ErrNoAuthMethod is returned when no authentication method is enabled (OAuth2 or email)
	ErrNoAuthMethod = errors.New("at least one authentication method must be enabled (OAuth2 or email authentication)")

	// ErrConfigFileNotFound is returned when config file is not found
	ErrConfigFileNotFound = errors.New("configuration file not found")

	// ErrEncryptionKeyRequired is returned when encryption is enabled but key is not provided
	ErrEncryptionKeyRequired = errors.New("encryption key is required when encryption is enabled")

	// ErrEncryptionKeyTooShort is returned when encryption key is too short
	ErrEncryptionKeyTooShort = errors.New("encryption key must be at least 32 characters")

	// ErrEncryptionConfigRequired is returned when encrypt filter is used but encryption config is not provided
	ErrEncryptionConfigRequired = errors.New("encryption configuration is required when 'encrypt' filter is used")
)

Functions

This section is empty.

Types

type AssetsConfig 

type AssetsConfig struct {
	Optimization OptimizationConfig `yaml:"optimization" json:"optimization"` // Optimization settings
}

AssetsConfig contains assets configuration

type AuthorizationConfig 

type AuthorizationConfig struct {
	Allowed []string `yaml:"allowed" json:"allowed"` // Email addresses or domains (domain starts with @)
}

AuthorizationConfig contains authorization settings

type Config 

type Config struct {
	Service       ServiceConfig       `yaml:"service" json:"service"`
	Server        ServerConfig        `yaml:"server" json:"server"`
	Session       SessionConfig       `yaml:"session" json:"session"`
	OAuth2        OAuth2Config        `yaml:"oauth2" json:"oauth2"`
	EmailAuth     EmailAuthConfig     `yaml:"email_auth" json:"email_auth"`
	Authorization AuthorizationConfig `yaml:"authorization" json:"authorization"`
	Logging       LoggingConfig       `yaml:"logging" json:"logging"`
	KVS           KVSConfig           `yaml:"kvs" json:"kvs"`               // KVS storage configuration
	Forwarding    ForwardingConfig    `yaml:"forwarding" json:"forwarding"` // User info forwarding configuration
	Rules         rules.Config        `yaml:"rules" json:"rules"`           // Access control rules configuration
	Assets        AssetsConfig        `yaml:"assets" json:"assets"`         // Assets configuration
}

Config represents the application configuration

func (*Config) Validate 

func (c *Config) Validate() error

Validate checks if the configuration is valid Returns a ValidationError containing all validation errors found

type EmailAuthConfig 

type EmailAuthConfig struct {
	Enabled    bool             `yaml:"enabled" json:"enabled"`
	SenderType string           `yaml:"sender_type" json:"sender_type"` // "smtp" or "sendgrid"
	SMTP       SMTPConfig       `yaml:"smtp" json:"smtp"`
	SendGrid   SendGridConfig   `yaml:"sendgrid" json:"sendgrid"`
	Token      EmailTokenConfig `yaml:"token" json:"token"`
}

EmailAuthConfig contains email authentication settings

type EmailTokenConfig 

type EmailTokenConfig struct {
	Expire string `yaml:"expire" json:"expire"`
}

EmailTokenConfig contains token expiration settings

func (EmailTokenConfig) GetTokenExpireDuration 

func (e EmailTokenConfig) GetTokenExpireDuration() (time.Duration, error)

GetTokenExpireDuration returns the token expiration as a time.Duration

type EncryptionConfig 

type EncryptionConfig struct {
	Key       string `yaml:"key" json:"key"`                                 // Encryption key (required if encrypt filter is used)
	Algorithm string `yaml:"algorithm,omitempty" json:"algorithm,omitempty"` // Encryption algorithm (default: "aes-256-gcm")
}

EncryptionConfig contains encryption settings

func (EncryptionConfig) GetAlgorithm 

func (e EncryptionConfig) GetAlgorithm() string

GetAlgorithm returns the encryption algorithm with default value

type FileLoader 

type FileLoader struct {
	// contains filtered or unexported fields
}

FileLoader loads configuration from a YAML or JSON file

func NewFileLoader 

func NewFileLoader(path string) *FileLoader

NewFileLoader creates a new FileLoader

func (*FileLoader) Load 

func (l *FileLoader) Load() (*Config, error)

Load reads and parses the configuration file Supports both YAML (.yaml, .yml) and JSON (.json) formats Format is automatically detected from file extension

type FilterList 

type FilterList []string

FilterList represents a list of filters (can be comma-separated string or array)

func (*FilterList) UnmarshalYAML 

func (f *FilterList) UnmarshalYAML(unmarshal func(interface{}) error) error

UnmarshalYAML implements custom YAML unmarshaling to support both string and array formats

type ForwardingConfig 

type ForwardingConfig struct {
	Encryption *EncryptionConfig `yaml:"encryption,omitempty" json:"encryption,omitempty"` // Optional encryption settings
	Fields     []ForwardingField `yaml:"fields" json:"fields"`                             // Field forwarding definitions
}

ForwardingConfig contains user info forwarding settings

type ForwardingField 

type ForwardingField struct {
	Path    string     `yaml:"path" json:"path"`                           // Dot-separated path to field (e.g., "email", "userinfo.avatar_url", "." for entire object)
	Query   string     `yaml:"query,omitempty" json:"query,omitempty"`     // Query parameter name for login redirect (optional)
	Header  string     `yaml:"header,omitempty" json:"header,omitempty"`   // HTTP header name for all requests (optional)
	Filters FilterList `yaml:"filters,omitempty" json:"filters,omitempty"` // Filters to apply (e.g., "encrypt,zip" or ["encrypt", "zip"])
}

ForwardingField defines how to forward a single field

type KVSConfig 

type KVSConfig struct {
	// Default KVS configuration (shared by all use cases)
	Default kvs.Config `yaml:"default" json:"default"`

	// Optional override for session storage
	// If nil, uses Default with session namespace prefix
	Session *kvs.Config `yaml:"session,omitempty" json:"session,omitempty"`

	// Optional override for token storage
	// If nil, uses Default with token namespace prefix
	Token *kvs.Config `yaml:"token,omitempty" json:"token,omitempty"`

	// Optional override for rate limit storage
	// If nil, uses Default with ratelimit namespace prefix
	RateLimit *kvs.Config `yaml:"ratelimit,omitempty" json:"ratelimit,omitempty"`

	// Namespace prefixes for shared KVS (has defaults)
	Namespaces NamespaceConfig `yaml:"namespaces" json:"namespaces"`
}

KVSConfig contains the unified KVS configuration with optional overrides. This design allows sharing a single KVS backend across multiple use cases with namespace isolation, while still supporting dedicated backends when needed.

type Loader 

type Loader interface {
	Load() (*Config, error)
}

Loader is an interface for loading configuration

type LoggingConfig 

type LoggingConfig struct {
	Level       string `yaml:"level" json:"level"`
	ModuleLevel string `yaml:"module_level" json:"module_level"`
	Color       bool   `yaml:"color" json:"color"`
}

LoggingConfig contains logging settings

type NamespaceConfig 

type NamespaceConfig struct {
	Session   string `yaml:"session" json:"session"`     // Default: "session"
	Token     string `yaml:"token" json:"token"`         // Default: "token"
	RateLimit string `yaml:"ratelimit" json:"ratelimit"` // Default: "ratelimit"
}

NamespaceConfig defines the key prefixes for each use case when sharing a KVS

func (*NamespaceConfig) SetDefaults 

func (n *NamespaceConfig) SetDefaults()

SetDefaults sets default namespace names if not specified

type OAuth2Config 

type OAuth2Config struct {
	Providers []OAuth2Provider `yaml:"providers" json:"providers"`
}

OAuth2Config contains OAuth2 provider settings

type OAuth2Provider 

type OAuth2Provider struct {
	Name         string `yaml:"name" json:"name"`
	Type         string `yaml:"type" json:"type"` // "google", "github", "microsoft", "custom" (optional, defaults to name)
	DisplayName  string `yaml:"display_name" json:"display_name"`
	ClientID     string `yaml:"client_id" json:"client_id"`
	ClientSecret string `yaml:"client_secret" json:"client_secret"`
	Disabled     bool   `yaml:"disabled" json:"disabled"` // If true, provider is hidden from login page
	IconURL      string `yaml:"icon_url" json:"icon_url"` // Optional custom icon URL (if not set, uses default icon based on provider type)

	// Custom provider settings (only used when Type is "custom")
	AuthURL            string `yaml:"auth_url" json:"auth_url"`                         // Custom authorization endpoint
	TokenURL           string `yaml:"token_url" json:"token_url"`                       // Custom token endpoint
	UserInfoURL        string `yaml:"userinfo_url" json:"userinfo_url"`                 // Custom userinfo endpoint
	JWKSURL            string `yaml:"jwks_url" json:"jwks_url"`                         // Optional OIDC JWKS URL
	InsecureSkipVerify bool   `yaml:"insecure_skip_verify" json:"insecure_skip_verify"` // Allow HTTP for testing (default: false)

	// OAuth2 scopes to request
	Scopes      []string `yaml:"scopes" json:"scopes"`             // OAuth2 scopes to request (e.g., ["openid", "email", "profile", "analytics"])
	ResetScopes bool     `yaml:"reset_scopes" json:"reset_scopes"` // If true, replaces default scopes; if false, adds to default scopes (default: false)
}

OAuth2Provider represents a single OAuth2 provider configuration

type OptimizationConfig 

type OptimizationConfig struct {
	Dify bool `yaml:"dify" json:"dify"` // If true, load dify.css for iframe optimizations
}

OptimizationConfig contains optimization settings for assets

type RedisSessionConfig 

type RedisSessionConfig struct {
	Addr     string `yaml:"addr" json:"addr"`         // Redis server address (host:port)
	Password string `yaml:"password" json:"password"` // Redis password (optional)
	DB       int    `yaml:"db" json:"db"`             // Redis database number
	Prefix   string `yaml:"prefix" json:"prefix"`     // Key prefix for sessions (default: "session:")
}

RedisSessionConfig contains Redis session store settings

type SMTPConfig 

type SMTPConfig struct {
	Host     string `yaml:"host" json:"host"`
	Port     int    `yaml:"port" json:"port"`
	Username string `yaml:"username" json:"username"`
	Password string `yaml:"password" json:"password"`
	From     string `yaml:"from" json:"from"`
	FromName string `yaml:"from_name" json:"from_name"`
	TLS      bool   `yaml:"tls" json:"tls"`
	StartTLS bool   `yaml:"starttls" json:"starttls"`
}

SMTPConfig contains SMTP server settings

type SendGridConfig 

type SendGridConfig struct {
	APIKey      string `yaml:"api_key" json:"api_key"`
	From        string `yaml:"from" json:"from"`
	FromName    string `yaml:"from_name" json:"from_name"`
	EndpointURL string `yaml:"endpoint_url" json:"endpoint_url"` // Optional custom endpoint URL (default: https://api.sendgrid.com)
}

SendGridConfig contains SendGrid API settings

type ServerConfig 

type ServerConfig struct {
	AuthPathPrefix string `yaml:"auth_path_prefix" json:"auth_path_prefix"` // Path prefix for authentication endpoints (default: "/_auth")
	BaseURL        string `yaml:"base_url" json:"base_url"`                 // Optional: Base URL for email links and OAuth2 callback (e.g., "https://example.com:8443" or "http://localhost:4181")
}

ServerConfig contains authentication server settings

func (ServerConfig) GetAuthPathPrefix 

func (s ServerConfig) GetAuthPathPrefix() string

GetAuthPathPrefix returns the authentication path prefix If not set, returns the default "/_auth"

func (ServerConfig) GetCallbackURL 

func (s ServerConfig) GetCallbackURL(host string, port int) string

GetCallbackURL returns the OAuth2 callback URL Automatically generated from BaseURL and AuthPathPrefix Format: {base_url}{auth_path_prefix}/oauth2/callback If BaseURL is not set, defaults to http://host:port

type ServiceConfig 

type ServiceConfig struct {
	Name        string `yaml:"name" json:"name"`
	Description string `yaml:"description" json:"description"`
	IconURL     string `yaml:"icon_url" json:"icon_url"`     // Icon URL for auth header (48px icon)
	LogoURL     string `yaml:"logo_url" json:"logo_url"`     // Logo URL for auth header (larger logo image)
	LogoWidth   string `yaml:"logo_width" json:"logo_width"` // Logo width (e.g., "100px", "150px", "200px", default: "200px")
}

ServiceConfig contains service-level settings

type SessionConfig 

type SessionConfig struct {
	CookieName     string             `yaml:"cookie_name" json:"cookie_name"`
	CookieSecret   string             `yaml:"cookie_secret" json:"cookie_secret"`
	CookieExpire   string             `yaml:"cookie_expire" json:"cookie_expire"`
	CookieSecure   bool               `yaml:"cookie_secure" json:"cookie_secure"`
	CookieHTTPOnly bool               `yaml:"cookie_httponly" json:"cookie_httponly"`
	CookieSameSite string             `yaml:"cookie_samesite" json:"cookie_samesite"`
	StoreType      string             `yaml:"store_type" json:"store_type"` // "memory" or "redis" (default: "memory")
	Redis          RedisSessionConfig `yaml:"redis" json:"redis"`           // Redis configuration (used when store_type is "redis")
}

SessionConfig contains session management settings

func (SessionConfig) GetCookieExpireDuration 

func (s SessionConfig) GetCookieExpireDuration() (time.Duration, error)

GetCookieExpireDuration returns the cookie expiration as a time.Duration

type ValidationError 

type ValidationError struct {
	Errors []error
}

ValidationError represents multiple validation errors

func NewValidationError 

func NewValidationError() *ValidationError

NewValidationError creates a new ValidationError

func (*ValidationError) Add 

func (v *ValidationError) Add(err error)

Add adds an error to the validation error list

func (*ValidationError) Error 

func (v *ValidationError) Error() string

Error implements the error interface

func (*ValidationError) ErrorOrNil 

func (v *ValidationError) ErrorOrNil() error

ErrorOrNil returns the error if there are any validation errors, otherwise nil

func (*ValidationError) HasErrors 

func (v *ValidationError) HasErrors() bool

HasErrors returns true if there are any validation errors

func (*ValidationError) Is 

func (v *ValidationError) Is(target error) bool

Is implements the errors.Is interface for single error case

func (*ValidationError) Unwrap 

func (v *ValidationError) Unwrap() error

Unwrap implements the errors.Unwrap interface for single error case

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.