Documentation
¶
Index ¶
- Constants
- func LoadCertificatesAndValidatorFromFile(fn string) (string, []*x509.Certificate, crypto.PublicKey, error)
- func LoadSignerFromFile(fn string) (string, crypto.Signer, error)
- func LoadValidatorFromFile(fn string) (string, crypto.PublicKey, error)
- func RegisterIdentityManager(name string, f IdentityManagerFactory) error
- func WithSchemeAndHost(u, base *url.URL) *url.URL
- type APIType
- type Bootstrap
- type Config
- type IdentityManagerFactory
- type Settings
Constants ¶
const ( DefaultSigningKeyID = "default" DefaultSigningKeyBits = 2048 DefaultGuestIdentityManagerName = "guest" DefaultCookieSameSite = http.SameSiteNoneMode )
Defaults.
Variables ¶
This section is empty.
Functions ¶
func LoadCertificatesAndValidatorFromFile ¶ added in v0.57.0
func LoadCertificatesAndValidatorFromFile(fn string) (string, []*x509.Certificate, crypto.PublicKey, error)
LoadCertificatesAndValidatorFromFile loads chain of certificates and a public-key used for validation.
Supported formats are JSON-JWK and PEM
func LoadSignerFromFile ¶
LoadSignerFromFile loads a private-key for signing
Supports JSON (JWK/JWS) and PEM
func LoadValidatorFromFile ¶
LoadValidatorFromFile loads a public-key used for validation.
Supported formats are JSON-JWK and PEM
func RegisterIdentityManager ¶
func RegisterIdentityManager(name string, f IdentityManagerFactory) error
Types ¶
type Bootstrap ¶
type Bootstrap interface {
Config() *Config
Managers() *managers.Managers
MakeURIPath(api APIType, subpath string) string
}
Bootstrap is a data structure to hold configuration required to start konnectd.
func Boot ¶
Boot is the main entry point to bootstrap the service after validating the given configuration. The resulting Bootstrap struct can be used to retrieve configured identity-managers and their respective http-handlers and config.
This function should be used by consumers which want to embed this project as a library.
type Config ¶
type Config struct {
Config *config.Config
Settings *Settings
SignInFormURI *url.URL
SignedOutURI *url.URL
AuthorizationEndpointURI *url.URL
EndSessionEndpointURI *url.URL
TLSClientConfig *tls.Config
IssuerIdentifierURI *url.URL
IdentifierClientDisabled bool
IdentifierClientPath string
IdentifierRegistrationConf string
IdentifierAuthoritiesConf string
IdentifierScopesConf string
IdentifierDefaultBannerLogo []byte
IdentifierDefaultSignInPageText *string
IdentifierDefaultLogoTargetURI *string
IdentifierDefaultUsernameHintText *string
IdentifierUILocales []string
EncryptionSecret []byte
SigningMethod jwt.SigningMethod
SigningKeyID string
Signers map[string]crypto.Signer
Validators map[string]crypto.PublicKey
Certificates map[string][]*x509.Certificate
AccessTokenDurationSeconds uint64
IDTokenDurationSeconds uint64
RefreshTokenDurationSeconds uint64
DyamicClientSecretDurationSeconds uint64
CookieSameSite http.SameSite
}
Config is a typed application config which represents the active bootstrap configuration.
type Settings ¶
type Settings struct {
Iss string
IdentityManager string
URIBasePath string
SignInURI string
SignedOutURI string
AuthorizationEndpointURI string
EndsessionEndpointURI string
Insecure bool
TrustedProxy []string
AllowScope []string
AllowClientGuests bool
AllowDynamicClientRegistration bool
EncryptionSecretFile string
Listen string
IdentifierClientDisabled bool
IdentifierClientPath string
IdentifierRegistrationConf string
IdentifierScopesConf string
IdentifierDefaultBannerLogo string
IdentifierDefaultSignInPageText string
IdentifierDefaultLogoTargetURI string
IdentifierDefaultUsernameHintText string
IdentifierUILocales []string
SigningKid string
SigningMethod string
SigningPrivateKeyFiles []string
ValidationKeysPath string
CookieBackendURI string
CookieNames []string
CookieSameSite http.SameSite
AccessTokenDurationSeconds uint64
IDTokenDurationSeconds uint64
RefreshTokenDurationSeconds uint64
DyamicClientSecretDurationSeconds uint64
}
Settings is a typed application config which represents the user accessible boostrap settings params.
Source Files
Directories