service

package
v0.2.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 24, 2022 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidGRPCTLSConfig = errors.New("'grpc.tls.cert' and 'grpc.tls.key' configs must be set")
	ErrInvalidHTTPTLSConfig = errors.New("'http.tls.cert' and 'http.tls.key' configs must be set")
)

Functions

func BuildService 

func BuildService(config *Config, logger logger.Logger) (*service, error)

Types

type AuthnConfig added in v0.1.5 

type AuthnConfig struct {

	// Method is the authentication method that should be enforced (e.g. 'none', 'preshared', 'oidc')
	Method                   string
	*AuthnOIDCConfig         `mapstructure:"oidc"`
	*AuthnPresharedKeyConfig `mapstructure:"preshared"`
}

AuthnConfig defines OpenFGA server configurations for authentication specific settings.

type AuthnOIDCConfig added in v0.1.5 

type AuthnOIDCConfig struct {
	Issuer   string
	Audience string
}

AuthnOIDCConfig defines configurations for the 'oidc' method of authentication.

type AuthnPresharedKeyConfig added in v0.1.5 

type AuthnPresharedKeyConfig struct {

	// Keys define the preshared keys to verify authn tokens against.
	Keys []string
}

AuthnPresharedKeyConfig defines configurations for the 'preshared' method of authentication.

type Config 

type Config struct {

	// ListObjectsDeadline defines the maximum amount of time to accumulate ListObjects results
	// before the server will respond. This is to protect the server from misuse of the
	// ListObjects endpoints.
	ListObjectsDeadline time.Duration

	// ListObjectsMaxResults defines the maximum number of ListObjects results to accumulate
	// before the server will respond. This is to protect the server from misuse of the
	// ListObjects endpoints.
	ListObjectsMaxResults uint32

	// MaxTuplesPerWrite defines the maximum number of tuples per Write endpoint.
	MaxTuplesPerWrite int

	// MaxTypesPerAuthorizationModel defines the maximum number of type definitions per authorization model for the WriteAuthorizationModel endpoint.
	MaxTypesPerAuthorizationModel int

	// ChangelogHorizonOffset is an offset in minutes from the current time. Changes that occur after this offset will not be included in the response of ReadChanges.
	ChangelogHorizonOffset int

	// ResolveNodeLimit indicates how deeply nested an authorization model can be.
	ResolveNodeLimit uint32

	Datastore  DatastoreConfig
	GRPC       GRPCConfig
	HTTP       HTTPConfig
	Authn      AuthnConfig
	Log        LogConfig
	Playground PlaygroundConfig
	Profiler   ProfilerConfig
}

func DefaultConfig added in v0.1.5 

func DefaultConfig() *Config

DefaultConfig returns the OpenFGA server default configurations.

func DefaultConfigWithRandomPorts added in v0.2.3 

func DefaultConfigWithRandomPorts() (*Config, error)

func GetServiceConfig 

func GetServiceConfig() (*Config, error)

GetServiceConfig returns the OpenFGA server configuration based on the values provided in the server's 'config.yaml' file. The 'config.yaml' file is loaded from '/etc/openfga', '$HOME/.openfga', or the current working directory. If no configuration file is present, the default values are returned.

type DatastoreConfig added in v0.1.5 

type DatastoreConfig struct {

	// Engine is the datastore engine to use (e.g. 'memory', 'postgres', 'mysql')
	Engine string
	URI    string

	// MaxCacheSize is the maximum number of cache keys that the storage cache can store before evicting
	// old keys. The storage cache is used to cache query results for various static resources
	// such as type definitions.
	MaxCacheSize int
}

DatastoreConfig defines OpenFGA server configurations for datastore specific settings.

type GRPCConfig added in v0.1.5 

type GRPCConfig struct {
	Addr string
	TLS  TLSConfig
}

GRPCConfig defines OpenFGA server configurations for grpc server specific settings.

type HTTPConfig added in v0.1.5 

type HTTPConfig struct {
	Enabled bool
	Addr    string
	TLS     TLSConfig

	// UpstreamTimeout is the timeout duration for proxying HTTP requests upstream
	// to the grpc endpoint.
	UpstreamTimeout time.Duration

	CORSAllowedOrigins []string `default:"*" split_words:"true"`
	CORSAllowedHeaders []string `default:"*" split_words:"true"`
}

HTTPConfig defines OpenFGA server configurations for HTTP server specific settings.

type LogConfig added in v0.1.5 

type LogConfig struct {

	// Format is the log format to use in the log output (e.g. 'text' or 'json')
	Format string
}

LogConfig defines OpenFGA server configurations for log specific settings. For production we recommend using the 'json' log format.

type PlaygroundConfig added in v0.1.5 

type PlaygroundConfig struct {
	Enabled bool
	Port    int
}

PlaygroundConfig defines OpenFGA server configurations for the Playground specific settings.

type ProfilerConfig added in v0.1.5 

type ProfilerConfig struct {
	Enabled bool
	Addr    string
}

ProfilerConfig defines server configurations specific to pprof profiling.

type TLSConfig added in v0.1.5 

type TLSConfig struct {
	Enabled  bool
	CertPath string `mapstructure:"cert"`
	KeyPath  string `mapstructure:"key"`
}

TLSConfig defines configuration specific to Transport Layer Security (TLS) settings.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.