Documentation
¶
Index ¶
Constants ¶
View Source
const ( HeaderForwardedClientCert = "x-forwarded-client-cert" HeaderAuthorization = "authorization" )
View Source
const ( User userType = "user" TechnicalUser userType = "technical-user" System userType = "system" )
View Source
const ( UNKNOWN checkResultCode = iota ALLOWED DENIED UNAUTHENTICATED )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func NewServer ¶
func NewServer(signingKeyFunc SigningKeyFunc, opts ...ServerOption) (*Server, error)
NewServer creates a new server and applies the given options.
func (*Server) Check ¶
func (srv *Server) Check(ctx context.Context, req *envoy_auth.CheckRequest) (*envoy_auth.CheckResponse, error)
Check processes the JWT token and/or client certificate to authorize the request.
type ServerOption ¶
ServerOption is used to configure a server.
func WithEnrichHeaderWithRegion ¶
func WithEnrichHeaderWithRegion(b bool) ServerOption
func WithEnrichHeaderWithType ¶
func WithEnrichHeaderWithType(b bool) ServerOption
func WithJWTHandler ¶
func WithJWTHandler(hdl *jwthandler.Handler) ServerOption
func WithPolicyEngine ¶
func WithPolicyEngine(pe policyEngine) ServerOption
func WithTrustedSubjects ¶
func WithTrustedSubjects(m map[string]string) ServerOption
type SigningKeyFunc ¶
type SigningKeyFunc func() (string, *rsa.PrivateKey, error)
SigningKeyFunc is a function that returns a private key and its ID.
Source Files
Click to show internal directories.
Click to hide internal directories.