config

package
v0.10.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 17, 2025 License: Apache-2.0 Imports: 1 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Cedar added in v0.3.0 

type Cedar struct {
	// PolicyPath is the path to Cedar policy files
	PolicyPath string
}

Cedar configuration

type ClientData 

type ClientData struct {
	// SigningKeyIDFilePath is the file containing the key ID for the signing key.
	// The key itself is expected in the same directory as <keyID>.pem.
	// The loading is based on the internal/signing package.
	// The signing itself is based on github.com/openkcm/common-sdk/pkg/auth.
	SigningKeyIDFilePath string `yaml:"signingKeyIDFilePath"`
}

ClientData configuration

type Config 

type Config struct {
	commoncfg.BaseConfig `mapstructure:",squash"`

	// gRPC server configuration
	GRPCServer GRPCServer `yaml:"grpcServer"`

	// Cedar configuration
	Cedar Cedar `yaml:"cedar"`

	// Client Certificate handling
	MTLS MTLS `yaml:"mtls"`

	// JWT Token handling
	JWT JWT `yaml:"jwt"`

	// ClientData configuration
	ClientData ClientData `yaml:"clientData"`

	// SessionPathPrefixes configures http path prefixes for which we expect
	// sessions and which have the tenant ID as next path segment e.g.
	// - /lvl1       will match paths like /lvl1/{tenantID}/...
	// - /lvl1/lvl2  will match paths like /lvl1/lvl2{tenantID}/...
	SessionPathPrefixes []string `yaml:"sessionPathPrefixes"`

	// Session Manager configuration (optional)
	SessionManager commoncfg.GRPCClient `yaml:"sessionManager"`

	// CSRFSecret is a key using to generate the CSRF token.
	CSRFSecret commoncfg.SourceRef `yaml:"csrfSecret"`
}

type GRPCServer 

type GRPCServer struct {
	commoncfg.GRPCServer `mapstructure:",squash"`

	// also embed client attributes for the gRPC health check client
	Client commoncfg.GRPCClient
}

GRPCServer server configuration

type JWT 

type JWT struct {
	// IssuerClaimKeys configures the JWT issuer keys
	IssuerClaimKeys []string `yaml:"issuerClaimKeys" default:"['iss']"`

	// A list of static JWT providers
	Providers []Provider `yaml:"providers"`

	// HTTP client configuration for interacting with OIDC providers
	HTTPClient commoncfg.HTTPClient `yaml:"httpClient"`

	// Define providers as k8s custom resources
	// Deprecated: use Providers and ProviderSource instead
	K8sProviders K8sProviders `yaml:"k8sProviders"`
}

type K8sProviders deprecated 

type K8sProviders struct {
	Enabled    bool   `yaml:"enabled" default:"true"`
	APIGroup   string `yaml:"apiGroup" default:"gateway.extensions.envoyproxy.io"`
	APIVersion string `yaml:"apoVersion" default:"v1alpha1"`
	Name       string `yaml:"name" default:"jwtproviders"`
	Namespace  string `yaml:"namespace" default:"default"`
}

Deprecated: use Providers and ProviderSource instead

type MTLS 

type MTLS struct {
	// TrustedSubjectsYaml is a path to a YAML file holding a list of
	// trusted client certificate subjects and their respective regions.
	TrustedSubjectsYaml string
}

type Provider added in v0.5.0 

type Provider struct {
	Issuer    string   `yaml:"issuer"`
	JwksURI   string   `yaml:"jwksURI"`
	Audiences []string `yaml:"audiences"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.