cfg

package
v0.45.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 25, 2025 License: MIT Imports: 27 Imported by: 38

Documentation

Index

Constants

View Source 
const (

	// ErrCtxKey set or check the http request context to see if it has errored
	// see `responses.Error401` and `jwtmanager.JWTCacheHandler` for example
	ErrCtxKey ctxKey = 0
)

Variables

View Source 
var (
	// Branding that's our name
	Branding = branding{"vouch", "VOUCH", "Vouch", "Vouch Proxy", "https://github.com/vouch/vouch-proxy"}

	// RootDir is where Vouch Proxy looks for ./config/config.yml and ./data
	RootDir string

	// CmdLine command line arguments
	CmdLine = &cmdLineFlags{
		IsHealthCheck: flag.Bool("healthcheck", false, "invoke healthcheck (check process return value)"),
		port:          flag.Int("port", -1, "port"),
		configFile:    flag.String("config", "", "specify alternate config.yml file as command line arg"),

		logLevel: zap.LevelFlag("loglevel", cmdLineLoggingDefault, "set log level to one of: panic, error, warn, info, debug"),
		logTest:  flag.Bool("logtest", false, "print a series of log messages and exit (used for testing)"),
	}

	// Cfg the main exported config variable
	Cfg = &Config{}
	// IsHealthCheck see main.go
	IsHealthCheck = false

	// Templates are loaded from the file system with a go:embed directive in main.go
	Templates fs.FS

	// Defaults are loaded from the file system with a go:embed directive in main.go
	Defaults embed.FS
)
View Source 
var (
	// GenOAuth exported OAuth config variable
	// TODO: GenOAuth and OAuthClient should be combined
	GenOAuth = &oauthConfig{}

	// OAuthClient is the configured client which will call the provider
	// this actually carries the oauth2 client ala oauthclient.Client(oauth2.NoContext, providerToken)
	OAuthClient *oauth2.Config
	// OAuthopts authentication options
	OAuthopts []oauth2.AuthCodeOption

	// Providers static strings to test against
	Providers = &OAuthProviders{
		Google:        "google",
		GitHub:        "github",
		IndieAuth:     "indieauth",
		ADFS:          "adfs",
		Azure:         "azure",
		OIDC:          "oidc",
		HomeAssistant: "homeassistant",
		OpenStax:      "openstax",
		Nextcloud:     "nextcloud",
		Alibaba:       "alibaba",
		Discord:       "discord",
	}
)
View Source 
var (

	// Logging is the public interface to logging
	Logging = &logging{
		AtomicLogLevel:  zap.NewAtomicLevel(),
		DefaultLogLevel: zap.InfoLevel,
	}
)

Functions

func Configure added in v0.9.0 

func Configure()

Configure called at the very top of main() the order of config follows the Viper conventions...

The priority of the sources is the following: 1. command line flags 2. env. variables 3. config file 4. defaults

so we process these in backwards order (defaults then config file)

func DecryptionKey added in v0.26.0 

func DecryptionKey() (interface{}, error)

func Get 

func Get(key string) string

Get string value for key

func InitForTestPurposes added in v0.5.8 

func InitForTestPurposes()

InitForTestPurposes is called by most *_testing.go files in Vouch Proxy

func InitForTestPurposesWithProvider added in v0.7.0 

func InitForTestPurposesWithProvider(provider string)

InitForTestPurposesWithProvider just for testing

func SigningKey added in v0.26.0 

func SigningKey() (interface{}, error)

func TLSConfig added in v0.19.0 

func TLSConfig(profile string) *tls.Config

TLSConfig config returns a *tls.Config with the specified profile (modern, intermediate, old, default) configuration.

func UnmarshalKey 

func UnmarshalKey(key string, rawVal interface{}) error

UnmarshalKey populate struct from contents of cfg tree at key

func ValidateConfiguration added in v0.12.0 

func ValidateConfiguration() error

ValidateConfiguration confirm the Configuration is valid

Types

type Config added in v0.9.0 

type Config struct {
	LogLevel      string   `mapstructure:"logLevel"`
	Listen        string   `mapstructure:"listen"`
	Port          int      `mapstructure:"port"`
	SocketMode    int      `mapstructure:"socket_mode"`
	SocketGroup   string   `mapstructure:"socket_group"`
	DocumentRoot  string   `mapstructure:"document_root" envconfig:"document_root"`
	WriteTimeout  int      `mapstructure:"writeTimeout"`
	ReadTimeout   int      `mapstructure:"readTimeout"`
	IdleTimeout   int      `mapstructure:"idleTimeout"`
	Domains       []string `mapstructure:"domains"`
	WhiteList     []string `mapstructure:"whitelist"`
	TeamWhiteList []string `mapstructure:"teamWhitelist"`
	AllowAllUsers bool     `mapstructure:"allowAllUsers"`
	PublicAccess  bool     `mapstructure:"publicAccess"`
	TLS           struct {
		Cert    string `mapstructure:"cert"`
		Key     string `mapstructure:"key"`
		Profile string `mapstructure:"profile"`
	}
	JWT struct {
		SigningMethod  string `mapstructure:"signing_method"`
		MaxAge         int    `mapstructure:"maxAge"` // in minutes
		Issuer         string `mapstructure:"issuer"`
		Secret         string `mapstructure:"secret"`
		PrivateKeyFile string `mapstructure:"private_key_file"`
		PublicKeyFile  string `mapstructure:"public_key_file"`
		Compress       bool   `mapstructure:"compress"`
	}
	Cookie struct {
		Name     string `mapstructure:"name"`
		Domain   string `mapstructure:"domain"`
		Secure   bool   `mapstructure:"secure"`
		HTTPOnly bool   `mapstructure:"httpOnly"`
		MaxAge   int    `mapstructure:"maxage"`
		SameSite string `mapstructure:"sameSite"`
	}

	Headers struct {
		JWT           string            `mapstructure:"jwt"`
		User          string            `mapstructure:"user"`
		QueryString   string            `mapstructure:"querystring"`
		Redirect      string            `mapstructure:"redirect"`
		Success       string            `mapstructure:"success"`
		Error         string            `mapstructure:"error"`
		ClaimHeader   string            `mapstructure:"claimheader"`
		Claims        []string          `mapstructure:"claims"`
		AccessToken   string            `mapstructure:"accesstoken"`
		IDToken       string            `mapstructure:"idtoken"`
		ClaimsCleaned map[string]string // the rawClaim is mapped to the actual claims header
	}
	Session struct {
		Name   string `mapstructure:"name"`
		MaxAge int    `mapstructure:"maxage"`
		Key    string `mapstructure:"key"`
	}
	TestURL            string   `mapstructure:"test_url"`
	TestURLs           []string `mapstructure:"test_urls"`
	Testing            bool     `mapstructure:"testing"`
	LogoutRedirectURLs []string `mapstructure:"post_logout_redirect_uris" envconfig:"post_logout_redirect_uris"`
}

Config vouch jwt cookie configuration Note to developers! Any new config elements should use `snake_case` such as `post_logout_redirect_uris` in certain situations you'll need to add both a `mapstructure` tag used by viper as well as a `envconfig` tag used by https://github.com/kelseyhightower/envconfig though most of the time envconfig will use the struct key's name: VOUCH_PORT VOUCH_JWT_MAXAGE default values should be set in .defaults.yml

type OAuthProviders added in v0.2.8 

type OAuthProviders struct {
	Google        string
	GitHub        string
	IndieAuth     string
	ADFS          string
	Azure         string
	OIDC          string
	HomeAssistant string
	OpenStax      string
	Nextcloud     string
	Alibaba       string
	Discord       string
}

OAuthProviders holds the stings for

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.