server

package

v0.2.2 Latest Latest Go to latest Published: Mar 12, 2026 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/confirmate/confirmate

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func RunConnectServer(opts ...Option) (err error)
type AuthConfig
type AuthInterceptor
- func NewAuthInterceptor(opts ...AuthOption) (interceptor *AuthInterceptor)
type AuthOption
type CORS
type Config
type LoggingInterceptor
type Option
type Server
- func NewConnectServer(opts []Option) (srv *Server, err error)
- func (srv *Server) OriginAllowed(origin string) bool

Constants ¶

View Source

const (
	DefaultOAuth2KeyPassword     = "changeme"
	DefaultOAuth2KeySaveOnCreate = true
	DefaultOAuth2KeyPath         = "~/.confirmate/api.key"
)

View Source

const DefaultJWKSURL = "http://localhost:8080/v1/auth/certs"

Variables ¶

View Source

var DefaultConfig = Config{
	Port:     8080,
	Path:     "/",
	LogLevel: "INFO",
	CORS: CORS{
		AllowedOrigins: []string{"*"},
		AllowedMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
		AllowedHeaders: []string{"Content-Type", "Authorization", "Connect-Protocol-Version", "Connect-Timeout-Ms"},
	},
}

DefaultConfig is the default configuration for the Server.

Functions ¶

func RunConnectServer ¶

func RunConnectServer(opts ...Option) (err error)

RunConnectServer runs a Connect server with the given options. It uses http.Protocols to serve HTTP/2 without TLS (h2c).

Types ¶

type AuthConfig ¶

type AuthConfig struct {
	// contains filtered or unexported fields
}

AuthConfig contains parameters needed to configure authentication.

type AuthInterceptor ¶

type AuthInterceptor struct {
	// contains filtered or unexported fields
}

AuthInterceptor authenticates incoming requests using bearer tokens.

func NewAuthInterceptor ¶

func NewAuthInterceptor(opts ...AuthOption) (interceptor *AuthInterceptor)

NewAuthInterceptor creates a new auth interceptor.

func (*AuthInterceptor) WrapStreamingClient ¶

func (ai *AuthInterceptor) WrapStreamingClient(next connect.StreamingClientFunc) connect.StreamingClientFunc

WrapStreamingClient implements the connect interceptor for streaming client calls.

func (*AuthInterceptor) WrapStreamingHandler ¶

func (ai *AuthInterceptor) WrapStreamingHandler(next connect.StreamingHandlerFunc) connect.StreamingHandlerFunc

WrapStreamingHandler implements the connect interceptor for streaming handler calls.

func (*AuthInterceptor) WrapUnary ¶

func (ai *AuthInterceptor) WrapUnary(next connect.UnaryFunc) connect.UnaryFunc

WrapUnary implements the connect interceptor for unary calls.

type AuthOption ¶

type AuthOption func(*AuthConfig)

AuthOption configures the auth middleware.

func WithJWKS ¶

func WithJWKS(url string) AuthOption

WithJWKS enables JWKS support for token verification.

func WithPublicKey ¶

func WithPublicKey(publicKey *ecdsa.PublicKey) AuthOption

WithPublicKey configures a static public key for token verification.

func WithPublicProcedures ¶

func WithPublicProcedures(procedures ...string) AuthOption

WithPublicProcedures marks RPC procedures as public (no auth required).

type CORS ¶

type CORS struct {
	AllowedOrigins []string
	AllowedMethods []string
	AllowedHeaders []string
}

CORS represents the CORS configuration for the server.

type Config ¶

type Config struct {
	Port     uint16
	Path     string
	LogLevel string
	CORS     CORS
}

Config represents the configuration for the Server.

type LoggingInterceptor ¶

type LoggingInterceptor struct{}

LoggingInterceptor logs RPC requests at two levels:

Request-level (INFO/WARN): All requests with method, duration, and status
Entity-level (DEBUG): Entity operations with details and payloads

func (*LoggingInterceptor) WrapStreamingClient ¶

func (li *LoggingInterceptor) WrapStreamingClient(next connect.StreamingClientFunc) connect.StreamingClientFunc

WrapStreamingClient implements the connect.Interceptor interface for streaming client calls.

func (*LoggingInterceptor) WrapStreamingHandler ¶

func (li *LoggingInterceptor) WrapStreamingHandler(next connect.StreamingHandlerFunc) connect.StreamingHandlerFunc

WrapStreamingHandler implements the connect.Interceptor interface for streaming handler calls.

func (*LoggingInterceptor) WrapUnary ¶

func (li *LoggingInterceptor) WrapUnary(next connect.UnaryFunc) connect.UnaryFunc

WrapUnary implements the connect.Interceptor interface for unary calls.

type Option ¶

type Option func(*Server)

Option is a functional option for configuring the Server.

func WithConfig ¶

func WithConfig(cfg Config) Option

WithConfig sets the server configuration, overriding the default configuration.

func WithEmbeddedOAuth2Server ¶

func WithEmbeddedOAuth2Server(keyPath string, keyPassword string, saveOnCreate bool, publicURL string, opts ...oauth2.AuthorizationServerOption) Option

WithEmbeddedOAuth2Server configures the server to include an embedded OAuth 2.0 authorization server. If publicURL is empty, it defaults to http://localhost:<port>/v1/auth.

func WithHandler ¶

func WithHandler(path string, handler http.Handler) Option

WithHandler adds an http.Handler at the specified path to the server. Multiple handlers can be registered by calling WithHandler multiple times.

type Server ¶

type Server struct {
	*http.Server
	// contains filtered or unexported fields
}

Server represents a Connect server, with RPC and HTTP support.

func NewConnectServer ¶

func NewConnectServer(opts []Option) (srv *Server, err error)

NewConnectServer creates a new Connect server with the given options. It uses http.Protocols to serve HTTP/2 without TLS (h2c).

func (*Server) OriginAllowed ¶

func (srv *Server) OriginAllowed(origin string) bool

OriginAllowed checks if the supplied origin is allowed according to our global CORS configuration.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
commands
servertest

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL