Documentation
¶
Overview ¶
Package server implements an OpenID Connect server with federated logins.
Index ¶
Constants ¶
const LocalConnector = "local"
LocalConnector is the local passwordDB connector which is an internal connector maintained by the server.
Variables ¶
var ConnectorsConfig = map[string]func() ConnectorConfig{ "mockCallback": func() ConnectorConfig { return new(mock.CallbackConfig) }, "mockPassword": func() ConnectorConfig { return new(mock.PasswordConfig) }, "ldap": func() ConnectorConfig { return new(ldap.Config) }, "github": func() ConnectorConfig { return new(github.Config) }, "gitlab": func() ConnectorConfig { return new(gitlab.Config) }, "oidc": func() ConnectorConfig { return new(oidc.Config) }, "saml": func() ConnectorConfig { return new(saml.Config) }, "authproxy": func() ConnectorConfig { return new(authproxy.Config) }, "linkedin": func() ConnectorConfig { return new(linkedin.Config) }, "microsoft": func() ConnectorConfig { return new(microsoft.Config) }, "bitbucket-cloud": func() ConnectorConfig { return new(bitbucketcloud.Config) }, "samlExperimental": func() ConnectorConfig { return new(saml.Config) }, }
ConnectorsConfig variable provides an easy way to return a config struct depending on the connector type.
Functions ¶
Types ¶
type Config ¶
type Config struct {
Issuer string
// The backing persistence layer.
Storage storage.Storage
// Valid values are "code" to enable the code flow and "token" to enable the implicit
// flow. If no response types are supplied this value defaults to "code".
SupportedResponseTypes []string
// List of allowed origins for CORS requests on discovery, token and keys endpoint.
// If none are indicated, CORS requests are disabled. Passing in "*" will allow any
// domain.
AllowedOrigins []string
// If enabled, the server won't prompt the user to approve authorization requests.
// Logging in implies approval.
SkipApprovalScreen bool
RotateKeysAfter time.Duration // Defaults to 6 hours.
IDTokensValidFor time.Duration // Defaults to 24 hours
GCFrequency time.Duration // Defaults to 5 minutes
// If specified, the server will use this function for determining time.
Now func() time.Time
Web WebConfig
Logger logrus.FieldLogger
PrometheusRegistry *prometheus.Registry
}
Config holds the server's configuration options.
Multiple servers using the same storage are expected to be configured identically.
type Connector ¶
Connector is a connector with resource version metadata.
type ConnectorConfig ¶
type ConnectorConfig interface {
Open(id string, logger logrus.FieldLogger) (connector.Connector, error)
}
ConnectorConfig is a configuration that can open a connector.
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is the top level object.
func NewServer ¶
NewServer constructs a server from the provided config.
func (*Server) OpenConnector ¶
OpenConnector updates server connector map with specified connector object.
type WebConfig ¶
type WebConfig struct {
// A filepath to web static.
//
// It is expected to contain the following directories:
//
// * static - Static static served at "( issuer URL )/static".
// * templates - HTML templates controlled by dex.
// * themes/(theme) - Static static served at "( issuer URL )/theme".
//
Dir string
// Defaults to "( issuer URL )/theme/logo.png"
LogoURL string
// Defaults to "dex"
Issuer string
// Defaults to "coreos"
Theme string
}
WebConfig holds the server's frontend templates and asset configuration.
These are currently very custom to CoreOS and it's not recommended that outside users attempt to customize these.
Source Files
¶
- api.go
- doc.go
- handlers.go
- oauth2.go
- rotation.go
- server.go
- templates.go
Directories