plugin_forwardedauth

package module

v1.0.6 Latest Latest Go to latest Published: Apr 12, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/TicketGenieIO/plugin_forwardedauth

Links

Open Source Insights

README ¶

plugin_forwardedauth

Documentation ¶

Index ¶

Constants
func CopyHeaders(dst http.Header, src http.Header)
func HeaderValuesContainsToken(values []string, token string) bool
func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error)
func RemoveHeaders(headers http.Header, names ...string)
func Remover(next http.Handler) http.HandlerFunc
type ClientTLS
- func (c *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, error)
type Config
- func CreateConfig() *Config

Constants ¶

View Source

const (
	XForwardedProto  = "X-Forwarded-Proto"
	XForwardedFor    = "X-Forwarded-For"
	XForwardedHost   = "X-Forwarded-Host"
	XForwardedPort   = "X-Forwarded-Port"
	XForwardedServer = "X-Forwarded-Server"
	XRealIP          = "X-Real-Ip"
)

X-* Header names.

View Source

const (
	Connection         = "Connection"
	KeepAlive          = "Keep-Alive"
	ProxyAuthenticate  = "Proxy-Authenticate"
	ProxyAuthorization = "Proxy-Authorization"
	Te                 = "Te" // canonicalized version of "TE"
	Trailers           = "Trailers"
	TransferEncoding   = "Transfer-Encoding"
	Upgrade            = "Upgrade"
	ContentLength      = "Content-Length"
)

Headers names.

Variables ¶

This section is empty.

Functions ¶

func CopyHeaders ¶

func CopyHeaders(dst http.Header, src http.Header)

CopyHeaders copies http headers from source to destination, it does not override, but adds multiple headers.

func HeaderValuesContainsToken ¶

func HeaderValuesContainsToken(values []string, token string) bool

HeaderValuesContainsToken reports whether any string in values contains the provided token, ASCII case-insensitively.

func New ¶

func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error)

New creates a forward auth middleware.

func RemoveHeaders ¶

func RemoveHeaders(headers http.Header, names ...string)

RemoveHeaders removes the header with the given names from the headers map.

func Remover ¶

func Remover(next http.Handler) http.HandlerFunc

Remover removes hop-by-hop headers listed in the "Connection" header. See RFC 7230, section 6.1.

Types ¶

type ClientTLS ¶

type ClientTLS struct {
	CA                 string `description:"TLS CA" json:"ca,omitempty" toml:"ca,omitempty" yaml:"ca,omitempty"`
	Cert               string `description:"TLS cert" json:"cert,omitempty" toml:"cert,omitempty" yaml:"cert,omitempty"`
	Key                string `description:"TLS key" json:"key,omitempty" toml:"key,omitempty" yaml:"key,omitempty" loggable:"false"`
	InsecureSkipVerify bool   `` /* 160-byte string literal not displayed */
}

ClientTLS holds TLS specific configurations as client CA, Cert and Key can be either path or file contents.

func (*ClientTLS) CreateTLSConfig ¶

func (c *ClientTLS) CreateTLSConfig(ctx context.Context) (*tls.Config, error)

CreateTLSConfig creates a TLS config from ClientTLS structures.

type Config ¶

type Config struct {
	// Address defines the authentication server address.
	Address string `json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
	// TLS defines the configuration used to secure the connection to the authentication server.
	TLS *ClientTLS `json:"tls,omitempty" toml:"tls,omitempty" yaml:"tls,omitempty" export:"true"`
	// TrustForwardHeader defines whether to trust (ie: forward) all X-Forwarded-* headers.
	TrustForwardHeader bool `json:"trustForwardHeader,omitempty" toml:"trustForwardHeader,omitempty" yaml:"trustForwardHeader,omitempty" export:"true"`
	ShouldForwardBody  bool `json:"shouldForwardBody,omitempty" toml:"shouldForwardBody,omitempty" yaml:"shouldForwardBody,omitempty" export:"true"`
	// AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
	AuthResponseHeaders []string `json:"authResponseHeaders,omitempty" toml:"authResponseHeaders,omitempty" yaml:"authResponseHeaders,omitempty" export:"true"`
	// AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex.
	// More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/#authresponseheadersregex
	AuthResponseHeadersRegex string `` /* 139-byte string literal not displayed */
	// AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server.
	// If not set or empty then all request headers are passed.
	AuthRequestHeaders []string `json:"authRequestHeaders,omitempty" toml:"authRequestHeaders,omitempty" yaml:"authRequestHeaders,omitempty" export:"true"`
}

Config holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.0/middlewares/http/forwardauth/

func CreateConfig ¶ added in v1.0.4

func CreateConfig() *Config

Source Files ¶

View all Source files

forwardedauth.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL