server

package

v0.0.0-...-38e7252 Latest Latest Go to latest Published: Feb 28, 2024 License: Apache-2.0 Imports: 23 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cesanta/docker_auth

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type AuthServer
- func NewAuthServer(c *Config) (*AuthServer, error)
type Config
- func LoadConfig(fileName string) (*Config, error)
type LetsEncryptConfig
type ServerConfig
type TokenConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var TLSCipherSuitesValues = map[string]uint16{

	"TLS_RSA_WITH_RC4_128_SHA":                tls.TLS_RSA_WITH_RC4_128_SHA,
	"TLS_RSA_WITH_3DES_EDE_CBC_SHA":           tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
	"TLS_RSA_WITH_AES_128_CBC_SHA":            tls.TLS_RSA_WITH_AES_128_CBC_SHA,
	"TLS_RSA_WITH_AES_256_CBC_SHA":            tls.TLS_RSA_WITH_AES_256_CBC_SHA,
	"TLS_RSA_WITH_AES_128_CBC_SHA256":         tls.TLS_RSA_WITH_AES_128_CBC_SHA256,
	"TLS_RSA_WITH_AES_128_GCM_SHA256":         tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
	"TLS_RSA_WITH_AES_256_GCM_SHA384":         tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
	"TLS_ECDHE_ECDSA_WITH_RC4_128_SHA":        tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
	"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA":    tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
	"TLS_ECDHE_RSA_WITH_RC4_128_SHA":          tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
	"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA":     tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
	"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA":      tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
	"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
	"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
	"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256":   tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
	"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
	"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384":   tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
	"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
	"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305":    tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
	"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305":  tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,

	"TLS_AES_128_GCM_SHA256":       tls.TLS_AES_128_GCM_SHA256,
	"TLS_AES_256_GCM_SHA384":       tls.TLS_AES_256_GCM_SHA384,
	"TLS_CHACHA20_POLY1305_SHA256": tls.TLS_CHACHA20_POLY1305_SHA256,

	"TLS_FALLBACK_SCSV": tls.TLS_FALLBACK_SCSV,
}

TLSCipherSuitesValues maps CipherSuite names as strings to the actual values in the crypto/tls package Taken from https://golang.org/pkg/crypto/tls/#pkg-constants

View Source

var TLSCurveIDValues = map[string]tls.CurveID{
	"P256":   tls.CurveP256,
	"P384":   tls.CurveP384,
	"P521":   tls.CurveP521,
	"X25519": tls.X25519,
}

TLSCurveIDValues maps CurveID names as strings to the actual values in the crypto/tls package Taken from https://golang.org/pkg/crypto/tls/#CurveID

View Source

var TLSVersionValues = map[string]uint16{
	"TLS10": tls.VersionTLS10,
	"TLS11": tls.VersionTLS11,
	"TLS12": tls.VersionTLS12,
	"TLS13": tls.VersionTLS13,

	"SSL30": tls.VersionSSL30,
}

TLSVersionValues maps Version names as strings to the actual values in the crypto/tls package Taken from https://golang.org/pkg/crypto/tls/#pkg-constants

Functions ¶

This section is empty.

Types ¶

type AuthServer ¶

type AuthServer struct {
	// contains filtered or unexported fields
}

func NewAuthServer ¶

func NewAuthServer(c *Config) (*AuthServer, error)

func (*AuthServer) Authenticate ¶

func (as *AuthServer) Authenticate(ar *authRequest) (bool, api.Labels, error)

func (*AuthServer) Authorize ¶

func (as *AuthServer) Authorize(ar *authRequest) ([]authzResult, error)

func (*AuthServer) CreateToken ¶

func (as *AuthServer) CreateToken(ar *authRequest, ares []authzResult) (string, error)

https://github.com/docker/distribution/blob/master/docs/spec/auth/token.md#example

func (*AuthServer) ParseRequest ¶

func (as *AuthServer) ParseRequest(req *http.Request) (*authRequest, error)

func (*AuthServer) ServeHTTP ¶

func (as *AuthServer) ServeHTTP(rw http.ResponseWriter, req *http.Request)

func (*AuthServer) Stop ¶

func (as *AuthServer) Stop()

type Config ¶

type Config struct {
	Server      ServerConfig                   `yaml:"server"`
	Token       TokenConfig                    `yaml:"token"`
	Users       map[string]*authn.Requirements `yaml:"users,omitempty"`
	GoogleAuth  *authn.GoogleAuthConfig        `yaml:"google_auth,omitempty"`
	GitHubAuth  *authn.GitHubAuthConfig        `yaml:"github_auth,omitempty"`
	OIDCAuth    *authn.OIDCAuthConfig          `yaml:"oidc_auth,omitempty"`
	GitlabAuth  *authn.GitlabAuthConfig        `yaml:"gitlab_auth,omitempty"`
	LDAPAuth    *authn.LDAPAuthConfig          `yaml:"ldap_auth,omitempty"`
	MongoAuth   *authn.MongoAuthConfig         `yaml:"mongo_auth,omitempty"`
	XormAuthn   *authn.XormAuthnConfig         `yaml:"xorm_auth,omitempty"`
	ExtAuth     *authn.ExtAuthConfig           `yaml:"ext_auth,omitempty"`
	PluginAuthn *authn.PluginAuthnConfig       `yaml:"plugin_authn,omitempty"`
	ACL         authz.ACL                      `yaml:"acl,omitempty"`
	ACLMongo    *authz.ACLMongoConfig          `yaml:"acl_mongo,omitempty"`
	ACLXorm     *authz.XormAuthzConfig         `yaml:"acl_xorm,omitempty"`
	ExtAuthz    *authz.ExtAuthzConfig          `yaml:"ext_authz,omitempty"`
	PluginAuthz *authz.PluginAuthzConfig       `yaml:"plugin_authz,omitempty"`
	CasbinAuthz *authz.CasbinAuthzConfig       `yaml:"casbin_authz,omitempty"`
}

func LoadConfig ¶

func LoadConfig(fileName string) (*Config, error)

type LetsEncryptConfig ¶

type LetsEncryptConfig struct {
	Host     string `yaml:"host,omitempty"`
	Email    string `yaml:"email,omitempty"`
	CacheDir string `yaml:"cache_dir,omitempty"`
}

type ServerConfig ¶

type ServerConfig struct {
	ListenAddress       string            `yaml:"addr,omitempty"`
	Net                 string            `yaml:"net,omitempty"`
	PathPrefix          string            `yaml:"path_prefix,omitempty"`
	RealIPHeader        string            `yaml:"real_ip_header,omitempty"`
	RealIPPos           int               `yaml:"real_ip_pos,omitempty"`
	CertFile            string            `yaml:"certificate,omitempty"`
	KeyFile             string            `yaml:"key,omitempty"`
	HSTS                bool              `yaml:"hsts,omitempty"`
	TLSMinVersion       string            `yaml:"tls_min_version,omitempty"`
	TLSCurvePreferences []string          `yaml:"tls_curve_preferences,omitempty"`
	TLSCipherSuites     []string          `yaml:"tls_cipher_suites,omitempty"`
	LetsEncrypt         LetsEncryptConfig `yaml:"letsencrypt,omitempty"`
	// contains filtered or unexported fields
}

type TokenConfig ¶

type TokenConfig struct {
	Issuer     string `yaml:"issuer,omitempty"`
	CertFile   string `yaml:"certificate,omitempty"`
	KeyFile    string `yaml:"key,omitempty"`
	Expiration int64  `yaml:"expiration,omitempty"`
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL