Documentation
¶
Overview ¶
Package server wires the HTTP routes, login flow, ingest API, and proxy.
Index ¶
Constants ¶
const SessionCookieName = "elasticgateway_session"
SessionCookieName is the cookie that carries the gateway session token.
Variables ¶
This section is empty.
Functions ¶
func BuildBasicAuthorization ¶
BuildBasicAuthorization returns a Basic Auth header value for the credentials.
func ForwardedProto ¶
ForwardedProto reports the direct request scheme for proxy headers.
Types ¶
type AuthenticateFunc ¶
AuthenticateFunc validates credentials and returns the resolved LDAP access.
type BulkIngestResponse ¶ added in v0.1.0
type BulkIngestResponse struct {
Took int `json:"took,omitempty"`
Errors bool `json:"errors"`
Documents int `json:"documents"`
WriteAliases []string `json:"write_aliases"`
BootstrappedAliases []string `json:"bootstrapped_write_aliases,omitempty"`
Items []map[string]elastic.BulkItemResult `json:"items"`
}
BulkIngestResponse is returned after a successful bulk ingest request.
type ErrorResponse ¶
type ErrorResponse struct {
Error string `json:"error"`
}
ErrorResponse is the JSON error envelope used by the gateway.
type Gateway ¶
type Gateway struct {
Client *elastic.Client
Authenticate AuthenticateFunc
IngestAuthCache *ingest.AuthCache
SecureCookie *securecookie.SecureCookie
Logger *slog.Logger
// contains filtered or unexported fields
}
Gateway serves the login flow, ingest API, and Kibana reverse proxy.
func New ¶
func New(client *elastic.Client, authenticate AuthenticateFunc) *Gateway
New constructs a gateway with the provided client and authenticator.
func (*Gateway) EncodeSessionCookieValue ¶
EncodeSessionCookieValue encodes a session into a securecookie value. Exported so tests can mint cookies without going through the login flow.
func (*Gateway) HandleKibana ¶
func (g *Gateway) HandleKibana(w http.ResponseWriter, r *http.Request)
HandleKibana proxies authenticated requests to Kibana.
func (*Gateway) RenderLoginPage ¶
func (g *Gateway) RenderLoginPage(w http.ResponseWriter, status int, data LoginPageData)
RenderLoginPage writes the login page with the supplied status and model.
type IngestResponse ¶
type IngestResponse struct {
Result string `json:"result"`
WriteAlias string `json:"write_alias"`
DocumentID string `json:"document_id"`
Bootstrapped bool `json:"bootstrapped"`
}
IngestResponse is returned to clients after a successful ingest request.
type LoginPageData ¶
LoginPageData is the template model for the login form.
type Session ¶
Session is the value carried inside the encrypted session cookie. It holds every per-request fact the gateway needs to authorize the user and proxy Kibana, so the gateway can scale horizontally without a shared session store: the cookie itself is the session. Expiry is enforced by gorilla/securecookie's configured MaxAge at decode time, so no timing fields are tracked here.
func (Session) GoString ¶ added in v0.2.18
GoString ensures verbose %#v formatting uses the redacted representation instead of reflecting the exported AuthHeader field.
Source Files