Documentation ¶
Index ¶
- func NewProxy(fromurl, tourl string, transform *Transform) (*httputil.ReverseProxy, error)
- func PopulateMux(mux amux.Mux, log logger.Logger, mappings []Mapping, creator ProxyCreator) ([]string, error)
- type AuthenticatedProxy
- type HeaderGroupMapping
- type HostPath
- type Mapping
- type MappingAuth
- type Modifier
- type Modifiers
- type Proxy
- type ProxyCreator
- type Regex
- type Transform
- type ValueByGroup
- type XForwardedForTreatment
- type XWebauthTreatment
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewProxy ¶
func NewProxy(fromurl, tourl string, transform *Transform) (*httputil.ReverseProxy, error)
func PopulateMux ¶
Types ¶
type AuthenticatedProxy ¶
type AuthenticatedProxy struct { Proxy http.Handler Authenticator oauth.Authenticate AuthURL *url.URL // contains filtered or unexported fields }
func (*AuthenticatedProxy) ServeHTTP ¶
func (as *AuthenticatedProxy) ServeHTTP(w http.ResponseWriter, r *http.Request)
type HeaderGroupMapping ¶
type HeaderGroupMapping struct { // Header which should get a value Header string // List of groups that should be tested. The header gets the value of the // first group that matches the current request. If no match occurs, the // request is rejected. GroupMapping []ValueByGroup }
type Mapping ¶
type Mapping struct { From HostPath To string Transform *Transform Auth MappingAuth }
type MappingAuth ¶
type MappingAuth string
const ( MappingAuthenticated MappingAuth = "" MappingPublic MappingAuth = "public" )
type Modifier ¶
func WithAuthURL ¶
func WithAuthenticator ¶
func WithAuthenticator(authenticator oauth.Authenticate) Modifier
func WithLogging ¶
func WithStripCookie ¶
type Transform ¶
type Transform struct { // Apply a regular expression to adapt the resulting URL. UrlRegex []Regex // Maintain the original path of the proxy. Normally, it is stripped. // For example: if you map "proxy.address/path/p1/" to "backend.address/path2/", a request // for "proxy.address/path/p1/test" will by default land to "backend.address/path2/test". // If you set Maintain to true, it will instead land on "backend.address/path2/path/p1/test". Maintain bool // Defines what to do with the X-Forwarded-For header, and the IP of the client. XForwardedFor XForwardedForTreatment // Defines whether to set additional headers signaling the user's identity on // the request to the backend. XWebauth XWebauthTreatment // List of regular expressions defining which cookies to strip in requests to the backend. StripCookie []string // By default, requests to the backend are forwarded with the Host field set to the // value of the From.Host map. You can override that value with SetHost. SetHost string // Re-map request headers. If the string is empty, the header is stripped. // This is useful to propagate non-RFC compliant headers, or to strip headers. // For example, by setting MapRequestHeaders to "Sec-Websocket-Key" to "Sec-WebSocket-Key" // the case for WebSocket will be changed. MapRequestHeaders map[string]string // Add additional headers based on the groups the user is part of. // This is useful to conditionally set headers based on the user's identity - // for instance, to add an "X-Webauth-Role" to Grafana requests to indicate // the user's role in Grafana. // // TODO(INFRA-4919): Implement this feature MapRequestHeadersByGroup []HeaderGroupMapping // contains filtered or unexported fields }
type ValueByGroup ¶
type XForwardedForTreatment ¶
type XForwardedForTreatment string
const ( // Default behavior: ignore X-Forwarded-For from the client, but provide one to the backend. XForwardedForSet XForwardedForTreatment = "set" // X-Forwarded-For header is forwarded to the backend, with the ip of the client added. XForwardedForAdd XForwardedForTreatment = "add" // No X-Forwarded-For supplied to the backend. If there is one, it is stripped. XForwardedForNone XForwardedForTreatment = "none" )
type XWebauthTreatment ¶
type XWebauthTreatment string
const ( // Default behavior: set no additional headers on the forwarded request. XWebauthNone XWebauthTreatment = "none" // Sets: // * X-Webauth-Userid to the user's unique ID // * X-Webauth-Username to the user's username // * X-Webauth-Organization to the user's organization // * X-Webauth-Globalname to the user's "global name" (see oauth.(*Identity).GlobalName) XWebauthSet XWebauthTreatment = "set" )
Click to show internal directories.
Click to hide internal directories.