handler

package

v0.0.0-...-9ff6d91 Latest Latest Go to latest Published: Apr 24, 2024 License: MIT Imports: 32 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nais/wonderwall

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetPath(r *http.Request, ingresses *ingress.Ingresses) string
type Page
type ReverseProxy
- func NewReverseProxy(upstream *urllib.URL, preserveInboundHostHeader bool) *ReverseProxy
- func NewUpstreamProxy(upstream *urllib.URL, enableAccessLogs bool) *ReverseProxy
- func (rp *ReverseProxy) Handler(src ReverseProxySource, w http.ResponseWriter, r *http.Request)
type ReverseProxySource
type SSOProxy
- func NewSSOProxy(cfg *config.Config, crypter crypto.Crypter) (*SSOProxy, error)
type SSOServer
- func NewSSOServer(cfg *config.Config, handler *Standalone) (*SSOServer, error)
type Standalone
- func NewStandalone(cfg *config.Config, jwksProvider openidclient.JwksProvider, ...) (*Standalone, error)

Constants ¶

View Source

const (
	// MaxAutoRetryAttempts is the maximum number of times to automatically redirect the user to retry their original request.
	MaxAutoRetryAttempts = 3
)

Variables ¶

This section is empty.

Functions ¶

func GetPath ¶

func GetPath(r *http.Request, ingresses *ingress.Ingresses) string

GetPath returns the matching context path from the list of registered ingresses. If none match, an empty string is returned.

Types ¶

type Page ¶

type Page struct {
	CorrelationID string
	RetryURI      string
}

type ReverseProxy ¶

type ReverseProxy struct {
	*httputil.ReverseProxy
	EnableAccessLogs bool
}

func NewReverseProxy ¶

func NewReverseProxy(upstream *urllib.URL, preserveInboundHostHeader bool) *ReverseProxy

func NewUpstreamProxy ¶

func NewUpstreamProxy(upstream *urllib.URL, enableAccessLogs bool) *ReverseProxy

func (*ReverseProxy) Handler ¶

func (rp *ReverseProxy) Handler(src ReverseProxySource, w http.ResponseWriter, r *http.Request)

type ReverseProxySource ¶

type ReverseProxySource interface {
	GetAcrHandler() *acr.Handler
	GetAutoLogin() *autologin.AutoLogin
	GetPath(r *http.Request) string
	GetSession(r *http.Request) (*session.Session, error)
}

type SSOProxy ¶

type SSOProxy struct {
	AcrHandler            *acr.Handler
	AutoLogin             *autologin.AutoLogin
	Config                *config.Config
	Ingresses             *ingress.Ingresses
	Redirect              url.Redirect
	SSOServerURL          *urllib.URL
	SSOServerReverseProxy *ReverseProxy
	SessionReader         session.Reader
	UpstreamProxy         *ReverseProxy
}

func NewSSOProxy ¶

func NewSSOProxy(cfg *config.Config, crypter crypto.Crypter) (*SSOProxy, error)

func (*SSOProxy) GetAcrHandler ¶

func (s *SSOProxy) GetAcrHandler() *acr.Handler

func (*SSOProxy) GetAutoLogin ¶

func (s *SSOProxy) GetAutoLogin() *autologin.AutoLogin

func (*SSOProxy) GetIngresses ¶

func (s *SSOProxy) GetIngresses() *ingress.Ingresses

func (*SSOProxy) GetPath ¶

func (s *SSOProxy) GetPath(r *http.Request) string

func (*SSOProxy) GetSSOServerURL ¶

func (s *SSOProxy) GetSSOServerURL() *urllib.URL

func (*SSOProxy) GetSession ¶

func (s *SSOProxy) GetSession(r *http.Request) (*session.Session, error)

func (s *SSOProxy) Login(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) LoginCallback ¶

func (s *SSOProxy) LoginCallback(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) Logout ¶

func (s *SSOProxy) Logout(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) LogoutCallback ¶

func (s *SSOProxy) LogoutCallback(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) LogoutFrontChannel ¶

func (s *SSOProxy) LogoutFrontChannel(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) LogoutLocal ¶

func (s *SSOProxy) LogoutLocal(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) Session ¶

func (s *SSOProxy) Session(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) SessionRefresh ¶

func (s *SSOProxy) SessionRefresh(w http.ResponseWriter, r *http.Request)

func (*SSOProxy) Wildcard ¶

func (s *SSOProxy) Wildcard(w http.ResponseWriter, r *http.Request)

Wildcard proxies all requests to an upstream server.

type SSOServer ¶

type SSOServer struct {
	*Standalone
}

func NewSSOServer ¶

func NewSSOServer(cfg *config.Config, handler *Standalone) (*SSOServer, error)

func (*SSOServer) Logout ¶

func (s *SSOServer) Logout(w http.ResponseWriter, r *http.Request)

func (*SSOServer) LogoutFrontChannel ¶

func (s *SSOServer) LogoutFrontChannel(w http.ResponseWriter, r *http.Request)

func (*SSOServer) LogoutLocal ¶

func (s *SSOServer) LogoutLocal(w http.ResponseWriter, r *http.Request)

func (*SSOServer) Wildcard ¶

func (s *SSOServer) Wildcard(w http.ResponseWriter, r *http.Request)

Wildcard redirects unhandled requests to the default redirect URL.

type Standalone ¶

type Standalone struct {
	AcrHandler     *acr.Handler
	AutoLogin      *autologin.AutoLogin
	Client         *openidclient.Client
	Config         *config.Config
	CookieOptions  cookie.Options
	Crypter        crypto.Crypter
	Ingresses      *ingress.Ingresses
	Redirect       url.Redirect
	SessionManager session.Manager
	UpstreamProxy  *ReverseProxy
}

func NewStandalone ¶

func NewStandalone(
	cfg *config.Config,
	jwksProvider openidclient.JwksProvider,
	openidConfig openidconfig.Config,
	crypter crypto.Crypter,
) (*Standalone, error)

func (*Standalone) BadRequest ¶

func (s *Standalone) BadRequest(w http.ResponseWriter, r *http.Request, cause error)

func (*Standalone) GetAcrHandler ¶

func (s *Standalone) GetAcrHandler() *acr.Handler

func (*Standalone) GetAutoLogin ¶

func (s *Standalone) GetAutoLogin() *autologin.AutoLogin

func (*Standalone) GetCookieOptions ¶

func (s *Standalone) GetCookieOptions(r *http.Request) cookie.Options

func (*Standalone) GetIngresses ¶

func (s *Standalone) GetIngresses() *ingress.Ingresses

func (*Standalone) GetPath ¶

func (s *Standalone) GetPath(r *http.Request) string

func (*Standalone) GetSession ¶

func (s *Standalone) GetSession(r *http.Request) (*session.Session, error)

func (*Standalone) InternalError ¶

func (s *Standalone) InternalError(w http.ResponseWriter, r *http.Request, cause error)

func (s *Standalone) Login(w http.ResponseWriter, r *http.Request)

func (*Standalone) LoginCallback ¶

func (s *Standalone) LoginCallback(w http.ResponseWriter, r *http.Request)

func (*Standalone) Logout ¶

func (s *Standalone) Logout(w http.ResponseWriter, r *http.Request)

func (*Standalone) LogoutCallback ¶

func (s *Standalone) LogoutCallback(w http.ResponseWriter, r *http.Request)

func (*Standalone) LogoutFrontChannel ¶

func (s *Standalone) LogoutFrontChannel(w http.ResponseWriter, r *http.Request)

func (*Standalone) LogoutLocal ¶

func (s *Standalone) LogoutLocal(w http.ResponseWriter, r *http.Request)

func (*Standalone) Retry ¶

func (s *Standalone) Retry(r *http.Request, loginCookie *openid.LoginCookie) string

Retry returns a URI that should retry the desired route that failed. It only handles the routes exposed by Wonderwall, i.e. `/oauth2/*`. As these routes are related to the authentication flow, we default to redirecting back to the handled `/oauth2/login` endpoint unless the original request attempted to reach the logout-flow.

func (*Standalone) Session ¶

func (s *Standalone) Session(w http.ResponseWriter, r *http.Request)

func (*Standalone) SessionRefresh ¶

func (s *Standalone) SessionRefresh(w http.ResponseWriter, r *http.Request)

func (*Standalone) Unauthorized ¶

func (s *Standalone) Unauthorized(w http.ResponseWriter, r *http.Request, cause error)

func (*Standalone) Wildcard ¶

func (s *Standalone) Wildcard(w http.ResponseWriter, r *http.Request)