proxy

package

v0.9.1 Latest Latest Go to latest Published: Jun 16, 2020 License: Apache-2.0 Imports: 31 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pomerium/pomerium

Links

Open Source Insights

Documentation ¶

Overview ¶

Package proxy is a pomerium service that provides reverse proxying of internal routes. The proxy packages interoperates with other pomerium services over RPC in order to make access control decisions about a given incoming request.

Index ¶

func SetResponseHeaders(headers map[string]string) func(next http.Handler) http.Handler
func ValidateOptions(o config.Options) error
type Proxy
- func New(opts config.Options) (*Proxy, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func SetResponseHeaders ¶ added in v0.4.0

func SetResponseHeaders(headers map[string]string) func(next http.Handler) http.Handler

SetResponseHeaders sets a map of response headers.

func ValidateOptions ¶ added in v0.0.5

func ValidateOptions(o config.Options) error

ValidateOptions checks that proper configuration settings are set to create a proper Proxy instance

Types ¶

type Proxy ¶

type Proxy struct {
	// SharedKey used to mutually authenticate service communication
	SharedKey string
	// contains filtered or unexported fields
}

Proxy stores all the information associated with proxying a request.

func New ¶ added in v0.0.2

func New(opts config.Options) (*Proxy, error)

New takes a Proxy service from options and a validation function. Function returns an error if options fail to validate.

func (*Proxy) AuthenticateSession ¶ added in v0.4.0

func (p *Proxy) AuthenticateSession(next http.Handler) http.Handler

AuthenticateSession is middleware to enforce a valid authentication session state is retrieved from the users's request context.

func (*Proxy) Callback ¶ added in v0.5.0

func (p *Proxy) Callback(w http.ResponseWriter, r *http.Request) error

Callback handles the result of a successful call to the authenticate service and is responsible setting returned per-route session.

func (*Proxy) Impersonate ¶ added in v0.0.5

func (p *Proxy) Impersonate(w http.ResponseWriter, r *http.Request) error

Impersonate takes the result of a form and adds user impersonation details to the user's current user sessions state if the user is currently an administrative user. Requests are redirected back to the user dashboard.

func (*Proxy) ProgrammaticCallback ¶ added in v0.5.1

func (p *Proxy) ProgrammaticCallback(w http.ResponseWriter, r *http.Request) error

ProgrammaticCallback handles a successful call to the authenticate service. In addition to returning the individual route session (JWT) it also returns the refresh token.

func (*Proxy) ProgrammaticLogin ¶ added in v0.5.0

func (p *Proxy) ProgrammaticLogin(w http.ResponseWriter, r *http.Request) error

ProgrammaticLogin returns a signed url that can be used to login using the authenticate service.

func (*Proxy) RobotsTxt ¶

func (p *Proxy) RobotsTxt(w http.ResponseWriter, _ *http.Request)

RobotsTxt sets the User-Agent header in the response to be "Disallow"

func (*Proxy) ServeHTTP ¶ added in v0.6.0

func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request)

func (*Proxy) SignOut ¶

func (p *Proxy) SignOut(w http.ResponseWriter, r *http.Request)

SignOut redirects the request to the sign out url. It's the responsibility of the authenticate service to revoke the remote session and clear the local session state.

func (*Proxy) UpdateOptions ¶ added in v0.0.5

func (p *Proxy) UpdateOptions(o config.Options) error

UpdateOptions implements the OptionsUpdater interface and updates internal structures based on config.Options

func (*Proxy) UpdatePolicies ¶ added in v0.0.5

func (p *Proxy) UpdatePolicies(opts *config.Options) error

UpdatePolicies updates the H basedon the configured policies

func (*Proxy) UserDashboard ¶ added in v0.0.5

func (p *Proxy) UserDashboard(w http.ResponseWriter, r *http.Request) error

UserDashboard lets users investigate, and refresh their current session. It also contains certain administrative actions like user impersonation.

Nota bene: This endpoint does authentication, not authorization.

func (*Proxy) Verify ¶ added in v0.4.0

func (p *Proxy) Verify(verifyOnly bool) http.Handler

Verify checks a user's credentials for an arbitrary host. If the user is properly authenticated and is authorized to access the supplied host, a `200` http status code is returned. If the user is not authenticated, they will be redirected to the authenticate service to sign in with their identity provider. If the user is unauthorized, a `401` error is returned.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL