Back to godoc.org

Package httpproxy

v10.286.1+incompatible
Latest Go to latest

The latest major version is .

Published: Jul 8, 2020 | License: Apache-2.0 | Module: go.aporeto.io/trireme-lib

Index

Constants

const (
	// TriremeBadGatewayText is the message to send when downstream fails.
	TriremeBadGatewayText = ":The downstream port cannot be accessed. Please validate your service ports and address/hosts configuration"

	// TriremeGatewayTimeout is the message to send when downstream times-out.
	TriremeGatewayTimeout = ":The downstream node timed-out."

	// StatusClientClosedRequest non-standard HTTP status code for client disconnection
	StatusClientClosedRequest = 499

	// StatusClientClosedRequestText non-standard HTTP status for client disconnection
	StatusClientClosedRequestText = "Client Closed Request"
)
const (

	// TriremeOIDCCallbackURI is the callback URI that must be presented by
	// any OIDC provider.
	TriremeOIDCCallbackURI = "/aporeto/oidc/callback"
)

type Config

type Config struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

Config maintains state for proxies connections from listen to backend.

func NewHTTPProxy

func NewHTTPProxy(
	c collector.EventCollector,
	puContext string,
	caPool *x509.CertPool,
	applicationProxy bool,
	mark int,
	secrets secrets.Secrets,
	registry *serviceregistry.Registry,
	tokenIssuer common.ServiceTokenIssuer,
) *Config

NewHTTPProxy creates a new instance of proxy reate a new instance of Proxy

func (*Config) GetCertificateFunc

func (p *Config) GetCertificateFunc(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificateFunc implements the TLS interface for getting the certificate. This allows us to update the certificates of the connection on the fly.

func (*Config) GetClientCertificateFunc

func (p *Config) GetClientCertificateFunc(_ *tls.CertificateRequestInfo) (*tls.Certificate, error)

GetClientCertificateFunc returns the certificate that will be used by the Proxy as a client during the TLS

func (*Config) RunNetworkServer

func (p *Config) RunNetworkServer(ctx context.Context, l net.Listener, encrypted bool) error

RunNetworkServer runs an HTTP network server. If TLS is needed, the listener should be already a TLS listener.

func (*Config) ShutDown

func (p *Config) ShutDown() error

ShutDown terminates the server.

func (*Config) UpdateSecrets

func (p *Config) UpdateSecrets(cert *tls.Certificate, caPool *x509.CertPool, s secrets.Secrets, certPEM, keyPEM string)

UpdateSecrets updates the secrets

type JWTClaims

type JWTClaims struct {
	jwt.StandardClaims
	SourceID string
	Scopes   []string
	Profile  []string
}

JWTClaims is the structure of the claims we are sending on the wire.

type TriremeHTTPErrHandler

type TriremeHTTPErrHandler struct{}

TriremeHTTPErrHandler Standard error handler

func (TriremeHTTPErrHandler) ServeHTTP

func (e TriremeHTTPErrHandler) ServeHTTP(w http.ResponseWriter, req *http.Request, err error)

type TriremeRoundTripper

type TriremeRoundTripper struct {
	http.RoundTripper
}

TriremeRoundTripper is the Trireme RoundTripper that will handle responses.

func NewTriremeRoundTripper

func NewTriremeRoundTripper(r http.RoundTripper) *TriremeRoundTripper

NewTriremeRoundTripper creates a new RoundTripper that handles the responses.

func (*TriremeRoundTripper) RoundTrip

func (t *TriremeRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)

RoundTrip implements the RoundTripper interface. It will add a cookie in the response in case of OIDC requests with refresh tokens.

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier