-
Notifications
You must be signed in to change notification settings - Fork 169
/
config.go
199 lines (172 loc) · 4.81 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
package config
import (
"context"
)
// Log defines the available logging configuration.
type Log struct {
Level string
Pretty bool
Color bool
File string
}
// Debug defines the available debug configuration.
type Debug struct {
Addr string
Token string
Pprof bool
Zpages bool
}
// HTTP defines the available http configuration.
type HTTP struct {
Addr string
Root string
TLSCert string
TLSKey string
TLS bool
}
// Service defines the available service configuration.
type Service struct {
Name string
Namespace string
Version string
}
// Tracing defines the available tracing configuration.
type Tracing struct {
Enabled bool
Type string
Endpoint string
Collector string
Service string
}
// Asset defines the available asset configuration.
type Asset struct {
Path string
}
// Policy enables us to use multiple directors.
type Policy struct {
Name string
Routes []Route
}
// Route define forwarding routes
type Route struct {
Type RouteType
Endpoint string
Backend string
ApacheVHost bool `mapstructure:"apache-vhost"`
}
// RouteType defines the type of a route
type RouteType string
const (
// PrefixRoute are routes matched by a prefix
PrefixRoute RouteType = "prefix"
// QueryRoute are routes machted by a prefix and query parameters
QueryRoute RouteType = "query"
// RegexRoute are routes matched by a pattern
RegexRoute RouteType = "regex"
// DefaultRouteType is the PrefixRoute
DefaultRouteType RouteType = PrefixRoute
)
var (
// RouteTypes is an array of the available route types
RouteTypes []RouteType = []RouteType{QueryRoute, RegexRoute, PrefixRoute}
)
// Reva defines all available REVA configuration.
type Reva struct {
Address string
Middleware Middleware
}
// Middleware configures proxy middlewares.
type Middleware struct {
Auth Auth
}
// Auth configures proxy http auth middleware.
type Auth struct {
CredentialsByUserAgent map[string]string
}
// Cache is a TTL cache configuration.
type Cache struct {
Size int
TTL int
}
// Config combines all available configuration parts.
type Config struct {
File string
Log Log
Debug Debug
HTTP HTTP
Service Service
Tracing Tracing
Asset Asset
Policies []Policy
OIDC OIDC
TokenManager TokenManager
PolicySelector *PolicySelector `mapstructure:"policy_selector"`
Reva Reva
PreSignedURL PreSignedURL
AccountBackend string
UserOIDCClaim string
UserCS3Claim string
AutoprovisionAccounts bool
EnableBasicAuth bool
InsecureBackends bool
Context context.Context
Supervised bool
}
// OIDC is the config for the OpenID-Connect middleware. If set the proxy will try to authenticate every request
// with the configured oidc-provider
type OIDC struct {
Issuer string
Insecure bool
UserinfoCache Cache
}
// PolicySelector is the toplevel-configuration for different selectors
type PolicySelector struct {
Static *StaticSelectorConf
Migration *MigrationSelectorConf
Claims *ClaimsSelectorConf
Regex *RegexSelectorConf
}
// StaticSelectorConf is the config for the static-policy-selector
type StaticSelectorConf struct {
Policy string
}
// TokenManager is the config for using the reva token manager
type TokenManager struct {
JWTSecret string
}
// PreSignedURL is the config for the presigned url middleware
type PreSignedURL struct {
AllowedHTTPMethods []string
Enabled bool
}
// MigrationSelectorConf is the config for the migration-selector
type MigrationSelectorConf struct {
AccFoundPolicy string `mapstructure:"acc_found_policy"`
AccNotFoundPolicy string `mapstructure:"acc_not_found_policy"`
UnauthenticatedPolicy string `mapstructure:"unauthenticated_policy"`
}
// ClaimsSelectorConf is the config for the claims-selector
type ClaimsSelectorConf struct {
DefaultPolicy string `mapstructure:"default_policy"`
UnauthenticatedPolicy string `mapstructure:"unauthenticated_policy"`
SelectorCookieName string `mapstructure:"selector_cookie_name"`
}
// RegexSelectorConf is the config for the regex-selector
type RegexSelectorConf struct {
DefaultPolicy string `mapstructure:"default_policy"`
MatchesPolicies []RegexRuleConf `mapstructure:"matches_policies"`
UnauthenticatedPolicy string `mapstructure:"unauthenticated_policy"`
SelectorCookieName string `mapstructure:"selector_cookie_name"`
}
type RegexRuleConf struct {
Priority int `mapstructure:"priority"`
Property string `mapstructure:"property"`
Match string `mapstructure:"match"`
Policy string `mapstructure:"policy"`
}
// New initializes a new configuration
func New() *Config {
return &Config{
HTTP: HTTP{},
}
}