server

package
v0.12.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 3, 2026 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const OAUTHPath = "/_oauth"

Variables

View Source 
var DefaultConfiguration = Configuration{
	Addr: ":8080",
	Session: Session{
		CookieName: "_traefik_simple_auth",
		Expiration: 30 * 24 * time.Hour,
	},
	Auth: Auth{
		Provider:   "google",
		IssuerURL:  "https://accounts.google.com",
		AuthPrefix: "auth",
	},
	CSRFConfiguration: csrf.Configuration{
		TTL:   10 * time.Minute,
		Redis: csrf.RedisConfiguration{Namespace: "github.com/clambin/traefik-simple-auth/state"},
	},
	Log:  flagger.DefaultLog,
	Prom: flagger.DefaultProm,
}

Functions

func NewMetrics added in v0.4.0 

func NewMetrics(namespace, subsystem string, constLabels prometheus.Labels, buckets ...float64) metrics.RequestMetrics

Types

type Auth added in v0.12.0 

type Auth struct {
	Provider     string `flagger.usage:"OAuth2 provider"`
	IssuerURL    string `flagger.name:"issuer-url" flagger.usage:"The Auth Issuer URL to use (only used when provider is oidc)"`
	ClientID     string `flagger.name:"client-id" flagger.usage:"OAuth2 Client ID"`
	ClientSecret string `flagger.name:"client-secret" flagger.usage:"OAuth2 Client Secret"`
	AuthPrefix   string `flagger.name:"auth-prefix" flagger.usage:"Prefix to construct the authRedirect URL from the domain"`
}

type Configuration added in v0.6.0 

type Configuration struct {
	Whitelist Whitelist `flagger.skip:"true"`
	Auth
	flagger.Log
	flagger.Prom
	Session
	Addr              string             `flagger.usage:"The address to listen on for HTTP requests"`
	PProfAddr         string             `flagger.name:"pprof.addr" flagger.usage:"The address to listen on for Go pprof profiler (default: no pprof profiler)"`
	Domain            Domain             `flagger.skip:"true"`
	CSRFConfiguration csrf.Configuration `flagger.name:"csrf"`
}

func GetConfiguration added in v0.6.0 

func GetConfiguration(f *flag.FlagSet, args ...string) (Configuration, error)

type Domain added in v0.11.2 

type Domain string

A Domain groups a set of hostnames (e.g. ".example.com" covers "www.example.com", "www2.example.com", etc), that the authorizer should accept.

func NewDomain added in v0.11.2 

func NewDomain(domain string) (Domain, error)

NewDomain returns a new Domain. If the domain is not valid, an error is returned.

func (Domain) Matches added in v0.11.2 

func (d Domain) Matches(u *url.URL) bool

Matches returns true if the url is part of the Domain.

type Server 

type Server struct {
	http.Handler
	// contains filtered or unexported fields
}

func New 

func New(ctx context.Context, config Configuration, metrics metrics.RequestMetrics, logger *slog.Logger) Server

New returns a new Server that handles traefik's forward-auth requests and the associated authn flow. It panics if config.Provider is invalid.

type Session added in v0.12.0 

type Session struct {
	CookieName string        `flagger.name:"cookie-name" flagger.usage:"The cookie name to use for authentication"`
	Secret     []byte        `flagger.skip:"true"`
	Expiration time.Duration `flagger.usage:"How long the session should remain valid"`
}

type Whitelist added in v0.11.2 

type Whitelist map[string]struct{}

A Whitelist is a list of valid email addresses that the authorizer should accept.

func NewWhitelist added in v0.11.2 

func NewWhitelist(emails []string) (Whitelist, error)

NewWhitelist creates a new Whitelist for the provided email addresses.

func (*Whitelist) Add added in v0.12.0 

func (w *Whitelist) Add(s ...string) error

func (*Whitelist) Match added in v0.11.2 

func (w *Whitelist) Match(email string) bool

Match returns true if the email address is on the whitelist or if the whitelist is empty.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.