2020-04-30 02:03:05 +00:00
|
|
|
package schema
|
|
|
|
|
2022-08-08 21:50:12 +00:00
|
|
|
import (
|
2023-05-07 05:48:26 +00:00
|
|
|
"net/url"
|
2022-08-08 21:50:12 +00:00
|
|
|
"time"
|
|
|
|
)
|
|
|
|
|
2020-04-30 02:03:05 +00:00
|
|
|
// ServerConfiguration represents the configuration of the http server.
|
|
|
|
type ServerConfiguration struct {
|
2023-06-23 19:19:56 +00:00
|
|
|
Address *AddressTCP `koanf:"address"`
|
|
|
|
AssetPath string `koanf:"asset_path"`
|
|
|
|
DisableHealthcheck bool `koanf:"disable_healthcheck"`
|
|
|
|
DisableAutoHttpsRedirect bool `koanf:"disable_autho_https_redirect"`
|
2023-06-23 20:07:23 +00:00
|
|
|
UseIPInsteadOfUserForBan bool `koanf:"use_ip_for_ban"`
|
2021-08-02 11:55:30 +00:00
|
|
|
|
2023-01-25 09:36:40 +00:00
|
|
|
TLS ServerTLS `koanf:"tls"`
|
|
|
|
Headers ServerHeaders `koanf:"headers"`
|
|
|
|
Endpoints ServerEndpoints `koanf:"endpoints"`
|
2023-06-23 19:19:56 +00:00
|
|
|
GRPC ServerGRPC `koanf:"grpc"`
|
2022-08-08 21:50:12 +00:00
|
|
|
|
|
|
|
Buffers ServerBuffers `koanf:"buffers"`
|
|
|
|
Timeouts ServerTimeouts `koanf:"timeouts"`
|
2023-05-07 05:48:26 +00:00
|
|
|
|
|
|
|
// Deprecated: use address instead.
|
|
|
|
Host string `koanf:"host"`
|
|
|
|
|
|
|
|
// Deprecated: use address instead.
|
|
|
|
Port int `koanf:"port"`
|
2023-05-30 08:21:19 +00:00
|
|
|
|
|
|
|
// Deprecated: use address instead.
|
|
|
|
Path string `koanf:"path"`
|
2021-08-02 11:55:30 +00:00
|
|
|
}
|
|
|
|
|
2023-01-25 09:36:40 +00:00
|
|
|
// ServerEndpoints is the endpoints configuration for the HTTP server.
|
|
|
|
type ServerEndpoints struct {
|
|
|
|
EnablePprof bool `koanf:"enable_pprof"`
|
|
|
|
EnableExpvars bool `koanf:"enable_expvars"`
|
|
|
|
|
|
|
|
Authz map[string]ServerAuthzEndpoint `koanf:"authz"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerAuthzEndpoint is the Authz endpoints configuration for the HTTP server.
|
|
|
|
type ServerAuthzEndpoint struct {
|
|
|
|
Implementation string `koanf:"implementation"`
|
|
|
|
|
|
|
|
AuthnStrategies []ServerAuthzEndpointAuthnStrategy `koanf:"authn_strategies"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerAuthzEndpointAuthnStrategy is the Authz endpoints configuration for the HTTP server.
|
|
|
|
type ServerAuthzEndpointAuthnStrategy struct {
|
|
|
|
Name string `koanf:"name"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerTLS represents the configuration of the http servers TLS options.
|
|
|
|
type ServerTLS struct {
|
2022-04-04 23:57:47 +00:00
|
|
|
Certificate string `koanf:"certificate"`
|
|
|
|
Key string `koanf:"key"`
|
|
|
|
ClientCertificates []string `koanf:"client_certificates"`
|
2020-04-30 02:03:05 +00:00
|
|
|
}
|
|
|
|
|
2023-01-25 09:36:40 +00:00
|
|
|
// ServerHeaders represents the customization of the http server headers.
|
|
|
|
type ServerHeaders struct {
|
2022-02-20 23:14:09 +00:00
|
|
|
CSPTemplate string `koanf:"csp_template"`
|
|
|
|
}
|
|
|
|
|
2023-06-23 19:19:56 +00:00
|
|
|
// ServerGRCP contains configuration options for the gRCP server.
|
|
|
|
type ServerGRPC struct {
|
|
|
|
// Address with port to listen on. If this field is empty, no grcp server
|
|
|
|
// will be spawned.
|
|
|
|
Address *AddressTCP `koanf:"address"`
|
|
|
|
|
|
|
|
DisableTLS bool `koanf:"disableTLS"`
|
|
|
|
}
|
|
|
|
|
2020-04-30 02:03:05 +00:00
|
|
|
// DefaultServerConfiguration represents the default values of the ServerConfiguration.
|
|
|
|
var DefaultServerConfiguration = ServerConfiguration{
|
2023-05-30 08:21:19 +00:00
|
|
|
Address: &AddressTCP{Address{true, false, -1, 9091, &url.URL{Scheme: AddressSchemeTCP, Host: ":9091", Path: "/"}}},
|
2022-08-08 21:50:12 +00:00
|
|
|
Buffers: ServerBuffers{
|
|
|
|
Read: 4096,
|
|
|
|
Write: 4096,
|
|
|
|
},
|
|
|
|
Timeouts: ServerTimeouts{
|
2022-10-07 02:52:01 +00:00
|
|
|
Read: time.Second * 6,
|
|
|
|
Write: time.Second * 6,
|
2022-08-08 21:50:12 +00:00
|
|
|
Idle: time.Second * 30,
|
|
|
|
},
|
2023-01-25 09:36:40 +00:00
|
|
|
Endpoints: ServerEndpoints{
|
|
|
|
Authz: map[string]ServerAuthzEndpoint{
|
|
|
|
"legacy": {
|
|
|
|
Implementation: "Legacy",
|
|
|
|
},
|
|
|
|
"auth-request": {
|
|
|
|
Implementation: "AuthRequest",
|
|
|
|
AuthnStrategies: []ServerAuthzEndpointAuthnStrategy{
|
|
|
|
{
|
|
|
|
Name: "HeaderAuthRequestProxyAuthorization",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
Name: "CookieSession",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
"forward-auth": {
|
|
|
|
Implementation: "ForwardAuth",
|
|
|
|
AuthnStrategies: []ServerAuthzEndpointAuthnStrategy{
|
|
|
|
{
|
|
|
|
Name: "HeaderProxyAuthorization",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
Name: "CookieSession",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
"ext-authz": {
|
|
|
|
Implementation: "ExtAuthz",
|
|
|
|
AuthnStrategies: []ServerAuthzEndpointAuthnStrategy{
|
|
|
|
{
|
|
|
|
Name: "HeaderProxyAuthorization",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
Name: "CookieSession",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2020-04-30 02:03:05 +00:00
|
|
|
}
|