-
Notifications
You must be signed in to change notification settings - Fork 43
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix/refactor: Move
auth.token_key
and other parameters to `AuthConf…
…ig` structure The intent is to have a central place to fetch the configuration and validate it. This way, starting the server will fail if the needed crypto configuration is not set up appropriately. This also moves the `crypto` package to `internal` which is more appropriate. Finally, the concept of `auth.token_key` changed from being a string to being a file. The idea is that we'll have all secrets as files which will be referenced as kubernetes secrets. Closes: #923
- Loading branch information
Showing
29 changed files
with
327 additions
and
107 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
// | ||
// Copyright 2023 Stacklok, Inc. | ||
// | ||
// Licensed under the Apache License, Version 2.0 (the "License"); | ||
// you may not use this file except in compliance with the License. | ||
// You may obtain a copy of the License at | ||
// | ||
// http://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, software | ||
// distributed under the License is distributed on an "AS IS" BASIS, | ||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
// See the License for the specific language governing permissions and | ||
// limitations under the License. | ||
|
||
package config | ||
|
||
// AuthConfig is the configuration for the auth package | ||
type AuthConfig struct { | ||
// AccessTokenPrivateKey is the private key used to sign the access token for authn/z | ||
AccessTokenPrivateKey string `mapstructure:"access_token_private_key"` | ||
// AccessTokenPublicKey is the public key used to verify the access token for authn/z | ||
AccessTokenPublicKey string `mapstructure:"access_token_public_key"` | ||
// RefreshTokenPrivateKey is the private key used to sign the refresh token for authn/z | ||
RefreshTokenPrivateKey string `mapstructure:"refresh_token_private_key"` | ||
// RefreshTokenPublicKey is the public key used to verify the refresh token for authn/z | ||
RefreshTokenPublicKey string `mapstructure:"refresh_token_public_key"` | ||
// TokenExpiry is the expiry time for the access token in seconds | ||
TokenExpiry int64 `mapstructure:"token_expiry"` | ||
// RefreshExpiry is the expiry time for the refresh token in seconds | ||
RefreshExpiry int64 `mapstructure:"refresh_expiry"` | ||
// NoncePeriod is the period in seconds for which a nonce is valid | ||
NoncePeriod int64 `mapstructure:"nonce_period"` | ||
// TokenKey is the key used to store the provider's token in the database | ||
TokenKey string `mapstructure:"token_key"` | ||
} | ||
|
||
// GetAuthConfigWithDefaults returns a AuthConfig with default values | ||
func GetAuthConfigWithDefaults() AuthConfig { | ||
return AuthConfig{} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.