package config import ( "fmt" "forge.cadoles.com/Cadoles/emissary/internal/auth/thirdparty" ) type ServerConfig struct { HTTP HTTPConfig `yaml:"http"` Database DatabaseConfig `yaml:"database"` CORS CORSConfig `yaml:"cors"` Auth AuthConfig `yaml:"auth"` } func NewDefaultServerConfig() ServerConfig { return ServerConfig{ HTTP: NewDefaultHTTPConfig(), Database: NewDefaultDatabaseConfig(), CORS: NewDefaultCORSConfig(), Auth: NewDefaultAuthConfig(), } } type AuthConfig struct { Local *LocalAuthConfig `yaml:"local"` Remote *RemoteAuthConfig `yaml:"remote"` RoleExtractionRules []string `yaml:"roleExtractionRules"` TenantExtractionRules []string `yaml:"tenantExtractionRules"` } func NewDefaultAuthConfig() AuthConfig { return AuthConfig{ Local: &LocalAuthConfig{ PrivateKeyPath: "server-key.json", }, Remote: nil, RoleExtractionRules: []string{ fmt.Sprintf("jwt.%s != nil ? str(jwt.%s) : ''", thirdparty.DefaultRoleKey, thirdparty.DefaultRoleKey), }, TenantExtractionRules: []string{ fmt.Sprintf("jwt.%s != nil ? str(jwt.%s) : ''", thirdparty.DefaultTenantKey, thirdparty.DefaultTenantKey), }, } } type LocalAuthConfig struct { PrivateKeyPath InterpolatedString `yaml:"privateKeyPath"` } type RemoteAuthConfig struct { JsonWebKeySetURL InterpolatedString `yaml:"jwksUrl"` RefreshInterval *InterpolatedDuration `yaml:"refreshInterval"` }