emissary/internal/config/server.go

55 lines
1.5 KiB
Go

package config
import (
"fmt"
"forge.cadoles.com/Cadoles/emissary/internal/auth/thirdparty"
)
type ServerConfig struct {
HTTP HTTPConfig `yaml:"http"`
Database DatabaseConfig `yaml:"database"`
CORS CORSConfig `yaml:"cors"`
Auth AuthConfig `yaml:"auth"`
}
func NewDefaultServerConfig() ServerConfig {
return ServerConfig{
HTTP: NewDefaultHTTPConfig(),
Database: NewDefaultDatabaseConfig(),
CORS: NewDefaultCORSConfig(),
Auth: NewDefaultAuthConfig(),
}
}
type AuthConfig struct {
Local *LocalAuthConfig `yaml:"local"`
Remote *RemoteAuthConfig `yaml:"remote"`
RoleExtractionRules []string `yaml:"roleExtractionRules"`
TenantExtractionRules []string `yaml:"tenantExtractionRules"`
}
func NewDefaultAuthConfig() AuthConfig {
return AuthConfig{
Local: &LocalAuthConfig{
PrivateKeyPath: "server-key.json",
},
Remote: nil,
RoleExtractionRules: []string{
fmt.Sprintf("jwt.%s != nil ? str(jwt.%s) : ''", thirdparty.DefaultRoleKey, thirdparty.DefaultRoleKey),
},
TenantExtractionRules: []string{
fmt.Sprintf("jwt.%s != nil ? str(jwt.%s) : ''", thirdparty.DefaultTenantKey, thirdparty.DefaultTenantKey),
},
}
}
type LocalAuthConfig struct {
PrivateKeyPath InterpolatedString `yaml:"privateKeyPath"`
}
type RemoteAuthConfig struct {
JsonWebKeySetURL InterpolatedString `yaml:"jwksUrl"`
RefreshInterval *InterpolatedDuration `yaml:"refreshInterval"`
}