servers.caddy.security #
struct APIConfig #
struct APIConfig {
pub mut:
enabled bool @[skip]
}
struct AccessListConfig #
struct AccessListConfig {
pub mut:
comment string
conditions []string
action string
}
struct AuthenticationPortal #
struct AuthenticationPortal {
pub mut:
name string
ui UIConfig
user_registration_config UserRegistrationConfig @[omitempty]
user_transformer_configs []UserTransformerConfig @[omitempty]
cookie_config CookieConfig @[omitempty]
identity_stores []string @[omitempty]
identity_providers []string @[omitempty]
access_list_configs []AccessListConfig @[omitempty]
token_validator_options TokenValidatorOptions @[omitempty]
crypto_key_configs []CryptoKeyConfig
crypto_key_store_config map[string]string @[omitempty]
token_grantor_options TokenGrantorOptions @[omitempty]
api APIConfig @[omitempty]
}
struct AuthorizationPolicy #
struct AuthorizationPolicy {
pub mut:
name string
auth_url_path string
disable_auth_redirect bool
disable_auth_redirect_query bool
auth_redirect_query_param string
auth_redirect_status_code int
redirect_with_javascript bool
bypass_configs []BypassConfig @[omitempty]
header_injection_configs []HeaderInjectionConfig @[omitempty]
access_list_rules []AccessListConfig @[omitempty]
crypto_key_configs []CryptoKeyConfig @[omitempty]
crypto_key_store_config map[string]string @[omitempty]
auth_proxy_config map[string]map[string]bool @[omitempty]
allowed_token_sources []string
strip_token_enabled bool
forbidden_url string
user_identity_field string
validate_bearer_header bool
validate_method_path bool
validate_access_list_path_claim bool
validate_source_address bool
pass_claims_with_headers bool
login_hint_validators []string
}
struct BypassConfig #
struct BypassConfig {
pub mut:
match_type string
uri string
}
struct Config #
struct Config {
pub mut:
credentials map[string][]GenericCredential @[omitempty; skip]
authentication_portals []AuthenticationPortal @[omitempty]
authorization_policies []AuthorizationPolicy @[omitempty]
messaging MessagingConfig @[omitempty]
identity_stores []IdentityStore @[omitempty]
identity_providers []IdentityProvider @[omitempty]
}
struct CookieConfig #
struct CookieConfig {
pub mut:
domains map[string]DomainConfig @[omitempty]
path string
lifetime int
insecure bool
same_site string
}
struct CryptoKeyConfig #
struct CryptoKeyConfig {
pub mut:
seq int
id string
usage string
token_name string
source string
algorithm string
env_var_name string
env_var_type string
env_var_value string
file_path string
dir_path string
token_lifetime int
token_secret string
token_sign_method string
token_eval_expr []string
}
struct DomainConfig #
struct DomainConfig {
pub mut:
seq int
domain string
path string
lifetime int
insecure bool
same_site string
}
struct EmailProvider #
struct EmailProvider {
pub mut:
name string
address string
protocol string
credentials string
sender_email string
sender_name string
templates map[string]string
passwordless bool
blind_carbon_copy []string
}
struct FileProvider #
struct FileProvider {
pub mut:
name string
root_dir string
templates map[string]string
}
struct GenericCredential #
struct GenericCredential {
pub mut:
name string
username string
password string
domain string
}
struct HeaderInjectionConfig #
struct HeaderInjectionConfig {
pub mut:
header string
field string
}
struct IdentityProvider #
struct IdentityProvider {
pub mut:
name string
kind string
params Params @[omitempty]
}
struct IdentityStore #
struct IdentityStore {
pub mut:
name string
kind string
params map[string]string
}
struct MessagingConfig #
struct MessagingConfig {
pub mut:
email_providers []EmailProvider
file_providers []FileProvider
}
struct OAuthConfig #
struct OAuthConfig {
pub:
name string
domain string
client_id string
client_secret string
scopes []string
token_secret string @[required] // the secret used to encode decode auth token
}
struct Params #
struct Params {
base_auth_url string @[omitempty]
client_id string @[omitempty]
client_secret string @[omitempty]
domain_name string @[omitempty]
driver string @[omitempty]
metadata_url string @[omitempty]
realm string @[omitempty]
scopes []string @[omitempty]
}
struct PolicyParams #
@[params]
struct PolicyParams {
pub mut:
roles []string
auth_url_path string
token_secret string @[required]
}
struct PrivateLink #
struct PrivateLink {
pub mut:
link string
title string
style string
open_new_window bool
target string
target_enabled bool
icon_name string
icon_enabled bool
}
struct Realm #
struct Realm {
pub mut:
name string
label string
}
struct Security #
struct Security {
pub mut:
config Config @[omitempty]
}
fn (Security) add_oauth #
fn (mut s Security) add_oauth(config OAuthConfig) !
fn (Security) add_policy #
fn (mut s Security) add_policy(name string, params PolicyParams) !
fn (Security) add_role #
fn (mut s Security) add_role(role string, emails []string) !
struct TokenGrantorOptions #
struct TokenGrantorOptions {
pub mut:
enable_source_address bool
}
struct TokenValidatorOptions #
struct TokenValidatorOptions {
pub mut:
validate_source_address bool
validate_bearer_header bool
validate_method_path bool
validate_access_list_path_claim bool
}
struct UIConfig #
struct UIConfig {
pub mut:
theme string
templates map[string]string @[omitempty]
allow_role_selection bool @[omitempty]
title string @[omitempty]
logo_url string @[omitempty]
logo_description string @[omitempty]
private_links []PrivateLink @[omitempty]
auto_redirect_url string @[omitempty]
realms []Realm @[omitempty]
password_recovery_enabled bool @[omitempty]
custom_css_path string @[omitempty]
custom_js_path string @[omitempty]
}
struct UserRegistrationConfig #
struct UserRegistrationConfig {
pub mut:
disabled bool
title string
code string
dropbox string
require_accept_terms bool
require_domain_mx bool
terms_conditions_link string
privacy_policy_link string
email_provider string
admin_emails []string
}
struct UserTransformerConfig #
struct UserTransformerConfig {
pub mut:
matchers []string
actions []string
}
- struct APIConfig
- struct AccessListConfig
- struct AuthenticationPortal
- struct AuthorizationPolicy
- struct BypassConfig
- struct Config
- struct CookieConfig
- struct CryptoKeyConfig
- struct DomainConfig
- struct EmailProvider
- struct FileProvider
- struct GenericCredential
- struct HeaderInjectionConfig
- struct IdentityProvider
- struct IdentityStore
- struct MessagingConfig
- struct OAuthConfig
- struct Params
- struct PolicyParams
- struct PrivateLink
- struct Realm
- struct Security
- struct TokenGrantorOptions
- struct TokenValidatorOptions
- struct UIConfig
- struct UserRegistrationConfig
- struct UserTransformerConfig