README
¶
Traefik Goth Auth
Warning
This plugin should be considered as experimental. It is not yet tested in production environments.
Multi-provider authentication plugin for Traefik, thanks to Goth. Features:
- Only/any authenticated users can reach the next middleware/service.
- All available information of the user is published as headers.
- Use this to filter authorized accounts with other middlewares.
- If multiple configuration providers are configured, an initial selection screen is shown.
- Once logged in a cookie will avoid the need to contact the provider for a configurable amount of time.
- Configuration documentation is available here.
- Available providers:
Documentation
¶
Index ¶
- Variables
- func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error)
- func NewProvider(name, clientclientKey, secret, callback string, custom map[string]interface{}, ...) (goth.Provider, error)
- type Config
- type LogLevel
- type Plugin
- type ProviderConfig
- type ProviderInfo
Constants ¶
This section is empty.
Variables ¶
View Source
var CompleteUserAuthNoLogout = func(res http.ResponseWriter, req *http.Request) (goth.User, error) { providerName, err := gothic.GetProviderName(req) if err != nil { return goth.User{}, err } provider, err := goth.GetProvider(providerName) if err != nil { return goth.User{}, err } value, err := gothic.GetFromSession(providerName, req) if err != nil { return goth.User{}, err } sess, err := provider.UnmarshalSession(value) if err != nil { return goth.User{}, err } user, err := provider.FetchUser(sess) if err == nil { return user, err } err = validateState(req, sess) if err != nil { return goth.User{}, err } params := req.URL.Query() if params.Encode() == "" && req.Method == "POST" { _ = req.ParseForm() params = req.Form } _, err = sess.Authorize(provider, params) if err != nil { return goth.User{}, err } err = gothic.StoreInSession(providerName, sess.Marshal(), req, res) if err != nil { return goth.User{}, err } gu, err := provider.FetchUser(sess) return gu, err }
Functions ¶
Types ¶
type Config ¶
type Config struct {
// Providers is the list of configured providers.
Providers []*ProviderConfig
// CookieSecret is the secret used to sign the cookie.
CookieSecret string
// CookieOptions are the cookie options.
CookieOptions *sessions.Options
// ClaimsPrefix is the prefix for the claims to be published as headers.
ClaimsPrefix string
// LogLevel is the log level (trace, debug, info, warn, error, off).
LogLevel string
}
Config configures the Goth Auth plugin.
func CreateConfig ¶
func CreateConfig() *Config
CreateConfig creates the default plugin configuration.
type Plugin ¶
type Plugin struct {
// contains filtered or unexported fields
}
Plugin is the Traefik Goth Auth plugin.
type ProviderConfig ¶
type ProviderConfig struct {
// Name is the internal name of the provider. There should be only one instance per middleware with a given name.
Name string
// ClientKey is the client key for the provider.
ClientKey string
// Secret is the secret for the provider.
Secret string
// RedirectUri is the full redirect URI for the provider, including the host.
RedirectURI string
// AuthURI (optional) is the URI to authenticate against the provider.
AuthURI string
// LogoutURI (optional) is the URI to logout from the provider.
LogoutURI string
// Scopes (optional) is the list of scopes for the provider.
Scopes []string
// Custom (optional) is the custom configuration for the provider.
Custom map[string]interface{}
// contains filtered or unexported fields
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.