mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-29 18:36:30 +02:00
396c35b6b4
* update tracing config definitions * new tracing system * performance improvements * only configure tracing in envoy if it is enabled in pomerium * [tracing] refactor to use custom extension for trace id editing (#5420) refactor to use custom extension for trace id editing * set default tracing sample rate to 1.0 * fix proxy service http middleware * improve some existing auth related traces * test fixes * bump envoyproxy/go-control-plane * code cleanup * test fixes * Fix missing spans for well-known endpoints * import extension apis from pomerium/envoy-custom
50 lines
1.6 KiB
Go
50 lines
1.6 KiB
Go
package authenticate
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/pomerium/pomerium/authenticate/events"
|
|
"github.com/pomerium/pomerium/config"
|
|
identitypb "github.com/pomerium/pomerium/pkg/grpc/identity"
|
|
"github.com/pomerium/pomerium/pkg/identity"
|
|
oteltrace "go.opentelemetry.io/otel/trace"
|
|
)
|
|
|
|
type authenticateConfig struct {
|
|
getIdentityProvider func(ctx context.Context, tracerProvider oteltrace.TracerProvider, options *config.Options, idpID string) (identity.Authenticator, error)
|
|
profileTrimFn func(*identitypb.Profile)
|
|
authEventFn events.AuthEventFn
|
|
}
|
|
|
|
// An Option customizes the Authenticate config.
|
|
type Option func(*authenticateConfig)
|
|
|
|
func getAuthenticateConfig(options ...Option) *authenticateConfig {
|
|
cfg := new(authenticateConfig)
|
|
WithGetIdentityProvider(defaultGetIdentityProvider)(cfg)
|
|
for _, option := range options {
|
|
option(cfg)
|
|
}
|
|
return cfg
|
|
}
|
|
|
|
// WithGetIdentityProvider sets the getIdentityProvider function in the config.
|
|
func WithGetIdentityProvider(getIdentityProvider func(ctx context.Context, tracerProvider oteltrace.TracerProvider, options *config.Options, idpID string) (identity.Authenticator, error)) Option {
|
|
return func(cfg *authenticateConfig) {
|
|
cfg.getIdentityProvider = getIdentityProvider
|
|
}
|
|
}
|
|
|
|
// WithProfileTrimFn sets the profileTrimFn function in the config
|
|
func WithProfileTrimFn(profileTrimFn func(*identitypb.Profile)) Option {
|
|
return func(cfg *authenticateConfig) {
|
|
cfg.profileTrimFn = profileTrimFn
|
|
}
|
|
}
|
|
|
|
// WithOnAuthenticationEventHook sets the authEventFn function in the config
|
|
func WithOnAuthenticationEventHook(fn events.AuthEventFn) Option {
|
|
return func(cfg *authenticateConfig) {
|
|
cfg.authEventFn = fn
|
|
}
|
|
}
|