From 0f939b0e7b7a58d9ecaad680fc39ca387a3fe382 Mon Sep 17 00:00:00 2001 From: aeneasr Date: Thu, 7 May 2020 10:13:53 +0000 Subject: [PATCH] autogen(docs): generate and format documentation --- docs/docs/configure-deploy.md | 6 +- docs/docs/install.md | 4 +- docs/docs/reference/configuration.md | 511 +++++++++++------ .../version-v0.38/configure-deploy.md | 30 +- docs/versioned_docs/version-v0.38/install.md | 4 +- .../version-v0.38/pipeline/authn.md | 6 +- .../version-v0.38/reference/configuration.md | 518 ++++++++++++------ 7 files changed, 725 insertions(+), 354 deletions(-) diff --git a/docs/docs/configure-deploy.md b/docs/docs/configure-deploy.md index 77cf0ef415..55fb3813fc 100644 --- a/docs/docs/configure-deploy.md +++ b/docs/docs/configure-deploy.md @@ -236,7 +236,7 @@ HS256, ...). Let's generate a key for the RS256 algorithm that will be used by the id_token mutator: ```sh -$ docker run oryd/oathkeeper:v0.38.0-beta.1 credentials generate --alg RS256 > jwks.json +$ docker run oryd/oathkeeper:v0.38.0-beta.2 credentials generate --alg RS256 > jwks.json ``` ### Dockerfile @@ -246,7 +246,7 @@ files to the image: ```shell $ cat << EOF > Dockerfile -FROM oryd/oathkeeper:v0.38.0-beta.1 +FROM oryd/oathkeeper:v0.38.0-beta.2 ADD config.yaml /config.yaml ADD rules.json /rules.json @@ -268,7 +268,7 @@ Before building the Docker Image, we need to make sure that the local ORY Oathkeeper Docker Image is on the most recent version: ```sh -$ docker pull oryd/oathkeeper:v0.38.0-beta.1 +$ docker pull oryd/oathkeeper:v0.38.0-beta.2 ``` Next we will build our custom Docker Image diff --git a/docs/docs/install.md b/docs/docs/install.md index 1a35a45142..8eea1f09b6 100644 --- a/docs/docs/install.md +++ b/docs/docs/install.md @@ -11,7 +11,7 @@ pre-built binaries, Docker Images and support various package managers. We recommend using Docker to run ORY Oathkeeper: ```shell -$ docker pull oryd/oathkeeper:v0.38.0-beta.1 +$ docker pull oryd/oathkeeper:v0.38.0-beta.2 $ docker run --rm -it oryd/oathkeeper help ``` @@ -31,7 +31,7 @@ On linux, you can use `bash <(curl ...)` to fetch the latest stable binary using: ```shell -$ bash <(curl https://raw.githubusercontent.com/ory/oathkeeper/master/install.sh) -b . v0.38.0-beta.1 +$ bash <(curl https://raw.githubusercontent.com/ory/oathkeeper/master/install.sh) -b . v0.38.0-beta.2 $ ./oathkeeper help ``` diff --git a/docs/docs/reference/configuration.md b/docs/docs/reference/configuration.md index fabd6a680e..44e059fd04 100644 --- a/docs/docs/reference/configuration.md +++ b/docs/docs/reference/configuration.md @@ -45,7 +45,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_PORT= # - port: -70146530 + port: 92403837 ## Host ## # @@ -61,7 +61,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_HOST= # - host: '' + host: localhost ## Cross Origin Resource Sharing (CORS) ## # @@ -115,7 +115,8 @@ serve: # > set SERVE_API_CORS_ALLOWED_METHODS= # allowed_methods: - - HEAD + - GET + - PATCH - DELETE ## Allowed Request HTTP Headers ## @@ -131,8 +132,7 @@ serve: # > set SERVE_API_CORS_ALLOWED_HEADERS= # allowed_headers: - - in - - eiusmod + - deserunt veniam ## Allowed Response HTTP Headers ## # @@ -147,10 +147,10 @@ serve: # > set SERVE_API_CORS_EXPOSED_HEADERS= # exposed_headers: - - sint - - ipsum aliqua Duis - - Excepteur voluptate ad - - amet ad + - amet ad pariatur + - enim nulla nostrud + - occaecat ex velit sint + - Lorem consectetur fugiat commodo dolore ## Allow HTTP Credentials ## # @@ -164,7 +164,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_CORS_ALLOW_CREDENTIALS= # - allow_credentials: false + allow_credentials: true ## Maximum Age ## # @@ -176,7 +176,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_CORS_MAX_AGE= # - max_age: -44214183 + max_age: 6182384 ## Enable Debugging ## # @@ -190,7 +190,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_CORS_DEBUG= # - debug: false + debug: true ## HTTPS ## # @@ -258,7 +258,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_PORT= # - port: -25176547 + port: -98838366 ## Host ## # @@ -274,7 +274,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_HOST= # - host: localhost + host: '' ## HTTP Timeouts ## # @@ -298,7 +298,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_TIMEOUT_READ= # - read: 5m + read: 5s ## HTTP Write Timeout ## # @@ -317,7 +317,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_TIMEOUT_WRITE= # - write: 120s + write: 5s ## HTTP Idle Timeout ## # @@ -336,7 +336,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_TIMEOUT_IDLE= # - idle: 5h + idle: 5s ## Cross Origin Resource Sharing (CORS) ## # @@ -355,7 +355,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_ENABLED= # - enabled: false + enabled: true ## Allowed Origins ## # @@ -375,7 +375,9 @@ serve: # > set SERVE_PROXY_CORS_ALLOWED_ORIGINS= # allowed_origins: - - '*' + - https://example.com + - https://*.example.com + - https://*.foo.example.com ## Allowed HTTP Methods ## # @@ -391,10 +393,6 @@ serve: # allowed_methods: - GET - - PATCH - - TRACE - - PUT - - HEAD ## Allowed Request HTTP Headers ## # @@ -409,10 +407,11 @@ serve: # > set SERVE_PROXY_CORS_ALLOWED_HEADERS= # allowed_headers: - - ex quis pariatur - - dolor deserunt veniam officia pariatur - - aliquip veniam - - nulla eu do + - mollit sed ea do + - veniam nisi + - laboris nostrud irure ut + - irure tempor dolore ut + - ipsum cillum minim elit ## Allowed Response HTTP Headers ## # @@ -427,8 +426,11 @@ serve: # > set SERVE_PROXY_CORS_EXPOSED_HEADERS= # exposed_headers: - - ea Excepteur deserunt sint id - - Duis sed exercitation eu + - sed reprehenderit est ex + - ad + - non ex dolore + - laboris ea voluptate fugiat + - Excepteur anim non ## Allow HTTP Credentials ## # @@ -442,7 +444,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_ALLOW_CREDENTIALS= # - allow_credentials: true + allow_credentials: false ## Maximum Age ## # @@ -454,7 +456,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_MAX_AGE= # - max_age: -29571492 + max_age: 96823405 ## Enable Debugging ## # @@ -468,7 +470,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_DEBUG= # - debug: false + debug: true ## HTTPS ## # @@ -565,7 +567,7 @@ access_rules: # - Windows Command Line (CMD): # > set ACCESS_RULES_MATCHING_STRATEGY= # - matching_strategy: glob + matching_strategy: regexp ## Authenticators ## # @@ -592,7 +594,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_ANONYMOUS_ENABLED= # - enabled: false + enabled: true ## Anonymous Authenticator Configuration ## # @@ -638,7 +640,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_NOOP_ENABLED= # - enabled: false + enabled: true ## Unauthorized ## # @@ -682,7 +684,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_COOKIE_SESSION_ENABLED= # - enabled: true + enabled: false ## JSON Web Token (jwt) ## # @@ -714,7 +716,9 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_REQUIRED_SCOPE= # required_scope: - - et anim in + - in sit elit + - enim sed minim nisi + - laboris fugiat cillum laborum nulla ## target_audience ## # @@ -725,11 +729,8 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_TARGET_AUDIENCE= # target_audience: - - tempor non pariatur magna Ut - - aliqua Ut aliquip commodo occaecat - - dolor - - in - - qui id + - amet do ut enim veniam + - dolore culpa deserunt non in ## trusted_issuers ## # @@ -740,10 +741,10 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_TRUSTED_ISSUERS= # trusted_issuers: - - mollit - - tempor consequat dolor veniam ad - - nisi - - non Excepteur + - commodo + - sunt ex + - deserunt tempor + - aliqua eu dolore non ## allowed_algorithms ## # @@ -754,7 +755,11 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_ALLOWED_ALGORITHMS= # allowed_algorithms: - - Excepteur + - consectetur ex do adipisicing + - ut ut occaecat deserunt + - cupidatat enim voluptate + - elit sed minim + - Lorem mollit ipsum deserunt nostrud ## scope_strategy ## # @@ -764,17 +769,20 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_JWT_CONFIG_SCOPE_STRATEGY= # - scope_strategy: none + scope_strategy: wildcard ## token_from ## # - # Set this value using environment variables on - # - Linux/macOS: - # $ export AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM= - # - Windows Command Line (CMD): - # > set AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM= - # - token_from: null + token_from: + ## header ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM_HEADER= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM_HEADER= + # + header: enim et aute commodo sit ## Enabled ## # @@ -791,13 +799,37 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_JWT_ENABLED= # - enabled: false + enabled: true ## OAuth 2.0 Client Credentials ## # # The [`oauth2_client_credentials` authenticator](https://www.ory.sh/oathkeeper/docs/pipeline/authn#oauth2_client_credentials). # oauth2_client_credentials: + ## config ## + # + config: + ## token_url ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_TOKEN_URL= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_TOKEN_URL= + # + token_url: https://my-website.com/oauth2/token + + ## required_scope ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_REQUIRED_SCOPE= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_REQUIRED_SCOPE= + # + required_scope: + - amet mollit ea fugiat esse + ## Enabled ## # # En-/disables this component. @@ -841,11 +873,21 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_SCOPE_STRATEGY= # - scope_strategy: none + scope_strategy: hierarchic ## pre_authorization ## # pre_authorization: + ## enabled ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= + # + enabled: false + ## client_id ## # # Set this value using environment variables on @@ -854,7 +896,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_CLIENT_ID= # - client_id: ullamco in non + client_id: ea velit culpa labore in ## client_secret ## # @@ -864,7 +906,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_CLIENT_SECRET= # - client_secret: in irure Ut sint + client_secret: sit ## token_url ## # @@ -874,17 +916,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_TOKEN_URL= # - token_url: http://kdzhNQjzbfUKNjojUkowTsjFkdUpNQmiH.oyQVreE-Z24WcsLz-+-.Gycs - - ## enabled ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= - # - Windows Command Line (CMD): - # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= - # - enabled: true + token_url: https://ipVSjuAkdC.uyygYSXnGimIkhaQLiAq1esfPG38WJqmvutFGnGMMddFQ ## scope ## # @@ -907,11 +939,10 @@ authenticators: # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_REQUIRED_SCOPE= # required_scope: - - nulla Excepteur - - nulla proident tempor pariatur commodo - - velit ut laboris sed - - elit cupidatat anim officia Ut - - in officia + - eiusmod ut consequat + - ullamco + - et velit + - sit Excepteur esse ullamco ## target_audience ## # @@ -922,8 +953,8 @@ authenticators: # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TARGET_AUDIENCE= # target_audience: - - amet - - ad laborum + - aliqua ad esse ut consequat + - incididunt ## trusted_issuers ## # @@ -934,21 +965,20 @@ authenticators: # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TRUSTED_ISSUERS= # trusted_issuers: - - est Excepteur sed sint - - deserunt commodo aliqua cupidatat qui + - officia + - laboris occaecat + - voluptate reprehenderit + - occaecat anim sint quis ullamco ## token_from ## # - token_from: - ## cookie ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM_COOKIE= - # - Windows Command Line (CMD): - # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM_COOKIE= - # - cookie: Duis incididunt officia aliqua veniam + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM= + # + token_from: null ## retry ## # @@ -961,7 +991,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_RETRY_GIVE_UP_AFTER= # - give_up_after: 0h + give_up_after: 150498879m ## max_delay ## # @@ -971,7 +1001,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_RETRY_MAX_DELAY= # - max_delay: 06263711596m + max_delay: 99832ns ## cache ## # @@ -984,7 +1014,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_CACHE_ENABLED= # - enabled: false + enabled: true ## ttl ## # @@ -1011,7 +1041,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_ENABLED= # - enabled: true + enabled: false ## Error Handling ## # @@ -1053,7 +1083,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_WWW_AUTHENTICATE_CONFIG_REALM= # - realm: exercitation velit labore dolor magna + realm: do minim laboris ## when ## # @@ -1066,13 +1096,37 @@ errors: when: - error: - unauthorized + - forbidden + request: + cidr: + - aliquip nulla ex dolore + - dolor esse Duis + - dolor ad reprehenderit est dolore + header: + content_type: [] + accept: [] + - error: + - forbidden + request: + cidr: + - elit id dolor + - sed eiusmod + - consequat cillum + header: + content_type: [] + accept: [] + - error: + - unauthorized + - forbidden + - not_found + - internal_server_error - internal_server_error request: cidr: - - qui enim voluptate culpa - - et mollit dolor esse - - deserunt dolore - - dolor tempor laboris + - fugiat laborum + - Lorem id adipisicing + - consequat laborum reprehenderit fugiat do + - enim header: content_type: [] accept: [] @@ -1092,13 +1146,113 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_WWW_AUTHENTICATE_ENABLED= # - enabled: false + enabled: true ## HTTP Redirect Error Handler ## # # Responds with a 301/302 HTTP redirect. # redirect: + ## config ## + # + config: + ## to ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_REDIRECT_CONFIG_TO= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_REDIRECT_CONFIG_TO= + # + to: http://CrvZuEBJKtmY.ohfAITSth6cJQiRyEITKdK1+VNOdiIS6IAer1DT4,uzy, + + ## code ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_REDIRECT_CONFIG_CODE= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_REDIRECT_CONFIG_CODE= + # + code: 301 + + ## when ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_REDIRECT_CONFIG_WHEN= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_REDIRECT_CONFIG_WHEN= + # + when: + - error: + - not_found + - internal_server_error + - not_found + - forbidden + - unauthorized + request: + cidr: + - Lorem exercitation ad dolore + - ullamco et eu in velit + - et sunt nulla + - dolor Duis quis + - veniam cupidatat occaecat laboris dolore + header: + content_type: [] + accept: [] + - error: + - not_found + - unauthorized + - not_found + - forbidden + - not_found + request: + cidr: + - cupidatat labore eiusmod sunt exercitation + - Lorem incididunt ex + header: + content_type: [] + accept: [] + - error: + - internal_server_error + request: + cidr: + - exercitation Duis do incididunt + - exercitation + - anim in + - aute dolore adipisicing + - cillum velit qui aliquip et + header: + content_type: [] + accept: [] + - error: + - unauthorized + - internal_server_error + - internal_server_error + - forbidden + request: + cidr: + - non deserunt + - est mollit veniam + - laborum voluptate + - minim cillum + header: + content_type: [] + accept: [] + - error: + - not_found + - unauthorized + - forbidden + request: + cidr: + - et veniam dolore + - ipsum esse + - irure eiusmod ipsum exercitation Ut + header: + content_type: [] + accept: [] + ## Enabled ## # # En-/disables this component. @@ -1114,7 +1268,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_REDIRECT_ENABLED= # - enabled: true + enabled: false ## JSON Error Handler ## # @@ -1123,6 +1277,51 @@ errors: # Default value: [object Object] # json: + ## config ## + # + config: + ## verbose ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_JSON_CONFIG_VERBOSE= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_JSON_CONFIG_VERBOSE= + # + verbose: false + + ## when ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_JSON_CONFIG_WHEN= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_JSON_CONFIG_WHEN= + # + when: + - error: + - forbidden + - forbidden + request: + cidr: + - tempor labore quis ut eu + - aute quis labore veniam sit + header: + content_type: [] + accept: [] + - error: + - forbidden + - unauthorized + request: + cidr: + - cupidatat commodo quis sed + - ex nostrud aute enim occaecat + - officia + - ut + header: + content_type: [] + accept: [] + ## Enabled ## # # En-/disables this component. @@ -1133,7 +1332,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_JSON_ENABLED= # - enabled: false + enabled: true ## Authorizers ## # @@ -1233,6 +1432,29 @@ authorizers: # The [`remote_json` authorizer](https://www.ory.sh/oathkeeper/docs/pipeline/authz#remote_json). # remote_json: + ## config ## + # + config: + ## remote ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHORIZERS_REMOTE_JSON_CONFIG_REMOTE= + # - Windows Command Line (CMD): + # > set AUTHORIZERS_REMOTE_JSON_CONFIG_REMOTE= + # + remote: https://host/path + + ## payload ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHORIZERS_REMOTE_JSON_CONFIG_PAYLOAD= + # - Windows Command Line (CMD): + # > set AUTHORIZERS_REMOTE_JSON_CONFIG_PAYLOAD= + # + payload: '{"subject":"{{ .Subject }}"}' + ## Enabled ## # # En-/disables this component. @@ -1282,16 +1504,6 @@ mutators: # The [`cookie` mutator](https://www.ory.sh/oathkeeper/docs/pipeline/mutator#cookie). # cookie: - ## config ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_COOKIE_CONFIG= - # - Windows Command Line (CMD): - # > set MUTATORS_COOKIE_CONFIG= - # - config: {} - ## Enabled ## # # En-/disables this component. @@ -1307,13 +1519,23 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_COOKIE_ENABLED= # - enabled: true + enabled: false ## HTTP Header ## # # The [`header` mutator](https://www.ory.sh/oathkeeper/docs/pipeline/mutator#header). # header: + ## config ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export MUTATORS_HEADER_CONFIG= + # - Windows Command Line (CMD): + # > set MUTATORS_HEADER_CONFIG= + # + config: {} + ## Enabled ## # # En-/disables this component. @@ -1329,7 +1551,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HEADER_ENABLED= # - enabled: false + enabled: true ## Hydrator ## # @@ -1350,7 +1572,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_URL= # - url: http://XnDNQSubnyt.tquqauqexhnG1zhB3tzcZ0EMCMQLZWvR8SwtoOU9jylkQ2VmlGocengM7liJMF1wru0xw + url: https://nALcUfZcqCbICWWULGt.sbBTLXWYZHFaRI3lC7RHM ## auth ## # @@ -1366,7 +1588,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_AUTH_BASIC_USERNAME= # - username: fugiat eu ipsum quis + username: Duis aute ## password ## # @@ -1376,7 +1598,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_AUTH_BASIC_PASSWORD= # - password: voluptate esse nulla Lorem veniam + password: amet ## retry ## # @@ -1389,7 +1611,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_RETRY_GIVE_UP_AFTER= # - give_up_after: 65171921h + give_up_after: 14m ## max_delay ## # @@ -1399,7 +1621,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_RETRY_MAX_DELAY= # - max_delay: 34161045us + max_delay: 77675438181s ## cache ## # @@ -1412,7 +1634,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_CACHE_TTL= # - ttl: 55258087074h + ttl: 091us ## Enabled ## # @@ -1429,56 +1651,13 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_ENABLED= # - enabled: false + enabled: true ## ID Token (JSON Web Token) ## # # The [`id_token` mutator](https://www.ory.sh/oathkeeper/docs/pipeline/mutator#id_token). # id_token: - ## config ## - # - config: - ## jwks_url ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_JWKS_URL= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_JWKS_URL= - # - jwks_url: file://../from/this/relative/location.json - - ## issuer_url ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_ISSUER_URL= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_ISSUER_URL= - # - issuer_url: anim ut Excepteur id occaecat - - ## claims ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_CLAIMS= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_CLAIMS= - # - claims: officia - - ## ttl ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_TTL= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_TTL= - # - ttl: 1h - ## Enabled ## # # En-/disables this component. @@ -1494,7 +1673,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_ID_TOKEN_ENABLED= # - enabled: true + enabled: false ## Log ## # @@ -1527,7 +1706,7 @@ log: # - Windows Command Line (CMD): # > set LOG_FORMAT= # - format: json + format: text ## Profiling ## # @@ -1539,5 +1718,5 @@ log: # - Windows Command Line (CMD): # > set PROFILING= # -profiling: cpu +profiling: '' ``` diff --git a/docs/versioned_docs/version-v0.38/configure-deploy.md b/docs/versioned_docs/version-v0.38/configure-deploy.md index 94d4bc534b..55fb3813fc 100644 --- a/docs/versioned_docs/version-v0.38/configure-deploy.md +++ b/docs/versioned_docs/version-v0.38/configure-deploy.md @@ -236,7 +236,7 @@ HS256, ...). Let's generate a key for the RS256 algorithm that will be used by the id_token mutator: ```sh -$ docker run oryd/oathkeeper:v0.38.0-beta.1 credentials generate --alg RS256 > jwks.json +$ docker run oryd/oathkeeper:v0.38.0-beta.2 credentials generate --alg RS256 > jwks.json ``` ### Dockerfile @@ -246,7 +246,7 @@ files to the image: ```shell $ cat << EOF > Dockerfile -FROM oryd/oathkeeper:v0.38.0-beta.1 +FROM oryd/oathkeeper:v0.38.0-beta.2 ADD config.yaml /config.yaml ADD rules.json /rules.json @@ -268,7 +268,7 @@ Before building the Docker Image, we need to make sure that the local ORY Oathkeeper Docker Image is on the most recent version: ```sh -$ docker pull oryd/oathkeeper:v0.38.0-beta.1 +$ docker pull oryd/oathkeeper:v0.38.0-beta.2 ``` Next we will build our custom Docker Image @@ -374,11 +374,12 @@ $ rm -rf oathkeeper-demo ## Monitoring -Oathkeeper provides an endpoint for Prometheus to scrape as a target. This endpoint can -be accessed by default at: +Oathkeeper provides an endpoint for Prometheus to scrape as a target. This +endpoint can be accessed by default at: [http://localhost:9000/metrics](http://localhost:9000/metrics): You can adjust the settings within Oathkeeper's config. + ```shell $ cat << EOF > config.yaml serve: @@ -389,8 +390,10 @@ serve: EOF ``` -Prometheus can easily be run as a docker container. More information are available on [https://github.com/prometheus/prometheus](https://github.com/prometheus/prometheus). Start with setting up a prometheus configuration: - +Prometheus can easily be run as a docker container. More information are +available on +[https://github.com/prometheus/prometheus](https://github.com/prometheus/prometheus). +Start with setting up a prometheus configuration: ```shell $ cat << EOF > prometheus.yml @@ -410,22 +413,27 @@ scrape_configs: - targets: ['localhost:9000'] ``` -Then start the prometheus server and access it on [http://localhost:9090](http://localhost:9090). +Then start the prometheus server and access it on +[http://localhost:9090](http://localhost:9090). ```shell $ docker run \ --config.file=/etc/prometheus/prometheus.yml \ -v ./prometheus.yml:/etc/prometheus/prometheus.yml \ --name prometheus \ - -d \ + -d \ --net=host -p 9090:9090 \ prom/prometheus ``` -Now where you have a basic monitoring setup running you can extend it by building up nice visualizations eg. using Grafana. More information are available on [https://prometheus.io/docs/visualization/grafana/](https://prometheus.io/docs/visualization/grafana/). +Now where you have a basic monitoring setup running you can extend it by +building up nice visualizations eg. using Grafana. More information are +available on +[https://prometheus.io/docs/visualization/grafana/](https://prometheus.io/docs/visualization/grafana/). We have a pre built Dashboard which you can use to get started quickly: [Oathkeeper-Dashboard.json](https://github.com/ory/oathkeeper/tree/master/contrib/grafana/Oathkeeper-Dashboard.json). -ORY Oathkeeper with Prometheus and Grafana +ORY Oathkeeper with Prometheus and Grafana diff --git a/docs/versioned_docs/version-v0.38/install.md b/docs/versioned_docs/version-v0.38/install.md index 1a35a45142..8eea1f09b6 100644 --- a/docs/versioned_docs/version-v0.38/install.md +++ b/docs/versioned_docs/version-v0.38/install.md @@ -11,7 +11,7 @@ pre-built binaries, Docker Images and support various package managers. We recommend using Docker to run ORY Oathkeeper: ```shell -$ docker pull oryd/oathkeeper:v0.38.0-beta.1 +$ docker pull oryd/oathkeeper:v0.38.0-beta.2 $ docker run --rm -it oryd/oathkeeper help ``` @@ -31,7 +31,7 @@ On linux, you can use `bash <(curl ...)` to fetch the latest stable binary using: ```shell -$ bash <(curl https://raw.githubusercontent.com/ory/oathkeeper/master/install.sh) -b . v0.38.0-beta.1 +$ bash <(curl https://raw.githubusercontent.com/ory/oathkeeper/master/install.sh) -b . v0.38.0-beta.2 $ ./oathkeeper help ``` diff --git a/docs/versioned_docs/version-v0.38/pipeline/authn.md b/docs/versioned_docs/version-v0.38/pipeline/authn.md index 9a70a27fed..493f1d1da2 100644 --- a/docs/versioned_docs/version-v0.38/pipeline/authn.md +++ b/docs/versioned_docs/version-v0.38/pipeline/authn.md @@ -480,8 +480,10 @@ was granted the requested scope. - `introspection_request_headers` (object, optional) - Additional headers to add to the introspection request - `cache` (object, optional) - Enables caching of incoming tokens - - `enabled` (bool, optional) - Enable the cache, will use exp time of token to determine when to evict from cache. Defaults to false. - - `ttl` (string) - Can override the default behaviour of using the token exp time, and specify a set time to live for the token in the cache. + - `enabled` (bool, optional) - Enable the cache, will use exp time of token to + determine when to evict from cache. Defaults to false. + - `ttl` (string) - Can override the default behaviour of using the token exp + time, and specify a set time to live for the token in the cache. ```yaml # Global configuration file oathkeeper.yml diff --git a/docs/versioned_docs/version-v0.38/reference/configuration.md b/docs/versioned_docs/version-v0.38/reference/configuration.md index 25a76dad67..ccc84f8c7c 100644 --- a/docs/versioned_docs/version-v0.38/reference/configuration.md +++ b/docs/versioned_docs/version-v0.38/reference/configuration.md @@ -44,7 +44,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_PORT= # - port: -70146530 + port: 92403837 ## Host ## # @@ -60,7 +60,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_HOST= # - host: "" + host: localhost ## Cross Origin Resource Sharing (CORS) ## # @@ -115,7 +115,8 @@ serve: # > set SERVE_API_CORS_ALLOWED_METHODS= # allowed_methods: - - HEAD + - GET + - PATCH - DELETE ## Allowed Request HTTP Headers ## @@ -131,8 +132,7 @@ serve: # > set SERVE_API_CORS_ALLOWED_HEADERS= # allowed_headers: - - in - - eiusmod + - deserunt veniam ## Allowed Response HTTP Headers ## # @@ -147,10 +147,10 @@ serve: # > set SERVE_API_CORS_EXPOSED_HEADERS= # exposed_headers: - - sint - - ipsum aliqua Duis - - Excepteur voluptate ad - - amet ad + - amet ad pariatur + - enim nulla nostrud + - occaecat ex velit sint + - Lorem consectetur fugiat commodo dolore ## Allow HTTP Credentials ## # @@ -164,7 +164,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_CORS_ALLOW_CREDENTIALS= # - allow_credentials: false + allow_credentials: true ## Maximum Age ## # @@ -176,7 +176,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_CORS_MAX_AGE= # - max_age: -44214183 + max_age: 6182384 ## Enable Debugging ## # @@ -190,7 +190,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_API_CORS_DEBUG= # - debug: false + debug: true ## HTTPS ## # @@ -262,7 +262,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_PORT= # - port: -25176547 + port: -98838366 ## Host ## # @@ -278,7 +278,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_HOST= # - host: localhost + host: "" ## HTTP Timeouts ## # @@ -303,7 +303,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_TIMEOUT_READ= # - read: 5m + read: 5s ## HTTP Write Timeout ## # @@ -322,7 +322,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_TIMEOUT_WRITE= # - write: 120s + write: 5s ## HTTP Idle Timeout ## # @@ -341,7 +341,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_TIMEOUT_IDLE= # - idle: 5h + idle: 5s ## Cross Origin Resource Sharing (CORS) ## # @@ -361,7 +361,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_ENABLED= # - enabled: false + enabled: true ## Allowed Origins ## # @@ -381,7 +381,9 @@ serve: # > set SERVE_PROXY_CORS_ALLOWED_ORIGINS= # allowed_origins: - - "*" + - https://example.com + - https://*.example.com + - https://*.foo.example.com ## Allowed HTTP Methods ## # @@ -397,10 +399,6 @@ serve: # allowed_methods: - GET - - PATCH - - TRACE - - PUT - - HEAD ## Allowed Request HTTP Headers ## # @@ -415,10 +413,11 @@ serve: # > set SERVE_PROXY_CORS_ALLOWED_HEADERS= # allowed_headers: - - ex quis pariatur - - dolor deserunt veniam officia pariatur - - aliquip veniam - - nulla eu do + - mollit sed ea do + - veniam nisi + - laboris nostrud irure ut + - irure tempor dolore ut + - ipsum cillum minim elit ## Allowed Response HTTP Headers ## # @@ -433,8 +432,11 @@ serve: # > set SERVE_PROXY_CORS_EXPOSED_HEADERS= # exposed_headers: - - ea Excepteur deserunt sint id - - Duis sed exercitation eu + - sed reprehenderit est ex + - ad + - non ex dolore + - laboris ea voluptate fugiat + - Excepteur anim non ## Allow HTTP Credentials ## # @@ -448,7 +450,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_ALLOW_CREDENTIALS= # - allow_credentials: true + allow_credentials: false ## Maximum Age ## # @@ -460,7 +462,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_MAX_AGE= # - max_age: -29571492 + max_age: 96823405 ## Enable Debugging ## # @@ -474,7 +476,7 @@ serve: # - Windows Command Line (CMD): # > set SERVE_PROXY_CORS_DEBUG= # - debug: false + debug: true ## HTTPS ## # @@ -575,7 +577,7 @@ access_rules: # - Windows Command Line (CMD): # > set ACCESS_RULES_MATCHING_STRATEGY= # - matching_strategy: glob + matching_strategy: regexp ## Authenticators ## # @@ -604,7 +606,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_ANONYMOUS_ENABLED= # - enabled: false + enabled: true ## Anonymous Authenticator Configuration ## # @@ -652,7 +654,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_NOOP_ENABLED= # - enabled: false + enabled: true ## Unauthorized ## # @@ -698,7 +700,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_COOKIE_SESSION_ENABLED= # - enabled: true + enabled: false ## JSON Web Token (jwt) ## # @@ -732,7 +734,9 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_REQUIRED_SCOPE= # required_scope: - - et anim in + - in sit elit + - enim sed minim nisi + - laboris fugiat cillum laborum nulla ## target_audience ## # @@ -743,11 +747,8 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_TARGET_AUDIENCE= # target_audience: - - tempor non pariatur magna Ut - - aliqua Ut aliquip commodo occaecat - - dolor - - in - - qui id + - amet do ut enim veniam + - dolore culpa deserunt non in ## trusted_issuers ## # @@ -758,10 +759,10 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_TRUSTED_ISSUERS= # trusted_issuers: - - mollit - - tempor consequat dolor veniam ad - - nisi - - non Excepteur + - commodo + - sunt ex + - deserunt tempor + - aliqua eu dolore non ## allowed_algorithms ## # @@ -772,7 +773,11 @@ authenticators: # > set AUTHENTICATORS_JWT_CONFIG_ALLOWED_ALGORITHMS= # allowed_algorithms: - - Excepteur + - consectetur ex do adipisicing + - ut ut occaecat deserunt + - cupidatat enim voluptate + - elit sed minim + - Lorem mollit ipsum deserunt nostrud ## scope_strategy ## # @@ -782,17 +787,21 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_JWT_CONFIG_SCOPE_STRATEGY= # - scope_strategy: none + scope_strategy: wildcard ## token_from ## # - # Set this value using environment variables on - # - Linux/macOS: - # $ export AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM= - # - Windows Command Line (CMD): - # > set AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM= - # - token_from: null + token_from: + + ## header ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM_HEADER= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_JWT_CONFIG_TOKEN_FROM_HEADER= + # + header: enim et aute commodo sit ## Enabled ## # @@ -809,7 +818,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_JWT_ENABLED= # - enabled: false + enabled: true ## OAuth 2.0 Client Credentials ## # @@ -817,6 +826,31 @@ authenticators: # oauth2_client_credentials: + ## config ## + # + config: + + ## token_url ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_TOKEN_URL= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_TOKEN_URL= + # + token_url: https://my-website.com/oauth2/token + + ## required_scope ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_REQUIRED_SCOPE= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_CLIENT_CREDENTIALS_CONFIG_REQUIRED_SCOPE= + # + required_scope: + - amet mollit ea fugiat esse + ## Enabled ## # # En-/disables this component. @@ -862,12 +896,22 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_SCOPE_STRATEGY= # - scope_strategy: none + scope_strategy: hierarchic ## pre_authorization ## # pre_authorization: + ## enabled ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= + # + enabled: false + ## client_id ## # # Set this value using environment variables on @@ -876,7 +920,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_CLIENT_ID= # - client_id: ullamco in non + client_id: ea velit culpa labore in ## client_secret ## # @@ -886,7 +930,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_CLIENT_SECRET= # - client_secret: in irure Ut sint + client_secret: sit ## token_url ## # @@ -896,17 +940,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_TOKEN_URL= # - token_url: http://kdzhNQjzbfUKNjojUkowTsjFkdUpNQmiH.oyQVreE-Z24WcsLz-+-.Gycs - - ## enabled ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= - # - Windows Command Line (CMD): - # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_PRE_AUTHORIZATION_ENABLED= - # - enabled: true + token_url: https://ipVSjuAkdC.uyygYSXnGimIkhaQLiAq1esfPG38WJqmvutFGnGMMddFQ ## scope ## # @@ -929,11 +963,10 @@ authenticators: # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_REQUIRED_SCOPE= # required_scope: - - nulla Excepteur - - nulla proident tempor pariatur commodo - - velit ut laboris sed - - elit cupidatat anim officia Ut - - in officia + - eiusmod ut consequat + - ullamco + - et velit + - sit Excepteur esse ullamco ## target_audience ## # @@ -944,8 +977,8 @@ authenticators: # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TARGET_AUDIENCE= # target_audience: - - amet - - ad laborum + - aliqua ad esse ut consequat + - incididunt ## trusted_issuers ## # @@ -956,22 +989,20 @@ authenticators: # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TRUSTED_ISSUERS= # trusted_issuers: - - est Excepteur sed sint - - deserunt commodo aliqua cupidatat qui + - officia + - laboris occaecat + - voluptate reprehenderit + - occaecat anim sint quis ullamco ## token_from ## # - token_from: - - ## cookie ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM_COOKIE= - # - Windows Command Line (CMD): - # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM_COOKIE= - # - cookie: Duis incididunt officia aliqua veniam + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM= + # - Windows Command Line (CMD): + # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_TOKEN_FROM= + # + token_from: null ## retry ## # @@ -985,7 +1016,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_RETRY_GIVE_UP_AFTER= # - give_up_after: 0h + give_up_after: 150498879m ## max_delay ## # @@ -995,7 +1026,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_RETRY_MAX_DELAY= # - max_delay: 06263711596m + max_delay: 99832ns ## cache ## # @@ -1009,7 +1040,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_CONFIG_CACHE_ENABLED= # - enabled: false + enabled: true ## ttl ## # @@ -1036,7 +1067,7 @@ authenticators: # - Windows Command Line (CMD): # > set AUTHENTICATORS_OAUTH2_INTROSPECTION_ENABLED= # - enabled: true + enabled: false ## Error Handling ## # @@ -1082,7 +1113,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_WWW_AUTHENTICATE_CONFIG_REALM= # - realm: exercitation velit labore dolor magna + realm: do minim laboris ## when ## # @@ -1095,13 +1126,37 @@ errors: when: - error: - unauthorized + - forbidden + request: + cidr: + - aliquip nulla ex dolore + - dolor esse Duis + - dolor ad reprehenderit est dolore + header: + content_type: [] + accept: [] + - error: + - forbidden + request: + cidr: + - elit id dolor + - sed eiusmod + - consequat cillum + header: + content_type: [] + accept: [] + - error: + - unauthorized + - forbidden + - not_found + - internal_server_error - internal_server_error request: cidr: - - qui enim voluptate culpa - - et mollit dolor esse - - deserunt dolore - - dolor tempor laboris + - fugiat laborum + - Lorem id adipisicing + - consequat laborum reprehenderit fugiat do + - enim header: content_type: [] accept: [] @@ -1121,7 +1176,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_WWW_AUTHENTICATE_ENABLED= # - enabled: false + enabled: true ## HTTP Redirect Error Handler ## # @@ -1129,6 +1184,107 @@ errors: # redirect: + ## config ## + # + config: + + ## to ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_REDIRECT_CONFIG_TO= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_REDIRECT_CONFIG_TO= + # + to: http://CrvZuEBJKtmY.ohfAITSth6cJQiRyEITKdK1+VNOdiIS6IAer1DT4,uzy, + + ## code ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_REDIRECT_CONFIG_CODE= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_REDIRECT_CONFIG_CODE= + # + code: 301 + + ## when ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_REDIRECT_CONFIG_WHEN= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_REDIRECT_CONFIG_WHEN= + # + when: + - error: + - not_found + - internal_server_error + - not_found + - forbidden + - unauthorized + request: + cidr: + - Lorem exercitation ad dolore + - ullamco et eu in velit + - et sunt nulla + - dolor Duis quis + - veniam cupidatat occaecat laboris dolore + header: + content_type: [] + accept: [] + - error: + - not_found + - unauthorized + - not_found + - forbidden + - not_found + request: + cidr: + - cupidatat labore eiusmod sunt exercitation + - Lorem incididunt ex + header: + content_type: [] + accept: [] + - error: + - internal_server_error + request: + cidr: + - exercitation Duis do incididunt + - exercitation + - anim in + - aute dolore adipisicing + - cillum velit qui aliquip et + header: + content_type: [] + accept: [] + - error: + - unauthorized + - internal_server_error + - internal_server_error + - forbidden + request: + cidr: + - non deserunt + - est mollit veniam + - laborum voluptate + - minim cillum + header: + content_type: [] + accept: [] + - error: + - not_found + - unauthorized + - forbidden + request: + cidr: + - et veniam dolore + - ipsum esse + - irure eiusmod ipsum exercitation Ut + header: + content_type: [] + accept: [] + ## Enabled ## # # En-/disables this component. @@ -1144,7 +1300,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_REDIRECT_ENABLED= # - enabled: true + enabled: false ## JSON Error Handler ## # @@ -1154,6 +1310,52 @@ errors: # json: + ## config ## + # + config: + + ## verbose ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_JSON_CONFIG_VERBOSE= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_JSON_CONFIG_VERBOSE= + # + verbose: false + + ## when ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export ERRORS_HANDLERS_JSON_CONFIG_WHEN= + # - Windows Command Line (CMD): + # > set ERRORS_HANDLERS_JSON_CONFIG_WHEN= + # + when: + - error: + - forbidden + - forbidden + request: + cidr: + - tempor labore quis ut eu + - aute quis labore veniam sit + header: + content_type: [] + accept: [] + - error: + - forbidden + - unauthorized + request: + cidr: + - cupidatat commodo quis sed + - ex nostrud aute enim occaecat + - officia + - ut + header: + content_type: [] + accept: [] + ## Enabled ## # # En-/disables this component. @@ -1164,7 +1366,7 @@ errors: # - Windows Command Line (CMD): # > set ERRORS_HANDLERS_JSON_ENABLED= # - enabled: false + enabled: true ## Authorizers ## # @@ -1270,6 +1472,30 @@ authorizers: # remote_json: + ## config ## + # + config: + + ## remote ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHORIZERS_REMOTE_JSON_CONFIG_REMOTE= + # - Windows Command Line (CMD): + # > set AUTHORIZERS_REMOTE_JSON_CONFIG_REMOTE= + # + remote: https://host/path + + ## payload ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export AUTHORIZERS_REMOTE_JSON_CONFIG_PAYLOAD= + # - Windows Command Line (CMD): + # > set AUTHORIZERS_REMOTE_JSON_CONFIG_PAYLOAD= + # + payload: '{"subject":"{{ .Subject }}"}' + ## Enabled ## # # En-/disables this component. @@ -1322,16 +1548,6 @@ mutators: # cookie: - ## config ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_COOKIE_CONFIG= - # - Windows Command Line (CMD): - # > set MUTATORS_COOKIE_CONFIG= - # - config: {} - ## Enabled ## # # En-/disables this component. @@ -1347,7 +1563,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_COOKIE_ENABLED= # - enabled: true + enabled: false ## HTTP Header ## # @@ -1355,6 +1571,16 @@ mutators: # header: + ## config ## + # + # Set this value using environment variables on + # - Linux/macOS: + # $ export MUTATORS_HEADER_CONFIG= + # - Windows Command Line (CMD): + # > set MUTATORS_HEADER_CONFIG= + # + config: {} + ## Enabled ## # # En-/disables this component. @@ -1370,7 +1596,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HEADER_ENABLED= # - enabled: false + enabled: true ## Hydrator ## # @@ -1394,7 +1620,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_URL= # - url: http://XnDNQSubnyt.tquqauqexhnG1zhB3tzcZ0EMCMQLZWvR8SwtoOU9jylkQ2VmlGocengM7liJMF1wru0xw + url: https://nALcUfZcqCbICWWULGt.sbBTLXWYZHFaRI3lC7RHM ## auth ## # @@ -1412,7 +1638,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_AUTH_BASIC_USERNAME= # - username: fugiat eu ipsum quis + username: Duis aute ## password ## # @@ -1422,7 +1648,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_AUTH_BASIC_PASSWORD= # - password: voluptate esse nulla Lorem veniam + password: amet ## retry ## # @@ -1436,7 +1662,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_RETRY_GIVE_UP_AFTER= # - give_up_after: 65171921h + give_up_after: 14m ## max_delay ## # @@ -1446,7 +1672,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_API_RETRY_MAX_DELAY= # - max_delay: 34161045us + max_delay: 77675438181s ## cache ## # @@ -1460,7 +1686,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_CONFIG_CACHE_TTL= # - ttl: 55258087074h + ttl: 091us ## Enabled ## # @@ -1477,7 +1703,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_HYDRATOR_ENABLED= # - enabled: false + enabled: true ## ID Token (JSON Web Token) ## # @@ -1485,50 +1711,6 @@ mutators: # id_token: - ## config ## - # - config: - - ## jwks_url ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_JWKS_URL= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_JWKS_URL= - # - jwks_url: file://../from/this/relative/location.json - - ## issuer_url ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_ISSUER_URL= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_ISSUER_URL= - # - issuer_url: anim ut Excepteur id occaecat - - ## claims ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_CLAIMS= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_CLAIMS= - # - claims: officia - - ## ttl ## - # - # Set this value using environment variables on - # - Linux/macOS: - # $ export MUTATORS_ID_TOKEN_CONFIG_TTL= - # - Windows Command Line (CMD): - # > set MUTATORS_ID_TOKEN_CONFIG_TTL= - # - ttl: 1h - ## Enabled ## # # En-/disables this component. @@ -1544,7 +1726,7 @@ mutators: # - Windows Command Line (CMD): # > set MUTATORS_ID_TOKEN_ENABLED= # - enabled: true + enabled: false ## Log ## # @@ -1578,7 +1760,7 @@ log: # - Windows Command Line (CMD): # > set LOG_FORMAT= # - format: json + format: text ## Profiling ## # @@ -1590,6 +1772,6 @@ log: # - Windows Command Line (CMD): # > set PROFILING= # -profiling: cpu +profiling: "" ``` \ No newline at end of file