use of org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.model.VerifierProxyConfig in project devspaces-images by redhat-developer.
the class JwtProxyConfigBuilder method build.
public String build() throws InternalInfrastructureException {
List<VerifierProxyConfig> proxyConfigs = new ArrayList<>();
Config config = new Config().withJWTProxy(new JWTProxy().withSignerProxy(new SignerProxyConfig().withEnabled(false)).withVerifiedProxyConfigs(proxyConfigs));
for (VerifierProxy verifierProxy : verifierProxies) {
VerifierConfig verifierConfig = new VerifierConfig().withAudience(workspaceId).withUpstream(verifierProxy.upstream).withMaxSkew("1m").withMaxTtl(ttl).withKeyServer(new RegistrableComponentConfig().withType("preshared").withOptions(ImmutableMap.of("issuer", issuer, "key_id", workspaceId, "public_key_path", JWT_PROXY_CONFIG_FOLDER + '/' + JWT_PROXY_PUBLIC_KEY_FILE))).withCookiesEnabled(verifierProxy.cookiesAuthEnabled).withCookiePath(ensureStartsWithSlash(verifierProxy.cookiePath)).withClaimsVerifier(Collections.singleton(new RegistrableComponentConfig().withType("static").withOptions(ImmutableMap.of("iss", issuer)))).withNonceStorage(new RegistrableComponentConfig().withType("void"));
if (!verifierProxy.excludes.isEmpty()) {
verifierConfig.setExcludes(verifierProxy.excludes);
}
if (verifierProxy.cookiesAuthEnabled && authPageUrl != null) {
verifierConfig.setAuthUrl(authPageUrl.toString());
}
if (verifierProxy.publicBasePath != null) {
verifierConfig.setPublicBasePath(verifierProxy.publicBasePath);
}
VerifierProxyConfig proxyConfig = new VerifierProxyConfig().withListenAddr(":" + verifierProxy.listenPort).withVerifierConfig(verifierConfig);
proxyConfigs.add(proxyConfig);
}
try {
return YAML_PARSER.writeValueAsString(config);
} catch (JsonProcessingException e) {
throw new InternalInfrastructureException("Error during creation of JWTProxy config YAML: " + e.getMessage(), e);
}
}
use of org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.model.VerifierProxyConfig in project che-server by eclipse-che.
the class JwtProxyConfigBuilder method build.
public String build() throws InternalInfrastructureException {
List<VerifierProxyConfig> proxyConfigs = new ArrayList<>();
Config config = new Config().withJWTProxy(new JWTProxy().withSignerProxy(new SignerProxyConfig().withEnabled(false)).withVerifiedProxyConfigs(proxyConfigs));
for (VerifierProxy verifierProxy : verifierProxies) {
VerifierConfig verifierConfig = new VerifierConfig().withAudience(workspaceId).withUpstream(verifierProxy.upstream).withMaxSkew("1m").withMaxTtl(ttl).withKeyServer(new RegistrableComponentConfig().withType("preshared").withOptions(ImmutableMap.of("issuer", issuer, "key_id", workspaceId, "public_key_path", JWT_PROXY_CONFIG_FOLDER + '/' + JWT_PROXY_PUBLIC_KEY_FILE))).withCookiesEnabled(verifierProxy.cookiesAuthEnabled).withCookiePath(ensureStartsWithSlash(verifierProxy.cookiePath)).withClaimsVerifier(Collections.singleton(new RegistrableComponentConfig().withType("static").withOptions(ImmutableMap.of("iss", issuer)))).withNonceStorage(new RegistrableComponentConfig().withType("void"));
if (!verifierProxy.excludes.isEmpty()) {
verifierConfig.setExcludes(verifierProxy.excludes);
}
if (verifierProxy.cookiesAuthEnabled && authPageUrl != null) {
verifierConfig.setAuthUrl(authPageUrl.toString());
}
if (verifierProxy.publicBasePath != null) {
verifierConfig.setPublicBasePath(verifierProxy.publicBasePath);
}
VerifierProxyConfig proxyConfig = new VerifierProxyConfig().withListenAddr(":" + verifierProxy.listenPort).withVerifierConfig(verifierConfig);
proxyConfigs.add(proxyConfig);
}
try {
return YAML_PARSER.writeValueAsString(config);
} catch (JsonProcessingException e) {
throw new InternalInfrastructureException("Error during creation of JWTProxy config YAML: " + e.getMessage(), e);
}
}
Aggregations