RevocationEndpointstring`json:"revocation-url" yaml:"revocation-url" usage:"url for the revocation endpoint to revoke refresh token" env:"REVOCATION_URL"`
// SkipOpenIDProviderTLSVerify skips the tls verification for openid provider communication
// SkipOpenIDProviderTLSVerify skips the tls verification for openid provider communication
SkipOpenIDProviderTLSVerifybool`json:"skip-openid-provider-tls-verify" yaml:"skip-openid-provider-tls-verify" usage:"skip the verification of any TLS communication with the openid provider"`
// Scopes is a list of scope we should request
// Scopes is a list of scope we should request
Scopes[]string`json:"scopes" yaml:"scopes"`
Scopes[]string`json:"scopes" yaml:"scopes" usage:"list of scopes requested when authenticating the user"`
// Upstream is the upstream endpoint i.e whom were proxying to
// Upstream is the upstream endpoint i.e whom were proxying to
EnableRefreshTokensbool`json:"enable-refresh-tokens" yaml:"enable-refresh-tokens" usage:"nables the handling of the refresh tokens" env:"ENABLE_SECURITY_FILTER"`
// EnableLoginHandler indicates we want the login handler enabled
// EnableLoginHandler indicates we want the login handler enabled
EnableLoginHandlerbool`json:"enable-login-handler" yaml:"enable-login-handler" usage:"enables the handling of the refresh tokens" env:"ENABLE_LOGIN_HANDLER"`
// EnableAuthorizationHeader indicates we should pass the authorization header
// EnableAuthorizationHeader indicates we should pass the authorization header
EnableAuthorizationHeaderbool`json:"enable-authorization-header" yaml:"enable-authorization-header" usage:"adds the authorization header to the proxy request"`
// EnableHTTPSRedirect indicate we should redirection http -> https
// EnableHTTPSRedirect indicate we should redirection http -> https
EnableHTTPSRedirectbool`json:"enable-https-redirection" yaml:"enable-https-redirection" usage:"enable the http to https redirection on the http service"`
// EnableProfiling indicates if profiles is switched on
// EnableProfiling indicates if profiles is switched on
EnableProfilingbool`json:"enable-profiling" yaml:"enable-profiling" usage:"switching on the golang profiling via pprof on /debug/pprof, /debug/pprof/heap etc"`
// EnableMetrics indicates if the metrics is enabled
// EnableMetrics indicates if the metrics is enabled
EnableContentNoSniffbool`json:"filter-content-nosniff" yaml:"filter-content-nosniff" usage:"adds the X-Content-Type-Options header with the value nosniff"`
AddClaims[]string`json:"add-claims" yaml:"add-claims" usage:"extra claims from the token and inject into headers, e.g given_name -> X-Auth-Given-Name"`
// TLSCertificate is the location for a tls certificate
// TLSCertificate is the location for a tls certificate
TLSClientCertificatestring`json:"tls-client-certificate" yaml:"tls-client-certificate" usage:"path to the client certificate for outbound connections in reverse and forwarding proxy modes"`
// SkipUpstreamTLSVerify skips the verification of any upstream tls
// SkipUpstreamTLSVerify skips the verification of any upstream tls
CorsExposedHeaders[]string`json:"cors-exposed-headers" yaml:"cors-exposed-headers" usage:"expose cors headers access control (Access-Control-Expose-Headers)"`
UpstreamKeepalivesbool`json:"upstream-keepalives" yaml:"upstream-keepalives" usage:"enables or disables the keepalive connections for upstream endpoint"`
// UpstreamTimeout is the maximum amount of time a dial will wait for a connect to complete
// UpstreamTimeout is the maximum amount of time a dial will wait for a connect to complete
UpstreamTimeouttime.Duration`json:"upstream-timeout" yaml:"upstream-timeout" usage:"maximum amount of time a dial will wait for a connect to complete"`
UpstreamKeepaliveTimeouttime.Duration`json:"upstream-keepalive-timeout" yaml:"upstream-keepalive-timeout" usage:"specifies the keep-alive period for an active network connection"`
// Verbose switches on debug logging
// Verbose switches on debug logging
Verbosebool`json:"verbose" yaml:"verbose"`
Verbosebool`json:"verbose" yaml:"verbose" usage:"switch on debug / verbose logging"`
// EnableProxyProtocol controls the proxy protocol
// EnableProxyProtocol controls the proxy protocol
ForwardingDomains[]string`json:"forwarding-domains" yaml:"forwarding-domains" usage:"list of domains which should be signed; everything else is relayed unsigned"`
}
}
// store is used to hold the offline refresh token, assuming you don't want to use
// store is used to hold the offline refresh token, assuming you don't want to use