HAProxy

Architecture:

Base version:

Channel	Revision	Published	Runs on
latest/stable	147	30 Apr 2025	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/stable	66	08 Nov 2021	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/candidate	147	30 Apr 2025	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/candidate	64	14 Oct 2021	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/beta	147	30 Apr 2025	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge	147	29 Apr 2025	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/edge	37	11 Nov 2020	Ubuntu 24.04 Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
2.8/stable	216	20 Aug 2025	Ubuntu 24.04
2.8/edge	274	Today	Ubuntu 24.04

Learn to deploy on juju >

Platform:

24.04 22.04 20.04 18.04 16.04 14.04

charms.haproxy.v0.spoe_auth

Docstrings Source code
- Fetch library
  
  charmcraft fetch-lib charms.haproxy.v0.spoe_auth
  Download spoe_auth.py
- 27 Nov 2025
- Library version 0.2

SPOE-auth interface library.

Getting Started

To get started using the library, you need to first declare the library in the charm-libs section of your charmcraft.yaml file:

charm-libs:
- lib: haproxy.spoe_auth
  version: "0"

Then, fetch the library using charmcraft:

cd some-charm
charmcraft fetch-libs

Using the library as the Provider

The provider charm should expose the interface as shown below:

provides:
    spoe-auth:
        interface: spoe-auth
        limit: 1

Then, to initialise the library:

from charms.haproxy.v0.spoe_auth import SpoeAuthProvider, HaproxyEvent

class SpoeAuthCharm(CharmBase):
    def __init__(self, *args):
        super().__init__(*args)
        self.spoe_auth = SpoeAuthProvider(self, relation_name="spoe-auth")

        self.framework.observe(
            self.on.config_changed, self._on_config_changed
        )

    def _on_config_changed(self, event):
        # Publish the SPOE auth configuration
        self.spoe_auth.provide_spoe_auth_requirements(
            spop_port=8081,
            oidc_callback_port=5000,
            event=HaproxyEvent.ON_HTTP_REQUEST,
            var_authenticated="var.sess.is_authenticated",
            var_redirect_url="var.sess.redirect_url",
            cookie_name="auth_session",
            hostname="auth.example.com",
            oidc_callback_path="/oauth2/callback",
        )

Index

def value_contains_invalid_characters( value )
def validate_hostname( value )
class DataValidationError
class SpoeAuthInvalidRelationDataError
class HaproxyEvent
class SpoeAuthProviderAppData
class SpoeAuthProviderUnitData
class SpoeAuthProvider
- def __init__( self, charm, relation_name)
- def relations( self)
- def provide_spoe_auth_requirements( self, relation, spop_port, oidc_callback_port, event, message_name, var_authenticated, var_redirect_url, cookie_name, hostname, oidc_callback_path, unit_address)
class SpoeAuthAvailableEvent
class SpoeAuthRemovedEvent
class SpoeAuthRequirerEvents
class SpoeAuthRequirer
- def __init__( self, charm, relation_name)
- def relation( self)
- def is_available( self)
- def get_data( self)
- def get_provider_unit_data( self, relation)
- def get_provider_application_data( self, relation)

Arguments

value

The value to validate.

Returns

The validated value.

Arguments

value

The value to validate.

Returns

The validated value.

Description

Raised when data validation fails. None

Description

Raised when data validation of the spoe-auth relation fails. None

Attributes

ON_FRONTEND_HTTP_REQUEST

Event triggered on frontend HTTP request.

Attributes

spop_port

The port on the agent listening for SPOP.

oidc_callback_port

The port on the agent handling OIDC callbacks.

event

The event that triggers SPOE messages (e.g., on-http-request).

var_authenticated

Name of the variable set by the SPOE agent for auth status.

var_redirect_url

Name of the variable set by the SPOE agent for IDP redirect URL.

cookie_name

Name of the authentication cookie used by the SPOE agent.

oidc_callback_path

Path for OIDC callback.

oidc_callback_hostname

The hostname HAProxy should route OIDC callbacks to.

Attributes

address

IP address of the unit.

Attributes

relations

Related applications.

Methods

SpoeAuthProvider. __init__( self , charm: CharmBase , relation_name: str )

Initialize the SpoeAuthProvider.

Arguments

charm

The charm that is instantiating the library.

relation_name

The name of the relation to bind to.

SpoeAuthProvider. relations( self )

The list of Relation instances associated with this relation_name.

Returns

list[Relation]

The list of relations.

SpoeAuthProvider. provide_spoe_auth_requirements( self , relation: Relation , spop_port: int , oidc_callback_port: int , event: HaproxyEvent , message_name: str , var_authenticated: str , var_redirect_url: str , cookie_name: str , hostname: str , oidc_callback_path: str , unit_address )

Set the SPOE auth configuration in the application databag.

Arguments

relation

The relation instance to set data on.

spop_port

The port on the agent listening for SPOP.

oidc_callback_port

The port on the agent handling OIDC callbacks.

event

The event that triggers SPOE messages.

message_name

The name of the SPOE message that the provider expects.

var_authenticated

Name of the variable for auth status.

var_redirect_url

Name of the variable for IDP redirect URL.

cookie_name

Name of the authentication cookie.

hostname

The hostname HAProxy should route OIDC callbacks to.

oidc_callback_path

Path for OIDC callback.

unit_address

The address of the unit.

Description

SpoeAuthAvailableEvent custom event. None

Description

SpoeAuthRemovedEvent custom event. None

Attributes

available

Emitted when provider configuration is available.

removed

Emitted when the provider relation is broken.

Attributes

Custom events of the requirer.

relation

The related application.

Methods

SpoeAuthRequirer. __init__( self , charm: CharmBase , relation_name: str )

Initialize the SpoeAuthRequirer.

Arguments

charm

The charm that is instantiating the library.

relation_name

The name of the relation to bind to.

SpoeAuthRequirer. relation( self )

The relation instance associated with this relation_name.

Returns

Optional[Relation]

The relation instance, or None if not available.

SpoeAuthRequirer. is_available( self )

Check if the SPOE auth configuration is available and valid.

Returns

bool

True if configuration is available and valid, False otherwise.

SpoeAuthRequirer. get_data( self )

Get the SPOE auth configuration from the provider.

Returns

Optional[SpoeAuthProviderAppData]

The SPOE auth configuration, or None if not available.

SpoeAuthRequirer. get_provider_unit_data( self , relation: Relation )

Fetch and validate the requirer's units data.

Arguments

relation

The relation to fetch unit data from.

Returns

list[SpoeAuthProviderUnitData]

List of validated unit data from the provider.

SpoeAuthRequirer. get_provider_application_data( self , relation: Relation )

Fetch and validate the requirer's application databag.

Arguments

relation

The relation to fetch application data from.

Returns

RequirerApplicationData

Validated application data from the requirer.

HAProxy

charms.haproxy.v0.spoe_auth

Getting Started

Using the library as the Provider

def value_contains_invalid_characters(value: str)

def validate_hostname(value: str)

class DataValidationError

class SpoeAuthInvalidRelationDataError

class HaproxyEvent

class SpoeAuthProviderAppData

class SpoeAuthProviderUnitData

class SpoeAuthProvider

class SpoeAuthAvailableEvent

class SpoeAuthRemovedEvent

class SpoeAuthRequirerEvents

class SpoeAuthRequirer