Oathkeeper
- By Identity Charmers
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/stable | 39 | 24 Apr 2024 | |
| latest/edge | 52 | 13 Sep 2024 | |
| 0.2/stable | 41 | 25 Apr 2024 | |
| 0.2/edge | 41 | 25 Apr 2024 |
juju deploy oathkeeper
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
charms.oathkeeper.v0.forward_auth
-
- Last updated 18 Apr 2024
- Revision Library version 0.4
Interface library for providing API Gateways with Identity and Access Proxy information.
It is required to integrate with Oathkeeper (Policy Decision Point).
Getting Started
To get started using the library, you need to fetch the library using charmcraft.
Note that you also need to add jsonschema to your charm's requirements.txt.
cd some-charm
charmcraft fetch-lib charms.oathkeeper.v0.forward_auth
To use the library from the requirer side, add the following to the metadata.yaml of the charm:
requires:
forward-auth:
interface: forward_auth
limit: 1
Then, to initialise the library:
from charms.oathkeeper.v0.forward_auth import AuthConfigChangedEvent, ForwardAuthRequirer
class ApiGatewayCharm(CharmBase):
def __init__(self, *args):
# ...
self.forward_auth = ForwardAuthRequirer(self)
self.framework.observe(
self.forward_auth.on.auth_config_changed,
self.some_event_function
)
def some_event_function(self, event: AuthConfigChangedEvent):
if self.forward_auth.is_ready():
# Fetch the relation info
forward_auth_data = self.forward_auth.get_forward_auth_data()
# update ingress configuration
# ...
Index
class ForwardAuthConfigError
Description
Emitted when invalid forward auth config is provided. None
class DataValidationError
Description
Raised when data validation fails on relation data. None
class ForwardAuthRelation
Description
A class containing helper methods for forward-auth relation. None
Methods
class ForwardAuthConfig
Description
Helper class containing configuration required by API Gateway to set up the proxy. None
Methods
ForwardAuthConfig. from_dict( cls , dic: Dict )
Description
Generate ForwardAuthConfig instance from dict. None
ForwardAuthConfig. to_dict( self )
Description
Convert object to dict. None
class ForwardAuthRequirerConfig
Helper class containing configuration required by Oathkeeper.
Description
Its purpose is to evaluate whether apps can be protected by IAP.
Methods
ForwardAuthRequirerConfig. to_dict( self )
Description
Convert object to dict. None
class AuthConfigChangedEvent
Description
Event to notify the requirer charm that the forward-auth config has changed. None
Methods
AuthConfigChangedEvent. __init__( self , handle: Handle , decisions_address: str , app_names , headers , relation_id: int , relation_app_name: str )
AuthConfigChangedEvent. snapshot( self )
Description
Save event. None
AuthConfigChangedEvent. restore( self , snapshot: Dict )
Description
Restore event. None
class AuthConfigRemovedEvent
Description
Event to notify the requirer charm that the forward-auth config was removed. None
Methods
AuthConfigRemovedEvent. __init__( self , handle: Handle , relation_id: int )
AuthConfigRemovedEvent. snapshot( self )
Description
Save event. None
AuthConfigRemovedEvent. restore( self , snapshot: Dict )
Description
Restore event. None
class ForwardAuthRequirerEvents
Description
Event descriptor for events raised by ForwardAuthRequirer. None
class ForwardAuthRequirer
Description
Requirer side of the forward-auth relation. None
Methods
ForwardAuthRequirer. __init__( self , charm: CharmBase )
ForwardAuthRequirer. update_requirer_relation_data( self , ingress_app_names , relation_id )
Description
Update the relation databag with app names that can get IAP protection. None
ForwardAuthRequirer. get_provider_info( self , relation_id )
Description
Get the provider information from the databag. None
ForwardAuthRequirer. get_remote_app_name( self , relation_id )
Description
Get the remote app name. None
ForwardAuthRequirer. is_ready( self , relation_id )
Checks whether ForwardAuth is ready on this relation.
Description
Returns True when Oathkeeper shared the config; False otherwise.
ForwardAuthRequirer. is_protected_app( self , app )
Description
Checks whether a given app requested to be protected by IAP. None
class ForwardAuthProxySet
Description
Event to notify the charm that the proxy was set successfully. None
Methods
ForwardAuthProxySet. snapshot( self )
Description
Save event. None
ForwardAuthProxySet. restore( self , snapshot: Dict )
Description
Restore event. None
class InvalidForwardAuthConfigEvent
Description
Event to notify the charm that the forward-auth configuration is invalid. None
Methods
InvalidForwardAuthConfigEvent. __init__( self , handle: Handle , error: str )
InvalidForwardAuthConfigEvent. snapshot( self )
Description
Save event. None
InvalidForwardAuthConfigEvent. restore( self , snapshot: Dict )
Description
Restore event. None
class ForwardAuthRelationRemovedEvent
Description
Event to notify the charm that the relation was removed. None
Methods
ForwardAuthRelationRemovedEvent. __init__( self , handle: Handle , relation_id: int )
ForwardAuthRelationRemovedEvent. snapshot( self )
Description
Save event. None
ForwardAuthRelationRemovedEvent. restore( self , snapshot: Dict )
Description
Restore event. None
class ForwardAuthProviderEvents
Description
Event descriptor for events raised by ForwardAuthProvider. None
class ForwardAuthProvider
Description
Provider side of the forward-auth relation. None
Methods
ForwardAuthProvider. __init__( self , charm: CharmBase , relation_name: str , forward_auth_config )
ForwardAuthProvider. update_forward_auth_config( self , forward_auth_config: ForwardAuthConfig , relation_id )
Description
Update the forward-auth config stored in the object. None