auth

package

v1.28.0-129.2 Latest Latest Go to latest Published: Mar 21, 2025 License: MIT Imports: 9 Imported by: 8

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/temporalio/temporal

Documentation ¶

Index ¶

Variables
func NewDynamicTLSClientConfig(getCert func() (*tls.Certificate, error), rootCAs *x509.CertPool, ...) *tls.Config
func NewEmptyTLSConfig() *tls.Config
func NewTLSConfig(temporalTls *TLS) (*tls.Config, error)
func NewTLSConfigForServer(serverName string, enableHostVerification bool) *tls.Config
func NewTLSConfigWithCertsAndCAs(clientAuth tls.ClientAuthType, certificates []tls.Certificate, ...) *tls.Config
type TLS

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrTLSConfig = errors.New("unable to config TLS")

Functions ¶

func NewDynamicTLSClientConfig ¶ added in v1.5.7

func NewDynamicTLSClientConfig(
	getCert func() (*tls.Certificate, error),
	rootCAs *x509.CertPool,
	serverName string,
	enableHostVerification bool,
) *tls.Config

func NewEmptyTLSConfig ¶ added in v1.1.0

func NewEmptyTLSConfig() *tls.Config

func NewTLSConfig ¶ added in v1.23.0

func NewTLSConfig(temporalTls *TLS) (*tls.Config, error)

func NewTLSConfigForServer ¶ added in v1.1.0

func NewTLSConfigForServer(
	serverName string,
	enableHostVerification bool,
) *tls.Config

func NewTLSConfigWithCertsAndCAs ¶ added in v1.1.0

func NewTLSConfigWithCertsAndCAs(
	clientAuth tls.ClientAuthType,
	certificates []tls.Certificate,
	clientCAs *x509.CertPool,
	logger log.Logger,
) *tls.Config

Types ¶

type TLS ¶

type TLS struct {
	Enabled bool `yaml:"enabled"`

	// CertPath and KeyPath are optional depending on server
	// config, but both fields must be omitted to avoid using a
	// client certificate
	CertFile string `yaml:"certFile"`
	KeyFile  string `yaml:"keyFile"`
	CaFile   string `yaml:"caFile"` //optional depending on server config

	// If you want to verify the hostname and server cert (like a wildcard for cass cluster) then you should turn this on
	// This option is basically the inverse of InSecureSkipVerify
	// See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info
	EnableHostVerification bool `yaml:"enableHostVerification"`

	ServerName string `yaml:"serverName"`

	// Base64 equivalents of the above artifacts.
	// You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData)
	CertData string `yaml:"certData"`
	KeyData  string `yaml:"keyData"`
	CaData   string `yaml:"caData"` // optional depending on server config
}

TLS describe TLS configuration (for Cassandra, SQL)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL