github.com/weaviate/weaviate@v1.24.6/usecases/config/authentication.go

github.com/weaviate/weaviate@v1.24.6/usecases/config/authentication.go (about)

     1  //                           _       _
     2  // __      _____  __ ___   ___  __ _| |_ ___
     3  // \ \ /\ / / _ \/ _` \ \ / / |/ _` | __/ _ \
     4  //  \ V  V /  __/ (_| |\ V /| | (_| | ||  __/
     5  //   \_/\_/ \___|\__,_| \_/ |_|\__,_|\__\___|
     6  //
     7  //  Copyright © 2016 - 2024 Weaviate B.V. All rights reserved.
     8  //
     9  //  CONTACT: hello@weaviate.io
    10  //
    11  
    12  package config
    13  
    14  import "fmt"
    15  
    16  // Authentication configuration
    17  type Authentication struct {
    18  	OIDC            OIDC            `json:"oidc" yaml:"oidc"`
    19  	AnonymousAccess AnonymousAccess `json:"anonymous_access" yaml:"anonymous_access"`
    20  	APIKey          APIKey
    21  }
    22  
    23  // DefaultAuthentication is the default authentication scheme when no authentication is provided
    24  var DefaultAuthentication = Authentication{
    25  	AnonymousAccess: AnonymousAccess{
    26  		Enabled: true,
    27  	},
    28  }
    29  
    30  // Validate the Authentication configuration. This only validates at a general
    31  // level. Validation specific to the individual auth methods should happen
    32  // inside their respective packages
    33  func (a Authentication) Validate() error {
    34  	if !a.AnyAuthMethodSelected() {
    35  		return fmt.Errorf("no authentication scheme configured, you must select at least one")
    36  	}
    37  
    38  	return nil
    39  }
    40  
    41  func (a Authentication) AnyAuthMethodSelected() bool {
    42  	return a.AnonymousAccess.Enabled || a.OIDC.Enabled || a.APIKey.Enabled
    43  }
    44  
    45  // AnonymousAccess considers users without any auth information as
    46  // authenticated as "anonymous" rather than denying their request immediately.
    47  // Note that enabling anonymous access ONLY affects Authentication, not
    48  // Authorization.
    49  type AnonymousAccess struct {
    50  	Enabled bool `json:"enabled" yaml:"enabled"`
    51  }
    52  
    53  // OIDC configures the OIDC middleware
    54  type OIDC struct {
    55  	Enabled           bool     `json:"enabled" yaml:"enabled"`
    56  	Issuer            string   `json:"issuer" yaml:"issuer"`
    57  	ClientID          string   `json:"client_id" yaml:"client_id"`
    58  	SkipClientIDCheck bool     `yaml:"skip_client_id_check" json:"skip_client_id_check"`
    59  	UsernameClaim     string   `yaml:"username_claim" json:"username_claim"`
    60  	GroupsClaim       string   `yaml:"groups_claim" json:"groups_claim"`
    61  	Scopes            []string `yaml:"scopes" json:"scopes"`
    62  }
    63  
    64  type APIKey struct {
    65  	Enabled     bool     `json:"enabled" yaml:"enabled"`
    66  	Users       []string `json:"users" yaml:"users"`
    67  	AllowedKeys []string `json:"allowed_keys" yaml:"allowed_keys"`
    68  }