go.temporal.io/server@v1.23.0/common/auth/tls.go

go.temporal.io/server@v1.23.0/common/auth/tls.go (about)

     1  // The MIT License
     2  //
     3  // Copyright (c) 2020 Temporal Technologies Inc.  All rights reserved.
     4  //
     5  // Copyright (c) 2020 Uber Technologies, Inc.
     6  //
     7  // Permission is hereby granted, free of charge, to any person obtaining a copy
     8  // of this software and associated documentation files (the "Software"), to deal
     9  // in the Software without restriction, including without limitation the rights
    10  // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
    11  // copies of the Software, and to permit persons to whom the Software is
    12  // furnished to do so, subject to the following conditions:
    13  //
    14  // The above copyright notice and this permission notice shall be included in
    15  // all copies or substantial portions of the Software.
    16  //
    17  // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    18  // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    19  // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    20  // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    21  // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    22  // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
    23  // THE SOFTWARE.
    24  
    25  package auth
    26  
    27  type (
    28  	// TLS describe TLS configuration (for Cassandra, SQL)
    29  	TLS struct {
    30  		Enabled bool `yaml:"enabled"`
    31  
    32  		// CertPath and KeyPath are optional depending on server
    33  		// config, but both fields must be omitted to avoid using a
    34  		// client certificate
    35  		CertFile string `yaml:"certFile"`
    36  		KeyFile  string `yaml:"keyFile"`
    37  		CaFile   string `yaml:"caFile"` //optional depending on server config
    38  
    39  		// If you want to verify the hostname and server cert (like a wildcard for cass cluster) then you should turn this on
    40  		// This option is basically the inverse of InSecureSkipVerify
    41  		// See InSecureSkipVerify in http://golang.org/pkg/crypto/tls/ for more info
    42  		EnableHostVerification bool `yaml:"enableHostVerification"`
    43  
    44  		ServerName string `yaml:"serverName"`
    45  
    46  		// Base64 equivalents of the above artifacts.
    47  		// You cannot specify both a Data and a File for the same artifact (e.g. setting CertFile and CertData)
    48  		CertData string `yaml:"certData"`
    49  		KeyData  string `yaml:"keyData"`
    50  		CaData   string `yaml:"caData"` // optional depending on server config
    51  	}
    52  )