Module: Verikloak::BFF::Constants

Defined in:
lib/verikloak/bff/constants.rb

Overview

Shared constants for the BFF middleware layer. Centralised here so that every module (HeaderGuard, JwtUtils, ConsistencyChecks, etc.) references the same values.

Constant Summary collapse

MAX_TOKEN_BYTES =

Maximum JWT byte size accepted for unverified decoding. Tokens exceeding this limit are treated as opaque (no claim inspection).

8192
LOG_CONTROL_CHARS =

Regex matching Unicode control characters, used by log sanitisation.

/[[:cntrl:]]/
MAX_LOG_FIELD_LENGTH =

Maximum length for individual log field values to prevent log flooding from oversized or malicious JWT claims.

256
DEFAULT_AUTH_REQUEST_HEADERS =

Default X-Auth-Request-* env keys, shared by Verikloak::BFF::Configuration defaults and ForwardedToken.strip_suspicious! so both stay in sync.

{
  email: 'HTTP_X_AUTH_REQUEST_EMAIL',
  user: 'HTTP_X_AUTH_REQUEST_USER',
  groups: 'HTTP_X_AUTH_REQUEST_GROUPS'
}.freeze