Module: Verikloak::BFF::Constants
- Defined in:
- lib/verikloak/bff/constants.rb
Overview
Shared constants for the BFF middleware layer. Centralised here so that every module (HeaderGuard, JwtUtils, ConsistencyChecks, etc.) references the same values.
Constant Summary collapse
- MAX_TOKEN_BYTES =
Maximum JWT byte size accepted for unverified decoding. Tokens exceeding this limit are treated as opaque (no claim inspection).
8192- LOG_CONTROL_CHARS =
Regex matching Unicode control characters, used by log sanitisation.
/[[:cntrl:]]/- MAX_LOG_FIELD_LENGTH =
Maximum length for individual log field values to prevent log flooding from oversized or malicious JWT claims.
256- DEFAULT_AUTH_REQUEST_HEADERS =
Default X-Auth-Request-* env keys, shared by Verikloak::BFF::Configuration defaults and ForwardedToken.strip_suspicious! so both stay in sync.
{ email: 'HTTP_X_AUTH_REQUEST_EMAIL', user: 'HTTP_X_AUTH_REQUEST_USER', groups: 'HTTP_X_AUTH_REQUEST_GROUPS' }.freeze