emqx_authn_jwt {
use_jwks {
desc {
en: """Whether to use JWKS."""
zh: """是否使用 JWKS。"""
}
label {
en: """Whether to Use JWKS"""
zh: """是否使用 JWKS"""
}
}
algorithm {
desc {
en: """JWT signing algorithm, Supports HMAC (configured as hmac-based) and RSA, ECDSA (configured as public-key)."""
zh: """JWT 签名算法,支持 HMAC (配置为 hmac-based)和 RSA、ECDSA (配置为 public-key)。"""
}
label {
en: """JWT Signing Algorithm"""
zh: """JWT 签名算法"""
}
}
certificate {
desc {
en: """The public key used to verify the JWT."""
zh: """用于验证 JWT 的公钥。"""
}
label {
en: """Certificate"""
zh: """证书"""
}
}
secret_base64_encoded {
desc {
en: """Whether secret is base64 encoded."""
zh: """密钥是否为 Base64 编码。"""
}
label {
en: """Whether Secret is Base64 Encoded"""
zh: """密钥是否为 Base64 编码"""
}
}
secret {
desc {
en: """The key to verify the JWT using HMAC algorithm."""
zh: """使用 HMAC 算法时用于验证 JWT 的密钥"""
}
label {
en: """Secret"""
zh: """Secret"""
}
}
endpoint {
desc {
en: """JWKS endpoint, it's a read-only endpoint that returns the server's public key set in the JWKS format."""
zh: """JWKS 端点, 它是一个以 JWKS 格式返回服务端的公钥集的只读端点。"""
}
label {
en: """JWKS Endpoint"""
zh: """JWKS Endpoint"""
}
}
refresh_interval {
desc {
en: """JWKS refresh interval."""
zh: """JWKS 刷新间隔。"""
}
label {
en: """JWKS Refresh Interval"""
zh: """JWKS 刷新间隔"""
}
}
cacertfile {
desc {
en: """Path to a file containing PEM-encoded CA certificates."""
zh: """包含 PEM 编码的 CA 证书的文件的路径。"""
}
label {
en: """CA Certificate File"""
zh: """CA 证书文件"""
}
}
certfile {
desc {
en: """Path to a file containing the user certificate."""
zh: """包含用户证书的文件的路径。"""
}
label {
en: """Certificate File"""
zh: """证书文件"""
}
}
keyfile {
desc {
en: """Path to a file containing the user's private PEM-encoded key."""
zh: """包含 PEM 编码的用户私钥的文件的路径。"""
}
label {
en: """Key File"""
zh: """私钥文件"""
}
}
verify {
desc {
en: """Enable or disable SSL peer verification."""
zh: """指定握手过程中是否校验对端证书。"""
}
label {
en: """Verify"""
zh: """Verify"""
}
}
server_name_indication {
desc {
en: """Server Name Indication (SNI)."""
zh: """服务器名称指示(SNI),未指定时将使用 endpoint 作为 SNI。"""
}
label {
en: """Server Name Indication"""
zh: """服务器名称指示"""
}
}
verify_claims {
desc {
en: """The list of claims to verify."""
zh: """The list of claims to verify."""
}
label {
en: """Verify Claims"""
zh: """Verify Claims"""
}
}
pool_size {
desc {
en: """JWKS connection count."""
zh: """JWKS 连接数量。"""
}
label {
en: """Pool Size"""
zh: """连接池大小"""
}
}
ssl {
desc {
en: """SSL options."""
zh: """SSL 选项。"""
}
label {
en: """SSL Options"""
zh: """SSL 选项"""
}
}
enable {
desc {
en: """Enable/disable SSL."""
zh: """启用/禁用 SSL。"""
}
label {
en: """Enable/disable SSL"""
zh: """启用/禁用 SSL"""
}
}
hmac-based {
desc {
en: """Configuration when the JWT for authentication is issued using the HMAC algorithm."""
zh: """用于认证的 JWT 使用 HMAC 算法签发时的配置。"""
}
}
public-key {
desc {
en: """Configuration when the JWT for authentication is issued using RSA or ECDSA algorithm."""
zh: """用于认证的 JWT 使用 RSA 或 ECDSA 算法签发时的配置。"""
}
}
jwks {
desc {
en: """Configuration when JWTs used for authentication need to be fetched from the JWKS endpoint."""
zh: """用于认证的 JWTs 需要从 JWKS 端点获取时的配置。"""
}
}
ssl_disable {
desc {
en: """SSL configuration."""
zh: """SSL 配置。"""
}
}
ssl_enable {
desc {
en: """SSL configuration."""
zh: """SSL 配置。"""
}
}
}