Merge branch 'main' into 3318-RavenDB-state-store-new

Author: dapr-bot

lock/redis/metadata.yaml

@@ -0,0 +1,178 @@
+# yaml-language-server: $schema=../../component-metadata-schema.json
+schemaVersion: v1
+type: lock
+name: redis
+version: v1
+status: alpha
+title: "Redis Distributed Lock"
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-locks/redis-lock/
+lock:
+  operations:
+    - name: tryLock
+      description: "Attempt to acquire a distributed lock"
+    - name: unlock
+      description: "Release a distributed lock"
+authenticationProfiles:
+  - title: "Password Authentication"
+    description: |
+      Authenticate using Redis password.
+    metadata:
+      - name: redisUsername
+        required: false
+        description: "The Redis username"
+        example: "redis-user"
+      - name: redisPassword
+        required: false
+        sensitive: true
+        description: "The Redis password"
+        example: "redis-password"
+  - title: "Sentinel Authentication"
+    description: |
+      Authenticate using Redis Sentinel password.
+    metadata:
+      - name: sentinelUsername
+        required: false
+        description: "The Redis Sentinel username"
+        example: "sentinel-user"
+      - name: sentinelPassword
+        required: false
+        sensitive: true
+        description: "The Redis Sentinel password"
+        example: "sentinel-password"
+  - title: "TLS Authentication"
+    description: |
+      Authenticate using Redis TLS certificate.
+    metadata:
+      - name: clientCert
+        required: false
+        sensitive: true
+        description: "The Redis client certificate"
+        example: '"-----BEGIN CERTIFICATE-----\nXXX..."'
+      - name: clientKey
+        required: false
+        sensitive: true
+        description: "The Redis client key"
+        example: '"-----BEGIN PRIVATE KEY-----\nXXX..."'
+metadata:
+  - name: redisHost
+    required: true
+    description: "The Redis host address"
+    example: '"localhost:6379"'
+  - name: redisType
+    required: false
+    description: "The Redis type"
+    example: "node"
+    default: "node"
+    allowedValues:
+      - "node"
+      - "cluster"
+      - "sentinel"
+  - name: redisDB
+    required: false
+    description: "The Redis database number"
+    example: '0'
+    default: '0'
+  - name: redisMaxRetries
+    required: false
+    description: "Maximum Redis retries"
+    example: '3'
+    default: '3'
+  - name: redisMinRetryInterval
+    required: false
+    description: "Minimum Redis retry interval"
+    example: "8ms"
+    default: "8ms"
+  - name: redisMaxRetryInterval
+    required: false
+    description: "Maximum Redis retry interval"
+    example: "512ms"
+    default: "512ms"
+  - name: dialTimeout
+    required: false
+    description: "Dial timeout duration"
+    example: "5s"
+    default: "5s"
+  - name: readTimeout
+    required: false
+    description: "Read timeout duration"
+    example: "3s"
+    default: "3s"
+  - name: writeTimeout
+    required: false
+    description: "Write timeout duration"
+    example: "3s"
+    default: "3s"
+  - name: poolSize
+    required: false
+    description: "Connection pool size"
+    example: '10'
+    default: '10'
+  - name: poolTimeout
+    required: false
+    description: "Connection pool timeout"
+    example: "4s"
+    default: "4s"
+  - name: maxConnAge
+    required: false
+    description: "Maximum connection age"
+    example: "30m"
+    default: "30m"
+  - name: minIdleConns
+    required: false
+    description: "Minimum idle connections"
+    example: '0'
+    default: '0'
+  - name: idleTimeout
+    required: false
+    description: "Idle timeout duration"
+    example: "5m"
+    default: "5m"
+  - name: idleCheckFrequency
+    required: false
+    description: "Idle check frequency"
+    example: "1m"
+    default: "1m"
+  - name: maxRetries
+    required: false
+    description: "Maximum number of retries when attempting to acquire a lock"
+    example: '3'
+    default: '3'
+  - name: maxRetryBackoff
+    required: false
+    description: "Maximum backoff duration between retries"
+    example: "2s"
+    default: "2s"
+  - name: redeliverInterval
+    required: false
+    description: "Redeliver interval for re-attempting lock acquisition"
+    example: "15s"
+    default: "15s"
+  - name: processingTimeout
+    required: false
+    description: "Processing timeout for lock ownership"
+    example: "60s"
+    default: "60s"
+  - name: enableTLS
+    required: false
+    type: bool
+    description: "Whether to enable TLS encryption"
+    example: false
+    default: false
+  - name: useEntraID
+    required: false
+    type: bool
+    description: "Whether to use Entra ID for authentication"
+    example: false
+    default: false
+  - name: failover
+    required: false
+    type: bool
+    description: "Whether to enable failover mode (for Sentinel)"
+    example: false
+    default: false
+  - name: sentinelMasterName
+    required: false
+    description: "The Sentinel master name (used if redisType is 'sentinel')"
+    example: "mymaster"

middleware/http/bearer/metadata.yaml

@@ -0,0 +1,29 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: bearer
+version: v1
+status: stable
+title: "Bearer Token Authentication"
+description: |
+  The Bearer middleware provides JWT token authentication for HTTP requests.
+  It validates Bearer tokens in the Authorization header and can extract claims for downstream processing.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-bearer/
+metadata:
+  - name: jwksURL
+    type: string
+    required: true
+    description: "The URL of the JSON Web Key Set (JWKS) endpoint"
+    example: "https://accounts.google.com/.well-known/jwks.json"
+  - name: issuer
+    type: string
+    required: true
+    description: "The expected issuer of the JWT tokens"
+    example: "https://accounts.google.com"
+  - name: audience
+    type: string
+    required: true
+    description: "The expected audience of the JWT tokens"
+    example: "my-app"

middleware/http/oauth2/metadata.yaml

@@ -0,0 +1,66 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: oauth2
+version: v1
+status: alpha
+title: "OAuth2 Authentication"
+description: |
+  The OAuth2 middleware provides OAuth2 authentication for HTTP requests.
+  It handles OAuth2 flows and token validation for securing API endpoints.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-oauth2/
+authenticationProfiles:
+  - title: "OAuth2 Authentication"
+    description: "Configure OAuth2 authentication with any OAuth2 provider"
+    metadata:
+      - name: clientID
+        type: string
+        required: true
+        description: "The OAuth2 client ID from your OAuth2 provider"
+        example: "client-id"
+      - name: clientSecret
+        type: string
+        required: true
+        description: "The OAuth2 client secret from your OAuth2 provider"
+        sensitive: true
+        example: "client-secret"
+      - name: authURL
+        type: string
+        required: true
+        description: "The OAuth2 authorization URL from your provider"
+        example: "https://accounts.google.com/o/oauth2/v2/auth"
+      - name: tokenURL
+        type: string
+        required: true
+        description: "The OAuth2 token URL from your provider"
+        example: "https://oauth2.googleapis.com/token"
+      - name: scopes
+        type: string
+        required: false
+        description: "OAuth2 scopes to request from your provider"
+        example: "openid profile email"
+metadata:
+  - name: redirectURL
+    type: string
+    required: false
+    description: "The OAuth2 redirect URL for your application"
+    example: "http://localhost:8080/callback"
+  - name: authHeaderName
+    type: string
+    required: false
+    description: "The name of the authorization header to use"
+    example: "Authorization"
+    default: "Authorization"
+  - name: forceHTTPS
+    type: string
+    required: false
+    description: "Whether to force HTTPS for the redirect URL"
+    example: "true"
+    default: "false"
+  - name: pathFilter
+    type: string
+    required: false
+    description: "Regular expression to filter which paths require authentication"
+    example: "^/api/.*"

middleware/http/oauth2clientcredentials/metadata.yaml

@@ -0,0 +1,64 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: oauth2clientcredentials
+version: v1
+status: alpha
+title: "OAuth2 Client Credentials"
+description: |
+  The OAuth2 Client Credentials middleware provides OAuth2 client credentials flow authentication.
+  It handles machine-to-machine authentication using client credentials.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/oauth2clientcredentials/
+authenticationProfiles:
+  - title: "OAuth2 Client Credentials"
+    description: "Configure OAuth2 client credentials authentication with any OAuth2 provider"
+    metadata:
+      - name: clientID
+        type: string
+        required: true
+        description: "The client ID of your application that is created as part of a credential hosted by a OAuth-enabled platform"
+        example: "client-id"
+      - name: clientSecret
+        type: string
+        required: true
+        description: "The client secret of your application that is created as part of a credential hosted by a OAuth-enabled platform"
+        sensitive: true
+        example: "client-secret"
+      - name: scopes
+        type: string
+        required: false
+        description: "A list of space-delimited, case-sensitive strings of scopes which are typically used for authorization in the application"
+        example: "https://www.googleapis.com/auth/userinfo.email"
+      - name: tokenURL
+        type: string
+        required: true
+        description: "The endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token"
+        example: "https://accounts.google.com/o/oauth2/token"
+metadata:
+  - name: pathFilter
+    type: string
+    required: false
+    description: "Regular expression to filter which paths require authentication"
+    example: "^/api/.*"
+  - name: headerName
+    type: string
+    required: true
+    description: "The authorization header name to forward to your application"
+    example: "authorization"
+  - name: endpointParamsQuery
+    type: string
+    required: false
+    description: "Specifies additional parameters for requests to the token endpoint"
+    example: "param1=value1&param2=value2"
+  - name: authStyle
+    type: integer
+    required: false
+    description: "Optionally specifies how the endpoint wants the client ID & client secret sent. 0: Auto-detect (tries both ways and caches the successful way), 1: Sends client_id and client_secret in POST body as application/x-www-form-urlencoded parameters, 2: Sends client_id and client_secret using HTTP Basic Authorization"
+    example: 0
+    default: 0
+    allowedValues:
+      - 0
+      - 1
+      - 2

middleware/http/opa/metadata.yaml

@@ -0,0 +1,34 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: opa
+version: v1
+status: alpha
+title: "Open Policy Agent (OPA)"
+description: |
+  The OPA middleware allows you to enforce policies on HTTP requests using Open Policy Agent (OPA) Rego policies.
+  It evaluates incoming requests against your Rego policies and can allow, deny, or modify requests based on the policy results.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-opa/
+metadata:
+  - name: rego
+    type: string
+    required: true
+    description: "The Rego policy code that will be evaluated for each request. The policy package must be http and the policy must set data.http.allow"
+  - name: defaultStatus
+    type: number
+    required: false
+    description: "The status code to return for denied responses"
+    example: 403
+    default: 403
+  - name: includedHeaders
+    type: string
+    required: false
+    description: "Comma-separated set of case-insensitive headers to include in the request input. Request headers are not passed to the policy by default. Include to receive incoming request headers in the input"
+    example: "x-my-custom-header, x-jwt-header"
+  - name: readBody
+    type: string
+    required: false
+    description: "Controls whether the middleware reads the entire request body in-memory and make it available for policy decisions"
+    example: false

middleware/http/ratelimit/metadata.yaml

@@ -0,0 +1,19 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: ratelimit
+version: v1
+status: stable
+title: "Rate Limiting"
+description: |
+  The Rate Limiting middleware provides request rate limiting functionality.
+  It can limit requests based on various criteria like IP address, user, or custom keys.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-rate-limit/
+metadata:
+  - name: maxRequestsPerSecond
+    type: integer
+    required: true
+    description: "Maximum number of requests allowed per second"
+    example: 100