Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EgressResult ¶
type EgressResult struct { // If set, the result for envoy is a "noop" OK result. Skip bool // If set, contains the reason why the request shall be forbidden. Forbidden string // Defines the userID that should be encoded into the JWT. // If an empty string is used, the request assumes that no userID // could be found for the presented authorization and therefore, the // request will be denied. UserID string // Defines a list of headers that should be removed from the request // (typically the consumed authentication header). HeadersToRemove []string }
EgressResult helps to return the correct request to the upstream of a translator.
type EgressTranslation ¶
type EgressTranslation func(req *auth.CheckRequest) (EgressResult, error)
EgressTranslation is the function that translates the specific authentication into a JWT. The function receives the request (from envoy) and shall return the check response according to its authentication scheme. Helper functions can be found in the envoy module.
type IngressResult ¶
type IngressResult struct { // If set, the result for envoy is a "noop" OK result. Skip bool // If set, contains the reason why the request shall be forbidden. Forbidden string // Defines a list of header values that should be added to the request for // the downstream. HeadersToAdd []*core.HeaderValue // Defines a list of headers that should be removed from the request. // In addition to these headers, the WirePact JWT header is always removed. HeadersToRemove []string }
IngressResult helps to return the correct request to the upstream of a translator.
type IngressTranslation ¶
type IngressTranslation func(subject string, req *auth.CheckRequest) (IngressResult, error)
IngressTranslation acts as the translator for incoming communication. The function receives the parsed JWT subject (if possible) and the full request. It shall return a list of headers to add for the downstream and a list of headers that shall be removed. By default, the WirePact JWT header is removed.