Documentation ¶
Index ¶
- Variables
- func RegisterAuthorizationServer(s *grpc.Server, srv AuthorizationServer)
- type AttributeContext
- func (*AttributeContext) Descriptor() ([]byte, []int)
- func (m *AttributeContext) GetContextExtensions() map[string]string
- func (m *AttributeContext) GetDestination() *AttributeContext_Peer
- func (m *AttributeContext) GetRequest() *AttributeContext_Request
- func (m *AttributeContext) GetSource() *AttributeContext_Peer
- func (m *AttributeContext) Marshal() (dAtA []byte, err error)
- func (m *AttributeContext) MarshalTo(dAtA []byte) (int, error)
- func (*AttributeContext) ProtoMessage()
- func (m *AttributeContext) Reset()
- func (m *AttributeContext) Size() (n int)
- func (m *AttributeContext) String() string
- func (m *AttributeContext) Unmarshal(dAtA []byte) error
- func (m *AttributeContext) Validate() error
- func (m *AttributeContext) XXX_DiscardUnknown()
- func (m *AttributeContext) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *AttributeContext) XXX_Merge(src proto.Message)
- func (m *AttributeContext) XXX_Size() int
- func (m *AttributeContext) XXX_Unmarshal(b []byte) error
- type AttributeContextValidationError
- type AttributeContext_HttpRequest
- func (*AttributeContext_HttpRequest) Descriptor() ([]byte, []int)
- func (m *AttributeContext_HttpRequest) GetFragment() string
- func (m *AttributeContext_HttpRequest) GetHeaders() map[string]string
- func (m *AttributeContext_HttpRequest) GetHost() string
- func (m *AttributeContext_HttpRequest) GetId() string
- func (m *AttributeContext_HttpRequest) GetMethod() string
- func (m *AttributeContext_HttpRequest) GetPath() string
- func (m *AttributeContext_HttpRequest) GetProtocol() string
- func (m *AttributeContext_HttpRequest) GetQuery() string
- func (m *AttributeContext_HttpRequest) GetScheme() string
- func (m *AttributeContext_HttpRequest) GetSize_() int64
- func (m *AttributeContext_HttpRequest) Marshal() (dAtA []byte, err error)
- func (m *AttributeContext_HttpRequest) MarshalTo(dAtA []byte) (int, error)
- func (*AttributeContext_HttpRequest) ProtoMessage()
- func (m *AttributeContext_HttpRequest) Reset()
- func (m *AttributeContext_HttpRequest) Size() (n int)
- func (m *AttributeContext_HttpRequest) String() string
- func (m *AttributeContext_HttpRequest) Unmarshal(dAtA []byte) error
- func (m *AttributeContext_HttpRequest) Validate() error
- func (m *AttributeContext_HttpRequest) XXX_DiscardUnknown()
- func (m *AttributeContext_HttpRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *AttributeContext_HttpRequest) XXX_Merge(src proto.Message)
- func (m *AttributeContext_HttpRequest) XXX_Size() int
- func (m *AttributeContext_HttpRequest) XXX_Unmarshal(b []byte) error
- type AttributeContext_HttpRequestValidationError
- type AttributeContext_Peer
- func (*AttributeContext_Peer) Descriptor() ([]byte, []int)
- func (m *AttributeContext_Peer) GetAddress() *core.Address
- func (m *AttributeContext_Peer) GetLabels() map[string]string
- func (m *AttributeContext_Peer) GetPrincipal() string
- func (m *AttributeContext_Peer) GetService() string
- func (m *AttributeContext_Peer) Marshal() (dAtA []byte, err error)
- func (m *AttributeContext_Peer) MarshalTo(dAtA []byte) (int, error)
- func (*AttributeContext_Peer) ProtoMessage()
- func (m *AttributeContext_Peer) Reset()
- func (m *AttributeContext_Peer) Size() (n int)
- func (m *AttributeContext_Peer) String() string
- func (m *AttributeContext_Peer) Unmarshal(dAtA []byte) error
- func (m *AttributeContext_Peer) Validate() error
- func (m *AttributeContext_Peer) XXX_DiscardUnknown()
- func (m *AttributeContext_Peer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *AttributeContext_Peer) XXX_Merge(src proto.Message)
- func (m *AttributeContext_Peer) XXX_Size() int
- func (m *AttributeContext_Peer) XXX_Unmarshal(b []byte) error
- type AttributeContext_PeerValidationError
- type AttributeContext_Request
- func (*AttributeContext_Request) Descriptor() ([]byte, []int)
- func (m *AttributeContext_Request) GetHttp() *AttributeContext_HttpRequest
- func (m *AttributeContext_Request) GetTime() *types.Timestamp
- func (m *AttributeContext_Request) Marshal() (dAtA []byte, err error)
- func (m *AttributeContext_Request) MarshalTo(dAtA []byte) (int, error)
- func (*AttributeContext_Request) ProtoMessage()
- func (m *AttributeContext_Request) Reset()
- func (m *AttributeContext_Request) Size() (n int)
- func (m *AttributeContext_Request) String() string
- func (m *AttributeContext_Request) Unmarshal(dAtA []byte) error
- func (m *AttributeContext_Request) Validate() error
- func (m *AttributeContext_Request) XXX_DiscardUnknown()
- func (m *AttributeContext_Request) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *AttributeContext_Request) XXX_Merge(src proto.Message)
- func (m *AttributeContext_Request) XXX_Size() int
- func (m *AttributeContext_Request) XXX_Unmarshal(b []byte) error
- type AttributeContext_RequestValidationError
- type AuthorizationClient
- type AuthorizationServer
- type CheckRequest
- func (*CheckRequest) Descriptor() ([]byte, []int)
- func (m *CheckRequest) GetAttributes() *AttributeContext
- func (m *CheckRequest) Marshal() (dAtA []byte, err error)
- func (m *CheckRequest) MarshalTo(dAtA []byte) (int, error)
- func (*CheckRequest) ProtoMessage()
- func (m *CheckRequest) Reset()
- func (m *CheckRequest) Size() (n int)
- func (m *CheckRequest) String() string
- func (m *CheckRequest) Unmarshal(dAtA []byte) error
- func (m *CheckRequest) Validate() error
- func (m *CheckRequest) XXX_DiscardUnknown()
- func (m *CheckRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *CheckRequest) XXX_Merge(src proto.Message)
- func (m *CheckRequest) XXX_Size() int
- func (m *CheckRequest) XXX_Unmarshal(b []byte) error
- type CheckRequestValidationError
- type CheckResponse
- func (*CheckResponse) Descriptor() ([]byte, []int)
- func (m *CheckResponse) GetDeniedResponse() *DeniedHttpResponse
- func (m *CheckResponse) GetHttpResponse() isCheckResponse_HttpResponse
- func (m *CheckResponse) GetOkResponse() *OkHttpResponse
- func (m *CheckResponse) GetStatus() *rpc.Status
- func (m *CheckResponse) Marshal() (dAtA []byte, err error)
- func (m *CheckResponse) MarshalTo(dAtA []byte) (int, error)
- func (*CheckResponse) ProtoMessage()
- func (m *CheckResponse) Reset()
- func (m *CheckResponse) Size() (n int)
- func (m *CheckResponse) String() string
- func (m *CheckResponse) Unmarshal(dAtA []byte) error
- func (m *CheckResponse) Validate() error
- func (m *CheckResponse) XXX_DiscardUnknown()
- func (m *CheckResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *CheckResponse) XXX_Merge(src proto.Message)
- func (*CheckResponse) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, ...)
- func (m *CheckResponse) XXX_Size() int
- func (m *CheckResponse) XXX_Unmarshal(b []byte) error
- type CheckResponseValidationError
- type CheckResponse_DeniedResponse
- type CheckResponse_OkResponse
- type DeniedHttpResponse
- func (*DeniedHttpResponse) Descriptor() ([]byte, []int)
- func (m *DeniedHttpResponse) GetBody() string
- func (m *DeniedHttpResponse) GetHeaders() []*core.HeaderValueOption
- func (m *DeniedHttpResponse) GetStatus() *_type.HttpStatus
- func (m *DeniedHttpResponse) Marshal() (dAtA []byte, err error)
- func (m *DeniedHttpResponse) MarshalTo(dAtA []byte) (int, error)
- func (*DeniedHttpResponse) ProtoMessage()
- func (m *DeniedHttpResponse) Reset()
- func (m *DeniedHttpResponse) Size() (n int)
- func (m *DeniedHttpResponse) String() string
- func (m *DeniedHttpResponse) Unmarshal(dAtA []byte) error
- func (m *DeniedHttpResponse) Validate() error
- func (m *DeniedHttpResponse) XXX_DiscardUnknown()
- func (m *DeniedHttpResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *DeniedHttpResponse) XXX_Merge(src proto.Message)
- func (m *DeniedHttpResponse) XXX_Size() int
- func (m *DeniedHttpResponse) XXX_Unmarshal(b []byte) error
- type DeniedHttpResponseValidationError
- type OkHttpResponse
- func (*OkHttpResponse) Descriptor() ([]byte, []int)
- func (m *OkHttpResponse) GetHeaders() []*core.HeaderValueOption
- func (m *OkHttpResponse) Marshal() (dAtA []byte, err error)
- func (m *OkHttpResponse) MarshalTo(dAtA []byte) (int, error)
- func (*OkHttpResponse) ProtoMessage()
- func (m *OkHttpResponse) Reset()
- func (m *OkHttpResponse) Size() (n int)
- func (m *OkHttpResponse) String() string
- func (m *OkHttpResponse) Unmarshal(dAtA []byte) error
- func (m *OkHttpResponse) Validate() error
- func (m *OkHttpResponse) XXX_DiscardUnknown()
- func (m *OkHttpResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (dst *OkHttpResponse) XXX_Merge(src proto.Message)
- func (m *OkHttpResponse) XXX_Size() int
- func (m *OkHttpResponse) XXX_Unmarshal(b []byte) error
- type OkHttpResponseValidationError
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidLengthAttributeContext = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowAttributeContext = fmt.Errorf("proto: integer overflow") )
var ( ErrInvalidLengthExternalAuth = fmt.Errorf("proto: negative length found during unmarshaling") ErrIntOverflowExternalAuth = fmt.Errorf("proto: integer overflow") )
Functions ¶
func RegisterAuthorizationServer ¶
func RegisterAuthorizationServer(s *grpc.Server, srv AuthorizationServer)
Types ¶
type AttributeContext ¶ added in v0.5.0
type AttributeContext struct { // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Source *AttributeContext_Peer `protobuf:"bytes,1,opt,name=source" json:"source,omitempty"` // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Destination *AttributeContext_Peer `protobuf:"bytes,2,opt,name=destination" json:"destination,omitempty"` // Represents a network request, such as an HTTP request. Request *AttributeContext_Request `protobuf:"bytes,4,opt,name=request" json:"request,omitempty"` // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. ContextExtensions map[string]string `` /* 194-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
An attribute is a piece of metadata that describes an activity on a network. For example, the size of an HTTP request, or the status code of an HTTP response.
Each attribute has a type and a name, which is logically defined as a proto message field of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes supported by Envoy authorization system.
func (*AttributeContext) Descriptor ¶ added in v0.5.0
func (*AttributeContext) Descriptor() ([]byte, []int)
func (*AttributeContext) GetContextExtensions ¶ added in v0.5.0
func (m *AttributeContext) GetContextExtensions() map[string]string
func (*AttributeContext) GetDestination ¶ added in v0.5.0
func (m *AttributeContext) GetDestination() *AttributeContext_Peer
func (*AttributeContext) GetRequest ¶ added in v0.5.0
func (m *AttributeContext) GetRequest() *AttributeContext_Request
func (*AttributeContext) GetSource ¶ added in v0.5.0
func (m *AttributeContext) GetSource() *AttributeContext_Peer
func (*AttributeContext) Marshal ¶ added in v0.5.0
func (m *AttributeContext) Marshal() (dAtA []byte, err error)
func (*AttributeContext) MarshalTo ¶ added in v0.5.0
func (m *AttributeContext) MarshalTo(dAtA []byte) (int, error)
func (*AttributeContext) ProtoMessage ¶ added in v0.5.0
func (*AttributeContext) ProtoMessage()
func (*AttributeContext) Reset ¶ added in v0.5.0
func (m *AttributeContext) Reset()
func (*AttributeContext) Size ¶ added in v0.5.0
func (m *AttributeContext) Size() (n int)
func (*AttributeContext) String ¶ added in v0.5.0
func (m *AttributeContext) String() string
func (*AttributeContext) Unmarshal ¶ added in v0.5.0
func (m *AttributeContext) Unmarshal(dAtA []byte) error
func (*AttributeContext) Validate ¶ added in v0.5.0
func (m *AttributeContext) Validate() error
Validate checks the field values on AttributeContext with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*AttributeContext) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *AttributeContext) XXX_DiscardUnknown()
func (*AttributeContext) XXX_Marshal ¶ added in v0.5.0
func (m *AttributeContext) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AttributeContext) XXX_Merge ¶ added in v0.5.0
func (dst *AttributeContext) XXX_Merge(src proto.Message)
func (*AttributeContext) XXX_Size ¶ added in v0.5.0
func (m *AttributeContext) XXX_Size() int
func (*AttributeContext) XXX_Unmarshal ¶ added in v0.5.0
func (m *AttributeContext) XXX_Unmarshal(b []byte) error
type AttributeContextValidationError ¶ added in v0.5.0
AttributeContextValidationError is the validation error returned by AttributeContext.Validate if the designated constraints aren't met.
func (AttributeContextValidationError) Error ¶ added in v0.5.0
func (e AttributeContextValidationError) Error() string
Error satisfies the builtin error interface
type AttributeContext_HttpRequest ¶ added in v0.5.0
type AttributeContext_HttpRequest struct { // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // The HTTP request method, such as `GET`, `POST`. Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"` // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lowercased, because HTTP header keys are case-insensitive. Headers map[string]string `` /* 148-byte string literal not displayed */ // The HTTP URL path. Path string `protobuf:"bytes,4,opt,name=path,proto3" json:"path,omitempty"` // The HTTP request `Host` or 'Authority` header value. Host string `protobuf:"bytes,5,opt,name=host,proto3" json:"host,omitempty"` // The HTTP URL scheme, such as `http` and `https`. Scheme string `protobuf:"bytes,6,opt,name=scheme,proto3" json:"scheme,omitempty"` // The HTTP URL query in the format of `name1=value`&name2=value2`, as it // appears in the first line of the HTTP request. No decoding is performed. Query string `protobuf:"bytes,7,opt,name=query,proto3" json:"query,omitempty"` // The HTTP URL fragment, excluding leading `#`. No URL decoding is performed. Fragment string `protobuf:"bytes,8,opt,name=fragment,proto3" json:"fragment,omitempty"` // The HTTP request size in bytes. If unknown, it must be -1. Size_ int64 `protobuf:"varint,9,opt,name=size,proto3" json:"size,omitempty"` // The network protocol used with the request, such as // "http/1.1", "spdy/3", "h2", "h2c" Protocol string `protobuf:"bytes,10,opt,name=protocol,proto3" json:"protocol,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
This message defines attributes for an HTTP request. HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests.
func (*AttributeContext_HttpRequest) Descriptor ¶ added in v0.5.0
func (*AttributeContext_HttpRequest) Descriptor() ([]byte, []int)
func (*AttributeContext_HttpRequest) GetFragment ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetFragment() string
func (*AttributeContext_HttpRequest) GetHeaders ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetHeaders() map[string]string
func (*AttributeContext_HttpRequest) GetHost ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetHost() string
func (*AttributeContext_HttpRequest) GetId ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetId() string
func (*AttributeContext_HttpRequest) GetMethod ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetMethod() string
func (*AttributeContext_HttpRequest) GetPath ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetPath() string
func (*AttributeContext_HttpRequest) GetProtocol ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetProtocol() string
func (*AttributeContext_HttpRequest) GetQuery ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetQuery() string
func (*AttributeContext_HttpRequest) GetScheme ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetScheme() string
func (*AttributeContext_HttpRequest) GetSize_ ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) GetSize_() int64
func (*AttributeContext_HttpRequest) Marshal ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) Marshal() (dAtA []byte, err error)
func (*AttributeContext_HttpRequest) MarshalTo ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) MarshalTo(dAtA []byte) (int, error)
func (*AttributeContext_HttpRequest) ProtoMessage ¶ added in v0.5.0
func (*AttributeContext_HttpRequest) ProtoMessage()
func (*AttributeContext_HttpRequest) Reset ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) Reset()
func (*AttributeContext_HttpRequest) Size ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) Size() (n int)
func (*AttributeContext_HttpRequest) String ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) String() string
func (*AttributeContext_HttpRequest) Unmarshal ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) Unmarshal(dAtA []byte) error
func (*AttributeContext_HttpRequest) Validate ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) Validate() error
Validate checks the field values on AttributeContext_HttpRequest with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*AttributeContext_HttpRequest) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) XXX_DiscardUnknown()
func (*AttributeContext_HttpRequest) XXX_Marshal ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AttributeContext_HttpRequest) XXX_Merge ¶ added in v0.5.0
func (dst *AttributeContext_HttpRequest) XXX_Merge(src proto.Message)
func (*AttributeContext_HttpRequest) XXX_Size ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) XXX_Size() int
func (*AttributeContext_HttpRequest) XXX_Unmarshal ¶ added in v0.5.0
func (m *AttributeContext_HttpRequest) XXX_Unmarshal(b []byte) error
type AttributeContext_HttpRequestValidationError ¶ added in v0.5.0
type AttributeContext_HttpRequestValidationError struct { Field string Reason string Cause error Key bool }
AttributeContext_HttpRequestValidationError is the validation error returned by AttributeContext_HttpRequest.Validate if the designated constraints aren't met.
func (AttributeContext_HttpRequestValidationError) Error ¶ added in v0.5.0
func (e AttributeContext_HttpRequestValidationError) Error() string
Error satisfies the builtin error interface
type AttributeContext_Peer ¶ added in v0.5.0
type AttributeContext_Peer struct { // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. Address *core.Address `protobuf:"bytes,1,opt,name=address" json:"address,omitempty"` // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // <config_http_conn_man_headers_downstream-service-cluster>` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"` // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. Labels map[string]string `` /* 146-byte string literal not displayed */ // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // `Subject` or `Subject Alternative Names`. The primary identity should be the principal. // The principal format is issuer specific. // // Example: // * SPIFFE format is `spiffe://trust-domain/path` // * Google account format is `https://accounts.google.com/{userid}` Principal string `protobuf:"bytes,4,opt,name=principal,proto3" json:"principal,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
This message defines attributes for a node that handles a network request. The node can be either a service or an application that sends, forwards, or receives the request. Service peers should fill in the `service`, `principal`, and `labels` as appropriate.
func (*AttributeContext_Peer) Descriptor ¶ added in v0.5.0
func (*AttributeContext_Peer) Descriptor() ([]byte, []int)
func (*AttributeContext_Peer) GetAddress ¶ added in v0.5.0
func (m *AttributeContext_Peer) GetAddress() *core.Address
func (*AttributeContext_Peer) GetLabels ¶ added in v0.5.0
func (m *AttributeContext_Peer) GetLabels() map[string]string
func (*AttributeContext_Peer) GetPrincipal ¶ added in v0.5.0
func (m *AttributeContext_Peer) GetPrincipal() string
func (*AttributeContext_Peer) GetService ¶ added in v0.5.0
func (m *AttributeContext_Peer) GetService() string
func (*AttributeContext_Peer) Marshal ¶ added in v0.5.0
func (m *AttributeContext_Peer) Marshal() (dAtA []byte, err error)
func (*AttributeContext_Peer) MarshalTo ¶ added in v0.5.0
func (m *AttributeContext_Peer) MarshalTo(dAtA []byte) (int, error)
func (*AttributeContext_Peer) ProtoMessage ¶ added in v0.5.0
func (*AttributeContext_Peer) ProtoMessage()
func (*AttributeContext_Peer) Reset ¶ added in v0.5.0
func (m *AttributeContext_Peer) Reset()
func (*AttributeContext_Peer) Size ¶ added in v0.5.0
func (m *AttributeContext_Peer) Size() (n int)
func (*AttributeContext_Peer) String ¶ added in v0.5.0
func (m *AttributeContext_Peer) String() string
func (*AttributeContext_Peer) Unmarshal ¶ added in v0.5.0
func (m *AttributeContext_Peer) Unmarshal(dAtA []byte) error
func (*AttributeContext_Peer) Validate ¶ added in v0.5.0
func (m *AttributeContext_Peer) Validate() error
Validate checks the field values on AttributeContext_Peer with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*AttributeContext_Peer) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *AttributeContext_Peer) XXX_DiscardUnknown()
func (*AttributeContext_Peer) XXX_Marshal ¶ added in v0.5.0
func (m *AttributeContext_Peer) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AttributeContext_Peer) XXX_Merge ¶ added in v0.5.0
func (dst *AttributeContext_Peer) XXX_Merge(src proto.Message)
func (*AttributeContext_Peer) XXX_Size ¶ added in v0.5.0
func (m *AttributeContext_Peer) XXX_Size() int
func (*AttributeContext_Peer) XXX_Unmarshal ¶ added in v0.5.0
func (m *AttributeContext_Peer) XXX_Unmarshal(b []byte) error
type AttributeContext_PeerValidationError ¶ added in v0.5.0
type AttributeContext_PeerValidationError struct { Field string Reason string Cause error Key bool }
AttributeContext_PeerValidationError is the validation error returned by AttributeContext_Peer.Validate if the designated constraints aren't met.
func (AttributeContext_PeerValidationError) Error ¶ added in v0.5.0
func (e AttributeContext_PeerValidationError) Error() string
Error satisfies the builtin error interface
type AttributeContext_Request ¶ added in v0.5.0
type AttributeContext_Request struct { // The timestamp when the proxy receives the first byte of the request. Time *types.Timestamp `protobuf:"bytes,1,opt,name=time" json:"time,omitempty"` // Represents an HTTP request or an HTTP-like request. Http *AttributeContext_HttpRequest `protobuf:"bytes,2,opt,name=http" json:"http,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Represents a network request, such as an HTTP request.
func (*AttributeContext_Request) Descriptor ¶ added in v0.5.0
func (*AttributeContext_Request) Descriptor() ([]byte, []int)
func (*AttributeContext_Request) GetHttp ¶ added in v0.5.0
func (m *AttributeContext_Request) GetHttp() *AttributeContext_HttpRequest
func (*AttributeContext_Request) GetTime ¶ added in v0.5.0
func (m *AttributeContext_Request) GetTime() *types.Timestamp
func (*AttributeContext_Request) Marshal ¶ added in v0.5.0
func (m *AttributeContext_Request) Marshal() (dAtA []byte, err error)
func (*AttributeContext_Request) MarshalTo ¶ added in v0.5.0
func (m *AttributeContext_Request) MarshalTo(dAtA []byte) (int, error)
func (*AttributeContext_Request) ProtoMessage ¶ added in v0.5.0
func (*AttributeContext_Request) ProtoMessage()
func (*AttributeContext_Request) Reset ¶ added in v0.5.0
func (m *AttributeContext_Request) Reset()
func (*AttributeContext_Request) Size ¶ added in v0.5.0
func (m *AttributeContext_Request) Size() (n int)
func (*AttributeContext_Request) String ¶ added in v0.5.0
func (m *AttributeContext_Request) String() string
func (*AttributeContext_Request) Unmarshal ¶ added in v0.5.0
func (m *AttributeContext_Request) Unmarshal(dAtA []byte) error
func (*AttributeContext_Request) Validate ¶ added in v0.5.0
func (m *AttributeContext_Request) Validate() error
Validate checks the field values on AttributeContext_Request with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*AttributeContext_Request) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *AttributeContext_Request) XXX_DiscardUnknown()
func (*AttributeContext_Request) XXX_Marshal ¶ added in v0.5.0
func (m *AttributeContext_Request) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AttributeContext_Request) XXX_Merge ¶ added in v0.5.0
func (dst *AttributeContext_Request) XXX_Merge(src proto.Message)
func (*AttributeContext_Request) XXX_Size ¶ added in v0.5.0
func (m *AttributeContext_Request) XXX_Size() int
func (*AttributeContext_Request) XXX_Unmarshal ¶ added in v0.5.0
func (m *AttributeContext_Request) XXX_Unmarshal(b []byte) error
type AttributeContext_RequestValidationError ¶ added in v0.5.0
type AttributeContext_RequestValidationError struct { Field string Reason string Cause error Key bool }
AttributeContext_RequestValidationError is the validation error returned by AttributeContext_Request.Validate if the designated constraints aren't met.
func (AttributeContext_RequestValidationError) Error ¶ added in v0.5.0
func (e AttributeContext_RequestValidationError) Error() string
Error satisfies the builtin error interface
type AuthorizationClient ¶
type AuthorizationClient interface { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error) }
func NewAuthorizationClient ¶
func NewAuthorizationClient(cc *grpc.ClientConn) AuthorizationClient
type AuthorizationServer ¶
type AuthorizationServer interface { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. Check(context.Context, *CheckRequest) (*CheckResponse, error) }
type CheckRequest ¶ added in v0.5.0
type CheckRequest struct { // The request attributes. Attributes *AttributeContext `protobuf:"bytes,1,opt,name=attributes" json:"attributes,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*CheckRequest) Descriptor ¶ added in v0.5.0
func (*CheckRequest) Descriptor() ([]byte, []int)
func (*CheckRequest) GetAttributes ¶ added in v0.5.0
func (m *CheckRequest) GetAttributes() *AttributeContext
func (*CheckRequest) Marshal ¶ added in v0.5.0
func (m *CheckRequest) Marshal() (dAtA []byte, err error)
func (*CheckRequest) MarshalTo ¶ added in v0.5.0
func (m *CheckRequest) MarshalTo(dAtA []byte) (int, error)
func (*CheckRequest) ProtoMessage ¶ added in v0.5.0
func (*CheckRequest) ProtoMessage()
func (*CheckRequest) Reset ¶ added in v0.5.0
func (m *CheckRequest) Reset()
func (*CheckRequest) Size ¶ added in v0.5.0
func (m *CheckRequest) Size() (n int)
func (*CheckRequest) String ¶ added in v0.5.0
func (m *CheckRequest) String() string
func (*CheckRequest) Unmarshal ¶ added in v0.5.0
func (m *CheckRequest) Unmarshal(dAtA []byte) error
func (*CheckRequest) Validate ¶ added in v0.5.0
func (m *CheckRequest) Validate() error
Validate checks the field values on CheckRequest with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*CheckRequest) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *CheckRequest) XXX_DiscardUnknown()
func (*CheckRequest) XXX_Marshal ¶ added in v0.5.0
func (m *CheckRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*CheckRequest) XXX_Merge ¶ added in v0.5.0
func (dst *CheckRequest) XXX_Merge(src proto.Message)
func (*CheckRequest) XXX_Size ¶ added in v0.5.0
func (m *CheckRequest) XXX_Size() int
func (*CheckRequest) XXX_Unmarshal ¶ added in v0.5.0
func (m *CheckRequest) XXX_Unmarshal(b []byte) error
type CheckRequestValidationError ¶ added in v0.5.0
CheckRequestValidationError is the validation error returned by CheckRequest.Validate if the designated constraints aren't met.
func (CheckRequestValidationError) Error ¶ added in v0.5.0
func (e CheckRequestValidationError) Error() string
Error satisfies the builtin error interface
type CheckResponse ¶ added in v0.5.0
type CheckResponse struct { // Status `OK` allows the request. Any other status indicates the request should be denied. Status *rpc.Status `protobuf:"bytes,1,opt,name=status" json:"status,omitempty"` // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. // // Types that are valid to be assigned to HttpResponse: // *CheckResponse_DeniedResponse // *CheckResponse_OkResponse HttpResponse isCheckResponse_HttpResponse `protobuf_oneof:"http_response"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Intended for gRPC and Network Authorization servers `only`.
func (*CheckResponse) Descriptor ¶ added in v0.5.0
func (*CheckResponse) Descriptor() ([]byte, []int)
func (*CheckResponse) GetDeniedResponse ¶ added in v0.5.0
func (m *CheckResponse) GetDeniedResponse() *DeniedHttpResponse
func (*CheckResponse) GetHttpResponse ¶ added in v0.5.0
func (m *CheckResponse) GetHttpResponse() isCheckResponse_HttpResponse
func (*CheckResponse) GetOkResponse ¶ added in v0.5.0
func (m *CheckResponse) GetOkResponse() *OkHttpResponse
func (*CheckResponse) GetStatus ¶ added in v0.5.0
func (m *CheckResponse) GetStatus() *rpc.Status
func (*CheckResponse) Marshal ¶ added in v0.5.0
func (m *CheckResponse) Marshal() (dAtA []byte, err error)
func (*CheckResponse) MarshalTo ¶ added in v0.5.0
func (m *CheckResponse) MarshalTo(dAtA []byte) (int, error)
func (*CheckResponse) ProtoMessage ¶ added in v0.5.0
func (*CheckResponse) ProtoMessage()
func (*CheckResponse) Reset ¶ added in v0.5.0
func (m *CheckResponse) Reset()
func (*CheckResponse) Size ¶ added in v0.5.0
func (m *CheckResponse) Size() (n int)
func (*CheckResponse) String ¶ added in v0.5.0
func (m *CheckResponse) String() string
func (*CheckResponse) Unmarshal ¶ added in v0.5.0
func (m *CheckResponse) Unmarshal(dAtA []byte) error
func (*CheckResponse) Validate ¶ added in v0.5.0
func (m *CheckResponse) Validate() error
Validate checks the field values on CheckResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*CheckResponse) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *CheckResponse) XXX_DiscardUnknown()
func (*CheckResponse) XXX_Marshal ¶ added in v0.5.0
func (m *CheckResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*CheckResponse) XXX_Merge ¶ added in v0.5.0
func (dst *CheckResponse) XXX_Merge(src proto.Message)
func (*CheckResponse) XXX_OneofFuncs ¶ added in v0.5.0
func (*CheckResponse) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})
XXX_OneofFuncs is for the internal use of the proto package.
func (*CheckResponse) XXX_Size ¶ added in v0.5.0
func (m *CheckResponse) XXX_Size() int
func (*CheckResponse) XXX_Unmarshal ¶ added in v0.5.0
func (m *CheckResponse) XXX_Unmarshal(b []byte) error
type CheckResponseValidationError ¶ added in v0.5.0
CheckResponseValidationError is the validation error returned by CheckResponse.Validate if the designated constraints aren't met.
func (CheckResponseValidationError) Error ¶ added in v0.5.0
func (e CheckResponseValidationError) Error() string
Error satisfies the builtin error interface
type CheckResponse_DeniedResponse ¶ added in v0.5.0
type CheckResponse_DeniedResponse struct {
DeniedResponse *DeniedHttpResponse `protobuf:"bytes,2,opt,name=denied_response,json=deniedResponse,oneof"`
}
func (*CheckResponse_DeniedResponse) MarshalTo ¶ added in v0.5.0
func (m *CheckResponse_DeniedResponse) MarshalTo(dAtA []byte) (int, error)
func (*CheckResponse_DeniedResponse) Size ¶ added in v0.5.0
func (m *CheckResponse_DeniedResponse) Size() (n int)
type CheckResponse_OkResponse ¶ added in v0.5.0
type CheckResponse_OkResponse struct {
OkResponse *OkHttpResponse `protobuf:"bytes,3,opt,name=ok_response,json=okResponse,oneof"`
}
func (*CheckResponse_OkResponse) MarshalTo ¶ added in v0.5.0
func (m *CheckResponse_OkResponse) MarshalTo(dAtA []byte) (int, error)
func (*CheckResponse_OkResponse) Size ¶ added in v0.5.0
func (m *CheckResponse_OkResponse) Size() (n int)
type DeniedHttpResponse ¶ added in v0.5.0
type DeniedHttpResponse struct { // This field allows the authorization service to send a HTTP response status // code to the downstream client other than 403 (Forbidden). Status *_type.HttpStatus `protobuf:"bytes,1,opt,name=status" json:"status,omitempty"` // This field allows the authorization service to send HTTP response headers // to the the downstream client. Headers []*core.HeaderValueOption `protobuf:"bytes,2,rep,name=headers" json:"headers,omitempty"` // This field allows the authorization service to send a response body data // to the the downstream client. Body string `protobuf:"bytes,3,opt,name=body,proto3" json:"body,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
HTTP attributes for a denied response.
func (*DeniedHttpResponse) Descriptor ¶ added in v0.5.0
func (*DeniedHttpResponse) Descriptor() ([]byte, []int)
func (*DeniedHttpResponse) GetBody ¶ added in v0.5.0
func (m *DeniedHttpResponse) GetBody() string
func (*DeniedHttpResponse) GetHeaders ¶ added in v0.5.0
func (m *DeniedHttpResponse) GetHeaders() []*core.HeaderValueOption
func (*DeniedHttpResponse) GetStatus ¶ added in v0.5.0
func (m *DeniedHttpResponse) GetStatus() *_type.HttpStatus
func (*DeniedHttpResponse) Marshal ¶ added in v0.5.0
func (m *DeniedHttpResponse) Marshal() (dAtA []byte, err error)
func (*DeniedHttpResponse) MarshalTo ¶ added in v0.5.0
func (m *DeniedHttpResponse) MarshalTo(dAtA []byte) (int, error)
func (*DeniedHttpResponse) ProtoMessage ¶ added in v0.5.0
func (*DeniedHttpResponse) ProtoMessage()
func (*DeniedHttpResponse) Reset ¶ added in v0.5.0
func (m *DeniedHttpResponse) Reset()
func (*DeniedHttpResponse) Size ¶ added in v0.5.0
func (m *DeniedHttpResponse) Size() (n int)
func (*DeniedHttpResponse) String ¶ added in v0.5.0
func (m *DeniedHttpResponse) String() string
func (*DeniedHttpResponse) Unmarshal ¶ added in v0.5.0
func (m *DeniedHttpResponse) Unmarshal(dAtA []byte) error
func (*DeniedHttpResponse) Validate ¶ added in v0.5.0
func (m *DeniedHttpResponse) Validate() error
Validate checks the field values on DeniedHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*DeniedHttpResponse) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *DeniedHttpResponse) XXX_DiscardUnknown()
func (*DeniedHttpResponse) XXX_Marshal ¶ added in v0.5.0
func (m *DeniedHttpResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*DeniedHttpResponse) XXX_Merge ¶ added in v0.5.0
func (dst *DeniedHttpResponse) XXX_Merge(src proto.Message)
func (*DeniedHttpResponse) XXX_Size ¶ added in v0.5.0
func (m *DeniedHttpResponse) XXX_Size() int
func (*DeniedHttpResponse) XXX_Unmarshal ¶ added in v0.5.0
func (m *DeniedHttpResponse) XXX_Unmarshal(b []byte) error
type DeniedHttpResponseValidationError ¶ added in v0.5.0
DeniedHttpResponseValidationError is the validation error returned by DeniedHttpResponse.Validate if the designated constraints aren't met.
func (DeniedHttpResponseValidationError) Error ¶ added in v0.5.0
func (e DeniedHttpResponseValidationError) Error() string
Error satisfies the builtin error interface
type OkHttpResponse ¶ added in v0.5.0
type OkHttpResponse struct { // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. By setting `append` field to `true` in the `HeaderValueOption`, // the filter will append the correspondent header value to the matched request header. Note that // by Leaving `append` as false, the filter will either add a new header, or override an existing // one if there is a match. Headers []*core.HeaderValueOption `protobuf:"bytes,2,rep,name=headers" json:"headers,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
HTTP attributes for an ok response.
func (*OkHttpResponse) Descriptor ¶ added in v0.5.0
func (*OkHttpResponse) Descriptor() ([]byte, []int)
func (*OkHttpResponse) GetHeaders ¶ added in v0.5.0
func (m *OkHttpResponse) GetHeaders() []*core.HeaderValueOption
func (*OkHttpResponse) Marshal ¶ added in v0.5.0
func (m *OkHttpResponse) Marshal() (dAtA []byte, err error)
func (*OkHttpResponse) MarshalTo ¶ added in v0.5.0
func (m *OkHttpResponse) MarshalTo(dAtA []byte) (int, error)
func (*OkHttpResponse) ProtoMessage ¶ added in v0.5.0
func (*OkHttpResponse) ProtoMessage()
func (*OkHttpResponse) Reset ¶ added in v0.5.0
func (m *OkHttpResponse) Reset()
func (*OkHttpResponse) Size ¶ added in v0.5.0
func (m *OkHttpResponse) Size() (n int)
func (*OkHttpResponse) String ¶ added in v0.5.0
func (m *OkHttpResponse) String() string
func (*OkHttpResponse) Unmarshal ¶ added in v0.5.0
func (m *OkHttpResponse) Unmarshal(dAtA []byte) error
func (*OkHttpResponse) Validate ¶ added in v0.5.0
func (m *OkHttpResponse) Validate() error
Validate checks the field values on OkHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.
func (*OkHttpResponse) XXX_DiscardUnknown ¶ added in v0.5.0
func (m *OkHttpResponse) XXX_DiscardUnknown()
func (*OkHttpResponse) XXX_Marshal ¶ added in v0.5.0
func (m *OkHttpResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*OkHttpResponse) XXX_Merge ¶ added in v0.5.0
func (dst *OkHttpResponse) XXX_Merge(src proto.Message)
func (*OkHttpResponse) XXX_Size ¶ added in v0.5.0
func (m *OkHttpResponse) XXX_Size() int
func (*OkHttpResponse) XXX_Unmarshal ¶ added in v0.5.0
func (m *OkHttpResponse) XXX_Unmarshal(b []byte) error
type OkHttpResponseValidationError ¶ added in v0.5.0
OkHttpResponseValidationError is the validation error returned by OkHttpResponse.Validate if the designated constraints aren't met.
func (OkHttpResponseValidationError) Error ¶ added in v0.5.0
func (e OkHttpResponseValidationError) Error() string
Error satisfies the builtin error interface