The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ProvideHandler = NewHandler
ProvideHandler provides an authz handler
See NewHandler for more docs.
Functions ¶
func AuthzRequestToFlowLabels ¶
func AuthzRequestToFlowLabels(request *ext_authz.AttributeContext_Request) flowlabel.FlowLabels
AuthzRequestToFlowLabels converts request attributes to new FlowLabels.
Types ¶
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
Handler implements envoy.service.auth.v3.Authorization and handles Check call.
func NewHandler ¶
func NewHandler( classifier *classification.ClassificationEngine, entityCache *entitycache.EntityCache, fcHandler check.HandlerWithValues, ) *Handler
NewHandler creates new authorization handler for authz api
Authz will use the given classifier to inject flow labels and return them as metadata in the response to the Check calls.
func (*Handler) Check ¶
func (h *Handler) Check(ctx context.Context, req *ext_authz.CheckRequest) (*ext_authz.CheckResponse, error)
Check is the Check method of Authorization service
Check * computes flow labels and returns them via DynamicMetadata. * makes the allow/deny decision - sends flow labels to flow control's Check function.
type Invocations ¶
type Invocations struct {
Register interface{}
}
Invocations is a set of register functions to be used in fx.Invoke.
func OnNamedServer ¶
func OnNamedServer(serverName string) Invocations
OnNamedServer returns a register function that will register authz handler on *named* grpc.Server
Usage:
fx.Invoke(authz.OnNamedServer("foo").Register)
Source Files
Directories