Documentation ¶
Index ¶
- type AuthConfigCleaner
- type AuthConfigEvaluator
- type AuthCredential
- func (c *AuthCredential) BuildRequestWithCredentials(ctx context.Context, endpoint string, method string, credentialValue string, ...) (*http.Request, error)
- func (c *AuthCredential) GetCredentialsFromReq(httpReq *envoy_auth.AttributeContext_HttpRequest) (string, error)
- func (c *AuthCredential) GetCredentialsIn() string
- func (c *AuthCredential) GetCredentialsKeySelector() string
- type AuthCredentials
- type AuthPipeline
- type AuthResult
- type ConditionalEvaluator
- type IdentityConfigEvaluator
- type K8sSecretBasedIdentityConfigEvaluator
- type NamedEvaluator
- type Prioritizable
- type ResponseConfigEvaluator
- type TypedEvaluator
- type WristbandIssuer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthConfigCleaner ¶
type AuthConfigEvaluator ¶
type AuthConfigEvaluator interface {
Call(AuthPipeline, context.Context) (interface{}, error)
}
AuthConfigEvaluator interface represents the configuration pieces of Identity, Metadata and Authorization
type AuthCredential ¶
AuthCredential struct implements the AuthCredentials interface
func NewAuthCredential ¶
func NewAuthCredential(selector string, location string) *AuthCredential
NewAuthCredential creates a new instance of AuthCredential
func (*AuthCredential) BuildRequestWithCredentials ¶
func (*AuthCredential) GetCredentialsFromReq ¶
func (c *AuthCredential) GetCredentialsFromReq(httpReq *envoy_auth.AttributeContext_HttpRequest) (string, error)
GetCredentialsFromReq will retrieve the secrets from a given location
func (*AuthCredential) GetCredentialsIn ¶
func (c *AuthCredential) GetCredentialsIn() string
func (*AuthCredential) GetCredentialsKeySelector ¶
func (c *AuthCredential) GetCredentialsKeySelector() string
type AuthCredentials ¶
type AuthCredentials interface { GetCredentialsFromReq(*envoy_auth.AttributeContext_HttpRequest) (string, error) GetCredentialsKeySelector() string GetCredentialsIn() string BuildRequestWithCredentials(ctx context.Context, endpoint string, method string, credentialValue string, body io.Reader) (*http.Request, error) }
AuthCredentials interface represents the methods needed to fetch credentials from input
type AuthPipeline ¶
type AuthPipeline interface { Evaluate() AuthResult GetRequest() *envoy_auth.CheckRequest GetHttp() *envoy_auth.AttributeContext_HttpRequest GetAPI() interface{} GetResolvedIdentity() (interface{}, interface{}) GetAuthorizationJSON() string }
type AuthResult ¶
type AuthResult struct { // Code is gRPC response code to the auth check Code rpc.Code `json:"code,omitempty"` // Status is HTTP status code to override the default mapping between gRPC response codes and HTTP status messages // for auth Status envoy_type.StatusCode `json:"status,omitempty"` // Message is X-Ext-Auth-Reason message returned in an injected HTTP response header, to explain the reason of the // auth check result Message string `json:"message,omitempty"` // Headers are other HTTP headers to inject in the response Headers []map[string]string `json:"headers,omitempty"` // Metadata are Envoy dynamic metadata content Metadata map[string]interface{} `json:"metadata,omitempty"` // Body in the response of the request // auth check result Body string `json:"body,omitempty"` }
AuthResult holds the result data for building the response to an auth check
func (*AuthResult) Success ¶
func (result *AuthResult) Success() bool
Success tells whether the auth check result was successful and therefore access can be granted to the requested resource or it has failed (deny access)
type ConditionalEvaluator ¶
type ConditionalEvaluator interface {
GetConditions() []json.JSONPatternMatchingRule
}
type IdentityConfigEvaluator ¶
type IdentityConfigEvaluator interface { GetAuthCredentials() AuthCredentials GetOIDC() interface{} ResolveExtendedProperties(AuthPipeline) (interface{}, error) }
type K8sSecretBasedIdentityConfigEvaluator ¶ added in v0.9.0
type NamedEvaluator ¶
type NamedEvaluator interface {
GetName() string
}
type Prioritizable ¶
type Prioritizable interface {
GetPriority() int
}
type ResponseConfigEvaluator ¶
type ResponseConfigEvaluator interface { NamedEvaluator GetWristbandIssuer() WristbandIssuer }
type TypedEvaluator ¶
type TypedEvaluator interface {
GetType() string
}
type WristbandIssuer ¶
Click to show internal directories.
Click to hide internal directories.