service

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 21, 2021 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	X_EXT_AUTH_REASON_HEADER = "X-Ext-Auth-Reason"

	RESPONSE_MESSAGE_INVALID_REQUEST   = "Invalid request"
	RESPONSE_MESSAGE_SERVICE_NOT_FOUND = "Service not found"
)

Variables

This section is empty.

Functions

func NewAuthPipeline 

func NewAuthPipeline(parentCtx context.Context, req *envoy_auth.CheckRequest, apiConfig config.APIConfig) common.AuthPipeline

NewAuthPipeline creates an AuthPipeline instance

Types

type AuthPipeline 

type AuthPipeline struct {
	Context context.Context
	Request *envoy_auth.CheckRequest
	API     *config.APIConfig

	Identity      map[*config.IdentityConfig]interface{}
	Metadata      map[*config.MetadataConfig]interface{}
	Authorization map[*config.AuthorizationConfig]interface{}
	Response      map[*config.ResponseConfig]interface{}

	Logger log.Logger
}

AuthPipeline evaluates the context of an auth request upon the authconfigs defined for the requested API Throughout the pipeline, user identity, ad hoc metadata and authorization policies are evaluated and their corresponding resulting objects stored in the respective maps.

func (*AuthPipeline) Evaluate 

func (pipeline *AuthPipeline) Evaluate() common.AuthResult

Evaluate evaluates all steps of the auth pipeline (identity → metadata → policy enforcement)

func (*AuthPipeline) GetAPI 

func (pipeline *AuthPipeline) GetAPI() interface{}

func (*AuthPipeline) GetDataForAuthorization 

func (pipeline *AuthPipeline) GetDataForAuthorization() interface{}

func (*AuthPipeline) GetHttp 

func (pipeline *AuthPipeline) GetHttp() *envoy_auth.AttributeContext_HttpRequest

func (*AuthPipeline) GetPostAuthorizationData added in v0.4.0 

func (pipeline *AuthPipeline) GetPostAuthorizationData() interface{}

func (*AuthPipeline) GetRequest 

func (pipeline *AuthPipeline) GetRequest() *envoy_auth.CheckRequest

func (*AuthPipeline) GetResolvedIdentity 

func (pipeline *AuthPipeline) GetResolvedIdentity() (interface{}, interface{})

func (*AuthPipeline) GetResolvedMetadata 

func (pipeline *AuthPipeline) GetResolvedMetadata() map[interface{}]interface{}

type AuthService 

type AuthService struct {
	Cache cache.Cache
}

AuthService is the server API for the authorization service.

func (*AuthService) Check 

func (a *AuthService) Check(parentContext context.Context, req *envoy_auth.CheckRequest) (*envoy_auth.CheckResponse, error)

Check performs authorization check based on the attributes associated with the incoming request, and returns status `OK` or not `OK`.

type EvaluationResponse 

type EvaluationResponse struct {
	Evaluator common.AuthConfigEvaluator
	Object    interface{}
	Error     error
}

func (*EvaluationResponse) GetErrorMessage 

func (evresp *EvaluationResponse) GetErrorMessage() string

func (*EvaluationResponse) Success 

func (evresp *EvaluationResponse) Success() bool

type HealthService 

type HealthService struct{}

HealthService is the server API for the gRPC health service

func (*HealthService) Check 

func (self *HealthService) Check(ctx context.Context, in *healthpb.HealthCheckRequest) (*healthpb.HealthCheckResponse, error)

Check performs a health of the gRPC service

func (*HealthService) Watch 

func (self *HealthService) Watch(in *healthpb.HealthCheckRequest, srv healthpb.Health_WatchServer) error

Watch is for streaming health-check (not yet implemented)

type OidcService added in v0.2.0 

type OidcService struct {
	Cache cache.Cache
}

OidcService implements an HTTP server for OpenID Connect Discovery

func (*OidcService) ServeHTTP added in v0.2.0 

func (o *OidcService) ServeHTTP(writer http.ResponseWriter, req *http.Request)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.