common

Documentation

Index

• func CheckContext(ctx context.Context) error
• func FetchEnv(key string, def string) string
• func ReplaceJSONPlaceholders(source string, jsonData string) string
• func StringifyJSON(data interface{}) (string, error)
• func UnmashalJSONResponse(resp *http.Response, v interface{}, b *[]byte) error
• type APIKeySecretFinder
• type AuthConfigCleaner
• type AuthConfigEvaluator
• type AuthPipeline
• type AuthResult
  • func (result *AuthResult) Success() bool
• type IdentityConfigEvaluator
• type JSONPatternMatchingRule
  • func (rule *JSONPatternMatchingRule) EvaluateFor(jsonData string) (bool, error)
• type JSONProperty
• type JSONValue
  • func (v *JSONValue) IsTemplate() bool
  • func (v *JSONValue) ResolveFor(jsonData string) interface{}
• type NamedConfigEvaluator
• type Prioritizable
• type ResponseConfigEvaluator
• type WristbandIssuer

Functions

func CheckContext

func CheckContext(ctx context.Context) error

CheckContext checks if a go context is still active or done When it's done, returns a generic error

func myFunc(ctx context.Context) error {
  if err := common.CheckContext(ctx); err != nil {
  	 return err
  } else {
    doSomething()
  }
}

func FetchEnv

func FetchEnv(key string, def string) string

func ReplaceJSONPlaceholders

func ReplaceJSONPlaceholders(source string, jsonData string) string

func StringifyJSON

func StringifyJSON(data interface{}) (string, error)

func UnmashalJSONResponse

func UnmashalJSONResponse(resp *http.Response, v interface{}, b *[]byte) error

UnmashalJSONResponse unmarshalls a generic HTTP response body into a JSON structure Pass optionally a pointer to a byte array to get the raw body of the response object written back

Types

type APIKeySecretFinder

type APIKeySecretFinder interface {
	FindSecretByName(types.NamespacedName) *v1.Secret
}

type AuthConfigCleaner

type AuthConfigCleaner interface {
	// Clean is used to give the different auth configs chance to clean up anything internal to that config
	Clean(context.Context) error
}

type AuthConfigEvaluator

type AuthConfigEvaluator interface {
	Call(AuthPipeline, context.Context) (interface{}, error)
}

AuthConfigEvaluator interface represents the configuration pieces of Identity, Metadata and Authorization

type AuthPipeline

type AuthPipeline interface {
	Evaluate() AuthResult
	GetRequest() *envoy_auth.CheckRequest
	GetHttp() *envoy_auth.AttributeContext_HttpRequest
	GetAPI() interface{}
	GetResolvedIdentity() (interface{}, interface{})
	GetAuthorizationJSON() string
}

type AuthResult

type AuthResult struct {
	// Code is gRPC response code to the auth check
	Code rpc.Code `json:"code,omitempty"`
	// Status is HTTP status code to override the default mapping between gRPC response codes and HTTP status messages
	// for auth
	Status envoy_type.StatusCode `json:"status,omitempty"`
	// Message is X-Ext-Auth-Reason message returned in an injected HTTP response header, to explain the reason of the
	// auth check result
	Message string `json:"message,omitempty"`
	// Headers are other HTTP headers to inject in the response
	Headers []map[string]string `json:"headers,omitempty"`
	// Metadata are Envoy dynamic metadata content
	Metadata map[string]interface{} `json:"metadata,omitempty"`
}

AuthResult holds the result data for building the response to an auth check

func (*AuthResult) Success

func (result *AuthResult) Success() bool

Success tells whether the auth check result was successful and therefore access can be granted to the requested resource or it has failed (deny access)

type IdentityConfigEvaluator

type IdentityConfigEvaluator interface {
	GetAuthCredentials() auth_credentials.AuthCredentials
	GetOIDC() interface{}
	ResolveExtendedProperties(AuthPipeline) (interface{}, error)
}

type JSONPatternMatchingRule

type JSONPatternMatchingRule struct {
	Selector string
	Operator string
	Value    string
}

func (*JSONPatternMatchingRule) EvaluateFor

func (rule *JSONPatternMatchingRule) EvaluateFor(jsonData string) (bool, error)

type JSONProperty

type JSONProperty struct {
	Name  string
	Value JSONValue
}

JSONProperty represents a name-value pair for a JSON property where the value can be a static value or a pattern for a value fetched dynamically from the authorization JSON

type JSONValue

type JSONValue struct {
	// Static value of the JSON property.
	Static interface{}
	// Resolves the value of the JSON property by fetching the pattern from the authorization JSON.
	Pattern string
}

func (*JSONValue) IsTemplate

func (v *JSONValue) IsTemplate() bool

IsTemplate tells whether a pattern is as a simple pattern or a template that mixes static value with variable placeholders that resolve to patterns. In case of a template that mixes no variable placeholder, but it contains nothing but a static string value, users should use `JSONValue.Static` instead of `JSONValue.Pattern`.

func (*JSONValue) ResolveFor

func (v *JSONValue) ResolveFor(jsonData string) interface{}

ResolveFor resolves a value for a given input JSON. For static values, it returns the value right away; for patterns, it magically decides whether to process as a simple pattern or as a template that mixes static value with variable placeholders that resolve to patterns. In case of a template that mixes no variable placeholder, but it contains nothing but a static string value, users should use `JSONValue.Static` instead of `JSONValue.Pattern`.

type NamedConfigEvaluator

type NamedConfigEvaluator interface {
	GetName() string
}

type Prioritizable

type Prioritizable interface {
	GetPriority() int
}

type ResponseConfigEvaluator

type ResponseConfigEvaluator interface {
	NamedConfigEvaluator
	GetWristbandIssuer() WristbandIssuer
}

type WristbandIssuer

type WristbandIssuer interface {
	AuthConfigEvaluator
	GetIssuer() string
	OpenIDConfig() (string, error)
	JWKS() (string, error)
}