Documentation ¶
Index ¶
- Constants
- Variables
- func RegisterAuthorizationServer(s grpc.ServiceRegistrar, srv AuthorizationServer)
- type AttributeContext
- func (*AttributeContext) Descriptor() ([]byte, []int)deprecated
- func (x *AttributeContext) GetContextExtensions() map[string]string
- func (x *AttributeContext) GetDestination() *AttributeContext_Peer
- func (x *AttributeContext) GetMetadataContext() *v3.Metadata
- func (x *AttributeContext) GetRequest() *AttributeContext_Request
- func (x *AttributeContext) GetRouteMetadataContext() *v3.Metadata
- func (x *AttributeContext) GetSource() *AttributeContext_Peer
- func (x *AttributeContext) GetTlsSession() *AttributeContext_TLSSession
- func (*AttributeContext) ProtoMessage()
- func (x *AttributeContext) ProtoReflect() protoreflect.Message
- func (x *AttributeContext) Reset()
- func (x *AttributeContext) String() string
- func (m *AttributeContext) Validate() error
- func (m *AttributeContext) ValidateAll() error
- type AttributeContextMultiError
- type AttributeContextValidationError
- func (e AttributeContextValidationError) Cause() error
- func (e AttributeContextValidationError) Error() string
- func (e AttributeContextValidationError) ErrorName() string
- func (e AttributeContextValidationError) Field() string
- func (e AttributeContextValidationError) Key() bool
- func (e AttributeContextValidationError) Reason() string
- type AttributeContext_HttpRequest
- func (*AttributeContext_HttpRequest) Descriptor() ([]byte, []int)deprecated
- func (x *AttributeContext_HttpRequest) GetBody() string
- func (x *AttributeContext_HttpRequest) GetFragment() string
- func (x *AttributeContext_HttpRequest) GetHeaderMap() *v3.HeaderMap
- func (x *AttributeContext_HttpRequest) GetHeaders() map[string]string
- func (x *AttributeContext_HttpRequest) GetHost() string
- func (x *AttributeContext_HttpRequest) GetId() string
- func (x *AttributeContext_HttpRequest) GetMethod() string
- func (x *AttributeContext_HttpRequest) GetPath() string
- func (x *AttributeContext_HttpRequest) GetProtocol() string
- func (x *AttributeContext_HttpRequest) GetQuery() string
- func (x *AttributeContext_HttpRequest) GetRawBody() []byte
- func (x *AttributeContext_HttpRequest) GetScheme() string
- func (x *AttributeContext_HttpRequest) GetSize() int64
- func (*AttributeContext_HttpRequest) ProtoMessage()
- func (x *AttributeContext_HttpRequest) ProtoReflect() protoreflect.Message
- func (x *AttributeContext_HttpRequest) Reset()
- func (x *AttributeContext_HttpRequest) String() string
- func (m *AttributeContext_HttpRequest) Validate() error
- func (m *AttributeContext_HttpRequest) ValidateAll() error
- type AttributeContext_HttpRequestMultiError
- type AttributeContext_HttpRequestValidationError
- func (e AttributeContext_HttpRequestValidationError) Cause() error
- func (e AttributeContext_HttpRequestValidationError) Error() string
- func (e AttributeContext_HttpRequestValidationError) ErrorName() string
- func (e AttributeContext_HttpRequestValidationError) Field() string
- func (e AttributeContext_HttpRequestValidationError) Key() bool
- func (e AttributeContext_HttpRequestValidationError) Reason() string
- type AttributeContext_Peer
- func (*AttributeContext_Peer) Descriptor() ([]byte, []int)deprecated
- func (x *AttributeContext_Peer) GetAddress() *v3.Address
- func (x *AttributeContext_Peer) GetCertificate() string
- func (x *AttributeContext_Peer) GetLabels() map[string]string
- func (x *AttributeContext_Peer) GetPrincipal() string
- func (x *AttributeContext_Peer) GetService() string
- func (*AttributeContext_Peer) ProtoMessage()
- func (x *AttributeContext_Peer) ProtoReflect() protoreflect.Message
- func (x *AttributeContext_Peer) Reset()
- func (x *AttributeContext_Peer) String() string
- func (m *AttributeContext_Peer) Validate() error
- func (m *AttributeContext_Peer) ValidateAll() error
- type AttributeContext_PeerMultiError
- type AttributeContext_PeerValidationError
- func (e AttributeContext_PeerValidationError) Cause() error
- func (e AttributeContext_PeerValidationError) Error() string
- func (e AttributeContext_PeerValidationError) ErrorName() string
- func (e AttributeContext_PeerValidationError) Field() string
- func (e AttributeContext_PeerValidationError) Key() bool
- func (e AttributeContext_PeerValidationError) Reason() string
- type AttributeContext_Request
- func (*AttributeContext_Request) Descriptor() ([]byte, []int)deprecated
- func (x *AttributeContext_Request) GetHttp() *AttributeContext_HttpRequest
- func (x *AttributeContext_Request) GetTime() *timestamppb.Timestamp
- func (*AttributeContext_Request) ProtoMessage()
- func (x *AttributeContext_Request) ProtoReflect() protoreflect.Message
- func (x *AttributeContext_Request) Reset()
- func (x *AttributeContext_Request) String() string
- func (m *AttributeContext_Request) Validate() error
- func (m *AttributeContext_Request) ValidateAll() error
- type AttributeContext_RequestMultiError
- type AttributeContext_RequestValidationError
- func (e AttributeContext_RequestValidationError) Cause() error
- func (e AttributeContext_RequestValidationError) Error() string
- func (e AttributeContext_RequestValidationError) ErrorName() string
- func (e AttributeContext_RequestValidationError) Field() string
- func (e AttributeContext_RequestValidationError) Key() bool
- func (e AttributeContext_RequestValidationError) Reason() string
- type AttributeContext_TLSSession
- func (*AttributeContext_TLSSession) Descriptor() ([]byte, []int)deprecated
- func (x *AttributeContext_TLSSession) GetSni() string
- func (*AttributeContext_TLSSession) ProtoMessage()
- func (x *AttributeContext_TLSSession) ProtoReflect() protoreflect.Message
- func (x *AttributeContext_TLSSession) Reset()
- func (x *AttributeContext_TLSSession) String() string
- func (m *AttributeContext_TLSSession) Validate() error
- func (m *AttributeContext_TLSSession) ValidateAll() error
- type AttributeContext_TLSSessionMultiError
- type AttributeContext_TLSSessionValidationError
- func (e AttributeContext_TLSSessionValidationError) Cause() error
- func (e AttributeContext_TLSSessionValidationError) Error() string
- func (e AttributeContext_TLSSessionValidationError) ErrorName() string
- func (e AttributeContext_TLSSessionValidationError) Field() string
- func (e AttributeContext_TLSSessionValidationError) Key() bool
- func (e AttributeContext_TLSSessionValidationError) Reason() string
- type AuthorizationClient
- type AuthorizationServer
- type CheckRequest
- func (*CheckRequest) Descriptor() ([]byte, []int)deprecated
- func (x *CheckRequest) GetAttributes() *AttributeContext
- func (*CheckRequest) ProtoMessage()
- func (x *CheckRequest) ProtoReflect() protoreflect.Message
- func (x *CheckRequest) Reset()
- func (x *CheckRequest) String() string
- func (m *CheckRequest) Validate() error
- func (m *CheckRequest) ValidateAll() error
- type CheckRequestMultiError
- type CheckRequestValidationError
- func (e CheckRequestValidationError) Cause() error
- func (e CheckRequestValidationError) Error() string
- func (e CheckRequestValidationError) ErrorName() string
- func (e CheckRequestValidationError) Field() string
- func (e CheckRequestValidationError) Key() bool
- func (e CheckRequestValidationError) Reason() string
- type CheckResponse
- func (*CheckResponse) Descriptor() ([]byte, []int)deprecated
- func (x *CheckResponse) GetDeniedResponse() *DeniedHttpResponse
- func (x *CheckResponse) GetDynamicMetadata() *structpb.Struct
- func (m *CheckResponse) GetHttpResponse() isCheckResponse_HttpResponse
- func (x *CheckResponse) GetOkResponse() *OkHttpResponse
- func (x *CheckResponse) GetStatus() *status.Status
- func (*CheckResponse) ProtoMessage()
- func (x *CheckResponse) ProtoReflect() protoreflect.Message
- func (x *CheckResponse) Reset()
- func (x *CheckResponse) String() string
- func (m *CheckResponse) Validate() error
- func (m *CheckResponse) ValidateAll() error
- type CheckResponseMultiError
- type CheckResponseValidationError
- func (e CheckResponseValidationError) Cause() error
- func (e CheckResponseValidationError) Error() string
- func (e CheckResponseValidationError) ErrorName() string
- func (e CheckResponseValidationError) Field() string
- func (e CheckResponseValidationError) Key() bool
- func (e CheckResponseValidationError) Reason() string
- type CheckResponse_DeniedResponse
- type CheckResponse_OkResponse
- type DeniedHttpResponse
- func (*DeniedHttpResponse) Descriptor() ([]byte, []int)deprecated
- func (x *DeniedHttpResponse) GetBody() string
- func (x *DeniedHttpResponse) GetHeaders() []*v31.HeaderValueOption
- func (x *DeniedHttpResponse) GetStatus() *v3.HttpStatus
- func (*DeniedHttpResponse) ProtoMessage()
- func (x *DeniedHttpResponse) ProtoReflect() protoreflect.Message
- func (x *DeniedHttpResponse) Reset()
- func (x *DeniedHttpResponse) String() string
- func (m *DeniedHttpResponse) Validate() error
- func (m *DeniedHttpResponse) ValidateAll() error
- type DeniedHttpResponseMultiError
- type DeniedHttpResponseValidationError
- func (e DeniedHttpResponseValidationError) Cause() error
- func (e DeniedHttpResponseValidationError) Error() string
- func (e DeniedHttpResponseValidationError) ErrorName() string
- func (e DeniedHttpResponseValidationError) Field() string
- func (e DeniedHttpResponseValidationError) Key() bool
- func (e DeniedHttpResponseValidationError) Reason() string
- type OkHttpResponse
- func (*OkHttpResponse) Descriptor() ([]byte, []int)deprecated
- func (x *OkHttpResponse) GetDynamicMetadata() *structpb.Structdeprecated
- func (x *OkHttpResponse) GetHeaders() []*v31.HeaderValueOption
- func (x *OkHttpResponse) GetHeadersToRemove() []string
- func (x *OkHttpResponse) GetQueryParametersToRemove() []string
- func (x *OkHttpResponse) GetQueryParametersToSet() []*v31.QueryParameter
- func (x *OkHttpResponse) GetResponseHeadersToAdd() []*v31.HeaderValueOption
- func (*OkHttpResponse) ProtoMessage()
- func (x *OkHttpResponse) ProtoReflect() protoreflect.Message
- func (x *OkHttpResponse) Reset()
- func (x *OkHttpResponse) String() string
- func (m *OkHttpResponse) Validate() error
- func (m *OkHttpResponse) ValidateAll() error
- type OkHttpResponseMultiError
- type OkHttpResponseValidationError
- func (e OkHttpResponseValidationError) Cause() error
- func (e OkHttpResponseValidationError) Error() string
- func (e OkHttpResponseValidationError) ErrorName() string
- func (e OkHttpResponseValidationError) Field() string
- func (e OkHttpResponseValidationError) Key() bool
- func (e OkHttpResponseValidationError) Reason() string
- type UnimplementedAuthorizationServer
- type UnsafeAuthorizationServer
Constants ¶
const (
Authorization_Check_FullMethodName = "/envoy.service.auth.v3.Authorization/Check"
)
Variables ¶
var Authorization_ServiceDesc = grpc.ServiceDesc{ ServiceName: "envoy.service.auth.v3.Authorization", HandlerType: (*AuthorizationServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "Check", Handler: _Authorization_Check_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "envoy/service/auth/v3/external_auth.proto", }
Authorization_ServiceDesc is the grpc.ServiceDesc for Authorization service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
var File_envoy_service_auth_v3_attribute_context_proto protoreflect.FileDescriptor
var File_envoy_service_auth_v3_external_auth_proto protoreflect.FileDescriptor
Functions ¶
func RegisterAuthorizationServer ¶
func RegisterAuthorizationServer(s grpc.ServiceRegistrar, srv AuthorizationServer)
Types ¶
type AttributeContext ¶
type AttributeContext struct { // The source of a network activity, such as starting a TCP connection. // In a multi hop network activity, the source represents the sender of the // last hop. Source *AttributeContext_Peer `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"` // The destination of a network activity, such as accepting a TCP connection. // In a multi hop network activity, the destination represents the receiver of // the last hop. Destination *AttributeContext_Peer `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"` // Represents a network request, such as an HTTP request. Request *AttributeContext_Request `protobuf:"bytes,4,opt,name=request,proto3" json:"request,omitempty"` // This is analogous to http_request.headers, however these contents will not be sent to the // upstream server. Context_extensions provide an extension mechanism for sending additional // information to the auth server without modifying the proto definition. It maps to the // internal opaque context in the filter chain. ContextExtensions map[string]string `` /* 201-byte string literal not displayed */ // Dynamic metadata associated with the request. MetadataContext *v3.Metadata `protobuf:"bytes,11,opt,name=metadata_context,json=metadataContext,proto3" json:"metadata_context,omitempty"` // Metadata associated with the selected route. RouteMetadataContext *v3.Metadata `protobuf:"bytes,13,opt,name=route_metadata_context,json=routeMetadataContext,proto3" json:"route_metadata_context,omitempty"` // TLS session details of the underlying connection. // This is not populated by default and will be populated only if the ext_authz filter has // been specifically configured to include this information. // For HTTP ext_authz, that requires :ref:`include_tls_session <config_http_filters_ext_authz>` // to be set to true. // For network ext_authz, that requires :ref:`include_tls_session <config_network_filters_ext_authz>` // to be set to true. TlsSession *AttributeContext_TLSSession `protobuf:"bytes,12,opt,name=tls_session,json=tlsSession,proto3" json:"tls_session,omitempty"` // contains filtered or unexported fields }
An attribute is a piece of metadata that describes an activity on a network. For example, the size of an HTTP request, or the status code of an HTTP response.
Each attribute has a type and a name, which is logically defined as a proto message field of the “AttributeContext“. The “AttributeContext“ is a collection of individual attributes supported by Envoy authorization system. [#comment: The following items are left out of this proto Request.Auth field for jwt tokens Request.Api for api management Origin peer that originated the request Caching Protocol request_context return values to inject back into the filter chain peer.claims -- from X.509 extensions Configuration - field mask to send - which return values from request_context are copied back - which return values are copied into request_headers] [#next-free-field: 14]
func (*AttributeContext) Descriptor
deprecated
func (*AttributeContext) Descriptor() ([]byte, []int)
Deprecated: Use AttributeContext.ProtoReflect.Descriptor instead.
func (*AttributeContext) GetContextExtensions ¶
func (x *AttributeContext) GetContextExtensions() map[string]string
func (*AttributeContext) GetDestination ¶
func (x *AttributeContext) GetDestination() *AttributeContext_Peer
func (*AttributeContext) GetMetadataContext ¶
func (x *AttributeContext) GetMetadataContext() *v3.Metadata
func (*AttributeContext) GetRequest ¶
func (x *AttributeContext) GetRequest() *AttributeContext_Request
func (*AttributeContext) GetRouteMetadataContext ¶
func (x *AttributeContext) GetRouteMetadataContext() *v3.Metadata
func (*AttributeContext) GetSource ¶
func (x *AttributeContext) GetSource() *AttributeContext_Peer
func (*AttributeContext) GetTlsSession ¶
func (x *AttributeContext) GetTlsSession() *AttributeContext_TLSSession
func (*AttributeContext) ProtoMessage ¶
func (*AttributeContext) ProtoMessage()
func (*AttributeContext) ProtoReflect ¶
func (x *AttributeContext) ProtoReflect() protoreflect.Message
func (*AttributeContext) Reset ¶
func (x *AttributeContext) Reset()
func (*AttributeContext) String ¶
func (x *AttributeContext) String() string
func (*AttributeContext) Validate ¶
func (m *AttributeContext) Validate() error
Validate checks the field values on AttributeContext with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*AttributeContext) ValidateAll ¶
func (m *AttributeContext) ValidateAll() error
ValidateAll checks the field values on AttributeContext with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AttributeContextMultiError, or nil if none found.
type AttributeContextMultiError ¶
type AttributeContextMultiError []error
AttributeContextMultiError is an error wrapping multiple validation errors returned by AttributeContext.ValidateAll() if the designated constraints aren't met.
func (AttributeContextMultiError) AllErrors ¶
func (m AttributeContextMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (AttributeContextMultiError) Error ¶
func (m AttributeContextMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type AttributeContextValidationError ¶
type AttributeContextValidationError struct {
// contains filtered or unexported fields
}
AttributeContextValidationError is the validation error returned by AttributeContext.Validate if the designated constraints aren't met.
func (AttributeContextValidationError) Cause ¶
func (e AttributeContextValidationError) Cause() error
Cause function returns cause value.
func (AttributeContextValidationError) Error ¶
func (e AttributeContextValidationError) Error() string
Error satisfies the builtin error interface
func (AttributeContextValidationError) ErrorName ¶
func (e AttributeContextValidationError) ErrorName() string
ErrorName returns error name.
func (AttributeContextValidationError) Field ¶
func (e AttributeContextValidationError) Field() string
Field function returns field value.
func (AttributeContextValidationError) Key ¶
func (e AttributeContextValidationError) Key() bool
Key function returns key value.
func (AttributeContextValidationError) Reason ¶
func (e AttributeContextValidationError) Reason() string
Reason function returns reason value.
type AttributeContext_HttpRequest ¶
type AttributeContext_HttpRequest struct { // The unique ID for a request, which can be propagated to downstream // systems. The ID should have low probability of collision // within a single day for a specific service. // For HTTP requests, it should be X-Request-ID or equivalent. Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // The HTTP request method, such as “GET“, “POST“. Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"` // The HTTP request headers. If multiple headers share the same key, they // must be merged according to the HTTP spec. All header keys must be // lower-cased, because HTTP header keys are case-insensitive. // Header value is encoded as UTF-8 string. Non-UTF-8 characters will be replaced by "!". // This field will not be set if // :ref:`encode_raw_headers <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.encode_raw_headers>` // is set to true. Headers map[string]string `` /* 155-byte string literal not displayed */ // A list of the raw HTTP request headers. This is used instead of // :ref:`headers <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.headers>` when // :ref:`encode_raw_headers <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.encode_raw_headers>` // is set to true. // // Note that this is not actually a map type. “header_map“ contains a single repeated field // “headers“. // // Here, only the “key“ and “raw_value“ fields will be populated for each HeaderValue, and // that is only when // :ref:`encode_raw_headers <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.encode_raw_headers>` // is set to true. // // Also, unlike the // :ref:`headers <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.headers>` // field, headers with the same key are not combined into a single comma separated header. HeaderMap *v3.HeaderMap `protobuf:"bytes,13,opt,name=header_map,json=headerMap,proto3" json:"header_map,omitempty"` // The request target, as it appears in the first line of the HTTP request. This includes // the URL path and query-string. No decoding is performed. Path string `protobuf:"bytes,4,opt,name=path,proto3" json:"path,omitempty"` // The HTTP request “Host“ or “:authority“ header value. Host string `protobuf:"bytes,5,opt,name=host,proto3" json:"host,omitempty"` // The HTTP URL scheme, such as “http“ and “https“. Scheme string `protobuf:"bytes,6,opt,name=scheme,proto3" json:"scheme,omitempty"` // This field is always empty, and exists for compatibility reasons. The HTTP URL query is // included in “path“ field. Query string `protobuf:"bytes,7,opt,name=query,proto3" json:"query,omitempty"` // This field is always empty, and exists for compatibility reasons. The URL fragment is // not submitted as part of HTTP requests; it is unknowable. Fragment string `protobuf:"bytes,8,opt,name=fragment,proto3" json:"fragment,omitempty"` // The HTTP request size in bytes. If unknown, it must be -1. Size int64 `protobuf:"varint,9,opt,name=size,proto3" json:"size,omitempty"` // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2". // // See :repo:`headers.h:ProtocolStrings <source/common/http/headers.h>` for a list of all // possible values. Protocol string `protobuf:"bytes,10,opt,name=protocol,proto3" json:"protocol,omitempty"` // The HTTP request body. Body string `protobuf:"bytes,11,opt,name=body,proto3" json:"body,omitempty"` // The HTTP request body in bytes. This is used instead of // :ref:`body <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.body>` when // :ref:`pack_as_bytes <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.BufferSettings.pack_as_bytes>` // is set to true. RawBody []byte `protobuf:"bytes,12,opt,name=raw_body,json=rawBody,proto3" json:"raw_body,omitempty"` // contains filtered or unexported fields }
This message defines attributes for an HTTP request. HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. [#next-free-field: 14]
func (*AttributeContext_HttpRequest) Descriptor
deprecated
func (*AttributeContext_HttpRequest) Descriptor() ([]byte, []int)
Deprecated: Use AttributeContext_HttpRequest.ProtoReflect.Descriptor instead.
func (*AttributeContext_HttpRequest) GetBody ¶
func (x *AttributeContext_HttpRequest) GetBody() string
func (*AttributeContext_HttpRequest) GetFragment ¶
func (x *AttributeContext_HttpRequest) GetFragment() string
func (*AttributeContext_HttpRequest) GetHeaderMap ¶
func (x *AttributeContext_HttpRequest) GetHeaderMap() *v3.HeaderMap
func (*AttributeContext_HttpRequest) GetHeaders ¶
func (x *AttributeContext_HttpRequest) GetHeaders() map[string]string
func (*AttributeContext_HttpRequest) GetHost ¶
func (x *AttributeContext_HttpRequest) GetHost() string
func (*AttributeContext_HttpRequest) GetId ¶
func (x *AttributeContext_HttpRequest) GetId() string
func (*AttributeContext_HttpRequest) GetMethod ¶
func (x *AttributeContext_HttpRequest) GetMethod() string
func (*AttributeContext_HttpRequest) GetPath ¶
func (x *AttributeContext_HttpRequest) GetPath() string
func (*AttributeContext_HttpRequest) GetProtocol ¶
func (x *AttributeContext_HttpRequest) GetProtocol() string
func (*AttributeContext_HttpRequest) GetQuery ¶
func (x *AttributeContext_HttpRequest) GetQuery() string
func (*AttributeContext_HttpRequest) GetRawBody ¶
func (x *AttributeContext_HttpRequest) GetRawBody() []byte
func (*AttributeContext_HttpRequest) GetScheme ¶
func (x *AttributeContext_HttpRequest) GetScheme() string
func (*AttributeContext_HttpRequest) GetSize ¶
func (x *AttributeContext_HttpRequest) GetSize() int64
func (*AttributeContext_HttpRequest) ProtoMessage ¶
func (*AttributeContext_HttpRequest) ProtoMessage()
func (*AttributeContext_HttpRequest) ProtoReflect ¶
func (x *AttributeContext_HttpRequest) ProtoReflect() protoreflect.Message
func (*AttributeContext_HttpRequest) Reset ¶
func (x *AttributeContext_HttpRequest) Reset()
func (*AttributeContext_HttpRequest) String ¶
func (x *AttributeContext_HttpRequest) String() string
func (*AttributeContext_HttpRequest) Validate ¶
func (m *AttributeContext_HttpRequest) Validate() error
Validate checks the field values on AttributeContext_HttpRequest with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*AttributeContext_HttpRequest) ValidateAll ¶
func (m *AttributeContext_HttpRequest) ValidateAll() error
ValidateAll checks the field values on AttributeContext_HttpRequest with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AttributeContext_HttpRequestMultiError, or nil if none found.
type AttributeContext_HttpRequestMultiError ¶
type AttributeContext_HttpRequestMultiError []error
AttributeContext_HttpRequestMultiError is an error wrapping multiple validation errors returned by AttributeContext_HttpRequest.ValidateAll() if the designated constraints aren't met.
func (AttributeContext_HttpRequestMultiError) AllErrors ¶
func (m AttributeContext_HttpRequestMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (AttributeContext_HttpRequestMultiError) Error ¶
func (m AttributeContext_HttpRequestMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type AttributeContext_HttpRequestValidationError ¶
type AttributeContext_HttpRequestValidationError struct {
// contains filtered or unexported fields
}
AttributeContext_HttpRequestValidationError is the validation error returned by AttributeContext_HttpRequest.Validate if the designated constraints aren't met.
func (AttributeContext_HttpRequestValidationError) Cause ¶
func (e AttributeContext_HttpRequestValidationError) Cause() error
Cause function returns cause value.
func (AttributeContext_HttpRequestValidationError) Error ¶
func (e AttributeContext_HttpRequestValidationError) Error() string
Error satisfies the builtin error interface
func (AttributeContext_HttpRequestValidationError) ErrorName ¶
func (e AttributeContext_HttpRequestValidationError) ErrorName() string
ErrorName returns error name.
func (AttributeContext_HttpRequestValidationError) Field ¶
func (e AttributeContext_HttpRequestValidationError) Field() string
Field function returns field value.
func (AttributeContext_HttpRequestValidationError) Key ¶
func (e AttributeContext_HttpRequestValidationError) Key() bool
Key function returns key value.
func (AttributeContext_HttpRequestValidationError) Reason ¶
func (e AttributeContext_HttpRequestValidationError) Reason() string
Reason function returns reason value.
type AttributeContext_Peer ¶
type AttributeContext_Peer struct { // The address of the peer, this is typically the IP address. // It can also be UDS path, or others. Address *v3.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` // The canonical service name of the peer. // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster // <config_http_conn_man_headers_downstream-service-cluster>` // If a more trusted source of the service name is available through mTLS/secure naming, it // should be used. Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"` // The labels associated with the peer. // These could be pod labels for Kubernetes or tags for VMs. // The source of the labels could be an X.509 certificate or other configuration. Labels map[string]string `` /* 153-byte string literal not displayed */ // The authenticated identity of this peer. // For example, the identity associated with the workload such as a service account. // If an X.509 certificate is used to assert the identity this field should be sourced from // “URI Subject Alternative Names“, “DNS Subject Alternate Names“ or “Subject“ in that order. // The primary identity should be the principal. The principal format is issuer specific. // // Examples: // // - SPIFFE format is “spiffe://trust-domain/path“. // - Google account format is “https://accounts.google.com/{userid}“. Principal string `protobuf:"bytes,4,opt,name=principal,proto3" json:"principal,omitempty"` // The X.509 certificate used to authenticate the identify of this peer. // When present, the certificate contents are encoded in URL and PEM format. Certificate string `protobuf:"bytes,5,opt,name=certificate,proto3" json:"certificate,omitempty"` // contains filtered or unexported fields }
This message defines attributes for a node that handles a network request. The node can be either a service or an application that sends, forwards, or receives the request. Service peers should fill in the “service“, “principal“, and “labels“ as appropriate. [#next-free-field: 6]
func (*AttributeContext_Peer) Descriptor
deprecated
func (*AttributeContext_Peer) Descriptor() ([]byte, []int)
Deprecated: Use AttributeContext_Peer.ProtoReflect.Descriptor instead.
func (*AttributeContext_Peer) GetAddress ¶
func (x *AttributeContext_Peer) GetAddress() *v3.Address
func (*AttributeContext_Peer) GetCertificate ¶
func (x *AttributeContext_Peer) GetCertificate() string
func (*AttributeContext_Peer) GetLabels ¶
func (x *AttributeContext_Peer) GetLabels() map[string]string
func (*AttributeContext_Peer) GetPrincipal ¶
func (x *AttributeContext_Peer) GetPrincipal() string
func (*AttributeContext_Peer) GetService ¶
func (x *AttributeContext_Peer) GetService() string
func (*AttributeContext_Peer) ProtoMessage ¶
func (*AttributeContext_Peer) ProtoMessage()
func (*AttributeContext_Peer) ProtoReflect ¶
func (x *AttributeContext_Peer) ProtoReflect() protoreflect.Message
func (*AttributeContext_Peer) Reset ¶
func (x *AttributeContext_Peer) Reset()
func (*AttributeContext_Peer) String ¶
func (x *AttributeContext_Peer) String() string
func (*AttributeContext_Peer) Validate ¶
func (m *AttributeContext_Peer) Validate() error
Validate checks the field values on AttributeContext_Peer with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*AttributeContext_Peer) ValidateAll ¶
func (m *AttributeContext_Peer) ValidateAll() error
ValidateAll checks the field values on AttributeContext_Peer with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AttributeContext_PeerMultiError, or nil if none found.
type AttributeContext_PeerMultiError ¶
type AttributeContext_PeerMultiError []error
AttributeContext_PeerMultiError is an error wrapping multiple validation errors returned by AttributeContext_Peer.ValidateAll() if the designated constraints aren't met.
func (AttributeContext_PeerMultiError) AllErrors ¶
func (m AttributeContext_PeerMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (AttributeContext_PeerMultiError) Error ¶
func (m AttributeContext_PeerMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type AttributeContext_PeerValidationError ¶
type AttributeContext_PeerValidationError struct {
// contains filtered or unexported fields
}
AttributeContext_PeerValidationError is the validation error returned by AttributeContext_Peer.Validate if the designated constraints aren't met.
func (AttributeContext_PeerValidationError) Cause ¶
func (e AttributeContext_PeerValidationError) Cause() error
Cause function returns cause value.
func (AttributeContext_PeerValidationError) Error ¶
func (e AttributeContext_PeerValidationError) Error() string
Error satisfies the builtin error interface
func (AttributeContext_PeerValidationError) ErrorName ¶
func (e AttributeContext_PeerValidationError) ErrorName() string
ErrorName returns error name.
func (AttributeContext_PeerValidationError) Field ¶
func (e AttributeContext_PeerValidationError) Field() string
Field function returns field value.
func (AttributeContext_PeerValidationError) Key ¶
func (e AttributeContext_PeerValidationError) Key() bool
Key function returns key value.
func (AttributeContext_PeerValidationError) Reason ¶
func (e AttributeContext_PeerValidationError) Reason() string
Reason function returns reason value.
type AttributeContext_Request ¶
type AttributeContext_Request struct { // The timestamp when the proxy receives the first byte of the request. Time *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=time,proto3" json:"time,omitempty"` // Represents an HTTP request or an HTTP-like request. Http *AttributeContext_HttpRequest `protobuf:"bytes,2,opt,name=http,proto3" json:"http,omitempty"` // contains filtered or unexported fields }
Represents a network request, such as an HTTP request.
func (*AttributeContext_Request) Descriptor
deprecated
func (*AttributeContext_Request) Descriptor() ([]byte, []int)
Deprecated: Use AttributeContext_Request.ProtoReflect.Descriptor instead.
func (*AttributeContext_Request) GetHttp ¶
func (x *AttributeContext_Request) GetHttp() *AttributeContext_HttpRequest
func (*AttributeContext_Request) GetTime ¶
func (x *AttributeContext_Request) GetTime() *timestamppb.Timestamp
func (*AttributeContext_Request) ProtoMessage ¶
func (*AttributeContext_Request) ProtoMessage()
func (*AttributeContext_Request) ProtoReflect ¶
func (x *AttributeContext_Request) ProtoReflect() protoreflect.Message
func (*AttributeContext_Request) Reset ¶
func (x *AttributeContext_Request) Reset()
func (*AttributeContext_Request) String ¶
func (x *AttributeContext_Request) String() string
func (*AttributeContext_Request) Validate ¶
func (m *AttributeContext_Request) Validate() error
Validate checks the field values on AttributeContext_Request with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*AttributeContext_Request) ValidateAll ¶
func (m *AttributeContext_Request) ValidateAll() error
ValidateAll checks the field values on AttributeContext_Request with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AttributeContext_RequestMultiError, or nil if none found.
type AttributeContext_RequestMultiError ¶
type AttributeContext_RequestMultiError []error
AttributeContext_RequestMultiError is an error wrapping multiple validation errors returned by AttributeContext_Request.ValidateAll() if the designated constraints aren't met.
func (AttributeContext_RequestMultiError) AllErrors ¶
func (m AttributeContext_RequestMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (AttributeContext_RequestMultiError) Error ¶
func (m AttributeContext_RequestMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type AttributeContext_RequestValidationError ¶
type AttributeContext_RequestValidationError struct {
// contains filtered or unexported fields
}
AttributeContext_RequestValidationError is the validation error returned by AttributeContext_Request.Validate if the designated constraints aren't met.
func (AttributeContext_RequestValidationError) Cause ¶
func (e AttributeContext_RequestValidationError) Cause() error
Cause function returns cause value.
func (AttributeContext_RequestValidationError) Error ¶
func (e AttributeContext_RequestValidationError) Error() string
Error satisfies the builtin error interface
func (AttributeContext_RequestValidationError) ErrorName ¶
func (e AttributeContext_RequestValidationError) ErrorName() string
ErrorName returns error name.
func (AttributeContext_RequestValidationError) Field ¶
func (e AttributeContext_RequestValidationError) Field() string
Field function returns field value.
func (AttributeContext_RequestValidationError) Key ¶
func (e AttributeContext_RequestValidationError) Key() bool
Key function returns key value.
func (AttributeContext_RequestValidationError) Reason ¶
func (e AttributeContext_RequestValidationError) Reason() string
Reason function returns reason value.
type AttributeContext_TLSSession ¶
type AttributeContext_TLSSession struct { // SNI used for TLS session. Sni string `protobuf:"bytes,1,opt,name=sni,proto3" json:"sni,omitempty"` // contains filtered or unexported fields }
This message defines attributes for the underlying TLS session.
func (*AttributeContext_TLSSession) Descriptor
deprecated
func (*AttributeContext_TLSSession) Descriptor() ([]byte, []int)
Deprecated: Use AttributeContext_TLSSession.ProtoReflect.Descriptor instead.
func (*AttributeContext_TLSSession) GetSni ¶
func (x *AttributeContext_TLSSession) GetSni() string
func (*AttributeContext_TLSSession) ProtoMessage ¶
func (*AttributeContext_TLSSession) ProtoMessage()
func (*AttributeContext_TLSSession) ProtoReflect ¶
func (x *AttributeContext_TLSSession) ProtoReflect() protoreflect.Message
func (*AttributeContext_TLSSession) Reset ¶
func (x *AttributeContext_TLSSession) Reset()
func (*AttributeContext_TLSSession) String ¶
func (x *AttributeContext_TLSSession) String() string
func (*AttributeContext_TLSSession) Validate ¶
func (m *AttributeContext_TLSSession) Validate() error
Validate checks the field values on AttributeContext_TLSSession with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*AttributeContext_TLSSession) ValidateAll ¶
func (m *AttributeContext_TLSSession) ValidateAll() error
ValidateAll checks the field values on AttributeContext_TLSSession with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AttributeContext_TLSSessionMultiError, or nil if none found.
type AttributeContext_TLSSessionMultiError ¶
type AttributeContext_TLSSessionMultiError []error
AttributeContext_TLSSessionMultiError is an error wrapping multiple validation errors returned by AttributeContext_TLSSession.ValidateAll() if the designated constraints aren't met.
func (AttributeContext_TLSSessionMultiError) AllErrors ¶
func (m AttributeContext_TLSSessionMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (AttributeContext_TLSSessionMultiError) Error ¶
func (m AttributeContext_TLSSessionMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type AttributeContext_TLSSessionValidationError ¶
type AttributeContext_TLSSessionValidationError struct {
// contains filtered or unexported fields
}
AttributeContext_TLSSessionValidationError is the validation error returned by AttributeContext_TLSSession.Validate if the designated constraints aren't met.
func (AttributeContext_TLSSessionValidationError) Cause ¶
func (e AttributeContext_TLSSessionValidationError) Cause() error
Cause function returns cause value.
func (AttributeContext_TLSSessionValidationError) Error ¶
func (e AttributeContext_TLSSessionValidationError) Error() string
Error satisfies the builtin error interface
func (AttributeContext_TLSSessionValidationError) ErrorName ¶
func (e AttributeContext_TLSSessionValidationError) ErrorName() string
ErrorName returns error name.
func (AttributeContext_TLSSessionValidationError) Field ¶
func (e AttributeContext_TLSSessionValidationError) Field() string
Field function returns field value.
func (AttributeContext_TLSSessionValidationError) Key ¶
func (e AttributeContext_TLSSessionValidationError) Key() bool
Key function returns key value.
func (AttributeContext_TLSSessionValidationError) Reason ¶
func (e AttributeContext_TLSSessionValidationError) Reason() string
Reason function returns reason value.
type AuthorizationClient ¶
type AuthorizationClient interface { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error) }
AuthorizationClient is the client API for Authorization service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewAuthorizationClient ¶
func NewAuthorizationClient(cc grpc.ClientConnInterface) AuthorizationClient
type AuthorizationServer ¶
type AuthorizationServer interface { // Performs authorization check based on the attributes associated with the // incoming request, and returns status `OK` or not `OK`. Check(context.Context, *CheckRequest) (*CheckResponse, error) }
AuthorizationServer is the server API for Authorization service. All implementations should embed UnimplementedAuthorizationServer for forward compatibility
type CheckRequest ¶
type CheckRequest struct { // The request attributes. Attributes *AttributeContext `protobuf:"bytes,1,opt,name=attributes,proto3" json:"attributes,omitempty"` // contains filtered or unexported fields }
func (*CheckRequest) Descriptor
deprecated
func (*CheckRequest) Descriptor() ([]byte, []int)
Deprecated: Use CheckRequest.ProtoReflect.Descriptor instead.
func (*CheckRequest) GetAttributes ¶
func (x *CheckRequest) GetAttributes() *AttributeContext
func (*CheckRequest) ProtoMessage ¶
func (*CheckRequest) ProtoMessage()
func (*CheckRequest) ProtoReflect ¶
func (x *CheckRequest) ProtoReflect() protoreflect.Message
func (*CheckRequest) Reset ¶
func (x *CheckRequest) Reset()
func (*CheckRequest) String ¶
func (x *CheckRequest) String() string
func (*CheckRequest) Validate ¶
func (m *CheckRequest) Validate() error
Validate checks the field values on CheckRequest with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*CheckRequest) ValidateAll ¶
func (m *CheckRequest) ValidateAll() error
ValidateAll checks the field values on CheckRequest with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in CheckRequestMultiError, or nil if none found.
type CheckRequestMultiError ¶
type CheckRequestMultiError []error
CheckRequestMultiError is an error wrapping multiple validation errors returned by CheckRequest.ValidateAll() if the designated constraints aren't met.
func (CheckRequestMultiError) AllErrors ¶
func (m CheckRequestMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (CheckRequestMultiError) Error ¶
func (m CheckRequestMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type CheckRequestValidationError ¶
type CheckRequestValidationError struct {
// contains filtered or unexported fields
}
CheckRequestValidationError is the validation error returned by CheckRequest.Validate if the designated constraints aren't met.
func (CheckRequestValidationError) Cause ¶
func (e CheckRequestValidationError) Cause() error
Cause function returns cause value.
func (CheckRequestValidationError) Error ¶
func (e CheckRequestValidationError) Error() string
Error satisfies the builtin error interface
func (CheckRequestValidationError) ErrorName ¶
func (e CheckRequestValidationError) ErrorName() string
ErrorName returns error name.
func (CheckRequestValidationError) Field ¶
func (e CheckRequestValidationError) Field() string
Field function returns field value.
func (CheckRequestValidationError) Key ¶
func (e CheckRequestValidationError) Key() bool
Key function returns key value.
func (CheckRequestValidationError) Reason ¶
func (e CheckRequestValidationError) Reason() string
Reason function returns reason value.
type CheckResponse ¶
type CheckResponse struct { // Status “OK“ allows the request. Any other status indicates the request should be denied, and // for HTTP filter, if not overridden by :ref:`denied HTTP response status <envoy_v3_api_field_service.auth.v3.DeniedHttpResponse.status>` // Envoy sends “403 Forbidden“ HTTP status code by default. Status *status.Status `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"` // An message that contains HTTP response attributes. This message is // used when the authorization service needs to send custom responses to the // downstream client or, to modify/add request headers being dispatched to the upstream. // // Types that are assignable to HttpResponse: // // *CheckResponse_DeniedResponse // *CheckResponse_OkResponse HttpResponse isCheckResponse_HttpResponse `protobuf_oneof:"http_response"` // Optional response metadata that will be emitted as dynamic metadata to be consumed by the next // filter. This metadata lives in a namespace specified by the canonical name of extension filter // that requires it: // // - :ref:`envoy.filters.http.ext_authz <config_http_filters_ext_authz_dynamic_metadata>` for HTTP filter. // - :ref:`envoy.filters.network.ext_authz <config_network_filters_ext_authz_dynamic_metadata>` for network filter. DynamicMetadata *structpb.Struct `protobuf:"bytes,4,opt,name=dynamic_metadata,json=dynamicMetadata,proto3" json:"dynamic_metadata,omitempty"` // contains filtered or unexported fields }
Intended for gRPC and Network Authorization servers “only“.
func (*CheckResponse) Descriptor
deprecated
func (*CheckResponse) Descriptor() ([]byte, []int)
Deprecated: Use CheckResponse.ProtoReflect.Descriptor instead.
func (*CheckResponse) GetDeniedResponse ¶
func (x *CheckResponse) GetDeniedResponse() *DeniedHttpResponse
func (*CheckResponse) GetDynamicMetadata ¶
func (x *CheckResponse) GetDynamicMetadata() *structpb.Struct
func (*CheckResponse) GetHttpResponse ¶
func (m *CheckResponse) GetHttpResponse() isCheckResponse_HttpResponse
func (*CheckResponse) GetOkResponse ¶
func (x *CheckResponse) GetOkResponse() *OkHttpResponse
func (*CheckResponse) GetStatus ¶
func (x *CheckResponse) GetStatus() *status.Status
func (*CheckResponse) ProtoMessage ¶
func (*CheckResponse) ProtoMessage()
func (*CheckResponse) ProtoReflect ¶
func (x *CheckResponse) ProtoReflect() protoreflect.Message
func (*CheckResponse) Reset ¶
func (x *CheckResponse) Reset()
func (*CheckResponse) String ¶
func (x *CheckResponse) String() string
func (*CheckResponse) Validate ¶
func (m *CheckResponse) Validate() error
Validate checks the field values on CheckResponse with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*CheckResponse) ValidateAll ¶
func (m *CheckResponse) ValidateAll() error
ValidateAll checks the field values on CheckResponse with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in CheckResponseMultiError, or nil if none found.
type CheckResponseMultiError ¶
type CheckResponseMultiError []error
CheckResponseMultiError is an error wrapping multiple validation errors returned by CheckResponse.ValidateAll() if the designated constraints aren't met.
func (CheckResponseMultiError) AllErrors ¶
func (m CheckResponseMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (CheckResponseMultiError) Error ¶
func (m CheckResponseMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type CheckResponseValidationError ¶
type CheckResponseValidationError struct {
// contains filtered or unexported fields
}
CheckResponseValidationError is the validation error returned by CheckResponse.Validate if the designated constraints aren't met.
func (CheckResponseValidationError) Cause ¶
func (e CheckResponseValidationError) Cause() error
Cause function returns cause value.
func (CheckResponseValidationError) Error ¶
func (e CheckResponseValidationError) Error() string
Error satisfies the builtin error interface
func (CheckResponseValidationError) ErrorName ¶
func (e CheckResponseValidationError) ErrorName() string
ErrorName returns error name.
func (CheckResponseValidationError) Field ¶
func (e CheckResponseValidationError) Field() string
Field function returns field value.
func (CheckResponseValidationError) Key ¶
func (e CheckResponseValidationError) Key() bool
Key function returns key value.
func (CheckResponseValidationError) Reason ¶
func (e CheckResponseValidationError) Reason() string
Reason function returns reason value.
type CheckResponse_DeniedResponse ¶
type CheckResponse_DeniedResponse struct { // Supplies http attributes for a denied response. DeniedResponse *DeniedHttpResponse `protobuf:"bytes,2,opt,name=denied_response,json=deniedResponse,proto3,oneof"` }
type CheckResponse_OkResponse ¶
type CheckResponse_OkResponse struct { // Supplies http attributes for an ok response. OkResponse *OkHttpResponse `protobuf:"bytes,3,opt,name=ok_response,json=okResponse,proto3,oneof"` }
type DeniedHttpResponse ¶
type DeniedHttpResponse struct { // This field allows the authorization service to send an HTTP response status code to the // downstream client. If not set, Envoy sends “403 Forbidden“ HTTP status code by default. Status *v3.HttpStatus `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"` // This field allows the authorization service to send HTTP response headers // to the downstream client. Note that the :ref:`append field in HeaderValueOption <envoy_v3_api_field_config.core.v3.HeaderValueOption.append>` defaults to // false when used in this message. Headers []*v31.HeaderValueOption `protobuf:"bytes,2,rep,name=headers,proto3" json:"headers,omitempty"` // This field allows the authorization service to send a response body data // to the downstream client. Body string `protobuf:"bytes,3,opt,name=body,proto3" json:"body,omitempty"` // contains filtered or unexported fields }
HTTP attributes for a denied response.
func (*DeniedHttpResponse) Descriptor
deprecated
func (*DeniedHttpResponse) Descriptor() ([]byte, []int)
Deprecated: Use DeniedHttpResponse.ProtoReflect.Descriptor instead.
func (*DeniedHttpResponse) GetBody ¶
func (x *DeniedHttpResponse) GetBody() string
func (*DeniedHttpResponse) GetHeaders ¶
func (x *DeniedHttpResponse) GetHeaders() []*v31.HeaderValueOption
func (*DeniedHttpResponse) GetStatus ¶
func (x *DeniedHttpResponse) GetStatus() *v3.HttpStatus
func (*DeniedHttpResponse) ProtoMessage ¶
func (*DeniedHttpResponse) ProtoMessage()
func (*DeniedHttpResponse) ProtoReflect ¶
func (x *DeniedHttpResponse) ProtoReflect() protoreflect.Message
func (*DeniedHttpResponse) Reset ¶
func (x *DeniedHttpResponse) Reset()
func (*DeniedHttpResponse) String ¶
func (x *DeniedHttpResponse) String() string
func (*DeniedHttpResponse) Validate ¶
func (m *DeniedHttpResponse) Validate() error
Validate checks the field values on DeniedHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*DeniedHttpResponse) ValidateAll ¶
func (m *DeniedHttpResponse) ValidateAll() error
ValidateAll checks the field values on DeniedHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in DeniedHttpResponseMultiError, or nil if none found.
type DeniedHttpResponseMultiError ¶
type DeniedHttpResponseMultiError []error
DeniedHttpResponseMultiError is an error wrapping multiple validation errors returned by DeniedHttpResponse.ValidateAll() if the designated constraints aren't met.
func (DeniedHttpResponseMultiError) AllErrors ¶
func (m DeniedHttpResponseMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (DeniedHttpResponseMultiError) Error ¶
func (m DeniedHttpResponseMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type DeniedHttpResponseValidationError ¶
type DeniedHttpResponseValidationError struct {
// contains filtered or unexported fields
}
DeniedHttpResponseValidationError is the validation error returned by DeniedHttpResponse.Validate if the designated constraints aren't met.
func (DeniedHttpResponseValidationError) Cause ¶
func (e DeniedHttpResponseValidationError) Cause() error
Cause function returns cause value.
func (DeniedHttpResponseValidationError) Error ¶
func (e DeniedHttpResponseValidationError) Error() string
Error satisfies the builtin error interface
func (DeniedHttpResponseValidationError) ErrorName ¶
func (e DeniedHttpResponseValidationError) ErrorName() string
ErrorName returns error name.
func (DeniedHttpResponseValidationError) Field ¶
func (e DeniedHttpResponseValidationError) Field() string
Field function returns field value.
func (DeniedHttpResponseValidationError) Key ¶
func (e DeniedHttpResponseValidationError) Key() bool
Key function returns key value.
func (DeniedHttpResponseValidationError) Reason ¶
func (e DeniedHttpResponseValidationError) Reason() string
Reason function returns reason value.
type OkHttpResponse ¶
type OkHttpResponse struct { // HTTP entity headers in addition to the original request headers. This allows the authorization // service to append, to add or to override headers from the original request before // dispatching it to the upstream. Note that the :ref:`append field in HeaderValueOption <envoy_v3_api_field_config.core.v3.HeaderValueOption.append>` defaults to // false when used in this message. By setting the “append“ field to “true“, // the filter will append the correspondent header value to the matched request header. // By leaving “append“ as false, the filter will either add a new header, or override an existing // one if there is a match. Headers []*v31.HeaderValueOption `protobuf:"bytes,2,rep,name=headers,proto3" json:"headers,omitempty"` // HTTP entity headers to remove from the original request before dispatching // it to the upstream. This allows the authorization service to act on auth // related headers (like “Authorization“), process them, and consume them. // Under this model, the upstream will either receive the request (if it's // authorized) or not receive it (if it's not), but will not see headers // containing authorization credentials. // // Pseudo headers (such as “:authority“, “:method“, “:path“ etc), as well as // the header “Host“, may not be removed as that would make the request // malformed. If mentioned in “headers_to_remove“ these special headers will // be ignored. // // When using the HTTP service this must instead be set by the HTTP // authorization service as a comma separated list like so: // “x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header“. HeadersToRemove []string `protobuf:"bytes,5,rep,name=headers_to_remove,json=headersToRemove,proto3" json:"headers_to_remove,omitempty"` // This field has been deprecated in favor of :ref:`CheckResponse.dynamic_metadata // <envoy_v3_api_field_service.auth.v3.CheckResponse.dynamic_metadata>`. Until it is removed, // setting this field overrides :ref:`CheckResponse.dynamic_metadata // <envoy_v3_api_field_service.auth.v3.CheckResponse.dynamic_metadata>`. // // Deprecated: Marked as deprecated in envoy/service/auth/v3/external_auth.proto. DynamicMetadata *structpb.Struct `protobuf:"bytes,3,opt,name=dynamic_metadata,json=dynamicMetadata,proto3" json:"dynamic_metadata,omitempty"` // This field allows the authorization service to send HTTP response headers // to the downstream client on success. Note that the :ref:`append field in HeaderValueOption <envoy_v3_api_field_config.core.v3.HeaderValueOption.append>` // defaults to false when used in this message. ResponseHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,6,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"` // This field allows the authorization service to set (and overwrite) query // string parameters on the original request before it is sent upstream. QueryParametersToSet []*v31.QueryParameter `protobuf:"bytes,7,rep,name=query_parameters_to_set,json=queryParametersToSet,proto3" json:"query_parameters_to_set,omitempty"` // This field allows the authorization service to specify which query parameters // should be removed from the original request before it is sent upstream. Each // element in this list is a case-sensitive query parameter name to be removed. QueryParametersToRemove []string `` /* 134-byte string literal not displayed */ // contains filtered or unexported fields }
HTTP attributes for an OK response. [#next-free-field: 9]
func (*OkHttpResponse) Descriptor
deprecated
func (*OkHttpResponse) Descriptor() ([]byte, []int)
Deprecated: Use OkHttpResponse.ProtoReflect.Descriptor instead.
func (*OkHttpResponse) GetDynamicMetadata
deprecated
func (x *OkHttpResponse) GetDynamicMetadata() *structpb.Struct
Deprecated: Marked as deprecated in envoy/service/auth/v3/external_auth.proto.
func (*OkHttpResponse) GetHeaders ¶
func (x *OkHttpResponse) GetHeaders() []*v31.HeaderValueOption
func (*OkHttpResponse) GetHeadersToRemove ¶
func (x *OkHttpResponse) GetHeadersToRemove() []string
func (*OkHttpResponse) GetQueryParametersToRemove ¶
func (x *OkHttpResponse) GetQueryParametersToRemove() []string
func (*OkHttpResponse) GetQueryParametersToSet ¶
func (x *OkHttpResponse) GetQueryParametersToSet() []*v31.QueryParameter
func (*OkHttpResponse) GetResponseHeadersToAdd ¶
func (x *OkHttpResponse) GetResponseHeadersToAdd() []*v31.HeaderValueOption
func (*OkHttpResponse) ProtoMessage ¶
func (*OkHttpResponse) ProtoMessage()
func (*OkHttpResponse) ProtoReflect ¶
func (x *OkHttpResponse) ProtoReflect() protoreflect.Message
func (*OkHttpResponse) Reset ¶
func (x *OkHttpResponse) Reset()
func (*OkHttpResponse) String ¶
func (x *OkHttpResponse) String() string
func (*OkHttpResponse) Validate ¶
func (m *OkHttpResponse) Validate() error
Validate checks the field values on OkHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.
func (*OkHttpResponse) ValidateAll ¶
func (m *OkHttpResponse) ValidateAll() error
ValidateAll checks the field values on OkHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in OkHttpResponseMultiError, or nil if none found.
type OkHttpResponseMultiError ¶
type OkHttpResponseMultiError []error
OkHttpResponseMultiError is an error wrapping multiple validation errors returned by OkHttpResponse.ValidateAll() if the designated constraints aren't met.
func (OkHttpResponseMultiError) AllErrors ¶
func (m OkHttpResponseMultiError) AllErrors() []error
AllErrors returns a list of validation violation errors.
func (OkHttpResponseMultiError) Error ¶
func (m OkHttpResponseMultiError) Error() string
Error returns a concatenation of all the error messages it wraps.
type OkHttpResponseValidationError ¶
type OkHttpResponseValidationError struct {
// contains filtered or unexported fields
}
OkHttpResponseValidationError is the validation error returned by OkHttpResponse.Validate if the designated constraints aren't met.
func (OkHttpResponseValidationError) Cause ¶
func (e OkHttpResponseValidationError) Cause() error
Cause function returns cause value.
func (OkHttpResponseValidationError) Error ¶
func (e OkHttpResponseValidationError) Error() string
Error satisfies the builtin error interface
func (OkHttpResponseValidationError) ErrorName ¶
func (e OkHttpResponseValidationError) ErrorName() string
ErrorName returns error name.
func (OkHttpResponseValidationError) Field ¶
func (e OkHttpResponseValidationError) Field() string
Field function returns field value.
func (OkHttpResponseValidationError) Key ¶
func (e OkHttpResponseValidationError) Key() bool
Key function returns key value.
func (OkHttpResponseValidationError) Reason ¶
func (e OkHttpResponseValidationError) Reason() string
Reason function returns reason value.
type UnimplementedAuthorizationServer ¶
type UnimplementedAuthorizationServer struct { }
UnimplementedAuthorizationServer should be embedded to have forward compatible implementations.
func (UnimplementedAuthorizationServer) Check ¶
func (UnimplementedAuthorizationServer) Check(context.Context, *CheckRequest) (*CheckResponse, error)
type UnsafeAuthorizationServer ¶
type UnsafeAuthorizationServer interface {
// contains filtered or unexported methods
}
UnsafeAuthorizationServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to AuthorizationServer will result in compilation errors.