Documentation ¶
Index ¶
- Constants
- func NewServerCredentials(certPath string, keyPath string, caPath string) (credentials.TransportCredentials, error)
- func RegisterServer(srv *grpc.Server, c Checker)
- func RunServer(ctx context.Context, listener net.Listener, srv *grpc.Server) error
- type CheckRequestV2
- type CheckRequestV3
- type CheckResponseV2
- type CheckResponseV3
- type Checker
- type Creds
- type Htpasswd
- type OIDCConnect
- type Request
- type Response
Constants ¶
const (
// AnnotationAuthRealm marks Secrets that match our authentication realm.
AnnotationAuthRealm = "auth.contour.snappcloud.io/realm"
)
Variables ¶
This section is empty.
Functions ¶
func NewServerCredentials ¶
func NewServerCredentials(certPath string, keyPath string, caPath string) (credentials.TransportCredentials, error)
NewServerCredentials loads TLS transport credentials for the GRPC server.
func RegisterServer ¶
RegisterServer registers the Checker with the external authorization GRPC server.
Types ¶
type CheckRequestV2 ¶
type CheckRequestV2 = envoy_service_auth_v2.CheckRequest //nolint:golint
type CheckRequestV3 ¶
type CheckRequestV3 = envoy_service_auth_v3.CheckRequest //nolint:golint
type CheckResponseV2 ¶
type CheckResponseV2 = envoy_service_auth_v2.CheckResponse //nolint:golint
type CheckResponseV3 ¶
type CheckResponseV3 = envoy_service_auth_v3.CheckResponse //nolint:golint
type Checker ¶
Checker is an implementation of the Envoy External Auth API.
https://github.com/envoyproxy/envoy/blob/release/v1.14/api/envoy/service/auth/v3/external_auth.proto https://github.com/envoyproxy/envoy/blob/release/v1.14/api/envoy/service/auth/v2/external_auth.proto
type Htpasswd ¶
type Htpasswd struct { Log logr.Logger Realm string Client client.Client Creds *Creds Mu *sync.Mutex Selector labels.Selector }
Htpasswd watches Secrets for htpasswd files and uses them for HTTP Basic Authentication.
func (*Htpasswd) Check ¶
Check manages the HTTP basic authentication flow and return a response based on the authentication result.
type OIDCConnect ¶
type OIDCConnect struct { Log logr.Logger OidcConfig *config.OIDCConfig Cache *bigcache.BigCache HTTPClient *http.Client // contains filtered or unexported fields }
OIDCConnect defines parameters for an OIDC auth provider.
type Request ¶
Request captures the information needed to process a CheckRequest.
func (*Request) FromV2 ¶
func (r *Request) FromV2(c *CheckRequestV2) *Request
FromV2 initializes a Request from a v2 CheckRequest.
func (*Request) FromV3 ¶
func (r *Request) FromV3(c *CheckRequestV3) *Request
FromV3 initializes a Request from a v3 CheckRequest.
type Response ¶
Response captures the information needed to generate a CheckResponse.
func (*Response) AsV2 ¶
func (r *Response) AsV2() *CheckResponseV2
AsV2 converts to a v2 CheckResponse.
func (*Response) AsV3 ¶
func (r *Response) AsV3() *CheckResponseV3
AsV3 converts to a v3 CheckResponse.