extauth

package
v0.11.3-merged-prereqs Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 18, 2024 License: Apache-2.0 Imports: 19 Imported by: 1

Documentation

Index

Constants

View Source
const (
	DefaultAuthHeader = "x-user-id"
	HttpServerUri     = "http://not-used.example.com/"
	ExtensionName     = "ext_authz"
)
View Source
const JWTFilterName = "envoy.filters.http.jwt_authn"

Variables

View Source
var (
	DefaultTimeout = prototime.DurationToProto(200 * time.Millisecond)
	NoServerRefErr = eris.New("no extauth server reference configured")
	ServerNotFound = func(usRef *core.ResourceRef) error {
		return eris.Errorf("extauth server upstream not found %s", usRef.String())
	}
	InvalidStatusOnErrorErr = func(code uint32) error {
		return eris.Errorf("invalid statusOnError code: %d", code)
	}
)

Note that although this configures the "envoy.filters.http.ext_authz" filter, we still want the ordering to be within the AuthNStage because we are using this filter for authentication purposes

Functions

func BuildStagedHttpFilters added in v1.8.0

func BuildStagedHttpFilters(configurationGenerator func() ([]*envoyauth.ExtAuthz, error), stage plugins.HTTPFilterStage) ([]plugins.StagedHttpFilter, error)

func GenerateEnvoyConfigForFilter added in v1.8.0

func GenerateEnvoyConfigForFilter(settings *extauthv1.Settings, upstreams v1.UpstreamList) (*envoyauth.ExtAuthz, error)

func GetDisabledAuth added in v1.8.0

func GetDisabledAuth() *envoyauth.ExtAuthzPerRoute

func NewPlugin added in v1.9.25

func NewPlugin() *plugin

Types

type DefaultConfigGenerator added in v1.8.0

type DefaultConfigGenerator struct {
	// contains filtered or unexported fields
}

func NewDefaultConfigGenerator added in v1.8.0

func NewDefaultConfigGenerator(defaultSettings *extauthv1.Settings) *DefaultConfigGenerator

func (*DefaultConfigGenerator) GenerateListenerExtAuthzConfig added in v1.8.0

func (d *DefaultConfigGenerator) GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error)

func (*DefaultConfigGenerator) GenerateRouteExtAuthzConfig added in v1.8.0

func (d *DefaultConfigGenerator) GenerateRouteExtAuthzConfig(route *v1.Route) (*envoyauth.ExtAuthzPerRoute, error)

func (*DefaultConfigGenerator) GenerateVirtualHostExtAuthzConfig added in v1.8.0

func (d *DefaultConfigGenerator) GenerateVirtualHostExtAuthzConfig(virtualHost *v1.VirtualHost, params plugins.VirtualHostParams) (*envoyauth.ExtAuthzPerRoute, error)

func (*DefaultConfigGenerator) GenerateWeightedDestinationExtAuthzConfig added in v1.8.0

func (d *DefaultConfigGenerator) GenerateWeightedDestinationExtAuthzConfig(weightedDestination *v1.WeightedDestination) (*envoyauth.ExtAuthzPerRoute, error)

func (*DefaultConfigGenerator) IsMulti added in v1.8.0

func (d *DefaultConfigGenerator) IsMulti() bool

type ExtAuthzConfigGenerator added in v1.8.0

type ExtAuthzConfigGenerator interface {
	IsMulti() bool
	GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error)
	GenerateVirtualHostExtAuthzConfig(virtualHost *v1.VirtualHost, params plugins.VirtualHostParams) (*envoyauth.ExtAuthzPerRoute, error)
	GenerateRouteExtAuthzConfig(route *v1.Route) (*envoyauth.ExtAuthzPerRoute, error)
	GenerateWeightedDestinationExtAuthzConfig(weightedDestination *v1.WeightedDestination) (*envoyauth.ExtAuthzPerRoute, error)
}

type MultiConfigGenerator added in v1.8.0

type MultiConfigGenerator struct {
	*DefaultConfigGenerator
}

func NewMultiConfigGenerator added in v1.8.0

func NewMultiConfigGenerator() *MultiConfigGenerator

func (*MultiConfigGenerator) GenerateListenerExtAuthzConfig added in v1.8.0

func (m *MultiConfigGenerator) GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error)

func (*MultiConfigGenerator) IsMulti added in v1.8.0

func (m *MultiConfigGenerator) IsMulti() bool

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL