Documentation ¶
Index ¶
- Constants
- Variables
- func BuildStagedHttpFilters(configurationGenerator func() ([]*envoyauth.ExtAuthz, error), ...) ([]plugins.StagedHttpFilter, error)
- func GenerateEnvoyConfigForFilter(settings *extauthv1.Settings, upstreams v1.UpstreamList) (*envoyauth.ExtAuthz, error)
- func GetDisabledAuth() *envoyauth.ExtAuthzPerRoute
- func NewPlugin() *plugin
- type DefaultConfigGenerator
- func (d *DefaultConfigGenerator) GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error)
- func (d *DefaultConfigGenerator) GenerateRouteExtAuthzConfig(route *v1.Route) (*envoyauth.ExtAuthzPerRoute, error)
- func (d *DefaultConfigGenerator) GenerateVirtualHostExtAuthzConfig(virtualHost *v1.VirtualHost, params plugins.VirtualHostParams) (*envoyauth.ExtAuthzPerRoute, error)
- func (d *DefaultConfigGenerator) GenerateWeightedDestinationExtAuthzConfig(weightedDestination *v1.WeightedDestination) (*envoyauth.ExtAuthzPerRoute, error)
- func (d *DefaultConfigGenerator) IsMulti() bool
- type ExtAuthzConfigGenerator
- type MultiConfigGenerator
Constants ¶
View Source
const ( DefaultAuthHeader = "x-user-id" HttpServerUri = "http://not-used.example.com/" ExtensionName = "ext_authz" )
View Source
const JWTFilterName = "envoy.filters.http.jwt_authn"
Variables ¶
View Source
var ( DefaultTimeout = prototime.DurationToProto(200 * time.Millisecond) NoServerRefErr = eris.New("no extauth server reference configured") ServerNotFound = func(usRef *core.ResourceRef) error { return eris.Errorf("extauth server upstream not found %s", usRef.String()) } InvalidStatusOnErrorErr = func(code uint32) error { return eris.Errorf("invalid statusOnError code: %d", code) } )
View Source
var FilterStage = plugins.DuringStage(plugins.AuthNStage)
Note that although this configures the "envoy.filters.http.ext_authz" filter, we still want the ordering to be within the AuthNStage because we are using this filter for authentication purposes
Functions ¶
func BuildStagedHttpFilters ¶ added in v1.8.0
func BuildStagedHttpFilters(configurationGenerator func() ([]*envoyauth.ExtAuthz, error), stage plugins.FilterStage) ([]plugins.StagedHttpFilter, error)
func GenerateEnvoyConfigForFilter ¶ added in v1.8.0
func GetDisabledAuth ¶ added in v1.8.0
func GetDisabledAuth() *envoyauth.ExtAuthzPerRoute
Types ¶
type DefaultConfigGenerator ¶ added in v1.8.0
type DefaultConfigGenerator struct {
// contains filtered or unexported fields
}
func NewDefaultConfigGenerator ¶ added in v1.8.0
func NewDefaultConfigGenerator(defaultSettings *extauthv1.Settings) *DefaultConfigGenerator
func (*DefaultConfigGenerator) GenerateListenerExtAuthzConfig ¶ added in v1.8.0
func (d *DefaultConfigGenerator) GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error)
func (*DefaultConfigGenerator) GenerateRouteExtAuthzConfig ¶ added in v1.8.0
func (d *DefaultConfigGenerator) GenerateRouteExtAuthzConfig(route *v1.Route) (*envoyauth.ExtAuthzPerRoute, error)
func (*DefaultConfigGenerator) GenerateVirtualHostExtAuthzConfig ¶ added in v1.8.0
func (d *DefaultConfigGenerator) GenerateVirtualHostExtAuthzConfig(virtualHost *v1.VirtualHost, params plugins.VirtualHostParams) (*envoyauth.ExtAuthzPerRoute, error)
func (*DefaultConfigGenerator) GenerateWeightedDestinationExtAuthzConfig ¶ added in v1.8.0
func (d *DefaultConfigGenerator) GenerateWeightedDestinationExtAuthzConfig(weightedDestination *v1.WeightedDestination) (*envoyauth.ExtAuthzPerRoute, error)
func (*DefaultConfigGenerator) IsMulti ¶ added in v1.8.0
func (d *DefaultConfigGenerator) IsMulti() bool
type ExtAuthzConfigGenerator ¶ added in v1.8.0
type ExtAuthzConfigGenerator interface { IsMulti() bool GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error) GenerateVirtualHostExtAuthzConfig(virtualHost *v1.VirtualHost, params plugins.VirtualHostParams) (*envoyauth.ExtAuthzPerRoute, error) GenerateRouteExtAuthzConfig(route *v1.Route) (*envoyauth.ExtAuthzPerRoute, error) GenerateWeightedDestinationExtAuthzConfig(weightedDestination *v1.WeightedDestination) (*envoyauth.ExtAuthzPerRoute, error) }
type MultiConfigGenerator ¶ added in v1.8.0
type MultiConfigGenerator struct {
*DefaultConfigGenerator
}
func NewMultiConfigGenerator ¶ added in v1.8.0
func NewMultiConfigGenerator() *MultiConfigGenerator
func (*MultiConfigGenerator) GenerateListenerExtAuthzConfig ¶ added in v1.8.0
func (m *MultiConfigGenerator) GenerateListenerExtAuthzConfig(listener *v1.HttpListener, upstreams v1.UpstreamList) ([]*envoyauth.ExtAuthz, error)
func (*MultiConfigGenerator) IsMulti ¶ added in v1.8.0
func (m *MultiConfigGenerator) IsMulti() bool
Click to show internal directories.
Click to hide internal directories.