Documentation ¶
Index ¶
- Variables
- type ExtensionSettings
- func (m *ExtensionSettings) Clone() proto.Message
- func (*ExtensionSettings) Descriptor() ([]byte, []int)deprecated
- func (m *ExtensionSettings) Equal(that interface{}) bool
- func (x *ExtensionSettings) GetDisable() bool
- func (x *ExtensionSettings) GetPolicies() map[string]*Policy
- func (m *ExtensionSettings) Hash(hasher hash.Hash64) (uint64, error)deprecated
- func (m *ExtensionSettings) HashUnique(hasher hash.Hash64) (uint64, error)
- func (*ExtensionSettings) ProtoMessage()
- func (x *ExtensionSettings) ProtoReflect() protoreflect.Message
- func (x *ExtensionSettings) Reset()
- func (x *ExtensionSettings) String() string
- type JWTPrincipal
- func (m *JWTPrincipal) Clone() proto.Message
- func (*JWTPrincipal) Descriptor() ([]byte, []int)deprecated
- func (m *JWTPrincipal) Equal(that interface{}) bool
- func (x *JWTPrincipal) GetClaims() map[string]string
- func (x *JWTPrincipal) GetMatcher() JWTPrincipal_ClaimMatcher
- func (x *JWTPrincipal) GetProvider() string
- func (m *JWTPrincipal) Hash(hasher hash.Hash64) (uint64, error)deprecated
- func (m *JWTPrincipal) HashUnique(hasher hash.Hash64) (uint64, error)
- func (*JWTPrincipal) ProtoMessage()
- func (x *JWTPrincipal) ProtoReflect() protoreflect.Message
- func (x *JWTPrincipal) Reset()
- func (x *JWTPrincipal) String() string
- type JWTPrincipal_ClaimMatcher
- func (JWTPrincipal_ClaimMatcher) Descriptor() protoreflect.EnumDescriptor
- func (x JWTPrincipal_ClaimMatcher) Enum() *JWTPrincipal_ClaimMatcher
- func (JWTPrincipal_ClaimMatcher) EnumDescriptor() ([]byte, []int)deprecated
- func (x JWTPrincipal_ClaimMatcher) Number() protoreflect.EnumNumber
- func (x JWTPrincipal_ClaimMatcher) String() string
- func (JWTPrincipal_ClaimMatcher) Type() protoreflect.EnumType
- type Permissions
- func (m *Permissions) Clone() proto.Message
- func (*Permissions) Descriptor() ([]byte, []int)deprecated
- func (m *Permissions) Equal(that interface{}) bool
- func (x *Permissions) GetMethods() []string
- func (x *Permissions) GetPathPrefix() string
- func (m *Permissions) Hash(hasher hash.Hash64) (uint64, error)deprecated
- func (m *Permissions) HashUnique(hasher hash.Hash64) (uint64, error)
- func (*Permissions) ProtoMessage()
- func (x *Permissions) ProtoReflect() protoreflect.Message
- func (x *Permissions) Reset()
- func (x *Permissions) String() string
- type Policy
- func (m *Policy) Clone() proto.Message
- func (*Policy) Descriptor() ([]byte, []int)deprecated
- func (m *Policy) Equal(that interface{}) bool
- func (x *Policy) GetNestedClaimDelimiter() string
- func (x *Policy) GetPermissions() *Permissions
- func (x *Policy) GetPrincipals() []*Principal
- func (m *Policy) Hash(hasher hash.Hash64) (uint64, error)deprecated
- func (m *Policy) HashUnique(hasher hash.Hash64) (uint64, error)
- func (*Policy) ProtoMessage()
- func (x *Policy) ProtoReflect() protoreflect.Message
- func (x *Policy) Reset()
- func (x *Policy) String() string
- type Principal
- func (m *Principal) Clone() proto.Message
- func (*Principal) Descriptor() ([]byte, []int)deprecated
- func (m *Principal) Equal(that interface{}) bool
- func (x *Principal) GetJwtPrincipal() *JWTPrincipal
- func (m *Principal) Hash(hasher hash.Hash64) (uint64, error)deprecated
- func (m *Principal) HashUnique(hasher hash.Hash64) (uint64, error)
- func (*Principal) ProtoMessage()
- func (x *Principal) ProtoReflect() protoreflect.Message
- func (x *Principal) Reset()
- func (x *Principal) String() string
- type Settings
- func (m *Settings) Clone() proto.Message
- func (*Settings) Descriptor() ([]byte, []int)deprecated
- func (m *Settings) Equal(that interface{}) bool
- func (x *Settings) GetRequireRbac() bool
- func (m *Settings) Hash(hasher hash.Hash64) (uint64, error)deprecated
- func (m *Settings) HashUnique(hasher hash.Hash64) (uint64, error)
- func (*Settings) ProtoMessage()
- func (x *Settings) ProtoReflect() protoreflect.Message
- func (x *Settings) Reset()
- func (x *Settings) String() string
Constants ¶
This section is empty.
Variables ¶
var ( JWTPrincipal_ClaimMatcher_name = map[int32]string{ 0: "EXACT_STRING", 1: "BOOLEAN", 2: "LIST_CONTAINS", } JWTPrincipal_ClaimMatcher_value = map[string]int32{ "EXACT_STRING": 0, "BOOLEAN": 1, "LIST_CONTAINS": 2, } )
Enum value maps for JWTPrincipal_ClaimMatcher.
var File_github_com_solo_io_gloo_projects_gloo_api_v1_enterprise_options_rbac_rbac_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type ExtensionSettings ¶
type ExtensionSettings struct { // Disable RBAC checks on this resource (default false). This is useful to allow access to static resources/login page without RBAC checks. // If provided on a route, all route settings override any vhost settings Disable bool `protobuf:"varint,1,opt,name=disable,proto3" json:"disable,omitempty"` // Named policies to apply. Policies map[string]*Policy `` /* 157-byte string literal not displayed */ // contains filtered or unexported fields }
RBAC settings for Virtual Hosts and Routes
func (*ExtensionSettings) Clone ¶ added in v1.8.24
func (m *ExtensionSettings) Clone() proto.Message
Clone function
func (*ExtensionSettings) Descriptor
deprecated
func (*ExtensionSettings) Descriptor() ([]byte, []int)
Deprecated: Use ExtensionSettings.ProtoReflect.Descriptor instead.
func (*ExtensionSettings) Equal ¶
func (m *ExtensionSettings) Equal(that interface{}) bool
Equal function
func (*ExtensionSettings) GetDisable ¶
func (x *ExtensionSettings) GetDisable() bool
func (*ExtensionSettings) GetPolicies ¶
func (x *ExtensionSettings) GetPolicies() map[string]*Policy
func (*ExtensionSettings) Hash
deprecated
added in
v1.2.13
func (m *ExtensionSettings) Hash(hasher hash.Hash64) (uint64, error)
Hash function
Deprecated: due to hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions. Prefer the HashUnique function instead.
func (*ExtensionSettings) HashUnique ¶ added in v1.18.0
func (m *ExtensionSettings) HashUnique(hasher hash.Hash64) (uint64, error)
HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.
func (*ExtensionSettings) ProtoMessage ¶
func (*ExtensionSettings) ProtoMessage()
func (*ExtensionSettings) ProtoReflect ¶ added in v1.6.0
func (x *ExtensionSettings) ProtoReflect() protoreflect.Message
func (*ExtensionSettings) Reset ¶
func (x *ExtensionSettings) Reset()
func (*ExtensionSettings) String ¶
func (x *ExtensionSettings) String() string
type JWTPrincipal ¶
type JWTPrincipal struct { // Set of claims that make up this principal. Commonly, the 'iss' and 'sub' or 'email' claims are used. // If you specify the path for a nested claim, such as 'parent.child.foo', you must also specify // a non-empty string value for the `nested_claim_delimiter` field in the Policy. Claims map[string]string `` /* 153-byte string literal not displayed */ // Verify that the JWT came from a specific provider. This usually can be left empty // and a provider will be chosen automatically. Provider string `protobuf:"bytes,2,opt,name=provider,proto3" json:"provider,omitempty"` // The matcher to use when evaluating this principal. By default, exact string comparison (EXACT_STRING) is used. Matcher JWTPrincipal_ClaimMatcher `protobuf:"varint,3,opt,name=matcher,proto3,enum=rbac.options.gloo.solo.io.JWTPrincipal_ClaimMatcher" json:"matcher,omitempty"` // contains filtered or unexported fields }
A JWT principal. To use this, JWT option MUST be enabled.
func (*JWTPrincipal) Clone ¶ added in v1.8.24
func (m *JWTPrincipal) Clone() proto.Message
Clone function
func (*JWTPrincipal) Descriptor
deprecated
func (*JWTPrincipal) Descriptor() ([]byte, []int)
Deprecated: Use JWTPrincipal.ProtoReflect.Descriptor instead.
func (*JWTPrincipal) GetClaims ¶
func (x *JWTPrincipal) GetClaims() map[string]string
func (*JWTPrincipal) GetMatcher ¶ added in v1.9.0
func (x *JWTPrincipal) GetMatcher() JWTPrincipal_ClaimMatcher
func (*JWTPrincipal) GetProvider ¶
func (x *JWTPrincipal) GetProvider() string
func (*JWTPrincipal) Hash
deprecated
added in
v1.2.13
func (m *JWTPrincipal) Hash(hasher hash.Hash64) (uint64, error)
Hash function
Deprecated: due to hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions. Prefer the HashUnique function instead.
func (*JWTPrincipal) HashUnique ¶ added in v1.18.0
func (m *JWTPrincipal) HashUnique(hasher hash.Hash64) (uint64, error)
HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.
func (*JWTPrincipal) ProtoMessage ¶
func (*JWTPrincipal) ProtoMessage()
func (*JWTPrincipal) ProtoReflect ¶ added in v1.6.0
func (x *JWTPrincipal) ProtoReflect() protoreflect.Message
func (*JWTPrincipal) Reset ¶
func (x *JWTPrincipal) Reset()
func (*JWTPrincipal) String ¶
func (x *JWTPrincipal) String() string
type JWTPrincipal_ClaimMatcher ¶ added in v1.9.0
type JWTPrincipal_ClaimMatcher int32
Used to specify how claims should be matched to the value.
const ( // The JWT claim value is a string that exactly matches the value. JWTPrincipal_EXACT_STRING JWTPrincipal_ClaimMatcher = 0 // The JWT claim value is a boolean that matches the value. JWTPrincipal_BOOLEAN JWTPrincipal_ClaimMatcher = 1 // The JWT claim value is a list that contains a string that exactly matches the value. JWTPrincipal_LIST_CONTAINS JWTPrincipal_ClaimMatcher = 2 )
func (JWTPrincipal_ClaimMatcher) Descriptor ¶ added in v1.9.0
func (JWTPrincipal_ClaimMatcher) Descriptor() protoreflect.EnumDescriptor
func (JWTPrincipal_ClaimMatcher) Enum ¶ added in v1.9.0
func (x JWTPrincipal_ClaimMatcher) Enum() *JWTPrincipal_ClaimMatcher
func (JWTPrincipal_ClaimMatcher) EnumDescriptor
deprecated
added in
v1.9.0
func (JWTPrincipal_ClaimMatcher) EnumDescriptor() ([]byte, []int)
Deprecated: Use JWTPrincipal_ClaimMatcher.Descriptor instead.
func (JWTPrincipal_ClaimMatcher) Number ¶ added in v1.9.0
func (x JWTPrincipal_ClaimMatcher) Number() protoreflect.EnumNumber
func (JWTPrincipal_ClaimMatcher) String ¶ added in v1.9.0
func (x JWTPrincipal_ClaimMatcher) String() string
func (JWTPrincipal_ClaimMatcher) Type ¶ added in v1.9.0
func (JWTPrincipal_ClaimMatcher) Type() protoreflect.EnumType
type Permissions ¶
type Permissions struct { // Paths that have this prefix will be allowed. PathPrefix string `protobuf:"bytes,1,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"` // What http methods (GET, POST, ...) are allowed. Methods []string `protobuf:"bytes,2,rep,name=methods,proto3" json:"methods,omitempty"` // contains filtered or unexported fields }
What permissions should be granted. An empty field means allow-all. If more than one field is added, all of them need to match.
func (*Permissions) Clone ¶ added in v1.8.24
func (m *Permissions) Clone() proto.Message
Clone function
func (*Permissions) Descriptor
deprecated
func (*Permissions) Descriptor() ([]byte, []int)
Deprecated: Use Permissions.ProtoReflect.Descriptor instead.
func (*Permissions) GetMethods ¶
func (x *Permissions) GetMethods() []string
func (*Permissions) GetPathPrefix ¶
func (x *Permissions) GetPathPrefix() string
func (*Permissions) Hash
deprecated
added in
v1.2.13
func (m *Permissions) Hash(hasher hash.Hash64) (uint64, error)
Hash function
Deprecated: due to hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions. Prefer the HashUnique function instead.
func (*Permissions) HashUnique ¶ added in v1.18.0
func (m *Permissions) HashUnique(hasher hash.Hash64) (uint64, error)
HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.
func (*Permissions) ProtoMessage ¶
func (*Permissions) ProtoMessage()
func (*Permissions) ProtoReflect ¶ added in v1.6.0
func (x *Permissions) ProtoReflect() protoreflect.Message
func (*Permissions) Reset ¶
func (x *Permissions) Reset()
func (*Permissions) String ¶
func (x *Permissions) String() string
type Policy ¶
type Policy struct { // Principals in this policy. Principals []*Principal `protobuf:"bytes,1,rep,name=principals,proto3" json:"principals,omitempty"` // Permissions granted to the principals. Permissions *Permissions `protobuf:"bytes,2,opt,name=permissions,proto3" json:"permissions,omitempty"` // The delimiter to use when specifying nested claim names within principals. // Default is an empty string, which disables nested claim functionality. // This is commonly set to `.`, allowing for nested claim names of the form // `parent.child.grandchild` NestedClaimDelimiter string `protobuf:"bytes,3,opt,name=nested_claim_delimiter,json=nestedClaimDelimiter,proto3" json:"nested_claim_delimiter,omitempty"` // contains filtered or unexported fields }
func (*Policy) Descriptor
deprecated
func (*Policy) GetNestedClaimDelimiter ¶ added in v1.9.0
func (*Policy) GetPermissions ¶
func (x *Policy) GetPermissions() *Permissions
func (*Policy) GetPrincipals ¶
func (*Policy) Hash
deprecated
added in
v1.2.13
func (*Policy) HashUnique ¶ added in v1.18.0
HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.
func (*Policy) ProtoMessage ¶
func (*Policy) ProtoMessage()
func (*Policy) ProtoReflect ¶ added in v1.6.0
func (x *Policy) ProtoReflect() protoreflect.Message
type Principal ¶
type Principal struct { JwtPrincipal *JWTPrincipal `protobuf:"bytes,1,opt,name=jwt_principal,json=jwtPrincipal,proto3" json:"jwt_principal,omitempty"` // contains filtered or unexported fields }
An RBAC principal - the identity entity (usually a user or a service account).
func (*Principal) Descriptor
deprecated
func (*Principal) GetJwtPrincipal ¶
func (x *Principal) GetJwtPrincipal() *JWTPrincipal
func (*Principal) Hash
deprecated
added in
v1.2.13
func (*Principal) HashUnique ¶ added in v1.18.0
HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.
func (*Principal) ProtoMessage ¶
func (*Principal) ProtoMessage()
func (*Principal) ProtoReflect ¶ added in v1.6.0
func (x *Principal) ProtoReflect() protoreflect.Message
type Settings ¶
type Settings struct { // Require RBAC for all virtual hosts. A vhost without an RBAC policy set will fallback to a deny-all policy. RequireRbac bool `protobuf:"varint,1,opt,name=require_rbac,json=requireRbac,proto3" json:"require_rbac,omitempty"` // contains filtered or unexported fields }
Global RBAC settings
func (*Settings) Descriptor
deprecated
func (*Settings) GetRequireRbac ¶
func (*Settings) Hash
deprecated
added in
v1.2.13
func (*Settings) HashUnique ¶ added in v1.18.0
HashUnique function generates a hash of the object that is unique to the object by hashing field name and value pairs. Replaces Hash due to original hashing implemention only using field values. The omission of the field name in the hash calculation can lead to hash collisions.
func (*Settings) ProtoMessage ¶
func (*Settings) ProtoMessage()
func (*Settings) ProtoReflect ¶ added in v1.6.0
func (x *Settings) ProtoReflect() protoreflect.Message