extauth

package
v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 26, 2024 License: Apache-2.0 Imports: 21 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	// We name this plugin as extauth to distinguish it from the C++ implementation ext_authz.
	// We may add new feature to this plugin which will make it different from its C++ sibling.
	Name = "extAuth"
)

Variables

View Source 
var File_types_plugins_extauth_config_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type AuthorizationRequest 

type AuthorizationRequest struct {

	// Sets a list of headers that will be included to the request to authorization service. Note that
	// client request of the same key will be overridden.
	HeadersToAdd []*v1.HeaderValue `protobuf:"bytes,1,rep,name=headers_to_add,json=headersToAdd,proto3" json:"headers_to_add,omitempty"`
	// contains filtered or unexported fields
}

func (*AuthorizationRequest) Descriptor deprecated 

func (*AuthorizationRequest) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizationRequest.ProtoReflect.Descriptor instead.

func (*AuthorizationRequest) GetHeadersToAdd 

func (x *AuthorizationRequest) GetHeadersToAdd() []*v1.HeaderValue

func (*AuthorizationRequest) ProtoMessage 

func (*AuthorizationRequest) ProtoMessage()

func (*AuthorizationRequest) ProtoReflect 

func (x *AuthorizationRequest) ProtoReflect() protoreflect.Message

func (*AuthorizationRequest) Reset 

func (x *AuthorizationRequest) Reset()

func (*AuthorizationRequest) String 

func (x *AuthorizationRequest) String() string

func (*AuthorizationRequest) Validate 

func (m *AuthorizationRequest) Validate() error

Validate checks the field values on AuthorizationRequest with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*AuthorizationRequest) ValidateAll 

func (m *AuthorizationRequest) ValidateAll() error

ValidateAll checks the field values on AuthorizationRequest with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AuthorizationRequestMultiError, or nil if none found.

type AuthorizationRequestMultiError 

type AuthorizationRequestMultiError []error

AuthorizationRequestMultiError is an error wrapping multiple validation errors returned by AuthorizationRequest.ValidateAll() if the designated constraints aren't met.

func (AuthorizationRequestMultiError) AllErrors 

func (m AuthorizationRequestMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (AuthorizationRequestMultiError) Error 

func (m AuthorizationRequestMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type AuthorizationRequestValidationError 

type AuthorizationRequestValidationError struct {
	// contains filtered or unexported fields
}

AuthorizationRequestValidationError is the validation error returned by AuthorizationRequest.Validate if the designated constraints aren't met.

func (AuthorizationRequestValidationError) Cause 

func (e AuthorizationRequestValidationError) Cause() error

Cause function returns cause value.

func (AuthorizationRequestValidationError) Error 

func (e AuthorizationRequestValidationError) Error() string

Error satisfies the builtin error interface

func (AuthorizationRequestValidationError) ErrorName 

func (e AuthorizationRequestValidationError) ErrorName() string

ErrorName returns error name.

func (AuthorizationRequestValidationError) Field 

func (e AuthorizationRequestValidationError) Field() string

Field function returns field value.

func (AuthorizationRequestValidationError) Key 

func (e AuthorizationRequestValidationError) Key() bool

Key function returns key value.

func (AuthorizationRequestValidationError) Reason 

func (e AuthorizationRequestValidationError) Reason() string

Reason function returns reason value.

type AuthorizationResponse 

type AuthorizationResponse struct {

	// When this is set, authorization response headers that have a correspondent match will be added
	// to the original client request.
	// Note that coexistent headers will be overridden.
	AllowedUpstreamHeaders []*v1.StringMatcher `` /* 129-byte string literal not displayed */
	// When this is set, authorization response headers that have a correspondent match will be added
	// to the client's response when the request is rejected.
	AllowedClientHeaders []*v1.StringMatcher `protobuf:"bytes,2,rep,name=allowed_client_headers,json=allowedClientHeaders,proto3" json:"allowed_client_headers,omitempty"`
	// contains filtered or unexported fields
}

func (*AuthorizationResponse) Descriptor deprecated 

func (*AuthorizationResponse) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizationResponse.ProtoReflect.Descriptor instead.

func (*AuthorizationResponse) GetAllowedClientHeaders 

func (x *AuthorizationResponse) GetAllowedClientHeaders() []*v1.StringMatcher

func (*AuthorizationResponse) GetAllowedUpstreamHeaders 

func (x *AuthorizationResponse) GetAllowedUpstreamHeaders() []*v1.StringMatcher

func (*AuthorizationResponse) ProtoMessage 

func (*AuthorizationResponse) ProtoMessage()

func (*AuthorizationResponse) ProtoReflect 

func (x *AuthorizationResponse) ProtoReflect() protoreflect.Message

func (*AuthorizationResponse) Reset 

func (x *AuthorizationResponse) Reset()

func (*AuthorizationResponse) String 

func (x *AuthorizationResponse) String() string

func (*AuthorizationResponse) Validate 

func (m *AuthorizationResponse) Validate() error

Validate checks the field values on AuthorizationResponse with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*AuthorizationResponse) ValidateAll 

func (m *AuthorizationResponse) ValidateAll() error

ValidateAll checks the field values on AuthorizationResponse with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in AuthorizationResponseMultiError, or nil if none found.

type AuthorizationResponseMultiError 

type AuthorizationResponseMultiError []error

AuthorizationResponseMultiError is an error wrapping multiple validation errors returned by AuthorizationResponse.ValidateAll() if the designated constraints aren't met.

func (AuthorizationResponseMultiError) AllErrors 

func (m AuthorizationResponseMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (AuthorizationResponseMultiError) Error 

func (m AuthorizationResponseMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type AuthorizationResponseValidationError 

type AuthorizationResponseValidationError struct {
	// contains filtered or unexported fields
}

AuthorizationResponseValidationError is the validation error returned by AuthorizationResponse.Validate if the designated constraints aren't met.

func (AuthorizationResponseValidationError) Cause 

func (e AuthorizationResponseValidationError) Cause() error

Cause function returns cause value.

func (AuthorizationResponseValidationError) Error 

func (e AuthorizationResponseValidationError) Error() string

Error satisfies the builtin error interface

func (AuthorizationResponseValidationError) ErrorName 

func (e AuthorizationResponseValidationError) ErrorName() string

ErrorName returns error name.

func (AuthorizationResponseValidationError) Field 

func (e AuthorizationResponseValidationError) Field() string

Field function returns field value.

func (AuthorizationResponseValidationError) Key 

func (e AuthorizationResponseValidationError) Key() bool

Key function returns key value.

func (AuthorizationResponseValidationError) Reason 

func (e AuthorizationResponseValidationError) Reason() string

Reason function returns reason value.

type Config 

type Config struct {

	// External authorization service configuration.
	//
	// Types that are assignable to Services:
	//
	//	*Config_HttpService
	Services isConfig_Services `protobuf_oneof:"services"`
	// Changes filter's behaviour on errors:
	//
	// 1. When set to true, the filter will “accept“ client request even if the communication with
	// the authorization service has failed, or if the authorization service has returned a HTTP 5xx
	// error.
	//
	// 2. When set to false, ext-auth will “reject“ client requests and return a “Forbidden“
	FailureModeAllow bool `protobuf:"varint,2,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"`
	// When “failure_mode_allow“ and “failure_mode_allow_header_add“ are both set to true,
	// “x-envoy-auth-failure-mode-allowed: true“ will be added to request headers if the communication
	// with the authorization service has failed, or if the authorization service has returned a
	// HTTP 5xx error.
	FailureModeAllowHeaderAdd bool `` /* 143-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*Config) Descriptor deprecated 

func (*Config) Descriptor() ([]byte, []int)

Deprecated: Use Config.ProtoReflect.Descriptor instead.

func (*Config) GetFailureModeAllow 

func (x *Config) GetFailureModeAllow() bool

func (*Config) GetFailureModeAllowHeaderAdd 

func (x *Config) GetFailureModeAllowHeaderAdd() bool

func (*Config) GetHttpService 

func (x *Config) GetHttpService() *HttpService

func (*Config) GetServices 

func (m *Config) GetServices() isConfig_Services

func (*Config) ProtoMessage 

func (*Config) ProtoMessage()

func (*Config) ProtoReflect 

func (x *Config) ProtoReflect() protoreflect.Message

func (*Config) Reset 

func (x *Config) Reset()

func (*Config) String 

func (x *Config) String() string

func (*Config) Validate 

func (m *Config) Validate() error

Validate checks the field values on Config with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*Config) ValidateAll 

func (m *Config) ValidateAll() error

ValidateAll checks the field values on Config with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in ConfigMultiError, or nil if none found.

type ConfigMultiError 

type ConfigMultiError []error

ConfigMultiError is an error wrapping multiple validation errors returned by Config.ValidateAll() if the designated constraints aren't met.

func (ConfigMultiError) AllErrors 

func (m ConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (ConfigMultiError) Error 

func (m ConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type ConfigValidationError 

type ConfigValidationError struct {
	// contains filtered or unexported fields
}

ConfigValidationError is the validation error returned by Config.Validate if the designated constraints aren't met.

func (ConfigValidationError) Cause 

func (e ConfigValidationError) Cause() error

Cause function returns cause value.

func (ConfigValidationError) Error 

func (e ConfigValidationError) Error() string

Error satisfies the builtin error interface

func (ConfigValidationError) ErrorName 

func (e ConfigValidationError) ErrorName() string

ErrorName returns error name.

func (ConfigValidationError) Field 

func (e ConfigValidationError) Field() string

Field function returns field value.

func (ConfigValidationError) Key 

func (e ConfigValidationError) Key() bool

Key function returns key value.

func (ConfigValidationError) Reason 

func (e ConfigValidationError) Reason() string

Reason function returns reason value.

type Config_HttpService 

type Config_HttpService struct {
	// HTTP service configuration (default timeout: 200ms).
	HttpService *HttpService `protobuf:"bytes,1,opt,name=http_service,json=httpService,proto3,oneof"`
}

type HttpService 

type HttpService struct {

	// Sets the HTTP server which the authorization requests must be sent to.
	// We don't use HttpUri like Envoy because we set the Host directly instead of using
	// the result from Cluster.
	Url     string               `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
	Timeout *durationpb.Duration `protobuf:"bytes,2,opt,name=timeout,proto3" json:"timeout,omitempty"`
	// Settings used for controlling authorization request metadata.
	AuthorizationRequest *AuthorizationRequest `protobuf:"bytes,3,opt,name=authorization_request,json=authorizationRequest,proto3" json:"authorization_request,omitempty"`
	// Settings used for controlling authorization response metadata.
	AuthorizationResponse *AuthorizationResponse `protobuf:"bytes,4,opt,name=authorization_response,json=authorizationResponse,proto3" json:"authorization_response,omitempty"`
	// Sets the HTTP status that is returned to the client when the authorization server
	// returns an error or cannot be reached. The default status is HTTP 403 Forbidden.
	StatusOnError v1.StatusCode `` /* 140-byte string literal not displayed */
	// Buffer the client request body and send it within the authorization request.
	WithRequestBody bool `protobuf:"varint,6,opt,name=with_request_body,json=withRequestBody,proto3" json:"with_request_body,omitempty"`
	// contains filtered or unexported fields
}

func (*HttpService) Descriptor deprecated 

func (*HttpService) Descriptor() ([]byte, []int)

Deprecated: Use HttpService.ProtoReflect.Descriptor instead.

func (*HttpService) GetAuthorizationRequest 

func (x *HttpService) GetAuthorizationRequest() *AuthorizationRequest

func (*HttpService) GetAuthorizationResponse 

func (x *HttpService) GetAuthorizationResponse() *AuthorizationResponse

func (*HttpService) GetStatusOnError 

func (x *HttpService) GetStatusOnError() v1.StatusCode

func (*HttpService) GetTimeout 

func (x *HttpService) GetTimeout() *durationpb.Duration

func (*HttpService) GetUrl 

func (x *HttpService) GetUrl() string

func (*HttpService) GetWithRequestBody 

func (x *HttpService) GetWithRequestBody() bool

func (*HttpService) ProtoMessage 

func (*HttpService) ProtoMessage()

func (*HttpService) ProtoReflect 

func (x *HttpService) ProtoReflect() protoreflect.Message

func (*HttpService) Reset 

func (x *HttpService) Reset()

func (*HttpService) String 

func (x *HttpService) String() string

func (*HttpService) Validate 

func (m *HttpService) Validate() error

Validate checks the field values on HttpService with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*HttpService) ValidateAll 

func (m *HttpService) ValidateAll() error

ValidateAll checks the field values on HttpService with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in HttpServiceMultiError, or nil if none found.

type HttpServiceMultiError 

type HttpServiceMultiError []error

HttpServiceMultiError is an error wrapping multiple validation errors returned by HttpService.ValidateAll() if the designated constraints aren't met.

func (HttpServiceMultiError) AllErrors 

func (m HttpServiceMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (HttpServiceMultiError) Error 

func (m HttpServiceMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type HttpServiceValidationError 

type HttpServiceValidationError struct {
	// contains filtered or unexported fields
}

HttpServiceValidationError is the validation error returned by HttpService.Validate if the designated constraints aren't met.

func (HttpServiceValidationError) Cause 

func (e HttpServiceValidationError) Cause() error

Cause function returns cause value.

func (HttpServiceValidationError) Error 

func (e HttpServiceValidationError) Error() string

Error satisfies the builtin error interface

func (HttpServiceValidationError) ErrorName 

func (e HttpServiceValidationError) ErrorName() string

ErrorName returns error name.

func (HttpServiceValidationError) Field 

func (e HttpServiceValidationError) Field() string

Field function returns field value.

func (HttpServiceValidationError) Key 

func (e HttpServiceValidationError) Key() bool

Key function returns key value.

func (HttpServiceValidationError) Reason 

func (e HttpServiceValidationError) Reason() string

Reason function returns reason value.

type Plugin 

type Plugin struct {
	plugins.PluginMethodDefaultImpl
}

func (*Plugin) Config 

func (p *Plugin) Config() api.PluginConfig

func (*Plugin) Order 

func (p *Plugin) Order() plugins.PluginOrder

func (*Plugin) Type 

func (p *Plugin) Type() plugins.PluginType

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.