oidc

package
v0.0.0-...-2911148 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_config_oidc_config_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type LogoutConfig 

type LogoutConfig struct {

	// A http request path that the Authservice matches against to initiate
	// logout. Whenever a request is made to that path, the Authservice will
	// remove the Authservice-specific cookies and respond with a redirect to the
	// configured `redirect_uri`. Removing the cookies causes the user to be
	// unauthenticated in future requests. If the service application has its own
	// logout controller, then it may be desirable to have its logout controller
	// redirect to this path. If the service application does not need its own
	// logout controller, then the application's logout button/link's href can GET
	// or POST directly to this path. Required.
	Path string `protobuf:"bytes,1,opt,name=path,proto3" json:"path,omitempty"`
	// A URI specifying the destination to which the Authservice will redirect any
	// request made to the logout `path`. For example, it may be desirable to
	// redirect the logged out user to the homepage of the service application, or
	// to the [logout endpoint of the OIDC
	// Provider](https://openid.net/specs/openid-connect-session-1_0.html#RPLogout).
	// As with all redirects, the user's browser will perform a GET to this URI.
	// Required.
	RedirectUri string `protobuf:"bytes,2,opt,name=redirect_uri,json=redirectUri,proto3" json:"redirect_uri,omitempty"`
	// contains filtered or unexported fields
}

When specified, the Authservice will destroy the Authservice session when a request is made to the configured path.

func (*LogoutConfig) Descriptor deprecated 

func (*LogoutConfig) Descriptor() ([]byte, []int)

Deprecated: Use LogoutConfig.ProtoReflect.Descriptor instead.

func (*LogoutConfig) GetPath 

func (x *LogoutConfig) GetPath() string

func (*LogoutConfig) GetRedirectUri 

func (x *LogoutConfig) GetRedirectUri() string

func (*LogoutConfig) ProtoMessage 

func (*LogoutConfig) ProtoMessage()

func (*LogoutConfig) ProtoReflect 

func (x *LogoutConfig) ProtoReflect() protoreflect.Message

func (*LogoutConfig) Reset 

func (x *LogoutConfig) Reset()

func (*LogoutConfig) String 

func (x *LogoutConfig) String() string

func (*LogoutConfig) Validate 

func (m *LogoutConfig) Validate() error

Validate checks the field values on LogoutConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*LogoutConfig) ValidateAll 

func (m *LogoutConfig) ValidateAll() error

ValidateAll checks the field values on LogoutConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in LogoutConfigMultiError, or nil if none found.

type LogoutConfigMultiError 

type LogoutConfigMultiError []error

LogoutConfigMultiError is an error wrapping multiple validation errors returned by LogoutConfig.ValidateAll() if the designated constraints aren't met.

func (LogoutConfigMultiError) AllErrors 

func (m LogoutConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (LogoutConfigMultiError) Error 

func (m LogoutConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type LogoutConfigValidationError 

type LogoutConfigValidationError struct {
	// contains filtered or unexported fields
}

LogoutConfigValidationError is the validation error returned by LogoutConfig.Validate if the designated constraints aren't met.

func (LogoutConfigValidationError) Cause 

func (e LogoutConfigValidationError) Cause() error

Cause function returns cause value.

func (LogoutConfigValidationError) Error 

func (e LogoutConfigValidationError) Error() string

Error satisfies the builtin error interface

func (LogoutConfigValidationError) ErrorName 

func (e LogoutConfigValidationError) ErrorName() string

ErrorName returns error name.

func (LogoutConfigValidationError) Field 

func (e LogoutConfigValidationError) Field() string

Field function returns field value.

func (LogoutConfigValidationError) Key 

func (e LogoutConfigValidationError) Key() bool

Key function returns key value.

func (LogoutConfigValidationError) Reason 

func (e LogoutConfigValidationError) Reason() string

Reason function returns reason value.

type OIDCConfig 

type OIDCConfig struct {

	// The OIDC Provider's [authorization
	// endpoint](https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint).
	// Required.
	AuthorizationUri string `protobuf:"bytes,1,opt,name=authorization_uri,json=authorizationUri,proto3" json:"authorization_uri,omitempty"`
	// The OIDC Provider's [token
	// endpoint](https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint).
	// Required.
	TokenUri string `protobuf:"bytes,2,opt,name=token_uri,json=tokenUri,proto3" json:"token_uri,omitempty"`
	// This value will be used as the `redirect_uri` param of the authorization
	// code grant [Authentication
	// Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	// This URL must be one of the Redirection URI values for the Client
	// pre-registered at the OIDC provider. Note: The Istio gateway's
	// VirtualService must be prepared to ensure that this URL will get routed to
	// the service so that the Authservice can intercept the request and handle it
	// (see
	// [example](https://github.com/istio-ecosystem/authservice/blob/master/bookinfo-example/config/bookinfo-gateway.yaml)).
	// Required.
	CallbackUri string `protobuf:"bytes,3,opt,name=callback_uri,json=callbackUri,proto3" json:"callback_uri,omitempty"`
	// Types that are assignable to JwksConfig:
	//	*OIDCConfig_Jwks
	//	*OIDCConfig_JwksFetcher
	JwksConfig isOIDCConfig_JwksConfig `protobuf_oneof:"jwks_config"`
	// The OIDC client ID assigned to the filter to be used in the
	// [Authentication
	// Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	// Required.
	ClientId string `protobuf:"bytes,5,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
	// The OIDC client secret assigned to the filter to be used in the
	// [Authentication
	// Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	// Required.
	ClientSecret string `protobuf:"bytes,6,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty"`
	// Additional scopes passed to the OIDC Provider in the
	// [Authentication
	// Request](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest).
	// The `openid` scope is always sent to the OIDC Provider, and does not need
	// to be specified here. Required, but an empty array is allowed.
	Scopes []string `protobuf:"bytes,7,rep,name=scopes,proto3" json:"scopes,omitempty"`
	// A unique identifier of the Authservice's browser cookies. Can be any
	// string. Needed when multiple services in the same domain are each protected
	// by their own Authservice, in which case each service's Authservice should
	// have a unique value to avoid cookie name conflicts. Also needed when an
	// Authservice is configured with multiple `oidc` filters (across multiple
	// `chains`), each sharing a Redis server for their session storage, to avoid
	// having those `oidc` filters read/write the same sessions in Redis.
	// Optional.
	CookieNamePrefix string `protobuf:"bytes,8,opt,name=cookie_name_prefix,json=cookieNamePrefix,proto3" json:"cookie_name_prefix,omitempty"`
	// The configuration for adding ID Tokens as headers to requests forwarded to
	// a service. Required.
	IdToken *TokenConfig `protobuf:"bytes,9,opt,name=id_token,json=idToken,proto3" json:"id_token,omitempty"`
	// The configuration for adding Access Tokens as headers to requests forwarded
	// to a service. Optional.
	AccessToken *TokenConfig `protobuf:"bytes,10,opt,name=access_token,json=accessToken,proto3" json:"access_token,omitempty"`
	// When specified, the Authservice will destroy the Authservice session when a
	// request is made to the configured path. Optional.
	Logout *LogoutConfig `protobuf:"bytes,11,opt,name=logout,proto3" json:"logout,omitempty"`
	// The Authservice associates obtained OIDC tokens with a session ID in a
	// session store. It also stores some temporary information during the login
	// process into the session store, which will be removed when the user
	// finishes the login. This configuration option sets the number of seconds
	// since a user's session with the Authservice has started until that session
	// should expire. When configured to `0`, which is the default value, the
	// session will never timeout based on the time that it was started, but can
	// still timeout due to being idle. When both `absolute_session_timeout` and
	// `idle_session_timeout` are zero, then sessions will never expire. These
	// settings do not affect how quickly the OIDC tokens contained inside the
	// user's session expire. Optional.
	AbsoluteSessionTimeout uint32 `` /* 131-byte string literal not displayed */
	// The Authservice associates obtained OIDC tokens with a session ID in a
	// session store. It also stores some temporary information during the login
	// process into the session store, which will be removed when the user
	// finishes the login. This configuration option sets the number of seconds
	// since the most recent incoming request from that user until the user's
	// session with the Authservice should expire. When configured to `0`, which
	// is the default value, session expiration will not consider idle time, but
	// can still consider timeout based on maximum absolute time since added. When
	// both `absolute_session_timeout` and `idle_session_timeout` are zero, then
	// sessions will never expire. These settings do not affect how quickly the
	// OIDC tokens contained inside the user's session expire. Optional.
	IdleSessionTimeout uint32 `protobuf:"varint,13,opt,name=idle_session_timeout,json=idleSessionTimeout,proto3" json:"idle_session_timeout,omitempty"`
	// When specified, the Authservice will trust the specified Certificate
	// Authority when performing HTTPS calls to the Token Endpoint of the OIDC
	// Identity Provider. Optional.
	TrustedCertificateAuthority string `` /* 145-byte string literal not displayed */
	// The Authservice makes two kinds of direct network connections directly to
	// the OIDC Provider. Both are POST requests to the configured `token_uri` of
	// the OIDC Provider. The first is to exchange the authorization code for
	// tokens, and the other is to use the refresh token to obtain new tokens.
	// Configure the `proxy_uri` when both of these requests should be made
	// through a web proxy. The format of `proxy_uri` is
	// `http://proxyserver.example.com:8080`, where `:<port_number>` is optional.
	// Userinfo (usernames and passwords) in the `proxy_uri` setting are not yet
	// supported. The `proxy_uri` should always start with `http://`. The
	// Authservice will upgrade the connection to the OIDC provider to HTTPS using
	// an HTTP CONNECT request to the proxy server. The proxy server will see the
	// hostname and port number of the OIDC provider in plain text in the CONNECT
	// request, but all other communication will occur over an encrypted HTTPS
	// connection negotiated directly between the Authservice and the OIDC
	// provider. See also the related `trusted_certificate_authority`
	// configuration option. Optional.
	ProxyUri string `protobuf:"bytes,15,opt,name=proxy_uri,json=proxyUri,proto3" json:"proxy_uri,omitempty"`
	// When specified, the Authservice will use the configured Redis server to
	// store session data. Optional.
	RedisSessionStoreConfig *RedisConfig `` /* 135-byte string literal not displayed */
	// If set to true, the verification of the destination certificate will be
	// skipped when making a request to the Token Endpoint. This option is useful
	// when you want to use a self-signed certificate for testing purposes, but
	// basically should not be set to true in any other cases. Optional.
	SkipVerifyPeerCert bool `protobuf:"varint,18,opt,name=skip_verify_peer_cert,json=skipVerifyPeerCert,proto3" json:"skip_verify_peer_cert,omitempty"`
	// contains filtered or unexported fields
}

The configuration of an OpenID Connect filter that can be used to retrieve identity and access tokens via the standard authorization code grant flow from an OIDC Provider.

func (*OIDCConfig) Descriptor deprecated 

func (*OIDCConfig) Descriptor() ([]byte, []int)

Deprecated: Use OIDCConfig.ProtoReflect.Descriptor instead.

func (*OIDCConfig) GetAbsoluteSessionTimeout 

func (x *OIDCConfig) GetAbsoluteSessionTimeout() uint32

func (*OIDCConfig) GetAccessToken 

func (x *OIDCConfig) GetAccessToken() *TokenConfig

func (*OIDCConfig) GetAuthorizationUri 

func (x *OIDCConfig) GetAuthorizationUri() string

func (*OIDCConfig) GetCallbackUri 

func (x *OIDCConfig) GetCallbackUri() string

func (*OIDCConfig) GetClientId 

func (x *OIDCConfig) GetClientId() string

func (*OIDCConfig) GetClientSecret 

func (x *OIDCConfig) GetClientSecret() string

func (*OIDCConfig) GetCookieNamePrefix 

func (x *OIDCConfig) GetCookieNamePrefix() string

func (*OIDCConfig) GetIdToken 

func (x *OIDCConfig) GetIdToken() *TokenConfig

func (*OIDCConfig) GetIdleSessionTimeout 

func (x *OIDCConfig) GetIdleSessionTimeout() uint32

func (*OIDCConfig) GetJwks 

func (x *OIDCConfig) GetJwks() string

func (*OIDCConfig) GetJwksConfig 

func (m *OIDCConfig) GetJwksConfig() isOIDCConfig_JwksConfig

func (*OIDCConfig) GetJwksFetcher 

func (x *OIDCConfig) GetJwksFetcher() *OIDCConfig_JwksFetcherConfig

func (*OIDCConfig) GetLogout 

func (x *OIDCConfig) GetLogout() *LogoutConfig

func (*OIDCConfig) GetProxyUri 

func (x *OIDCConfig) GetProxyUri() string

func (*OIDCConfig) GetRedisSessionStoreConfig 

func (x *OIDCConfig) GetRedisSessionStoreConfig() *RedisConfig

func (*OIDCConfig) GetScopes 

func (x *OIDCConfig) GetScopes() []string

func (*OIDCConfig) GetSkipVerifyPeerCert 

func (x *OIDCConfig) GetSkipVerifyPeerCert() bool

func (*OIDCConfig) GetTokenUri 

func (x *OIDCConfig) GetTokenUri() string

func (*OIDCConfig) GetTrustedCertificateAuthority 

func (x *OIDCConfig) GetTrustedCertificateAuthority() string

func (*OIDCConfig) ProtoMessage 

func (*OIDCConfig) ProtoMessage()

func (*OIDCConfig) ProtoReflect 

func (x *OIDCConfig) ProtoReflect() protoreflect.Message

func (*OIDCConfig) Reset 

func (x *OIDCConfig) Reset()

func (*OIDCConfig) String 

func (x *OIDCConfig) String() string

func (*OIDCConfig) Validate 

func (m *OIDCConfig) Validate() error

Validate checks the field values on OIDCConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*OIDCConfig) ValidateAll 

func (m *OIDCConfig) ValidateAll() error

ValidateAll checks the field values on OIDCConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in OIDCConfigMultiError, or nil if none found.

type OIDCConfigMultiError 

type OIDCConfigMultiError []error

OIDCConfigMultiError is an error wrapping multiple validation errors returned by OIDCConfig.ValidateAll() if the designated constraints aren't met.

func (OIDCConfigMultiError) AllErrors 

func (m OIDCConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (OIDCConfigMultiError) Error 

func (m OIDCConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type OIDCConfigValidationError 

type OIDCConfigValidationError struct {
	// contains filtered or unexported fields
}

OIDCConfigValidationError is the validation error returned by OIDCConfig.Validate if the designated constraints aren't met.

func (OIDCConfigValidationError) Cause 

func (e OIDCConfigValidationError) Cause() error

Cause function returns cause value.

func (OIDCConfigValidationError) Error 

func (e OIDCConfigValidationError) Error() string

Error satisfies the builtin error interface

func (OIDCConfigValidationError) ErrorName 

func (e OIDCConfigValidationError) ErrorName() string

ErrorName returns error name.

func (OIDCConfigValidationError) Field 

func (e OIDCConfigValidationError) Field() string

Field function returns field value.

func (OIDCConfigValidationError) Key 

func (e OIDCConfigValidationError) Key() bool

Key function returns key value.

func (OIDCConfigValidationError) Reason 

func (e OIDCConfigValidationError) Reason() string

Reason function returns reason value.

type OIDCConfig_Jwks 

type OIDCConfig_Jwks struct {
	// The JSON JWKS response from the OIDC provider’s `jwks_uri` URI which can
	// be found in the OIDC provider's [configuration
	// response](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse).
	// Note that this JSON value must be escaped when embedded in a json
	// configmap (see
	// [example](https://github.com/istio-ecosystem/authservice/blob/master/bookinfo-example/config/authservice-configmap-template.yaml)).
	// Used during token verification.
	Jwks string `protobuf:"bytes,4,opt,name=jwks,proto3,oneof"`
}

type OIDCConfig_JwksFetcher 

type OIDCConfig_JwksFetcher struct {
	// Configuration to allow JWKs to be retrieved and updated asynchronously at
	// regular intervals.
	JwksFetcher *OIDCConfig_JwksFetcherConfig `protobuf:"bytes,17,opt,name=jwks_fetcher,json=jwksFetcher,proto3,oneof"`
}

type OIDCConfig_JwksFetcherConfig 

type OIDCConfig_JwksFetcherConfig struct {

	// Request URI that has the JWKs.
	// Required.
	JwksUri string `protobuf:"bytes,1,opt,name=jwks_uri,json=jwksUri,proto3" json:"jwks_uri,omitempty"`
	// Request interval to check whether new JWKs are available. If not
	// specified, default to 1200 seconds, 20min. Optional.
	PeriodicFetchIntervalSec uint32 `` /* 138-byte string literal not displayed */
	// If set to true, the verification of the destination certificate will be
	// skipped when making a request to the JWKs URI. This option is useful when
	// you want to use a self-signed certificate for testing purposes, but
	// basically should not be set to true in any other cases. Optional.
	SkipVerifyPeerCert bool `protobuf:"varint,3,opt,name=skip_verify_peer_cert,json=skipVerifyPeerCert,proto3" json:"skip_verify_peer_cert,omitempty"`
	// contains filtered or unexported fields
}

This message defines a setting to allow asynchronous retrieval and update of the JWK for JWT validation at regular intervals.

func (*OIDCConfig_JwksFetcherConfig) Descriptor deprecated 

func (*OIDCConfig_JwksFetcherConfig) Descriptor() ([]byte, []int)

Deprecated: Use OIDCConfig_JwksFetcherConfig.ProtoReflect.Descriptor instead.

func (*OIDCConfig_JwksFetcherConfig) GetJwksUri 

func (x *OIDCConfig_JwksFetcherConfig) GetJwksUri() string

func (*OIDCConfig_JwksFetcherConfig) GetPeriodicFetchIntervalSec 

func (x *OIDCConfig_JwksFetcherConfig) GetPeriodicFetchIntervalSec() uint32

func (*OIDCConfig_JwksFetcherConfig) GetSkipVerifyPeerCert 

func (x *OIDCConfig_JwksFetcherConfig) GetSkipVerifyPeerCert() bool

func (*OIDCConfig_JwksFetcherConfig) ProtoMessage 

func (*OIDCConfig_JwksFetcherConfig) ProtoMessage()

func (*OIDCConfig_JwksFetcherConfig) ProtoReflect 

func (x *OIDCConfig_JwksFetcherConfig) ProtoReflect() protoreflect.Message

func (*OIDCConfig_JwksFetcherConfig) Reset 

func (x *OIDCConfig_JwksFetcherConfig) Reset()

func (*OIDCConfig_JwksFetcherConfig) String 

func (x *OIDCConfig_JwksFetcherConfig) String() string

func (*OIDCConfig_JwksFetcherConfig) Validate 

func (m *OIDCConfig_JwksFetcherConfig) Validate() error

Validate checks the field values on OIDCConfig_JwksFetcherConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*OIDCConfig_JwksFetcherConfig) ValidateAll 

func (m *OIDCConfig_JwksFetcherConfig) ValidateAll() error

ValidateAll checks the field values on OIDCConfig_JwksFetcherConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in OIDCConfig_JwksFetcherConfigMultiError, or nil if none found.

type OIDCConfig_JwksFetcherConfigMultiError 

type OIDCConfig_JwksFetcherConfigMultiError []error

OIDCConfig_JwksFetcherConfigMultiError is an error wrapping multiple validation errors returned by OIDCConfig_JwksFetcherConfig.ValidateAll() if the designated constraints aren't met.

func (OIDCConfig_JwksFetcherConfigMultiError) AllErrors 

func (m OIDCConfig_JwksFetcherConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (OIDCConfig_JwksFetcherConfigMultiError) Error 

func (m OIDCConfig_JwksFetcherConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type OIDCConfig_JwksFetcherConfigValidationError 

type OIDCConfig_JwksFetcherConfigValidationError struct {
	// contains filtered or unexported fields
}

OIDCConfig_JwksFetcherConfigValidationError is the validation error returned by OIDCConfig_JwksFetcherConfig.Validate if the designated constraints aren't met.

func (OIDCConfig_JwksFetcherConfigValidationError) Cause 

func (e OIDCConfig_JwksFetcherConfigValidationError) Cause() error

Cause function returns cause value.

func (OIDCConfig_JwksFetcherConfigValidationError) Error 

func (e OIDCConfig_JwksFetcherConfigValidationError) Error() string

Error satisfies the builtin error interface

func (OIDCConfig_JwksFetcherConfigValidationError) ErrorName 

func (e OIDCConfig_JwksFetcherConfigValidationError) ErrorName() string

ErrorName returns error name.

func (OIDCConfig_JwksFetcherConfigValidationError) Field 

func (e OIDCConfig_JwksFetcherConfigValidationError) Field() string

Field function returns field value.

func (OIDCConfig_JwksFetcherConfigValidationError) Key 

func (e OIDCConfig_JwksFetcherConfigValidationError) Key() bool

Key function returns key value.

func (OIDCConfig_JwksFetcherConfigValidationError) Reason 

func (e OIDCConfig_JwksFetcherConfigValidationError) Reason() string

Reason function returns reason value.

type RedisConfig 

type RedisConfig struct {

	// The Redis server uri, e.g. "tcp://127.0.0.1:6379"
	ServerUri string `protobuf:"bytes,1,opt,name=server_uri,json=serverUri,proto3" json:"server_uri,omitempty"`
	// contains filtered or unexported fields
}

When specified, the Authservice will use the configured Redis server to store session data

func (*RedisConfig) Descriptor deprecated 

func (*RedisConfig) Descriptor() ([]byte, []int)

Deprecated: Use RedisConfig.ProtoReflect.Descriptor instead.

func (*RedisConfig) GetServerUri 

func (x *RedisConfig) GetServerUri() string

func (*RedisConfig) ProtoMessage 

func (*RedisConfig) ProtoMessage()

func (*RedisConfig) ProtoReflect 

func (x *RedisConfig) ProtoReflect() protoreflect.Message

func (*RedisConfig) Reset 

func (x *RedisConfig) Reset()

func (*RedisConfig) String 

func (x *RedisConfig) String() string

func (*RedisConfig) Validate 

func (m *RedisConfig) Validate() error

Validate checks the field values on RedisConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*RedisConfig) ValidateAll 

func (m *RedisConfig) ValidateAll() error

ValidateAll checks the field values on RedisConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in RedisConfigMultiError, or nil if none found.

type RedisConfigMultiError 

type RedisConfigMultiError []error

RedisConfigMultiError is an error wrapping multiple validation errors returned by RedisConfig.ValidateAll() if the designated constraints aren't met.

func (RedisConfigMultiError) AllErrors 

func (m RedisConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (RedisConfigMultiError) Error 

func (m RedisConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type RedisConfigValidationError 

type RedisConfigValidationError struct {
	// contains filtered or unexported fields
}

RedisConfigValidationError is the validation error returned by RedisConfig.Validate if the designated constraints aren't met.

func (RedisConfigValidationError) Cause 

func (e RedisConfigValidationError) Cause() error

Cause function returns cause value.

func (RedisConfigValidationError) Error 

func (e RedisConfigValidationError) Error() string

Error satisfies the builtin error interface

func (RedisConfigValidationError) ErrorName 

func (e RedisConfigValidationError) ErrorName() string

ErrorName returns error name.

func (RedisConfigValidationError) Field 

func (e RedisConfigValidationError) Field() string

Field function returns field value.

func (RedisConfigValidationError) Key 

func (e RedisConfigValidationError) Key() bool

Key function returns key value.

func (RedisConfigValidationError) Reason 

func (e RedisConfigValidationError) Reason() string

Reason function returns reason value.

type TokenConfig 

type TokenConfig struct {

	// The name of the header that Authservice adds to the request when forwarding
	// to services. The value of this header will contain the `preamble` and the
	// token. This value is case-insensitive, as http header names are
	// case-insensitive. Note that this value must be `Authorization` for the
	// [Istio Authentication
	// Policy](https://istio.io/docs/tasks/security/authn-policy/) to inspect the
	// token. Required.
	Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"`
	// The authentication scheme of the token.
	// For example, when the preamble is `Bearer` and `header` is `Authorization`,
	// the following header will be added to the request to the service:
	// `Authorization: Bearer ID_TOKEN_VALUE`. Note that this value must be
	// `Bearer`, case-sensitive, when header is `Authorization`. Optional.
	Preamble string `protobuf:"bytes,2,opt,name=preamble,proto3" json:"preamble,omitempty"`
	// contains filtered or unexported fields
}

Defines how a token obtained through an OIDC flow is forwarded to services.

func (*TokenConfig) Descriptor deprecated 

func (*TokenConfig) Descriptor() ([]byte, []int)

Deprecated: Use TokenConfig.ProtoReflect.Descriptor instead.

func (*TokenConfig) GetHeader 

func (x *TokenConfig) GetHeader() string

func (*TokenConfig) GetPreamble 

func (x *TokenConfig) GetPreamble() string

func (*TokenConfig) ProtoMessage 

func (*TokenConfig) ProtoMessage()

func (*TokenConfig) ProtoReflect 

func (x *TokenConfig) ProtoReflect() protoreflect.Message

func (*TokenConfig) Reset 

func (x *TokenConfig) Reset()

func (*TokenConfig) String 

func (x *TokenConfig) String() string

func (*TokenConfig) Validate 

func (m *TokenConfig) Validate() error

Validate checks the field values on TokenConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*TokenConfig) ValidateAll 

func (m *TokenConfig) ValidateAll() error

ValidateAll checks the field values on TokenConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in TokenConfigMultiError, or nil if none found.

type TokenConfigMultiError 

type TokenConfigMultiError []error

TokenConfigMultiError is an error wrapping multiple validation errors returned by TokenConfig.ValidateAll() if the designated constraints aren't met.

func (TokenConfigMultiError) AllErrors 

func (m TokenConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (TokenConfigMultiError) Error 

func (m TokenConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type TokenConfigValidationError 

type TokenConfigValidationError struct {
	// contains filtered or unexported fields
}

TokenConfigValidationError is the validation error returned by TokenConfig.Validate if the designated constraints aren't met.

func (TokenConfigValidationError) Cause 

func (e TokenConfigValidationError) Cause() error

Cause function returns cause value.

func (TokenConfigValidationError) Error 

func (e TokenConfigValidationError) Error() string

Error satisfies the builtin error interface

func (TokenConfigValidationError) ErrorName 

func (e TokenConfigValidationError) ErrorName() string

ErrorName returns error name.

func (TokenConfigValidationError) Field 

func (e TokenConfigValidationError) Field() string

Field function returns field value.

func (TokenConfigValidationError) Key 

func (e TokenConfigValidationError) Key() bool

Key function returns key value.

func (TokenConfigValidationError) Reason 

func (e TokenConfigValidationError) Reason() string

Reason function returns reason value.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.