go-control-plane: github.com/envoyproxy/go-control-plane/envoy/service/auth/v4alpha Index | Files

package envoy_service_auth_v4alpha

import "github.com/envoyproxy/go-control-plane/envoy/service/auth/v4alpha"

Index

Package Files

attribute_context.pb.go attribute_context.pb.validate.go external_auth.pb.go external_auth.pb.validate.go

Variables

var File_envoy_service_auth_v4alpha_attribute_context_proto protoreflect.FileDescriptor
var File_envoy_service_auth_v4alpha_external_auth_proto protoreflect.FileDescriptor

func RegisterAuthorizationServer Uses

func RegisterAuthorizationServer(s *grpc.Server, srv AuthorizationServer)

type AttributeContext Uses

type AttributeContext struct {

    // The source of a network activity, such as starting a TCP connection.
    // In a multi hop network activity, the source represents the sender of the
    // last hop.
    Source *AttributeContext_Peer `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
    // The destination of a network activity, such as accepting a TCP connection.
    // In a multi hop network activity, the destination represents the receiver of
    // the last hop.
    Destination *AttributeContext_Peer `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"`
    // Represents a network request, such as an HTTP request.
    Request *AttributeContext_Request `protobuf:"bytes,4,opt,name=request,proto3" json:"request,omitempty"`
    // This is analogous to http_request.headers, however these contents will not be sent to the
    // upstream server. Context_extensions provide an extension mechanism for sending additional
    // information to the auth server without modifying the proto definition. It maps to the
    // internal opaque context in the filter chain.
    ContextExtensions map[string]string `protobuf:"bytes,10,rep,name=context_extensions,json=contextExtensions,proto3" json:"context_extensions,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // Dynamic metadata associated with the request.
    MetadataContext *v4alpha.Metadata `protobuf:"bytes,11,opt,name=metadata_context,json=metadataContext,proto3" json:"metadata_context,omitempty"`
    // contains filtered or unexported fields
}

An attribute is a piece of metadata that describes an activity on a network. For example, the size of an HTTP request, or the status code of an HTTP response.

Each attribute has a type and a name, which is logically defined as a proto message field of the `AttributeContext`. The `AttributeContext` is a collection of individual attributes supported by Envoy authorization system. [#comment: The following items are left out of this proto Request.Auth field for jwt tokens Request.Api for api management Origin peer that originated the request Caching Protocol request_context return values to inject back into the filter chain peer.claims -- from X.509 extensions Configuration - field mask to send - which return values from request_context are copied back - which return values are copied into request_headers] [#next-free-field: 12]

func (*AttributeContext) Descriptor Uses

func (*AttributeContext) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext.ProtoReflect.Descriptor instead.

func (*AttributeContext) GetContextExtensions Uses

func (x *AttributeContext) GetContextExtensions() map[string]string

func (*AttributeContext) GetDestination Uses

func (x *AttributeContext) GetDestination() *AttributeContext_Peer

func (*AttributeContext) GetMetadataContext Uses

func (x *AttributeContext) GetMetadataContext() *v4alpha.Metadata

func (*AttributeContext) GetRequest Uses

func (x *AttributeContext) GetRequest() *AttributeContext_Request

func (*AttributeContext) GetSource Uses

func (x *AttributeContext) GetSource() *AttributeContext_Peer

func (*AttributeContext) ProtoMessage Uses

func (*AttributeContext) ProtoMessage()

func (*AttributeContext) ProtoReflect Uses

func (x *AttributeContext) ProtoReflect() protoreflect.Message

func (*AttributeContext) Reset Uses

func (x *AttributeContext) Reset()

func (*AttributeContext) String Uses

func (x *AttributeContext) String() string

func (*AttributeContext) Validate Uses

func (m *AttributeContext) Validate() error

Validate checks the field values on AttributeContext with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type AttributeContextValidationError Uses

type AttributeContextValidationError struct {
    // contains filtered or unexported fields
}

AttributeContextValidationError is the validation error returned by AttributeContext.Validate if the designated constraints aren't met.

func (AttributeContextValidationError) Cause Uses

func (e AttributeContextValidationError) Cause() error

Cause function returns cause value.

func (AttributeContextValidationError) Error Uses

func (e AttributeContextValidationError) Error() string

Error satisfies the builtin error interface

func (AttributeContextValidationError) ErrorName Uses

func (e AttributeContextValidationError) ErrorName() string

ErrorName returns error name.

func (AttributeContextValidationError) Field Uses

func (e AttributeContextValidationError) Field() string

Field function returns field value.

func (AttributeContextValidationError) Key Uses

func (e AttributeContextValidationError) Key() bool

Key function returns key value.

func (AttributeContextValidationError) Reason Uses

func (e AttributeContextValidationError) Reason() string

Reason function returns reason value.

type AttributeContext_HttpRequest Uses

type AttributeContext_HttpRequest struct {

    // The unique ID for a request, which can be propagated to downstream
    // systems. The ID should have low probability of collision
    // within a single day for a specific service.
    // For HTTP requests, it should be X-Request-ID or equivalent.
    Id  string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
    // The HTTP request method, such as `GET`, `POST`.
    Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"`
    // The HTTP request headers. If multiple headers share the same key, they
    // must be merged according to the HTTP spec. All header keys must be
    // lower-cased, because HTTP header keys are case-insensitive.
    Headers map[string]string `protobuf:"bytes,3,rep,name=headers,proto3" json:"headers,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // The request target, as it appears in the first line of the HTTP request. This includes
    // the URL path and query-string. No decoding is performed.
    Path string `protobuf:"bytes,4,opt,name=path,proto3" json:"path,omitempty"`
    // The HTTP request `Host` or 'Authority` header value.
    Host string `protobuf:"bytes,5,opt,name=host,proto3" json:"host,omitempty"`
    // The HTTP URL scheme, such as `http` and `https`.
    Scheme string `protobuf:"bytes,6,opt,name=scheme,proto3" json:"scheme,omitempty"`
    // This field is always empty, and exists for compatibility reasons. The HTTP URL query is
    // included in `path` field.
    Query string `protobuf:"bytes,7,opt,name=query,proto3" json:"query,omitempty"`
    // This field is always empty, and exists for compatibility reasons. The URL fragment is
    // not submitted as part of HTTP requests; it is unknowable.
    Fragment string `protobuf:"bytes,8,opt,name=fragment,proto3" json:"fragment,omitempty"`
    // The HTTP request size in bytes. If unknown, it must be -1.
    Size int64 `protobuf:"varint,9,opt,name=size,proto3" json:"size,omitempty"`
    // The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2".
    //
    // See :repo:`headers.h:ProtocolStrings <source/common/http/headers.h>` for a list of all
    // possible values.
    Protocol string `protobuf:"bytes,10,opt,name=protocol,proto3" json:"protocol,omitempty"`
    // The HTTP request body.
    Body string `protobuf:"bytes,11,opt,name=body,proto3" json:"body,omitempty"`
    // The HTTP request body in bytes. This is used instead of
    // :ref:`body <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.body>` when
    // :ref:`pack_as_bytes <envoy_api_field_extensions.filters.http.ext_authz.v4alpha.BufferSettings.pack_as_bytes>`
    // is set to true.
    RawBody []byte `protobuf:"bytes,12,opt,name=raw_body,json=rawBody,proto3" json:"raw_body,omitempty"`
    // contains filtered or unexported fields
}

This message defines attributes for an HTTP request. HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. [#next-free-field: 13]

func (*AttributeContext_HttpRequest) Descriptor Uses

func (*AttributeContext_HttpRequest) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_HttpRequest.ProtoReflect.Descriptor instead.

func (*AttributeContext_HttpRequest) GetBody Uses

func (x *AttributeContext_HttpRequest) GetBody() string

func (*AttributeContext_HttpRequest) GetFragment Uses

func (x *AttributeContext_HttpRequest) GetFragment() string

func (*AttributeContext_HttpRequest) GetHeaders Uses

func (x *AttributeContext_HttpRequest) GetHeaders() map[string]string

func (*AttributeContext_HttpRequest) GetHost Uses

func (x *AttributeContext_HttpRequest) GetHost() string

func (*AttributeContext_HttpRequest) GetId Uses

func (x *AttributeContext_HttpRequest) GetId() string

func (*AttributeContext_HttpRequest) GetMethod Uses

func (x *AttributeContext_HttpRequest) GetMethod() string

func (*AttributeContext_HttpRequest) GetPath Uses

func (x *AttributeContext_HttpRequest) GetPath() string

func (*AttributeContext_HttpRequest) GetProtocol Uses

func (x *AttributeContext_HttpRequest) GetProtocol() string

func (*AttributeContext_HttpRequest) GetQuery Uses

func (x *AttributeContext_HttpRequest) GetQuery() string

func (*AttributeContext_HttpRequest) GetRawBody Uses

func (x *AttributeContext_HttpRequest) GetRawBody() []byte

func (*AttributeContext_HttpRequest) GetScheme Uses

func (x *AttributeContext_HttpRequest) GetScheme() string

func (*AttributeContext_HttpRequest) GetSize Uses

func (x *AttributeContext_HttpRequest) GetSize() int64

func (*AttributeContext_HttpRequest) ProtoMessage Uses

func (*AttributeContext_HttpRequest) ProtoMessage()

func (*AttributeContext_HttpRequest) ProtoReflect Uses

func (x *AttributeContext_HttpRequest) ProtoReflect() protoreflect.Message

func (*AttributeContext_HttpRequest) Reset Uses

func (x *AttributeContext_HttpRequest) Reset()

func (*AttributeContext_HttpRequest) String Uses

func (x *AttributeContext_HttpRequest) String() string

func (*AttributeContext_HttpRequest) Validate Uses

func (m *AttributeContext_HttpRequest) Validate() error

Validate checks the field values on AttributeContext_HttpRequest with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type AttributeContext_HttpRequestValidationError Uses

type AttributeContext_HttpRequestValidationError struct {
    // contains filtered or unexported fields
}

AttributeContext_HttpRequestValidationError is the validation error returned by AttributeContext_HttpRequest.Validate if the designated constraints aren't met.

func (AttributeContext_HttpRequestValidationError) Cause Uses

func (e AttributeContext_HttpRequestValidationError) Cause() error

Cause function returns cause value.

func (AttributeContext_HttpRequestValidationError) Error Uses

func (e AttributeContext_HttpRequestValidationError) Error() string

Error satisfies the builtin error interface

func (AttributeContext_HttpRequestValidationError) ErrorName Uses

func (e AttributeContext_HttpRequestValidationError) ErrorName() string

ErrorName returns error name.

func (AttributeContext_HttpRequestValidationError) Field Uses

func (e AttributeContext_HttpRequestValidationError) Field() string

Field function returns field value.

func (AttributeContext_HttpRequestValidationError) Key Uses

func (e AttributeContext_HttpRequestValidationError) Key() bool

Key function returns key value.

func (AttributeContext_HttpRequestValidationError) Reason Uses

func (e AttributeContext_HttpRequestValidationError) Reason() string

Reason function returns reason value.

type AttributeContext_Peer Uses

type AttributeContext_Peer struct {

    // The address of the peer, this is typically the IP address.
    // It can also be UDS path, or others.
    Address *v4alpha.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
    // The canonical service name of the peer.
    // It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster
    // <config_http_conn_man_headers_downstream-service-cluster>`
    // If a more trusted source of the service name is available through mTLS/secure naming, it
    // should be used.
    Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"`
    // The labels associated with the peer.
    // These could be pod labels for Kubernetes or tags for VMs.
    // The source of the labels could be an X.509 certificate or other configuration.
    Labels map[string]string `protobuf:"bytes,3,rep,name=labels,proto3" json:"labels,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`
    // The authenticated identity of this peer.
    // For example, the identity associated with the workload such as a service account.
    // If an X.509 certificate is used to assert the identity this field should be sourced from
    // `URI Subject Alternative Names`, `DNS Subject Alternate Names` or `Subject` in that order.
    // The primary identity should be the principal. The principal format is issuer specific.
    //
    // Example:
    // *    SPIFFE format is `spiffe://trust-domain/path`
    // *    Google account format is `https://accounts.google.com/{userid}`
    Principal string `protobuf:"bytes,4,opt,name=principal,proto3" json:"principal,omitempty"`
    // The X.509 certificate used to authenticate the identify of this peer.
    // When present, the certificate contents are encoded in URL and PEM format.
    Certificate string `protobuf:"bytes,5,opt,name=certificate,proto3" json:"certificate,omitempty"`
    // contains filtered or unexported fields
}

This message defines attributes for a node that handles a network request. The node can be either a service or an application that sends, forwards, or receives the request. Service peers should fill in the `service`, `principal`, and `labels` as appropriate. [#next-free-field: 6]

func (*AttributeContext_Peer) Descriptor Uses

func (*AttributeContext_Peer) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_Peer.ProtoReflect.Descriptor instead.

func (*AttributeContext_Peer) GetAddress Uses

func (x *AttributeContext_Peer) GetAddress() *v4alpha.Address

func (*AttributeContext_Peer) GetCertificate Uses

func (x *AttributeContext_Peer) GetCertificate() string

func (*AttributeContext_Peer) GetLabels Uses

func (x *AttributeContext_Peer) GetLabels() map[string]string

func (*AttributeContext_Peer) GetPrincipal Uses

func (x *AttributeContext_Peer) GetPrincipal() string

func (*AttributeContext_Peer) GetService Uses

func (x *AttributeContext_Peer) GetService() string

func (*AttributeContext_Peer) ProtoMessage Uses

func (*AttributeContext_Peer) ProtoMessage()

func (*AttributeContext_Peer) ProtoReflect Uses

func (x *AttributeContext_Peer) ProtoReflect() protoreflect.Message

func (*AttributeContext_Peer) Reset Uses

func (x *AttributeContext_Peer) Reset()

func (*AttributeContext_Peer) String Uses

func (x *AttributeContext_Peer) String() string

func (*AttributeContext_Peer) Validate Uses

func (m *AttributeContext_Peer) Validate() error

Validate checks the field values on AttributeContext_Peer with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type AttributeContext_PeerValidationError Uses

type AttributeContext_PeerValidationError struct {
    // contains filtered or unexported fields
}

AttributeContext_PeerValidationError is the validation error returned by AttributeContext_Peer.Validate if the designated constraints aren't met.

func (AttributeContext_PeerValidationError) Cause Uses

func (e AttributeContext_PeerValidationError) Cause() error

Cause function returns cause value.

func (AttributeContext_PeerValidationError) Error Uses

func (e AttributeContext_PeerValidationError) Error() string

Error satisfies the builtin error interface

func (AttributeContext_PeerValidationError) ErrorName Uses

func (e AttributeContext_PeerValidationError) ErrorName() string

ErrorName returns error name.

func (AttributeContext_PeerValidationError) Field Uses

func (e AttributeContext_PeerValidationError) Field() string

Field function returns field value.

func (AttributeContext_PeerValidationError) Key Uses

func (e AttributeContext_PeerValidationError) Key() bool

Key function returns key value.

func (AttributeContext_PeerValidationError) Reason Uses

func (e AttributeContext_PeerValidationError) Reason() string

Reason function returns reason value.

type AttributeContext_Request Uses

type AttributeContext_Request struct {

    // The timestamp when the proxy receives the first byte of the request.
    Time *timestamp.Timestamp `protobuf:"bytes,1,opt,name=time,proto3" json:"time,omitempty"`
    // Represents an HTTP request or an HTTP-like request.
    Http *AttributeContext_HttpRequest `protobuf:"bytes,2,opt,name=http,proto3" json:"http,omitempty"`
    // contains filtered or unexported fields
}

Represents a network request, such as an HTTP request.

func (*AttributeContext_Request) Descriptor Uses

func (*AttributeContext_Request) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_Request.ProtoReflect.Descriptor instead.

func (*AttributeContext_Request) GetHttp Uses

func (x *AttributeContext_Request) GetHttp() *AttributeContext_HttpRequest

func (*AttributeContext_Request) GetTime Uses

func (x *AttributeContext_Request) GetTime() *timestamp.Timestamp

func (*AttributeContext_Request) ProtoMessage Uses

func (*AttributeContext_Request) ProtoMessage()

func (*AttributeContext_Request) ProtoReflect Uses

func (x *AttributeContext_Request) ProtoReflect() protoreflect.Message

func (*AttributeContext_Request) Reset Uses

func (x *AttributeContext_Request) Reset()

func (*AttributeContext_Request) String Uses

func (x *AttributeContext_Request) String() string

func (*AttributeContext_Request) Validate Uses

func (m *AttributeContext_Request) Validate() error

Validate checks the field values on AttributeContext_Request with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type AttributeContext_RequestValidationError Uses

type AttributeContext_RequestValidationError struct {
    // contains filtered or unexported fields
}

AttributeContext_RequestValidationError is the validation error returned by AttributeContext_Request.Validate if the designated constraints aren't met.

func (AttributeContext_RequestValidationError) Cause Uses

func (e AttributeContext_RequestValidationError) Cause() error

Cause function returns cause value.

func (AttributeContext_RequestValidationError) Error Uses

func (e AttributeContext_RequestValidationError) Error() string

Error satisfies the builtin error interface

func (AttributeContext_RequestValidationError) ErrorName Uses

func (e AttributeContext_RequestValidationError) ErrorName() string

ErrorName returns error name.

func (AttributeContext_RequestValidationError) Field Uses

func (e AttributeContext_RequestValidationError) Field() string

Field function returns field value.

func (AttributeContext_RequestValidationError) Key Uses

func (e AttributeContext_RequestValidationError) Key() bool

Key function returns key value.

func (AttributeContext_RequestValidationError) Reason Uses

func (e AttributeContext_RequestValidationError) Reason() string

Reason function returns reason value.

type AuthorizationClient Uses

type AuthorizationClient interface {
    // Performs authorization check based on the attributes associated with the
    // incoming request, and returns status `OK` or not `OK`.
    Check(ctx context.Context, in *CheckRequest, opts ...grpc.CallOption) (*CheckResponse, error)
}

AuthorizationClient is the client API for Authorization service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewAuthorizationClient Uses

func NewAuthorizationClient(cc grpc.ClientConnInterface) AuthorizationClient

type AuthorizationServer Uses

type AuthorizationServer interface {
    // Performs authorization check based on the attributes associated with the
    // incoming request, and returns status `OK` or not `OK`.
    Check(context.Context, *CheckRequest) (*CheckResponse, error)
}

AuthorizationServer is the server API for Authorization service.

type CheckRequest Uses

type CheckRequest struct {

    // The request attributes.
    Attributes *AttributeContext `protobuf:"bytes,1,opt,name=attributes,proto3" json:"attributes,omitempty"`
    // contains filtered or unexported fields
}

func (*CheckRequest) Descriptor Uses

func (*CheckRequest) Descriptor() ([]byte, []int)

Deprecated: Use CheckRequest.ProtoReflect.Descriptor instead.

func (*CheckRequest) GetAttributes Uses

func (x *CheckRequest) GetAttributes() *AttributeContext

func (*CheckRequest) ProtoMessage Uses

func (*CheckRequest) ProtoMessage()

func (*CheckRequest) ProtoReflect Uses

func (x *CheckRequest) ProtoReflect() protoreflect.Message

func (*CheckRequest) Reset Uses

func (x *CheckRequest) Reset()

func (*CheckRequest) String Uses

func (x *CheckRequest) String() string

func (*CheckRequest) Validate Uses

func (m *CheckRequest) Validate() error

Validate checks the field values on CheckRequest with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type CheckRequestValidationError Uses

type CheckRequestValidationError struct {
    // contains filtered or unexported fields
}

CheckRequestValidationError is the validation error returned by CheckRequest.Validate if the designated constraints aren't met.

func (CheckRequestValidationError) Cause Uses

func (e CheckRequestValidationError) Cause() error

Cause function returns cause value.

func (CheckRequestValidationError) Error Uses

func (e CheckRequestValidationError) Error() string

Error satisfies the builtin error interface

func (CheckRequestValidationError) ErrorName Uses

func (e CheckRequestValidationError) ErrorName() string

ErrorName returns error name.

func (CheckRequestValidationError) Field Uses

func (e CheckRequestValidationError) Field() string

Field function returns field value.

func (CheckRequestValidationError) Key Uses

func (e CheckRequestValidationError) Key() bool

Key function returns key value.

func (CheckRequestValidationError) Reason Uses

func (e CheckRequestValidationError) Reason() string

Reason function returns reason value.

type CheckResponse Uses

type CheckResponse struct {

    // Status `OK` allows the request. Any other status indicates the request should be denied.
    Status *status.Status `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
    // An message that contains HTTP response attributes. This message is
    // used when the authorization service needs to send custom responses to the
    // downstream client or, to modify/add request headers being dispatched to the upstream.
    //
    // Types that are assignable to HttpResponse:
    //	*CheckResponse_DeniedResponse
    //	*CheckResponse_OkResponse
    HttpResponse isCheckResponse_HttpResponse `protobuf_oneof:"http_response"`
    // Optional response metadata that will be emitted as dynamic metadata to be consumed by the next
    // filter. This metadata lives in a namespace specified by the canonical name of extension filter
    // that requires it:
    //
    // - :ref:`envoy.filters.http.ext_authz <config_http_filters_ext_authz_dynamic_metadata>` for HTTP filter.
    // - :ref:`envoy.filters.network.ext_authz <config_network_filters_ext_authz_dynamic_metadata>` for network filter.
    DynamicMetadata *_struct.Struct `protobuf:"bytes,4,opt,name=dynamic_metadata,json=dynamicMetadata,proto3" json:"dynamic_metadata,omitempty"`
    // contains filtered or unexported fields
}

Intended for gRPC and Network Authorization servers `only`.

func (*CheckResponse) Descriptor Uses

func (*CheckResponse) Descriptor() ([]byte, []int)

Deprecated: Use CheckResponse.ProtoReflect.Descriptor instead.

func (*CheckResponse) GetDeniedResponse Uses

func (x *CheckResponse) GetDeniedResponse() *DeniedHttpResponse

func (*CheckResponse) GetDynamicMetadata Uses

func (x *CheckResponse) GetDynamicMetadata() *_struct.Struct

func (*CheckResponse) GetHttpResponse Uses

func (m *CheckResponse) GetHttpResponse() isCheckResponse_HttpResponse

func (*CheckResponse) GetOkResponse Uses

func (x *CheckResponse) GetOkResponse() *OkHttpResponse

func (*CheckResponse) GetStatus Uses

func (x *CheckResponse) GetStatus() *status.Status

func (*CheckResponse) ProtoMessage Uses

func (*CheckResponse) ProtoMessage()

func (*CheckResponse) ProtoReflect Uses

func (x *CheckResponse) ProtoReflect() protoreflect.Message

func (*CheckResponse) Reset Uses

func (x *CheckResponse) Reset()

func (*CheckResponse) String Uses

func (x *CheckResponse) String() string

func (*CheckResponse) Validate Uses

func (m *CheckResponse) Validate() error

Validate checks the field values on CheckResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type CheckResponseValidationError Uses

type CheckResponseValidationError struct {
    // contains filtered or unexported fields
}

CheckResponseValidationError is the validation error returned by CheckResponse.Validate if the designated constraints aren't met.

func (CheckResponseValidationError) Cause Uses

func (e CheckResponseValidationError) Cause() error

Cause function returns cause value.

func (CheckResponseValidationError) Error Uses

func (e CheckResponseValidationError) Error() string

Error satisfies the builtin error interface

func (CheckResponseValidationError) ErrorName Uses

func (e CheckResponseValidationError) ErrorName() string

ErrorName returns error name.

func (CheckResponseValidationError) Field Uses

func (e CheckResponseValidationError) Field() string

Field function returns field value.

func (CheckResponseValidationError) Key Uses

func (e CheckResponseValidationError) Key() bool

Key function returns key value.

func (CheckResponseValidationError) Reason Uses

func (e CheckResponseValidationError) Reason() string

Reason function returns reason value.

type CheckResponse_DeniedResponse Uses

type CheckResponse_DeniedResponse struct {
    // Supplies http attributes for a denied response.
    DeniedResponse *DeniedHttpResponse `protobuf:"bytes,2,opt,name=denied_response,json=deniedResponse,proto3,oneof"`
}

type CheckResponse_OkResponse Uses

type CheckResponse_OkResponse struct {
    // Supplies http attributes for an ok response.
    OkResponse *OkHttpResponse `protobuf:"bytes,3,opt,name=ok_response,json=okResponse,proto3,oneof"`
}

type DeniedHttpResponse Uses

type DeniedHttpResponse struct {

    // This field allows the authorization service to send a HTTP response status
    // code to the downstream client other than 403 (Forbidden).
    Status *v3.HttpStatus `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
    // This field allows the authorization service to send HTTP response headers
    // to the downstream client. Note that the `append` field in `HeaderValueOption` defaults to
    // false when used in this message.
    Headers []*v4alpha.HeaderValueOption `protobuf:"bytes,2,rep,name=headers,proto3" json:"headers,omitempty"`
    // This field allows the authorization service to send a response body data
    // to the downstream client.
    Body string `protobuf:"bytes,3,opt,name=body,proto3" json:"body,omitempty"`
    // contains filtered or unexported fields
}

HTTP attributes for a denied response.

func (*DeniedHttpResponse) Descriptor Uses

func (*DeniedHttpResponse) Descriptor() ([]byte, []int)

Deprecated: Use DeniedHttpResponse.ProtoReflect.Descriptor instead.

func (*DeniedHttpResponse) GetBody Uses

func (x *DeniedHttpResponse) GetBody() string

func (*DeniedHttpResponse) GetHeaders Uses

func (x *DeniedHttpResponse) GetHeaders() []*v4alpha.HeaderValueOption

func (*DeniedHttpResponse) GetStatus Uses

func (x *DeniedHttpResponse) GetStatus() *v3.HttpStatus

func (*DeniedHttpResponse) ProtoMessage Uses

func (*DeniedHttpResponse) ProtoMessage()

func (*DeniedHttpResponse) ProtoReflect Uses

func (x *DeniedHttpResponse) ProtoReflect() protoreflect.Message

func (*DeniedHttpResponse) Reset Uses

func (x *DeniedHttpResponse) Reset()

func (*DeniedHttpResponse) String Uses

func (x *DeniedHttpResponse) String() string

func (*DeniedHttpResponse) Validate Uses

func (m *DeniedHttpResponse) Validate() error

Validate checks the field values on DeniedHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type DeniedHttpResponseValidationError Uses

type DeniedHttpResponseValidationError struct {
    // contains filtered or unexported fields
}

DeniedHttpResponseValidationError is the validation error returned by DeniedHttpResponse.Validate if the designated constraints aren't met.

func (DeniedHttpResponseValidationError) Cause Uses

func (e DeniedHttpResponseValidationError) Cause() error

Cause function returns cause value.

func (DeniedHttpResponseValidationError) Error Uses

func (e DeniedHttpResponseValidationError) Error() string

Error satisfies the builtin error interface

func (DeniedHttpResponseValidationError) ErrorName Uses

func (e DeniedHttpResponseValidationError) ErrorName() string

ErrorName returns error name.

func (DeniedHttpResponseValidationError) Field Uses

func (e DeniedHttpResponseValidationError) Field() string

Field function returns field value.

func (DeniedHttpResponseValidationError) Key Uses

func (e DeniedHttpResponseValidationError) Key() bool

Key function returns key value.

func (DeniedHttpResponseValidationError) Reason Uses

func (e DeniedHttpResponseValidationError) Reason() string

Reason function returns reason value.

type OkHttpResponse Uses

type OkHttpResponse struct {

    // HTTP entity headers in addition to the original request headers. This allows the authorization
    // service to append, to add or to override headers from the original request before
    // dispatching it to the upstream. Note that the `append` field in `HeaderValueOption` defaults to
    // false when used in this message. By setting the `append` field to `true`,
    // the filter will append the correspondent header value to the matched request header.
    // By leaving `append` as false, the filter will either add a new header, or override an existing
    // one if there is a match.
    Headers []*v4alpha.HeaderValueOption `protobuf:"bytes,2,rep,name=headers,proto3" json:"headers,omitempty"`
    // HTTP entity headers to remove from the original request before dispatching
    // it to the upstream. This allows the authorization service to act on auth
    // related headers (like `Authorization`), process them, and consume them.
    // Under this model, the upstream will either receive the request (if it's
    // authorized) or not receive it (if it's not), but will not see headers
    // containing authorization credentials.
    //
    // Pseudo headers (such as `:authority`, `:method`, `:path` etc), as well as
    // the header `Host`, may not be removed as that would make the request
    // malformed. If mentioned in `headers_to_remove` these special headers will
    // be ignored.
    //
    // When using the HTTP service this must instead be set by the HTTP
    // authorization service as a comma separated list like so:
    // ``x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header``.
    HeadersToRemove []string `protobuf:"bytes,5,rep,name=headers_to_remove,json=headersToRemove,proto3" json:"headers_to_remove,omitempty"`
    // This field has been deprecated in favor of :ref:`CheckResponse.dynamic_metadata
    // <envoy_v3_api_field_service.auth.v3.CheckResponse.dynamic_metadata>`. Until it is removed,
    // setting this field overrides :ref:`CheckResponse.dynamic_metadata
    // <envoy_v3_api_field_service.auth.v3.CheckResponse.dynamic_metadata>`.
    //
    // Deprecated: Do not use.
    HiddenEnvoyDeprecatedDynamicMetadata *_struct.Struct `protobuf:"bytes,3,opt,name=hidden_envoy_deprecated_dynamic_metadata,json=hiddenEnvoyDeprecatedDynamicMetadata,proto3" json:"hidden_envoy_deprecated_dynamic_metadata,omitempty"`
    // contains filtered or unexported fields
}

HTTP attributes for an OK response. [#next-free-field: 6]

func (*OkHttpResponse) Descriptor Uses

func (*OkHttpResponse) Descriptor() ([]byte, []int)

Deprecated: Use OkHttpResponse.ProtoReflect.Descriptor instead.

func (*OkHttpResponse) GetHeaders Uses

func (x *OkHttpResponse) GetHeaders() []*v4alpha.HeaderValueOption

func (*OkHttpResponse) GetHeadersToRemove Uses

func (x *OkHttpResponse) GetHeadersToRemove() []string

func (*OkHttpResponse) GetHiddenEnvoyDeprecatedDynamicMetadata Uses

func (x *OkHttpResponse) GetHiddenEnvoyDeprecatedDynamicMetadata() *_struct.Struct

Deprecated: Do not use.

func (*OkHttpResponse) ProtoMessage Uses

func (*OkHttpResponse) ProtoMessage()

func (*OkHttpResponse) ProtoReflect Uses

func (x *OkHttpResponse) ProtoReflect() protoreflect.Message

func (*OkHttpResponse) Reset Uses

func (x *OkHttpResponse) Reset()

func (*OkHttpResponse) String Uses

func (x *OkHttpResponse) String() string

func (*OkHttpResponse) Validate Uses

func (m *OkHttpResponse) Validate() error

Validate checks the field values on OkHttpResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type OkHttpResponseValidationError Uses

type OkHttpResponseValidationError struct {
    // contains filtered or unexported fields
}

OkHttpResponseValidationError is the validation error returned by OkHttpResponse.Validate if the designated constraints aren't met.

func (OkHttpResponseValidationError) Cause Uses

func (e OkHttpResponseValidationError) Cause() error

Cause function returns cause value.

func (OkHttpResponseValidationError) Error Uses

func (e OkHttpResponseValidationError) Error() string

Error satisfies the builtin error interface

func (OkHttpResponseValidationError) ErrorName Uses

func (e OkHttpResponseValidationError) ErrorName() string

ErrorName returns error name.

func (OkHttpResponseValidationError) Field Uses

func (e OkHttpResponseValidationError) Field() string

Field function returns field value.

func (OkHttpResponseValidationError) Key Uses

func (e OkHttpResponseValidationError) Key() bool

Key function returns key value.

func (OkHttpResponseValidationError) Reason Uses

func (e OkHttpResponseValidationError) Reason() string

Reason function returns reason value.

type UnimplementedAuthorizationServer Uses

type UnimplementedAuthorizationServer struct {
}

UnimplementedAuthorizationServer can be embedded to have forward compatible implementations.

func (*UnimplementedAuthorizationServer) Check Uses

func (*UnimplementedAuthorizationServer) Check(context.Context, *CheckRequest) (*CheckResponse, error)

Package envoy_service_auth_v4alpha imports 27 packages (graph) and is imported by 5 packages. Updated 2021-01-09. Refresh now. Tools for package owners.