Documentation ¶
Index ¶
- Constants
- Variables
- func SourceIPAuth(ctx context.Context) (context.Context, error)
- func SourceIPFrom(ctx context.Context) (net.IP, error)
- func TokenSourceFrom(ctx context.Context) (oauth2.TokenSource, error)
- func UserInfoFrom(ctx context.Context) (*oidc.UserInfo, error)
- func WithSourceIP(ctx context.Context, ip net.IP) context.Context
- func WithTokenSource(ctx context.Context, ts oauth2.TokenSource) context.Context
- func WithUserInfo(ctx context.Context, ui *oidc.UserInfo) context.Context
- type ESPv2Auth
- type IDToken
Constants ¶
const (
ESPV2_USER_INFO_HEADER = "x-endpoint-api-userinfo"
)
Variables ¶
Functions ¶
func SourceIPAuth ¶
SourceIPAuth implements github.com/grpc-ecosystem/go-grpc-middleware/auth.AuthFunc and determines the source IP address of the caller in the following order:
- First entry in x-forwarded-for header if present
- Fallback to gRPC peer IP address
func TokenSourceFrom ¶
func TokenSourceFrom(ctx context.Context) (oauth2.TokenSource, error)
func WithTokenSource ¶
Types ¶
type ESPv2Auth ¶
type ESPv2Auth struct { }
ESPv2Auth can be used by github.com/grpc-ecosystem/go-grpc-middleware/auth extracting the user info from gRPC metadata. No validation needs to be performed since ESPv2 already validated the token for us. Do not use this for deployments without a front-facing ESPv2 deployment.
type IDToken ¶
type IDToken struct {
Insecure bool
}
IDToken immplements github.com/grpc/grpc-go/credentials.PerRPCCredentials. It loads the TokenSource from context and uses its id_token as a bearer.
func (*IDToken) GetRequestMetadata ¶
GetRequestMetadata immplements credentials.PerRPCCredentials.
func (*IDToken) RequireTransportSecurity ¶
RequireTransportSecurity immplements credentials.PerRPCCredentials.