Documentation
¶
Index ¶
- Variables
- type Audience
- type Audience_builder
- type GcpAuthnFilterConfig
- func (x *GcpAuthnFilterConfig) ClearCacheConfig()
- func (x *GcpAuthnFilterConfig) ClearHttpUri()deprecated
- func (x *GcpAuthnFilterConfig) ClearRetryPolicy()
- func (x *GcpAuthnFilterConfig) ClearTimeout()
- func (x *GcpAuthnFilterConfig) ClearTokenHeader()
- func (x *GcpAuthnFilterConfig) GetCacheConfig() *TokenCacheConfig
- func (x *GcpAuthnFilterConfig) GetCluster() string
- func (x *GcpAuthnFilterConfig) GetHttpUri() *v3.HttpUrideprecated
- func (x *GcpAuthnFilterConfig) GetRetryPolicy() *v3.RetryPolicy
- func (x *GcpAuthnFilterConfig) GetTimeout() *durationpb.Duration
- func (x *GcpAuthnFilterConfig) GetTokenHeader() *TokenHeader
- func (x *GcpAuthnFilterConfig) HasCacheConfig() bool
- func (x *GcpAuthnFilterConfig) HasHttpUri() booldeprecated
- func (x *GcpAuthnFilterConfig) HasRetryPolicy() bool
- func (x *GcpAuthnFilterConfig) HasTimeout() bool
- func (x *GcpAuthnFilterConfig) HasTokenHeader() bool
- func (*GcpAuthnFilterConfig) ProtoMessage()
- func (x *GcpAuthnFilterConfig) ProtoReflect() protoreflect.Message
- func (x *GcpAuthnFilterConfig) Reset()
- func (x *GcpAuthnFilterConfig) SetCacheConfig(v *TokenCacheConfig)
- func (x *GcpAuthnFilterConfig) SetCluster(v string)
- func (x *GcpAuthnFilterConfig) SetHttpUri(v *v3.HttpUri)deprecated
- func (x *GcpAuthnFilterConfig) SetRetryPolicy(v *v3.RetryPolicy)
- func (x *GcpAuthnFilterConfig) SetTimeout(v *durationpb.Duration)
- func (x *GcpAuthnFilterConfig) SetTokenHeader(v *TokenHeader)
- func (x *GcpAuthnFilterConfig) String() string
- type GcpAuthnFilterConfig_builder
- type TokenCacheConfig
- func (x *TokenCacheConfig) ClearCacheSize()
- func (x *TokenCacheConfig) GetCacheSize() *wrapperspb.UInt64Value
- func (x *TokenCacheConfig) HasCacheSize() bool
- func (*TokenCacheConfig) ProtoMessage()
- func (x *TokenCacheConfig) ProtoReflect() protoreflect.Message
- func (x *TokenCacheConfig) Reset()
- func (x *TokenCacheConfig) SetCacheSize(v *wrapperspb.UInt64Value)
- func (x *TokenCacheConfig) String() string
- type TokenCacheConfig_builder
- type TokenHeader
- func (x *TokenHeader) GetName() string
- func (x *TokenHeader) GetValuePrefix() string
- func (*TokenHeader) ProtoMessage()
- func (x *TokenHeader) ProtoReflect() protoreflect.Message
- func (x *TokenHeader) Reset()
- func (x *TokenHeader) SetName(v string)
- func (x *TokenHeader) SetValuePrefix(v string)
- func (x *TokenHeader) String() string
- type TokenHeader_builder
Constants ¶
This section is empty.
Variables ¶
View Source
var File_envoy_extensions_filters_http_gcp_authn_v3_gcp_authn_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type Audience ¶
type Audience struct {
Url string `protobuf:"bytes,1,opt,name=url,proto3" json:"url,omitempty"`
// contains filtered or unexported fields
}
Audience is the URL of the receiving service that performs token authentication. It will be provided to the filter through cluster's typed_filter_metadata.
func (*Audience) ProtoReflect ¶
func (x *Audience) ProtoReflect() protoreflect.Message
type Audience_builder ¶
type Audience_builder struct {
Url string
// contains filtered or unexported fields
}
func (Audience_builder) Build ¶
func (b0 Audience_builder) Build() *Audience
type GcpAuthnFilterConfig ¶
type GcpAuthnFilterConfig struct {
// The HTTP URI to fetch tokens from GCE Metadata Server(https://cloud.google.com/compute/docs/metadata/overview).
// The URL format is "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/identity?audience=[AUDIENCE]"
//
// This field is deprecated because it does not match the API surface provided by the google auth libraries.
// Control planes should not attempt to override the metadata server URI.
// The cluster and timeout can be configured using the “cluster“ and “timeout“ fields instead.
// For backward compatibility, the cluster and timeout configured in this field will be used
// if the new “cluster“ and “timeout“ fields are not set.
//
// Deprecated: Marked as deprecated in envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.proto.
HttpUri *v3.HttpUri `protobuf:"bytes,1,opt,name=http_uri,json=httpUri,proto3" json:"http_uri,omitempty"`
// Retry policy for fetching tokens.
// Not supported by all data planes.
RetryPolicy *v3.RetryPolicy `protobuf:"bytes,2,opt,name=retry_policy,json=retryPolicy,proto3" json:"retry_policy,omitempty"`
// Token cache configuration. This field is optional.
CacheConfig *TokenCacheConfig `protobuf:"bytes,3,opt,name=cache_config,json=cacheConfig,proto3" json:"cache_config,omitempty"`
// Request header location to extract the token. By default (i.e. if this field is not specified), the token
// is extracted to the Authorization HTTP header, in the format "Authorization: Bearer <token>".
// Not supported by all data planes.
TokenHeader *TokenHeader `protobuf:"bytes,4,opt,name=token_header,json=tokenHeader,proto3" json:"token_header,omitempty"`
// Cluster to send traffic to the GCE metadata server. Not supported
// by all data planes; a data plane may instead have its own mechanism
// for contacting the metadata server.
Cluster string `protobuf:"bytes,5,opt,name=cluster,proto3" json:"cluster,omitempty"`
// Timeout for fetching the tokens from the GCE metadata server.
// Not supported by all data planes.
Timeout *durationpb.Duration `protobuf:"bytes,6,opt,name=timeout,proto3" json:"timeout,omitempty"`
// contains filtered or unexported fields
}
Filter configuration. [#next-free-field: 7]
func (*GcpAuthnFilterConfig) ClearCacheConfig ¶
func (x *GcpAuthnFilterConfig) ClearCacheConfig()
func (*GcpAuthnFilterConfig) ClearHttpUri
deprecated
func (x *GcpAuthnFilterConfig) ClearHttpUri()
Deprecated: Marked as deprecated in envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.proto.
func (*GcpAuthnFilterConfig) ClearRetryPolicy ¶
func (x *GcpAuthnFilterConfig) ClearRetryPolicy()
func (*GcpAuthnFilterConfig) ClearTimeout ¶
func (x *GcpAuthnFilterConfig) ClearTimeout()
func (*GcpAuthnFilterConfig) ClearTokenHeader ¶
func (x *GcpAuthnFilterConfig) ClearTokenHeader()
func (*GcpAuthnFilterConfig) GetCacheConfig ¶
func (x *GcpAuthnFilterConfig) GetCacheConfig() *TokenCacheConfig
func (*GcpAuthnFilterConfig) GetCluster ¶
func (x *GcpAuthnFilterConfig) GetCluster() string
func (*GcpAuthnFilterConfig) GetHttpUri
deprecated
func (x *GcpAuthnFilterConfig) GetHttpUri() *v3.HttpUri
Deprecated: Marked as deprecated in envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.proto.
func (*GcpAuthnFilterConfig) GetRetryPolicy ¶
func (x *GcpAuthnFilterConfig) GetRetryPolicy() *v3.RetryPolicy
func (*GcpAuthnFilterConfig) GetTimeout ¶
func (x *GcpAuthnFilterConfig) GetTimeout() *durationpb.Duration
func (*GcpAuthnFilterConfig) GetTokenHeader ¶
func (x *GcpAuthnFilterConfig) GetTokenHeader() *TokenHeader
func (*GcpAuthnFilterConfig) HasCacheConfig ¶
func (x *GcpAuthnFilterConfig) HasCacheConfig() bool
func (*GcpAuthnFilterConfig) HasHttpUri
deprecated
func (x *GcpAuthnFilterConfig) HasHttpUri() bool
Deprecated: Marked as deprecated in envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.proto.
func (*GcpAuthnFilterConfig) HasRetryPolicy ¶
func (x *GcpAuthnFilterConfig) HasRetryPolicy() bool
func (*GcpAuthnFilterConfig) HasTimeout ¶
func (x *GcpAuthnFilterConfig) HasTimeout() bool
func (*GcpAuthnFilterConfig) HasTokenHeader ¶
func (x *GcpAuthnFilterConfig) HasTokenHeader() bool
func (*GcpAuthnFilterConfig) ProtoMessage ¶
func (*GcpAuthnFilterConfig) ProtoMessage()
func (*GcpAuthnFilterConfig) ProtoReflect ¶
func (x *GcpAuthnFilterConfig) ProtoReflect() protoreflect.Message
func (*GcpAuthnFilterConfig) Reset ¶
func (x *GcpAuthnFilterConfig) Reset()
func (*GcpAuthnFilterConfig) SetCacheConfig ¶
func (x *GcpAuthnFilterConfig) SetCacheConfig(v *TokenCacheConfig)
func (*GcpAuthnFilterConfig) SetCluster ¶
func (x *GcpAuthnFilterConfig) SetCluster(v string)
func (*GcpAuthnFilterConfig) SetHttpUri
deprecated
func (x *GcpAuthnFilterConfig) SetHttpUri(v *v3.HttpUri)
Deprecated: Marked as deprecated in envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.proto.
func (*GcpAuthnFilterConfig) SetRetryPolicy ¶
func (x *GcpAuthnFilterConfig) SetRetryPolicy(v *v3.RetryPolicy)
func (*GcpAuthnFilterConfig) SetTimeout ¶
func (x *GcpAuthnFilterConfig) SetTimeout(v *durationpb.Duration)
func (*GcpAuthnFilterConfig) SetTokenHeader ¶
func (x *GcpAuthnFilterConfig) SetTokenHeader(v *TokenHeader)
func (*GcpAuthnFilterConfig) String ¶
func (x *GcpAuthnFilterConfig) String() string
type GcpAuthnFilterConfig_builder ¶
type GcpAuthnFilterConfig_builder struct {
// The HTTP URI to fetch tokens from GCE Metadata Server(https://cloud.google.com/compute/docs/metadata/overview).
// The URL format is "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/identity?audience=[AUDIENCE]"
//
// This field is deprecated because it does not match the API surface provided by the google auth libraries.
// Control planes should not attempt to override the metadata server URI.
// The cluster and timeout can be configured using the “cluster“ and “timeout“ fields instead.
// For backward compatibility, the cluster and timeout configured in this field will be used
// if the new “cluster“ and “timeout“ fields are not set.
//
// Deprecated: Marked as deprecated in envoy/extensions/filters/http/gcp_authn/v3/gcp_authn.proto.
HttpUri *v3.HttpUri
// Retry policy for fetching tokens.
// Not supported by all data planes.
RetryPolicy *v3.RetryPolicy
// Token cache configuration. This field is optional.
CacheConfig *TokenCacheConfig
// Request header location to extract the token. By default (i.e. if this field is not specified), the token
// is extracted to the Authorization HTTP header, in the format "Authorization: Bearer <token>".
// Not supported by all data planes.
TokenHeader *TokenHeader
// Cluster to send traffic to the GCE metadata server. Not supported
// by all data planes; a data plane may instead have its own mechanism
// for contacting the metadata server.
Cluster string
// Timeout for fetching the tokens from the GCE metadata server.
// Not supported by all data planes.
Timeout *durationpb.Duration
// contains filtered or unexported fields
}
func (GcpAuthnFilterConfig_builder) Build ¶
func (b0 GcpAuthnFilterConfig_builder) Build() *GcpAuthnFilterConfig
type TokenCacheConfig ¶
type TokenCacheConfig struct {
// The number of cache entries. The maximum number of entries is INT64_MAX as it is constrained by underlying cache implementation.
// Default value 0 (i.e., proto3 defaults) disables the cache by default. Other default values will enable the cache.
CacheSize *wrapperspb.UInt64Value `protobuf:"bytes,1,opt,name=cache_size,json=cacheSize,proto3" json:"cache_size,omitempty"`
// contains filtered or unexported fields
}
Token Cache configuration.
func (*TokenCacheConfig) ClearCacheSize ¶
func (x *TokenCacheConfig) ClearCacheSize()
func (*TokenCacheConfig) GetCacheSize ¶
func (x *TokenCacheConfig) GetCacheSize() *wrapperspb.UInt64Value
func (*TokenCacheConfig) HasCacheSize ¶
func (x *TokenCacheConfig) HasCacheSize() bool
func (*TokenCacheConfig) ProtoMessage ¶
func (*TokenCacheConfig) ProtoMessage()
func (*TokenCacheConfig) ProtoReflect ¶
func (x *TokenCacheConfig) ProtoReflect() protoreflect.Message
func (*TokenCacheConfig) Reset ¶
func (x *TokenCacheConfig) Reset()
func (*TokenCacheConfig) SetCacheSize ¶
func (x *TokenCacheConfig) SetCacheSize(v *wrapperspb.UInt64Value)
func (*TokenCacheConfig) String ¶
func (x *TokenCacheConfig) String() string
type TokenCacheConfig_builder ¶
type TokenCacheConfig_builder struct {
// The number of cache entries. The maximum number of entries is INT64_MAX as it is constrained by underlying cache implementation.
// Default value 0 (i.e., proto3 defaults) disables the cache by default. Other default values will enable the cache.
CacheSize *wrapperspb.UInt64Value
// contains filtered or unexported fields
}
func (TokenCacheConfig_builder) Build ¶
func (b0 TokenCacheConfig_builder) Build() *TokenCacheConfig
type TokenHeader ¶
type TokenHeader struct {
// The HTTP header's name.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// The header's prefix. The format is "value_prefix<token>"
// For example, for "Authorization: Bearer <token>", value_prefix="Bearer " with a space at the
// end.
ValuePrefix string `protobuf:"bytes,2,opt,name=value_prefix,json=valuePrefix,proto3" json:"value_prefix,omitempty"`
// contains filtered or unexported fields
}
func (*TokenHeader) GetName ¶
func (x *TokenHeader) GetName() string
func (*TokenHeader) GetValuePrefix ¶
func (x *TokenHeader) GetValuePrefix() string
func (*TokenHeader) ProtoMessage ¶
func (*TokenHeader) ProtoMessage()
func (*TokenHeader) ProtoReflect ¶
func (x *TokenHeader) ProtoReflect() protoreflect.Message
func (*TokenHeader) Reset ¶
func (x *TokenHeader) Reset()
func (*TokenHeader) SetName ¶
func (x *TokenHeader) SetName(v string)
func (*TokenHeader) SetValuePrefix ¶
func (x *TokenHeader) SetValuePrefix(v string)
func (*TokenHeader) String ¶
func (x *TokenHeader) String() string
type TokenHeader_builder ¶
type TokenHeader_builder struct {
// The HTTP header's name.
Name string
// The header's prefix. The format is "value_prefix<token>"
// For example, for "Authorization: Bearer <token>", value_prefix="Bearer " with a space at the
// end.
ValuePrefix string
// contains filtered or unexported fields
}
func (TokenHeader_builder) Build ¶
func (b0 TokenHeader_builder) Build() *TokenHeader
Source Files
¶
- gcp_authn.pb.go
Click to show internal directories.
Click to hide internal directories.