authv3

package
v1.33.0-20240425200945... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: unknown License: Apache-2.0 Imports: 11 Imported by: 6

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_envoy_service_auth_v3_attribute_context_proto protoreflect.FileDescriptor
View Source 
var File_envoy_service_auth_v3_external_auth_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type AttributeContext 

type AttributeContext struct {

	// The source of a network activity, such as starting a TCP connection.
	// In a multi hop network activity, the source represents the sender of the
	// last hop.
	Source *AttributeContext_Peer `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"`
	// The destination of a network activity, such as accepting a TCP connection.
	// In a multi hop network activity, the destination represents the receiver of
	// the last hop.
	Destination *AttributeContext_Peer `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"`
	// Represents a network request, such as an HTTP request.
	Request *AttributeContext_Request `protobuf:"bytes,4,opt,name=request,proto3" json:"request,omitempty"`
	// This is analogous to http_request.headers, however these contents will not be sent to the
	// upstream server. Context_extensions provide an extension mechanism for sending additional
	// information to the auth server without modifying the proto definition. It maps to the
	// internal opaque context in the filter chain.
	ContextExtensions map[string]string `` /* 201-byte string literal not displayed */
	// Dynamic metadata associated with the request.
	MetadataContext *v3.Metadata `protobuf:"bytes,11,opt,name=metadata_context,json=metadataContext,proto3" json:"metadata_context,omitempty"`
	// Metadata associated with the selected route.
	RouteMetadataContext *v3.Metadata `protobuf:"bytes,13,opt,name=route_metadata_context,json=routeMetadataContext,proto3" json:"route_metadata_context,omitempty"`
	// TLS session details of the underlying connection.
	// This is not populated by default and will be populated only if the ext_authz filter has
	// been specifically configured to include this information.
	// For HTTP ext_authz, that requires :ref:`include_tls_session <config_http_filters_ext_authz>`
	// to be set to true.
	// For network ext_authz, that requires :ref:`include_tls_session <config_network_filters_ext_authz>`
	// to be set to true.
	TlsSession *AttributeContext_TLSSession `protobuf:"bytes,12,opt,name=tls_session,json=tlsSession,proto3" json:"tls_session,omitempty"`
	// contains filtered or unexported fields
}

An attribute is a piece of metadata that describes an activity on a network. For example, the size of an HTTP request, or the status code of an HTTP response.

Each attribute has a type and a name, which is logically defined as a proto message field of the “AttributeContext“. The “AttributeContext“ is a collection of individual attributes supported by Envoy authorization system. [#comment: The following items are left out of this proto Request.Auth field for jwt tokens Request.Api for api management Origin peer that originated the request Caching Protocol request_context return values to inject back into the filter chain peer.claims -- from X.509 extensions Configuration - field mask to send - which return values from request_context are copied back - which return values are copied into request_headers] [#next-free-field: 14]

func (*AttributeContext) Descriptor deprecated 

func (*AttributeContext) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext.ProtoReflect.Descriptor instead.

func (*AttributeContext) GetContextExtensions 

func (x *AttributeContext) GetContextExtensions() map[string]string

func (*AttributeContext) GetDestination 

func (x *AttributeContext) GetDestination() *AttributeContext_Peer

func (*AttributeContext) GetMetadataContext 

func (x *AttributeContext) GetMetadataContext() *v3.Metadata

func (*AttributeContext) GetRequest 

func (x *AttributeContext) GetRequest() *AttributeContext_Request

func (*AttributeContext) GetRouteMetadataContext 

func (x *AttributeContext) GetRouteMetadataContext() *v3.Metadata

func (*AttributeContext) GetSource 

func (x *AttributeContext) GetSource() *AttributeContext_Peer

func (*AttributeContext) GetTlsSession 

func (x *AttributeContext) GetTlsSession() *AttributeContext_TLSSession

func (*AttributeContext) ProtoMessage 

func (*AttributeContext) ProtoMessage()

func (*AttributeContext) ProtoReflect 

func (x *AttributeContext) ProtoReflect() protoreflect.Message

func (*AttributeContext) Reset 

func (x *AttributeContext) Reset()

func (*AttributeContext) String 

func (x *AttributeContext) String() string

type AttributeContext_HttpRequest 

type AttributeContext_HttpRequest struct {

	// The unique ID for a request, which can be propagated to downstream
	// systems. The ID should have low probability of collision
	// within a single day for a specific service.
	// For HTTP requests, it should be X-Request-ID or equivalent.
	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
	// The HTTP request method, such as “GET“, “POST“.
	Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"`
	// The HTTP request headers. If multiple headers share the same key, they
	// must be merged according to the HTTP spec. All header keys must be
	// lower-cased, because HTTP header keys are case-insensitive.
	// Header value is encoded as UTF-8 string. Non-UTF-8 characters will be replaced by "!".
	// This field will not be set if
	// :ref:`encode_raw_headers <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.encode_raw_headers>`
	// is set to true.
	Headers map[string]string `` /* 155-byte string literal not displayed */
	// A list of the raw HTTP request headers. This is used instead of
	// :ref:`headers <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.headers>` when
	// :ref:`encode_raw_headers <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.encode_raw_headers>`
	// is set to true.
	//
	// Note that this is not actually a map type. “header_map“ contains a single repeated field
	// “headers“.
	//
	// Here, only the “key“ and “raw_value“ fields will be populated for each HeaderValue, and
	// that is only when
	// :ref:`encode_raw_headers <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.ExtAuthz.encode_raw_headers>`
	// is set to true.
	//
	// Also, unlike the
	// :ref:`headers <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.headers>`
	// field, headers with the same key are not combined into a single comma separated header.
	HeaderMap *v3.HeaderMap `protobuf:"bytes,13,opt,name=header_map,json=headerMap,proto3" json:"header_map,omitempty"`
	// The request target, as it appears in the first line of the HTTP request. This includes
	// the URL path and query-string. No decoding is performed.
	Path string `protobuf:"bytes,4,opt,name=path,proto3" json:"path,omitempty"`
	// The HTTP request “Host“ or “:authority“ header value.
	Host string `protobuf:"bytes,5,opt,name=host,proto3" json:"host,omitempty"`
	// The HTTP URL scheme, such as “http“ and “https“.
	Scheme string `protobuf:"bytes,6,opt,name=scheme,proto3" json:"scheme,omitempty"`
	// This field is always empty, and exists for compatibility reasons. The HTTP URL query is
	// included in “path“ field.
	Query string `protobuf:"bytes,7,opt,name=query,proto3" json:"query,omitempty"`
	// This field is always empty, and exists for compatibility reasons. The URL fragment is
	// not submitted as part of HTTP requests; it is unknowable.
	Fragment string `protobuf:"bytes,8,opt,name=fragment,proto3" json:"fragment,omitempty"`
	// The HTTP request size in bytes. If unknown, it must be -1.
	Size int64 `protobuf:"varint,9,opt,name=size,proto3" json:"size,omitempty"`
	// The network protocol used with the request, such as "HTTP/1.0", "HTTP/1.1", or "HTTP/2".
	//
	// See :repo:`headers.h:ProtocolStrings <source/common/http/headers.h>` for a list of all
	// possible values.
	Protocol string `protobuf:"bytes,10,opt,name=protocol,proto3" json:"protocol,omitempty"`
	// The HTTP request body.
	Body string `protobuf:"bytes,11,opt,name=body,proto3" json:"body,omitempty"`
	// The HTTP request body in bytes. This is used instead of
	// :ref:`body <envoy_v3_api_field_service.auth.v3.AttributeContext.HttpRequest.body>` when
	// :ref:`pack_as_bytes <envoy_v3_api_field_extensions.filters.http.ext_authz.v3.BufferSettings.pack_as_bytes>`
	// is set to true.
	RawBody []byte `protobuf:"bytes,12,opt,name=raw_body,json=rawBody,proto3" json:"raw_body,omitempty"`
	// contains filtered or unexported fields
}

This message defines attributes for an HTTP request. HTTP/1.x, HTTP/2, gRPC are all considered as HTTP requests. [#next-free-field: 14]

func (*AttributeContext_HttpRequest) Descriptor deprecated 

func (*AttributeContext_HttpRequest) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_HttpRequest.ProtoReflect.Descriptor instead.

func (*AttributeContext_HttpRequest) GetBody 

func (x *AttributeContext_HttpRequest) GetBody() string

func (*AttributeContext_HttpRequest) GetFragment 

func (x *AttributeContext_HttpRequest) GetFragment() string

func (*AttributeContext_HttpRequest) GetHeaderMap 

func (x *AttributeContext_HttpRequest) GetHeaderMap() *v3.HeaderMap

func (*AttributeContext_HttpRequest) GetHeaders 

func (x *AttributeContext_HttpRequest) GetHeaders() map[string]string

func (*AttributeContext_HttpRequest) GetHost 

func (x *AttributeContext_HttpRequest) GetHost() string

func (*AttributeContext_HttpRequest) GetId 

func (x *AttributeContext_HttpRequest) GetId() string

func (*AttributeContext_HttpRequest) GetMethod 

func (x *AttributeContext_HttpRequest) GetMethod() string

func (*AttributeContext_HttpRequest) GetPath 

func (x *AttributeContext_HttpRequest) GetPath() string

func (*AttributeContext_HttpRequest) GetProtocol 

func (x *AttributeContext_HttpRequest) GetProtocol() string

func (*AttributeContext_HttpRequest) GetQuery 

func (x *AttributeContext_HttpRequest) GetQuery() string

func (*AttributeContext_HttpRequest) GetRawBody 

func (x *AttributeContext_HttpRequest) GetRawBody() []byte

func (*AttributeContext_HttpRequest) GetScheme 

func (x *AttributeContext_HttpRequest) GetScheme() string

func (*AttributeContext_HttpRequest) GetSize 

func (x *AttributeContext_HttpRequest) GetSize() int64

func (*AttributeContext_HttpRequest) ProtoMessage 

func (*AttributeContext_HttpRequest) ProtoMessage()

func (*AttributeContext_HttpRequest) ProtoReflect 

func (x *AttributeContext_HttpRequest) ProtoReflect() protoreflect.Message

func (*AttributeContext_HttpRequest) Reset 

func (x *AttributeContext_HttpRequest) Reset()

func (*AttributeContext_HttpRequest) String 

func (x *AttributeContext_HttpRequest) String() string

type AttributeContext_Peer 

type AttributeContext_Peer struct {

	// The address of the peer, this is typically the IP address.
	// It can also be UDS path, or others.
	Address *v3.Address `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
	// The canonical service name of the peer.
	// It should be set to :ref:`the HTTP x-envoy-downstream-service-cluster
	// <config_http_conn_man_headers_downstream-service-cluster>`
	// If a more trusted source of the service name is available through mTLS/secure naming, it
	// should be used.
	Service string `protobuf:"bytes,2,opt,name=service,proto3" json:"service,omitempty"`
	// The labels associated with the peer.
	// These could be pod labels for Kubernetes or tags for VMs.
	// The source of the labels could be an X.509 certificate or other configuration.
	Labels map[string]string `` /* 153-byte string literal not displayed */
	// The authenticated identity of this peer.
	// For example, the identity associated with the workload such as a service account.
	// If an X.509 certificate is used to assert the identity this field should be sourced from
	// “URI Subject Alternative Names“, “DNS Subject Alternate Names“ or “Subject“ in that order.
	// The primary identity should be the principal. The principal format is issuer specific.
	//
	// Examples:
	//
	// - SPIFFE format is “spiffe://trust-domain/path“.
	// - Google account format is “https://accounts.google.com/{userid}“.
	Principal string `protobuf:"bytes,4,opt,name=principal,proto3" json:"principal,omitempty"`
	// The X.509 certificate used to authenticate the identify of this peer.
	// When present, the certificate contents are encoded in URL and PEM format.
	Certificate string `protobuf:"bytes,5,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// contains filtered or unexported fields
}

This message defines attributes for a node that handles a network request. The node can be either a service or an application that sends, forwards, or receives the request. Service peers should fill in the “service“, “principal“, and “labels“ as appropriate. [#next-free-field: 6]

func (*AttributeContext_Peer) Descriptor deprecated 

func (*AttributeContext_Peer) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_Peer.ProtoReflect.Descriptor instead.

func (*AttributeContext_Peer) GetAddress 

func (x *AttributeContext_Peer) GetAddress() *v3.Address

func (*AttributeContext_Peer) GetCertificate 

func (x *AttributeContext_Peer) GetCertificate() string

func (*AttributeContext_Peer) GetLabels 

func (x *AttributeContext_Peer) GetLabels() map[string]string

func (*AttributeContext_Peer) GetPrincipal 

func (x *AttributeContext_Peer) GetPrincipal() string

func (*AttributeContext_Peer) GetService 

func (x *AttributeContext_Peer) GetService() string

func (*AttributeContext_Peer) ProtoMessage 

func (*AttributeContext_Peer) ProtoMessage()

func (*AttributeContext_Peer) ProtoReflect 

func (x *AttributeContext_Peer) ProtoReflect() protoreflect.Message

func (*AttributeContext_Peer) Reset 

func (x *AttributeContext_Peer) Reset()

func (*AttributeContext_Peer) String 

func (x *AttributeContext_Peer) String() string

type AttributeContext_Request 

type AttributeContext_Request struct {

	// The timestamp when the proxy receives the first byte of the request.
	Time *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=time,proto3" json:"time,omitempty"`
	// Represents an HTTP request or an HTTP-like request.
	Http *AttributeContext_HttpRequest `protobuf:"bytes,2,opt,name=http,proto3" json:"http,omitempty"`
	// contains filtered or unexported fields
}

Represents a network request, such as an HTTP request.

func (*AttributeContext_Request) Descriptor deprecated 

func (*AttributeContext_Request) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_Request.ProtoReflect.Descriptor instead.

func (*AttributeContext_Request) GetHttp 

func (x *AttributeContext_Request) GetHttp() *AttributeContext_HttpRequest

func (*AttributeContext_Request) GetTime 

func (x *AttributeContext_Request) GetTime() *timestamppb.Timestamp

func (*AttributeContext_Request) ProtoMessage 

func (*AttributeContext_Request) ProtoMessage()

func (*AttributeContext_Request) ProtoReflect 

func (x *AttributeContext_Request) ProtoReflect() protoreflect.Message

func (*AttributeContext_Request) Reset 

func (x *AttributeContext_Request) Reset()

func (*AttributeContext_Request) String 

func (x *AttributeContext_Request) String() string

type AttributeContext_TLSSession 

type AttributeContext_TLSSession struct {

	// SNI used for TLS session.
	Sni string `protobuf:"bytes,1,opt,name=sni,proto3" json:"sni,omitempty"`
	// contains filtered or unexported fields
}

This message defines attributes for the underlying TLS session.

func (*AttributeContext_TLSSession) Descriptor deprecated 

func (*AttributeContext_TLSSession) Descriptor() ([]byte, []int)

Deprecated: Use AttributeContext_TLSSession.ProtoReflect.Descriptor instead.

func (*AttributeContext_TLSSession) GetSni 

func (x *AttributeContext_TLSSession) GetSni() string

func (*AttributeContext_TLSSession) ProtoMessage 

func (*AttributeContext_TLSSession) ProtoMessage()

func (*AttributeContext_TLSSession) ProtoReflect 

func (x *AttributeContext_TLSSession) ProtoReflect() protoreflect.Message

func (*AttributeContext_TLSSession) Reset 

func (x *AttributeContext_TLSSession) Reset()

func (*AttributeContext_TLSSession) String 

func (x *AttributeContext_TLSSession) String() string

type CheckRequest 

type CheckRequest struct {

	// The request attributes.
	Attributes *AttributeContext `protobuf:"bytes,1,opt,name=attributes,proto3" json:"attributes,omitempty"`
	// contains filtered or unexported fields
}

func (*CheckRequest) Descriptor deprecated 

func (*CheckRequest) Descriptor() ([]byte, []int)

Deprecated: Use CheckRequest.ProtoReflect.Descriptor instead.

func (*CheckRequest) GetAttributes 

func (x *CheckRequest) GetAttributes() *AttributeContext

func (*CheckRequest) ProtoMessage 

func (*CheckRequest) ProtoMessage()

func (*CheckRequest) ProtoReflect 

func (x *CheckRequest) ProtoReflect() protoreflect.Message

func (*CheckRequest) Reset 

func (x *CheckRequest) Reset()

func (*CheckRequest) String 

func (x *CheckRequest) String() string

type CheckResponse 

type CheckResponse struct {

	// Status “OK“ allows the request. Any other status indicates the request should be denied, and
	// for HTTP filter, if not overridden by :ref:`denied HTTP response status <envoy_v3_api_field_service.auth.v3.DeniedHttpResponse.status>`
	// Envoy sends “403 Forbidden“ HTTP status code by default.
	Status *status.Status `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
	// An message that contains HTTP response attributes. This message is
	// used when the authorization service needs to send custom responses to the
	// downstream client or, to modify/add request headers being dispatched to the upstream.
	//
	// Types that are assignable to HttpResponse:
	//
	//	*CheckResponse_DeniedResponse
	//	*CheckResponse_OkResponse
	HttpResponse isCheckResponse_HttpResponse `protobuf_oneof:"http_response"`
	// Optional response metadata that will be emitted as dynamic metadata to be consumed by the next
	// filter. This metadata lives in a namespace specified by the canonical name of extension filter
	// that requires it:
	//
	// - :ref:`envoy.filters.http.ext_authz <config_http_filters_ext_authz_dynamic_metadata>` for HTTP filter.
	// - :ref:`envoy.filters.network.ext_authz <config_network_filters_ext_authz_dynamic_metadata>` for network filter.
	DynamicMetadata *structpb.Struct `protobuf:"bytes,4,opt,name=dynamic_metadata,json=dynamicMetadata,proto3" json:"dynamic_metadata,omitempty"`
	// contains filtered or unexported fields
}

Intended for gRPC and Network Authorization servers “only“.

func (*CheckResponse) Descriptor deprecated 

func (*CheckResponse) Descriptor() ([]byte, []int)

Deprecated: Use CheckResponse.ProtoReflect.Descriptor instead.

func (*CheckResponse) GetDeniedResponse 

func (x *CheckResponse) GetDeniedResponse() *DeniedHttpResponse

func (*CheckResponse) GetDynamicMetadata 

func (x *CheckResponse) GetDynamicMetadata() *structpb.Struct

func (*CheckResponse) GetHttpResponse 

func (m *CheckResponse) GetHttpResponse() isCheckResponse_HttpResponse

func (*CheckResponse) GetOkResponse 

func (x *CheckResponse) GetOkResponse() *OkHttpResponse

func (*CheckResponse) GetStatus 

func (x *CheckResponse) GetStatus() *status.Status

func (*CheckResponse) ProtoMessage 

func (*CheckResponse) ProtoMessage()

func (*CheckResponse) ProtoReflect 

func (x *CheckResponse) ProtoReflect() protoreflect.Message

func (*CheckResponse) Reset 

func (x *CheckResponse) Reset()

func (*CheckResponse) String 

func (x *CheckResponse) String() string

type CheckResponse_DeniedResponse 

type CheckResponse_DeniedResponse struct {
	// Supplies http attributes for a denied response.
	DeniedResponse *DeniedHttpResponse `protobuf:"bytes,2,opt,name=denied_response,json=deniedResponse,proto3,oneof"`
}

type CheckResponse_OkResponse 

type CheckResponse_OkResponse struct {
	// Supplies http attributes for an ok response.
	OkResponse *OkHttpResponse `protobuf:"bytes,3,opt,name=ok_response,json=okResponse,proto3,oneof"`
}

type DeniedHttpResponse 

type DeniedHttpResponse struct {

	// This field allows the authorization service to send an HTTP response status code to the
	// downstream client. If not set, Envoy sends “403 Forbidden“ HTTP status code by default.
	Status *v3.HttpStatus `protobuf:"bytes,1,opt,name=status,proto3" json:"status,omitempty"`
	// This field allows the authorization service to send HTTP response headers
	// to the downstream client. Note that the :ref:`append field in HeaderValueOption <envoy_v3_api_field_config.core.v3.HeaderValueOption.append>` defaults to
	// false when used in this message.
	Headers []*v31.HeaderValueOption `protobuf:"bytes,2,rep,name=headers,proto3" json:"headers,omitempty"`
	// This field allows the authorization service to send a response body data
	// to the downstream client.
	Body string `protobuf:"bytes,3,opt,name=body,proto3" json:"body,omitempty"`
	// contains filtered or unexported fields
}

HTTP attributes for a denied response.

func (*DeniedHttpResponse) Descriptor deprecated 

func (*DeniedHttpResponse) Descriptor() ([]byte, []int)

Deprecated: Use DeniedHttpResponse.ProtoReflect.Descriptor instead.

func (*DeniedHttpResponse) GetBody 

func (x *DeniedHttpResponse) GetBody() string

func (*DeniedHttpResponse) GetHeaders 

func (x *DeniedHttpResponse) GetHeaders() []*v31.HeaderValueOption

func (*DeniedHttpResponse) GetStatus 

func (x *DeniedHttpResponse) GetStatus() *v3.HttpStatus

func (*DeniedHttpResponse) ProtoMessage 

func (*DeniedHttpResponse) ProtoMessage()

func (*DeniedHttpResponse) ProtoReflect 

func (x *DeniedHttpResponse) ProtoReflect() protoreflect.Message

func (*DeniedHttpResponse) Reset 

func (x *DeniedHttpResponse) Reset()

func (*DeniedHttpResponse) String 

func (x *DeniedHttpResponse) String() string

type OkHttpResponse 

type OkHttpResponse struct {

	// HTTP entity headers in addition to the original request headers. This allows the authorization
	// service to append, to add or to override headers from the original request before
	// dispatching it to the upstream. Note that the :ref:`append field in HeaderValueOption <envoy_v3_api_field_config.core.v3.HeaderValueOption.append>` defaults to
	// false when used in this message. By setting the “append“ field to “true“,
	// the filter will append the correspondent header value to the matched request header.
	// By leaving “append“ as false, the filter will either add a new header, or override an existing
	// one if there is a match.
	Headers []*v31.HeaderValueOption `protobuf:"bytes,2,rep,name=headers,proto3" json:"headers,omitempty"`
	// HTTP entity headers to remove from the original request before dispatching
	// it to the upstream. This allows the authorization service to act on auth
	// related headers (like “Authorization“), process them, and consume them.
	// Under this model, the upstream will either receive the request (if it's
	// authorized) or not receive it (if it's not), but will not see headers
	// containing authorization credentials.
	//
	// Pseudo headers (such as “:authority“, “:method“, “:path“ etc), as well as
	// the header “Host“, may not be removed as that would make the request
	// malformed. If mentioned in “headers_to_remove“ these special headers will
	// be ignored.
	//
	// When using the HTTP service this must instead be set by the HTTP
	// authorization service as a comma separated list like so:
	// “x-envoy-auth-headers-to-remove: one-auth-header, another-auth-header“.
	HeadersToRemove []string `protobuf:"bytes,5,rep,name=headers_to_remove,json=headersToRemove,proto3" json:"headers_to_remove,omitempty"`
	// This field has been deprecated in favor of :ref:`CheckResponse.dynamic_metadata
	// <envoy_v3_api_field_service.auth.v3.CheckResponse.dynamic_metadata>`. Until it is removed,
	// setting this field overrides :ref:`CheckResponse.dynamic_metadata
	// <envoy_v3_api_field_service.auth.v3.CheckResponse.dynamic_metadata>`.
	//
	// Deprecated: Marked as deprecated in envoy/service/auth/v3/external_auth.proto.
	DynamicMetadata *structpb.Struct `protobuf:"bytes,3,opt,name=dynamic_metadata,json=dynamicMetadata,proto3" json:"dynamic_metadata,omitempty"`
	// This field allows the authorization service to send HTTP response headers
	// to the downstream client on success. Note that the :ref:`append field in HeaderValueOption <envoy_v3_api_field_config.core.v3.HeaderValueOption.append>`
	// defaults to false when used in this message.
	ResponseHeadersToAdd []*v31.HeaderValueOption `protobuf:"bytes,6,rep,name=response_headers_to_add,json=responseHeadersToAdd,proto3" json:"response_headers_to_add,omitempty"`
	// This field allows the authorization service to set (and overwrite) query
	// string parameters on the original request before it is sent upstream.
	QueryParametersToSet []*v31.QueryParameter `protobuf:"bytes,7,rep,name=query_parameters_to_set,json=queryParametersToSet,proto3" json:"query_parameters_to_set,omitempty"`
	// This field allows the authorization service to specify which query parameters
	// should be removed from the original request before it is sent upstream. Each
	// element in this list is a case-sensitive query parameter name to be removed.
	QueryParametersToRemove []string `` /* 134-byte string literal not displayed */
	// contains filtered or unexported fields
}

HTTP attributes for an OK response. [#next-free-field: 9]

func (*OkHttpResponse) Descriptor deprecated 

func (*OkHttpResponse) Descriptor() ([]byte, []int)

Deprecated: Use OkHttpResponse.ProtoReflect.Descriptor instead.

func (*OkHttpResponse) GetDynamicMetadata deprecated 

func (x *OkHttpResponse) GetDynamicMetadata() *structpb.Struct

Deprecated: Marked as deprecated in envoy/service/auth/v3/external_auth.proto.

func (*OkHttpResponse) GetHeaders 

func (x *OkHttpResponse) GetHeaders() []*v31.HeaderValueOption

func (*OkHttpResponse) GetHeadersToRemove 

func (x *OkHttpResponse) GetHeadersToRemove() []string

func (*OkHttpResponse) GetQueryParametersToRemove 

func (x *OkHttpResponse) GetQueryParametersToRemove() []string

func (*OkHttpResponse) GetQueryParametersToSet 

func (x *OkHttpResponse) GetQueryParametersToSet() []*v31.QueryParameter

func (*OkHttpResponse) GetResponseHeadersToAdd 

func (x *OkHttpResponse) GetResponseHeadersToAdd() []*v31.HeaderValueOption

func (*OkHttpResponse) ProtoMessage 

func (*OkHttpResponse) ProtoMessage()

func (*OkHttpResponse) ProtoReflect 

func (x *OkHttpResponse) ProtoReflect() protoreflect.Message

func (*OkHttpResponse) Reset 

func (x *OkHttpResponse) Reset()

func (*OkHttpResponse) String 

func (x *OkHttpResponse) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.