v2alpha1

package
v0.0.0-...-2d182f5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 2, 2018 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidLengthConfig = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowConfig   = fmt.Errorf("proto: integer overflow")
)

Functions

This section is empty.

Types

type DataSource 

type DataSource struct {
	// Types that are valid to be assigned to Specifier:
	//	*DataSource_Filename
	//	*DataSource_InlineBytes
	//	*DataSource_InlineString
	Specifier isDataSource_Specifier `protobuf_oneof:"specifier"`
}

Copied from @envoy/api/envoy/api/v2/core/base.proto Data source consisting of either a file or an inline value.

func (*DataSource) Descriptor 

func (*DataSource) Descriptor() ([]byte, []int)

func (*DataSource) GetFilename 

func (m *DataSource) GetFilename() string

func (*DataSource) GetInlineBytes 

func (m *DataSource) GetInlineBytes() []byte

func (*DataSource) GetInlineString 

func (m *DataSource) GetInlineString() string

func (*DataSource) GetSpecifier 

func (m *DataSource) GetSpecifier() isDataSource_Specifier

func (*DataSource) Marshal 

func (m *DataSource) Marshal() (dAtA []byte, err error)

func (*DataSource) MarshalTo 

func (m *DataSource) MarshalTo(dAtA []byte) (int, error)

func (*DataSource) ProtoMessage 

func (*DataSource) ProtoMessage()

func (*DataSource) Reset 

func (m *DataSource) Reset()

func (*DataSource) Size 

func (m *DataSource) Size() (n int)

func (*DataSource) String 

func (m *DataSource) String() string

func (*DataSource) Unmarshal 

func (m *DataSource) Unmarshal(dAtA []byte) error

func (*DataSource) XXX_OneofFuncs 

func (*DataSource) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type DataSource_Filename 

type DataSource_Filename struct {
	Filename string `protobuf:"bytes,1,opt,name=filename,proto3,oneof"`
}

func (*DataSource_Filename) MarshalTo 

func (m *DataSource_Filename) MarshalTo(dAtA []byte) (int, error)

func (*DataSource_Filename) Size 

func (m *DataSource_Filename) Size() (n int)

type DataSource_InlineBytes 

type DataSource_InlineBytes struct {
	InlineBytes []byte `protobuf:"bytes,2,opt,name=inline_bytes,json=inlineBytes,proto3,oneof"`
}

func (*DataSource_InlineBytes) MarshalTo 

func (m *DataSource_InlineBytes) MarshalTo(dAtA []byte) (int, error)

func (*DataSource_InlineBytes) Size 

func (m *DataSource_InlineBytes) Size() (n int)

type DataSource_InlineString 

type DataSource_InlineString struct {
	InlineString string `protobuf:"bytes,3,opt,name=inline_string,json=inlineString,proto3,oneof"`
}

func (*DataSource_InlineString) MarshalTo 

func (m *DataSource_InlineString) MarshalTo(dAtA []byte) (int, error)

func (*DataSource_InlineString) Size 

func (m *DataSource_InlineString) Size() (n int)

type HttpUri 

type HttpUri struct {
	// The HTTP server URI. It should be a full FQDN with protocol, host and path.
	//
	// Example:
	//
	// .. code-block:: yaml
	//
	//    uri: https://www.googleapis.com/oauth2/v1/certs
	//
	Uri string `protobuf:"bytes,1,opt,name=uri,proto3" json:"uri,omitempty"`
	// Specify how `uri` is to be fetched. Today, this requires an explicit
	// cluster, but in the future we may support dynamic cluster creation or
	// inline DNS resolution. See `issue
	// <https://github.com/envoyproxy/envoy/issues/1606>`_.
	//
	// Types that are valid to be assigned to HttpUpstreamType:
	//	*HttpUri_Cluster
	HttpUpstreamType isHttpUri_HttpUpstreamType `protobuf_oneof:"http_upstream_type"`
	// Sets the maximum duration in milliseconds that a response can take to arrive upon request.
	Timeout *google_protobuf.Duration `protobuf:"bytes,3,opt,name=timeout" json:"timeout,omitempty"`
}

Copied from @envoy/api/envoy/api/v2/core/http_uri.proto Envoy external URI descriptor

func (*HttpUri) Descriptor 

func (*HttpUri) Descriptor() ([]byte, []int)

func (*HttpUri) GetCluster 

func (m *HttpUri) GetCluster() string

func (*HttpUri) GetHttpUpstreamType 

func (m *HttpUri) GetHttpUpstreamType() isHttpUri_HttpUpstreamType

func (*HttpUri) GetTimeout 

func (m *HttpUri) GetTimeout() *google_protobuf.Duration

func (*HttpUri) GetUri 

func (m *HttpUri) GetUri() string

func (*HttpUri) Marshal 

func (m *HttpUri) Marshal() (dAtA []byte, err error)

func (*HttpUri) MarshalTo 

func (m *HttpUri) MarshalTo(dAtA []byte) (int, error)

func (*HttpUri) ProtoMessage 

func (*HttpUri) ProtoMessage()

func (*HttpUri) Reset 

func (m *HttpUri) Reset()

func (*HttpUri) Size 

func (m *HttpUri) Size() (n int)

func (*HttpUri) String 

func (m *HttpUri) String() string

func (*HttpUri) Unmarshal 

func (m *HttpUri) Unmarshal(dAtA []byte) error

func (*HttpUri) XXX_OneofFuncs 

func (*HttpUri) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type HttpUri_Cluster 

type HttpUri_Cluster struct {
	Cluster string `protobuf:"bytes,2,opt,name=cluster,proto3,oneof"`
}

func (*HttpUri_Cluster) MarshalTo 

func (m *HttpUri_Cluster) MarshalTo(dAtA []byte) (int, error)

func (*HttpUri_Cluster) Size 

func (m *HttpUri_Cluster) Size() (n int)

type JwtAuthentication 

type JwtAuthentication struct {
	// List of JWT rules to valide.
	Rules []*JwtRule `protobuf:"bytes,1,rep,name=rules" json:"rules,omitempty"`
	// If true, the request is allowed if JWT is missing or JWT verification fails.
	// Default is false, a request without JWT or failed JWT verification is not allowed.
	AllowMissingOrFailed bool `` /* 126-byte string literal not displayed */
}

This is the Envoy HTTP filter config for JWT authentication. [#not-implemented-hide:]

func (*JwtAuthentication) Descriptor 

func (*JwtAuthentication) Descriptor() ([]byte, []int)

func (*JwtAuthentication) GetAllowMissingOrFailed 

func (m *JwtAuthentication) GetAllowMissingOrFailed() bool

func (*JwtAuthentication) GetRules 

func (m *JwtAuthentication) GetRules() []*JwtRule

func (*JwtAuthentication) Marshal 

func (m *JwtAuthentication) Marshal() (dAtA []byte, err error)

func (*JwtAuthentication) MarshalTo 

func (m *JwtAuthentication) MarshalTo(dAtA []byte) (int, error)

func (*JwtAuthentication) ProtoMessage 

func (*JwtAuthentication) ProtoMessage()

func (*JwtAuthentication) Reset 

func (m *JwtAuthentication) Reset()

func (*JwtAuthentication) Size 

func (m *JwtAuthentication) Size() (n int)

func (*JwtAuthentication) String 

func (m *JwtAuthentication) String() string

func (*JwtAuthentication) Unmarshal 

func (m *JwtAuthentication) Unmarshal(dAtA []byte) error

type JwtHeader 

type JwtHeader struct {
	// The HTTP header name.
	Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
	// The value prefix. The value format is "value_prefix<token>"
	// For example, for "Authorization: Bearer <token>", value_prefix="Bearer " with a space at the
	// end.
	ValuePrefix string `protobuf:"bytes,2,opt,name=value_prefix,json=valuePrefix,proto3" json:"value_prefix,omitempty"`
}

This message specifies a header location to extract JWT token.

func (*JwtHeader) Descriptor 

func (*JwtHeader) Descriptor() ([]byte, []int)

func (*JwtHeader) GetName 

func (m *JwtHeader) GetName() string

func (*JwtHeader) GetValuePrefix 

func (m *JwtHeader) GetValuePrefix() string

func (*JwtHeader) Marshal 

func (m *JwtHeader) Marshal() (dAtA []byte, err error)

func (*JwtHeader) MarshalTo 

func (m *JwtHeader) MarshalTo(dAtA []byte) (int, error)

func (*JwtHeader) ProtoMessage 

func (*JwtHeader) ProtoMessage()

func (*JwtHeader) Reset 

func (m *JwtHeader) Reset()

func (*JwtHeader) Size 

func (m *JwtHeader) Size() (n int)

func (*JwtHeader) String 

func (m *JwtHeader) String() string

func (*JwtHeader) Unmarshal 

func (m *JwtHeader) Unmarshal(dAtA []byte) error

type JwtRule 

type JwtRule struct {
	// Identifies the principal that issued the JWT. See `here
	//  <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_. Usually a URL or an email address.
	//
	// Example: https://securetoken.google.com
	// Example: 1234567-compute@developer.gserviceaccount.com
	//
	Issuer string `protobuf:"bytes,1,opt,name=issuer,proto3" json:"issuer,omitempty"`
	// The list of JWT `audiences <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_. that are
	// allowed to access. A JWT containing any of these audiences will be accepted. If not specified,
	// will not check audiences in the token.
	//
	// Example:
	//
	// .. code-block:: yaml
	//
	//     audiences:
	//     - bookstore_android.apps.googleusercontent.com
	//       bookstore_web.apps.googleusercontent.com
	//
	Audiences []string `protobuf:"bytes,2,rep,name=audiences" json:"audiences,omitempty"`
	// `JSON Web Key Set <https://tools.ietf.org/html/rfc7517#appendix-A>`_ is needed. to validate
	// signature of the JWT. This field specifies where to fetch JWKS.
	//
	// Types that are valid to be assigned to JwksSourceSpecifier:
	//	*JwtRule_RemoteJwks
	//	*JwtRule_LocalJwks
	JwksSourceSpecifier isJwtRule_JwksSourceSpecifier `protobuf_oneof:"jwks_source_specifier"`
	// If false, the JWT is removed in the request after a success verification. If true, the JWT is
	// not removed in the request. Default value is false.
	Forward bool `protobuf:"varint,5,opt,name=forward,proto3" json:"forward,omitempty"`
	// Specify the HTTP headers to extract JWT token. For examples, following config:
	//
	// .. code-block:: yaml
	//
	//   from_headers:
	//   - name: x-goog-iap-jwt-assertion
	//
	// can be used to extract token from header::
	//
	//   x-goog-iap-jwt-assertion: <JWT>.
	//
	FromHeaders []*JwtHeader `protobuf:"bytes,6,rep,name=from_headers,json=fromHeaders" json:"from_headers,omitempty"`
	// JWT is sent in a query parameter. `jwt_params` represents the query parameter names.
	//
	// For example, if config is:
	//
	// .. code-block:: yaml
	//
	//   from_params:
	//   - jwt_token
	//
	// The JWT format in query parameter is::
	//
	//    /path?jwt_token=<JWT>
	//
	FromParams []string `protobuf:"bytes,7,rep,name=from_params,json=fromParams" json:"from_params,omitempty"`
	// This field specifies the header name to forward a successfully verified JWT payload to the
	// backend. The forwarded data is::
	//
	//    base64_encoded(jwt_payload_in_JSON)
	//
	// If it is not specified, the payload will not be forwarded.
	// Multiple JWTs in a request from different issuers will be supported. Multiple JWTs from the
	// same issuer will not be supported. Each issuer can config this `forward_payload_header`. If
	// multiple JWTs from different issuers want to forward their payloads, their
	// `forward_payload_header` should be different.
	ForwardPayloadHeader string `protobuf:"bytes,8,opt,name=forward_payload_header,json=forwardPayloadHeader,proto3" json:"forward_payload_header,omitempty"`
}

This message specifies how a JSON Web Token (JWT) can be verified. JWT format is defined `here <https://tools.ietf.org/html/rfc7519>`_. Please see `OAuth2.0 

<https://tools.ietf.org/html/rfc6749>`_ and `OIDC1.0  <http://openid.net/connect>`_ for

the authentication flow.

Example:

.. code-block:: yaml 

issuer: https://example.com
audiences:
- bookstore_android.apps.googleusercontent.com
  bookstore_web.apps.googleusercontent.com
remote_jwks:
- http_uri:
  - uri: https://example.com/.well-known/jwks.json
    cluster: example_jwks_cluster
  cache_duration:
  - seconds: 300

[#not-implemented-hide:]

func (*JwtRule) Descriptor 

func (*JwtRule) Descriptor() ([]byte, []int)

func (*JwtRule) GetAudiences 

func (m *JwtRule) GetAudiences() []string

func (*JwtRule) GetForward 

func (m *JwtRule) GetForward() bool

func (*JwtRule) GetForwardPayloadHeader 

func (m *JwtRule) GetForwardPayloadHeader() string

func (*JwtRule) GetFromHeaders 

func (m *JwtRule) GetFromHeaders() []*JwtHeader

func (*JwtRule) GetFromParams 

func (m *JwtRule) GetFromParams() []string

func (*JwtRule) GetIssuer 

func (m *JwtRule) GetIssuer() string

func (*JwtRule) GetJwksSourceSpecifier 

func (m *JwtRule) GetJwksSourceSpecifier() isJwtRule_JwksSourceSpecifier

func (*JwtRule) GetLocalJwks 

func (m *JwtRule) GetLocalJwks() *DataSource

func (*JwtRule) GetRemoteJwks 

func (m *JwtRule) GetRemoteJwks() *RemoteJwks

func (*JwtRule) Marshal 

func (m *JwtRule) Marshal() (dAtA []byte, err error)

func (*JwtRule) MarshalTo 

func (m *JwtRule) MarshalTo(dAtA []byte) (int, error)

func (*JwtRule) ProtoMessage 

func (*JwtRule) ProtoMessage()

func (*JwtRule) Reset 

func (m *JwtRule) Reset()

func (*JwtRule) Size 

func (m *JwtRule) Size() (n int)

func (*JwtRule) String 

func (m *JwtRule) String() string

func (*JwtRule) Unmarshal 

func (m *JwtRule) Unmarshal(dAtA []byte) error

func (*JwtRule) XXX_OneofFuncs 

func (*JwtRule) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type JwtRule_LocalJwks 

type JwtRule_LocalJwks struct {
	LocalJwks *DataSource `protobuf:"bytes,4,opt,name=local_jwks,json=localJwks,oneof"`
}

func (*JwtRule_LocalJwks) MarshalTo 

func (m *JwtRule_LocalJwks) MarshalTo(dAtA []byte) (int, error)

func (*JwtRule_LocalJwks) Size 

func (m *JwtRule_LocalJwks) Size() (n int)

type JwtRule_RemoteJwks 

type JwtRule_RemoteJwks struct {
	RemoteJwks *RemoteJwks `protobuf:"bytes,3,opt,name=remote_jwks,json=remoteJwks,oneof"`
}

func (*JwtRule_RemoteJwks) MarshalTo 

func (m *JwtRule_RemoteJwks) MarshalTo(dAtA []byte) (int, error)

func (*JwtRule_RemoteJwks) Size 

func (m *JwtRule_RemoteJwks) Size() (n int)

type RemoteJwks 

type RemoteJwks struct {
	// The HTTP URI to fetch the JWKS. For example:
	//
	// .. code-block:: yaml
	//
	//    http_uri:
	//    - uri: https://www.googleapis.com/oauth2/v1/certs
	//      cluster: jwt.www.googleapis.com|443
	//
	HttpUri *HttpUri `protobuf:"bytes,1,opt,name=http_uri,json=httpUri" json:"http_uri,omitempty"`
	// Duration after which the cached JWKS should be expired. If not specified, default cache
	// duration is 5 minutes.
	CacheDuration *google_protobuf.Duration `protobuf:"bytes,2,opt,name=cache_duration,json=cacheDuration" json:"cache_duration,omitempty"`
}

This message specifies how to fetch JWKS from remote and how to cache it.

func (*RemoteJwks) Descriptor 

func (*RemoteJwks) Descriptor() ([]byte, []int)

func (*RemoteJwks) GetCacheDuration 

func (m *RemoteJwks) GetCacheDuration() *google_protobuf.Duration

func (*RemoteJwks) GetHttpUri 

func (m *RemoteJwks) GetHttpUri() *HttpUri

func (*RemoteJwks) Marshal 

func (m *RemoteJwks) Marshal() (dAtA []byte, err error)

func (*RemoteJwks) MarshalTo 

func (m *RemoteJwks) MarshalTo(dAtA []byte) (int, error)

func (*RemoteJwks) ProtoMessage 

func (*RemoteJwks) ProtoMessage()

func (*RemoteJwks) Reset 

func (m *RemoteJwks) Reset()

func (*RemoteJwks) Size 

func (m *RemoteJwks) Size() (n int)

func (*RemoteJwks) String 

func (m *RemoteJwks) String() string

func (*RemoteJwks) Unmarshal 

func (m *RemoteJwks) Unmarshal(dAtA []byte) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.