v2alpha

package
v0.0.0-...-113c6ea Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 27, 2019 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package v2alpha is a generated protocol buffer package.

It is generated from these files: 

envoy/config/filter/http/ext_authz/v2alpha/ext_authz.proto

It has these top-level messages: 

ExtAuthz
HttpService

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrInvalidLengthExtAuthz = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowExtAuthz   = fmt.Errorf("proto: integer overflow")
)

Functions

This section is empty.

Types

type ExtAuthz 

type ExtAuthz struct {
	// Types that are valid to be assigned to Services:
	//	*ExtAuthz_GrpcService
	//	*ExtAuthz_HttpService
	Services isExtAuthz_Services `protobuf_oneof:"services"`
	// The filter's behaviour in case the external authorization service does
	// not respond back. When it is set to true, Envoy will also allow traffic in case of
	// communication failure between authorization service and the proxy.
	// Defaults to false.
	FailureModeAllow bool `protobuf:"varint,2,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"`
}

External Authorization filter calls out to an external service over either:

  1. gRPC Authorization API defined by :ref:`CheckRequest <envoy_api_msg_service.auth.v2alpha.CheckRequest>`.
  2. Raw HTTP Authorization server by passing the request headers to the service.

A failed check will cause this filter to close the HTTP request normally with 403 (Forbidden), unless a different status code has been indicated in the authorization response.

func (*ExtAuthz) Descriptor 

func (*ExtAuthz) Descriptor() ([]byte, []int)

func (*ExtAuthz) GetFailureModeAllow 

func (m *ExtAuthz) GetFailureModeAllow() bool

func (*ExtAuthz) GetGrpcService 

func (m *ExtAuthz) GetGrpcService() *envoy_api_v2_core1.GrpcService

func (*ExtAuthz) GetHttpService 

func (m *ExtAuthz) GetHttpService() *HttpService

func (*ExtAuthz) GetServices 

func (m *ExtAuthz) GetServices() isExtAuthz_Services

func (*ExtAuthz) Marshal 

func (m *ExtAuthz) Marshal() (dAtA []byte, err error)

func (*ExtAuthz) MarshalTo 

func (m *ExtAuthz) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthz) ProtoMessage 

func (*ExtAuthz) ProtoMessage()

func (*ExtAuthz) Reset 

func (m *ExtAuthz) Reset()

func (*ExtAuthz) Size 

func (m *ExtAuthz) Size() (n int)

func (*ExtAuthz) String 

func (m *ExtAuthz) String() string

func (*ExtAuthz) Unmarshal 

func (m *ExtAuthz) Unmarshal(dAtA []byte) error

func (*ExtAuthz) Validate 

func (m *ExtAuthz) Validate() error

Validate checks the field values on ExtAuthz with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*ExtAuthz) XXX_OneofFuncs 

func (*ExtAuthz) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

type ExtAuthzValidationError 

type ExtAuthzValidationError struct {
	Field  string
	Reason string
	Cause  error
	Key    bool
}

ExtAuthzValidationError is the validation error returned by ExtAuthz.Validate if the designated constraints aren't met.

func (ExtAuthzValidationError) Error 

func (e ExtAuthzValidationError) Error() string

Error satisfies the builtin error interface

type ExtAuthz_GrpcService 

type ExtAuthz_GrpcService struct {
	GrpcService *envoy_api_v2_core1.GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,oneof"`
}

func (*ExtAuthz_GrpcService) MarshalTo 

func (m *ExtAuthz_GrpcService) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthz_GrpcService) Size 

func (m *ExtAuthz_GrpcService) Size() (n int)

type ExtAuthz_HttpService 

type ExtAuthz_HttpService struct {
	HttpService *HttpService `protobuf:"bytes,3,opt,name=http_service,json=httpService,oneof"`
}

func (*ExtAuthz_HttpService) MarshalTo 

func (m *ExtAuthz_HttpService) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthz_HttpService) Size 

func (m *ExtAuthz_HttpService) Size() (n int)

type HttpService 

type HttpService struct {
	// Sets the HTTP server URI which the authorization requests must be sent to.
	ServerUri *envoy_api_v2_core2.HttpUri `protobuf:"bytes,1,opt,name=server_uri,json=serverUri" json:"server_uri,omitempty"`
	// Sets an optional prefix to the value of authorization request header `path`.
	PathPrefix string `protobuf:"bytes,2,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"`
	// Sets a list of headers that should be not be sent *from the authorization server* to the
	// upstream.
	ResponseHeadersToRemove []string `` /* 127-byte string literal not displayed */
}

External Authorization filter calls out to an upstream authorization server by passing the raw HTTP request headers to the server. This allows the authorization service to take a decision whether the request is authorized or not.

A successful check allows the authorization service adding or overriding headers from the original request before dispatching it to the upstream. This is done by including the headers in the response sent back from the authorization service to the filter. Note that `Status`, `Method`, `Path` and `Content Length` response headers are automatically removed from this response by the filter. If other headers need be deleted, they should be specified in `response_headers_to_remove` field.

A failed check will cause this filter to close the HTTP request normally with 403 (Forbidden), unless a different status code has been indicated by the authorization service via response headers. The HTTP service also allows the authorization filter to also pass data from the response body to the downstream client in case of a denied request.

func (*HttpService) Descriptor 

func (*HttpService) Descriptor() ([]byte, []int)

func (*HttpService) GetPathPrefix 

func (m *HttpService) GetPathPrefix() string

func (*HttpService) GetResponseHeadersToRemove 

func (m *HttpService) GetResponseHeadersToRemove() []string

func (*HttpService) GetServerUri 

func (m *HttpService) GetServerUri() *envoy_api_v2_core2.HttpUri

func (*HttpService) Marshal 

func (m *HttpService) Marshal() (dAtA []byte, err error)

func (*HttpService) MarshalTo 

func (m *HttpService) MarshalTo(dAtA []byte) (int, error)

func (*HttpService) ProtoMessage 

func (*HttpService) ProtoMessage()

func (*HttpService) Reset 

func (m *HttpService) Reset()

func (*HttpService) Size 

func (m *HttpService) Size() (n int)

func (*HttpService) String 

func (m *HttpService) String() string

func (*HttpService) Unmarshal 

func (m *HttpService) Unmarshal(dAtA []byte) error

func (*HttpService) Validate 

func (m *HttpService) Validate() error

Validate checks the field values on HttpService with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

type HttpServiceValidationError 

type HttpServiceValidationError struct {
	Field  string
	Reason string
	Cause  error
	Key    bool
}

HttpServiceValidationError is the validation error returned by HttpService.Validate if the designated constraints aren't met.

func (HttpServiceValidationError) Error 

func (e HttpServiceValidationError) Error() string

Error satisfies the builtin error interface

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.