schema

package
v0.0.0-...-edc4474 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 5, 2026 License: Apache-2.0 Imports: 11 Imported by: 0

README

CEL Authorizer Schema

This package contains the protobuf definition of the data used in the CEL authorizer.

It describes the fields you have available for use in the CEL expression.

When you update the schema, you must regenerate the associated go code:

docker run -v "$(pwd):/workspace" --workspace "/workspace" --pull always bufbuild/buf generate

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_schema_proto protoreflect.FileDescriptor

Functions

func NewHeaders 

func NewHeaders(headers map[string][]string) map[string]*HeaderValues

Types

type GrpcRequest 

type GrpcRequest struct {

	// The GRPC service name: eg grpc.health.v1.Health
	Service string `protobuf:"bytes,1,opt,name=service,proto3" json:"service,omitempty"`
	// The method name, eg Check
	Method string `protobuf:"bytes,2,opt,name=method,proto3" json:"method,omitempty"`
	// The GRPC request metadata. Key values have been made canonical
	// by golangs net/http.CanonicalHeaderKey
	Headers map[string]*HeaderValues `` /* 155-byte string literal not displayed */
	// The TLS information. May be absent for non TLS protected requests.
	Tls *TLS `protobuf:"bytes,4,opt,name=tls,proto3" json:"tls,omitempty"`
	// The jwt passed into the request. May be absent.
	Jwt *JWT `protobuf:"bytes,5,opt,name=jwt,proto3" json:"jwt,omitempty"`
	// contains filtered or unexported fields
}

func (*GrpcRequest) Descriptor deprecated 

func (*GrpcRequest) Descriptor() ([]byte, []int)

Deprecated: Use GrpcRequest.ProtoReflect.Descriptor instead.

func (*GrpcRequest) GetHeaders 

func (x *GrpcRequest) GetHeaders() map[string]*HeaderValues

func (*GrpcRequest) GetJwt 

func (x *GrpcRequest) GetJwt() *JWT

func (*GrpcRequest) GetMethod 

func (x *GrpcRequest) GetMethod() string

func (*GrpcRequest) GetService 

func (x *GrpcRequest) GetService() string

func (*GrpcRequest) GetTls 

func (x *GrpcRequest) GetTls() *TLS

func (*GrpcRequest) ProtoMessage 

func (*GrpcRequest) ProtoMessage()

func (*GrpcRequest) ProtoReflect 

func (x *GrpcRequest) ProtoReflect() protoreflect.Message

func (*GrpcRequest) Reset 

func (x *GrpcRequest) Reset()

func (*GrpcRequest) String 

func (x *GrpcRequest) String() string

type HeaderValues 

type HeaderValues struct {
	Value []string `protobuf:"bytes,1,rep,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

func (*HeaderValues) Descriptor deprecated 

func (*HeaderValues) Descriptor() ([]byte, []int)

Deprecated: Use HeaderValues.ProtoReflect.Descriptor instead.

func (*HeaderValues) GetValue 

func (x *HeaderValues) GetValue() []string

func (*HeaderValues) ProtoMessage 

func (*HeaderValues) ProtoMessage()

func (*HeaderValues) ProtoReflect 

func (x *HeaderValues) ProtoReflect() protoreflect.Message

func (*HeaderValues) Reset 

func (x *HeaderValues) Reset()

func (*HeaderValues) String 

func (x *HeaderValues) String() string

type HttpRequest 

type HttpRequest struct {

	// The HTTP request method, such as `GET`, `POST`
	Method string `protobuf:"bytes,1,opt,name=method,proto3" json:"method,omitempty"`
	// The HTTP request headers. Header names are made canonical
	// by golangs net/http.CanonicalHeaderKey
	Headers map[string]string `` /* 155-byte string literal not displayed */
	// The HTTP URL path
	Path string `protobuf:"bytes,3,opt,name=path,proto3" json:"path,omitempty"`
	// The HTTP request `Host`
	Host string `protobuf:"bytes,4,opt,name=host,proto3" json:"host,omitempty"`
	// The HTTP URL scheme, such as `http` or `https`
	Scheme string `protobuf:"bytes,5,opt,name=scheme,proto3" json:"scheme,omitempty"`
	// The HTTP URL query in the format of `name1=value1&name2=value2`, as it
	// appears in the first line of the HTTP request. No decoding is performed
	// TODO: maybe decode this for ease of use in the CEL rule?
	Query string `protobuf:"bytes,6,opt,name=query,proto3" json:"query,omitempty"`
	// The HTTP request size in bytes. If unkown, it will be -1
	Size int64 `protobuf:"varint,7,opt,name=size,proto3" json:"size,omitempty"`
	// The network protocol used with the request, such as "http/1.1"
	// "spdy/3", "h2", "h2c", "webrtc", "tcp", "udp", "quick", See
	// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#alpn-protocol-ids
	Protocol string `protobuf:"bytes,8,opt,name=protocol,proto3" json:"protocol,omitempty"`
	// The TLS information. May be absent for non TLS protected requests.
	Tls *TLS `protobuf:"bytes,9,opt,name=tls,proto3" json:"tls,omitempty"`
	// The jwt passed into the request. May be absent.
	Jwt *JWT `protobuf:"bytes,10,opt,name=jwt,proto3" json:"jwt,omitempty"`
	// contains filtered or unexported fields
}

func (*HttpRequest) Descriptor deprecated 

func (*HttpRequest) Descriptor() ([]byte, []int)

Deprecated: Use HttpRequest.ProtoReflect.Descriptor instead.

func (*HttpRequest) GetHeaders 

func (x *HttpRequest) GetHeaders() map[string]string

func (*HttpRequest) GetHost 

func (x *HttpRequest) GetHost() string

func (*HttpRequest) GetJwt 

func (x *HttpRequest) GetJwt() *JWT

func (*HttpRequest) GetMethod 

func (x *HttpRequest) GetMethod() string

func (*HttpRequest) GetPath 

func (x *HttpRequest) GetPath() string

func (*HttpRequest) GetProtocol 

func (x *HttpRequest) GetProtocol() string

func (*HttpRequest) GetQuery 

func (x *HttpRequest) GetQuery() string

func (*HttpRequest) GetScheme 

func (x *HttpRequest) GetScheme() string

func (*HttpRequest) GetSize 

func (x *HttpRequest) GetSize() int64

func (*HttpRequest) GetTls 

func (x *HttpRequest) GetTls() *TLS

func (*HttpRequest) ProtoMessage 

func (*HttpRequest) ProtoMessage()

func (*HttpRequest) ProtoReflect 

func (x *HttpRequest) ProtoReflect() protoreflect.Message

func (*HttpRequest) Reset 

func (x *HttpRequest) Reset()

func (*HttpRequest) String 

func (x *HttpRequest) String() string

type JWT 

type JWT struct {
	Subject       string                 `protobuf:"bytes,1,opt,name=subject,proto3" json:"subject,omitempty"`
	Email         string                 `protobuf:"bytes,2,opt,name=email,proto3" json:"email,omitempty"`
	EmailVerified bool                   `protobuf:"varint,3,opt,name=email_verified,json=emailVerified,proto3" json:"email_verified,omitempty"`
	Groups        []string               `protobuf:"bytes,4,rep,name=groups,proto3" json:"groups,omitempty"`
	Issuer        string                 `protobuf:"bytes,5,opt,name=issuer,proto3" json:"issuer,omitempty"`
	Audience      []string               `protobuf:"bytes,6,rep,name=audience,proto3" json:"audience,omitempty"`
	IssuedAt      *timestamppb.Timestamp `protobuf:"bytes,7,opt,name=issued_at,json=issuedAt,proto3" json:"issued_at,omitempty"`
	Expiry        *timestamppb.Timestamp `protobuf:"bytes,8,opt,name=expiry,proto3" json:"expiry,omitempty"`
	// contains filtered or unexported fields
}

func NewJWT 

func NewJWT(token *oidc.IDToken) *JWT

func (*JWT) Descriptor deprecated 

func (*JWT) Descriptor() ([]byte, []int)

Deprecated: Use JWT.ProtoReflect.Descriptor instead.

func (*JWT) GetAudience 

func (x *JWT) GetAudience() []string

func (*JWT) GetEmail 

func (x *JWT) GetEmail() string

func (*JWT) GetEmailVerified 

func (x *JWT) GetEmailVerified() bool

func (*JWT) GetExpiry 

func (x *JWT) GetExpiry() *timestamppb.Timestamp

func (*JWT) GetGroups 

func (x *JWT) GetGroups() []string

func (*JWT) GetIssuedAt 

func (x *JWT) GetIssuedAt() *timestamppb.Timestamp

func (*JWT) GetIssuer 

func (x *JWT) GetIssuer() string

func (*JWT) GetSubject 

func (x *JWT) GetSubject() string

func (*JWT) ProtoMessage 

func (*JWT) ProtoMessage()

func (*JWT) ProtoReflect 

func (x *JWT) ProtoReflect() protoreflect.Message

func (*JWT) Reset 

func (x *JWT) Reset()

func (*JWT) String 

func (x *JWT) String() string

type TLS 

type TLS struct {
	Version      uint64                 `protobuf:"varint,1,opt,name=version,proto3" json:"version,omitempty"`
	SerialNumber uint64                 `protobuf:"varint,2,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"`
	Issuer       *TLSName               `protobuf:"bytes,3,opt,name=issuer,proto3" json:"issuer,omitempty"`
	Subject      *TLSName               `protobuf:"bytes,4,opt,name=subject,proto3" json:"subject,omitempty"`
	NotBefore    *timestamppb.Timestamp `protobuf:"bytes,5,opt,name=not_before,json=notBefore,proto3" json:"not_before,omitempty"`
	NotAfter     *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=not_after,json=notAfter,proto3" json:"not_after,omitempty"`
	IsCa         bool                   `protobuf:"varint,7,opt,name=is_ca,json=isCa,proto3" json:"is_ca,omitempty"`
	// SAN values
	DnsNames       []string `protobuf:"bytes,8,rep,name=dns_names,json=dnsNames,proto3" json:"dns_names,omitempty"`
	EmailAddresses []string `protobuf:"bytes,9,rep,name=email_addresses,json=emailAddresses,proto3" json:"email_addresses,omitempty"`
	IpAddresses    []string `protobuf:"bytes,10,rep,name=ip_addresses,json=ipAddresses,proto3" json:"ip_addresses,omitempty"`
	Uris           []string `protobuf:"bytes,11,rep,name=uris,proto3" json:"uris,omitempty"`
	// contains filtered or unexported fields
}

func NewTLS 

func NewTLS(cert *x509.Certificate) *TLS

func (*TLS) Descriptor deprecated 

func (*TLS) Descriptor() ([]byte, []int)

Deprecated: Use TLS.ProtoReflect.Descriptor instead.

func (*TLS) GetDnsNames 

func (x *TLS) GetDnsNames() []string

func (*TLS) GetEmailAddresses 

func (x *TLS) GetEmailAddresses() []string

func (*TLS) GetIpAddresses 

func (x *TLS) GetIpAddresses() []string

func (*TLS) GetIsCa 

func (x *TLS) GetIsCa() bool

func (*TLS) GetIssuer 

func (x *TLS) GetIssuer() *TLSName

func (*TLS) GetNotAfter 

func (x *TLS) GetNotAfter() *timestamppb.Timestamp

func (*TLS) GetNotBefore 

func (x *TLS) GetNotBefore() *timestamppb.Timestamp

func (*TLS) GetSerialNumber 

func (x *TLS) GetSerialNumber() uint64

func (*TLS) GetSubject 

func (x *TLS) GetSubject() *TLSName

func (*TLS) GetUris 

func (x *TLS) GetUris() []string

func (*TLS) GetVersion 

func (x *TLS) GetVersion() uint64

func (*TLS) ProtoMessage 

func (*TLS) ProtoMessage()

func (*TLS) ProtoReflect 

func (x *TLS) ProtoReflect() protoreflect.Message

func (*TLS) Reset 

func (x *TLS) Reset()

func (*TLS) String 

func (x *TLS) String() string

type TLSName 

type TLSName struct {
	Country            []string `protobuf:"bytes,1,rep,name=country,proto3" json:"country,omitempty"`
	Organization       []string `protobuf:"bytes,2,rep,name=organization,proto3" json:"organization,omitempty"`
	OrganizationalUnit []string `protobuf:"bytes,3,rep,name=organizational_unit,json=organizationalUnit,proto3" json:"organizational_unit,omitempty"`
	Locality           []string `protobuf:"bytes,4,rep,name=locality,proto3" json:"locality,omitempty"`
	Province           []string `protobuf:"bytes,5,rep,name=province,proto3" json:"province,omitempty"`
	StreetAddress      []string `protobuf:"bytes,6,rep,name=street_address,json=streetAddress,proto3" json:"street_address,omitempty"`
	PostalCode         []string `protobuf:"bytes,7,rep,name=postal_code,json=postalCode,proto3" json:"postal_code,omitempty"`
	SerialNumber       string   `protobuf:"bytes,8,opt,name=serial_number,json=serialNumber,proto3" json:"serial_number,omitempty"`
	CommonName         string   `protobuf:"bytes,9,opt,name=common_name,json=commonName,proto3" json:"common_name,omitempty"`
	// contains filtered or unexported fields
}

func (*TLSName) Descriptor deprecated 

func (*TLSName) Descriptor() ([]byte, []int)

Deprecated: Use TLSName.ProtoReflect.Descriptor instead.

func (*TLSName) GetCommonName 

func (x *TLSName) GetCommonName() string

func (*TLSName) GetCountry 

func (x *TLSName) GetCountry() []string

func (*TLSName) GetLocality 

func (x *TLSName) GetLocality() []string

func (*TLSName) GetOrganization 

func (x *TLSName) GetOrganization() []string

func (*TLSName) GetOrganizationalUnit 

func (x *TLSName) GetOrganizationalUnit() []string

func (*TLSName) GetPostalCode 

func (x *TLSName) GetPostalCode() []string

func (*TLSName) GetProvince 

func (x *TLSName) GetProvince() []string

func (*TLSName) GetSerialNumber 

func (x *TLSName) GetSerialNumber() string

func (*TLSName) GetStreetAddress 

func (x *TLSName) GetStreetAddress() []string

func (*TLSName) ProtoMessage 

func (*TLSName) ProtoMessage()

func (*TLSName) ProtoReflect 

func (x *TLSName) ProtoReflect() protoreflect.Message

func (*TLSName) Reset 

func (x *TLSName) Reset()

func (*TLSName) String 

func (x *TLSName) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.