Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrInvalidLengthExtAuthz = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowExtAuthz   = fmt.Errorf("proto: integer overflow")
)

Functions

This section is empty.

Types

type AuthorizationRequest

type AuthorizationRequest struct {
	// Authorization request will include the client request headers that have a correspondent match
	// in the :ref:`list <envoy_api_msg_type.matcher.ListStringMatcher>`. Note that in addition to the
	// user's supplied matchers:
	//
	// 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list.
	//
	// 2. *Content-Length* will be set to 0 and the request to the authorization service will not have
	// a message body.
	//
	AllowedHeaders *matcher.ListStringMatcher `protobuf:"bytes,1,opt,name=allowed_headers,json=allowedHeaders,proto3" json:"allowed_headers,omitempty"`
	// Sets a list of headers that will be included to the request to authorization service. Note that
	// client request of the same key will be overridden.
	HeadersToAdd         []*core.HeaderValue `protobuf:"bytes,2,rep,name=headers_to_add,json=headersToAdd,proto3" json:"headers_to_add,omitempty"`
	XXX_NoUnkeyedLiteral struct{}            `json:"-"`
	XXX_unrecognized     []byte              `json:"-"`
	XXX_sizecache        int32               `json:"-"`
}

func (*AuthorizationRequest) Descriptor

func (*AuthorizationRequest) Descriptor() ([]byte, []int)

func (*AuthorizationRequest) GetAllowedHeaders

func (m *AuthorizationRequest) GetAllowedHeaders() *matcher.ListStringMatcher

func (*AuthorizationRequest) GetHeadersToAdd

func (m *AuthorizationRequest) GetHeadersToAdd() []*core.HeaderValue

func (*AuthorizationRequest) Marshal

func (m *AuthorizationRequest) Marshal() (dAtA []byte, err error)

func (*AuthorizationRequest) MarshalTo

func (m *AuthorizationRequest) MarshalTo(dAtA []byte) (int, error)

func (*AuthorizationRequest) ProtoMessage

func (*AuthorizationRequest) ProtoMessage()

func (*AuthorizationRequest) Reset

func (m *AuthorizationRequest) Reset()

func (*AuthorizationRequest) Size

func (m *AuthorizationRequest) Size() (n int)

func (*AuthorizationRequest) String

func (m *AuthorizationRequest) String() string

func (*AuthorizationRequest) Unmarshal

func (m *AuthorizationRequest) Unmarshal(dAtA []byte) error

func (*AuthorizationRequest) Validate

func (m *AuthorizationRequest) Validate() error

Validate checks the field values on AuthorizationRequest with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*AuthorizationRequest) XXX_DiscardUnknown

func (m *AuthorizationRequest) XXX_DiscardUnknown()

func (*AuthorizationRequest) XXX_Marshal

func (m *AuthorizationRequest) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AuthorizationRequest) XXX_Merge

func (m *AuthorizationRequest) XXX_Merge(src proto.Message)

func (*AuthorizationRequest) XXX_Size

func (m *AuthorizationRequest) XXX_Size() int

func (*AuthorizationRequest) XXX_Unmarshal

func (m *AuthorizationRequest) XXX_Unmarshal(b []byte) error

type AuthorizationRequestValidationError

type AuthorizationRequestValidationError struct {
	// contains filtered or unexported fields
}

AuthorizationRequestValidationError is the validation error returned by AuthorizationRequest.Validate if the designated constraints aren't met.

func (AuthorizationRequestValidationError) Cause

Cause function returns cause value.

func (AuthorizationRequestValidationError) Error

Error satisfies the builtin error interface

func (AuthorizationRequestValidationError) ErrorName

ErrorName returns error name.

func (AuthorizationRequestValidationError) Field

Field function returns field value.

func (AuthorizationRequestValidationError) Key

Key function returns key value.

func (AuthorizationRequestValidationError) Reason

Reason function returns reason value.

type AuthorizationResponse

type AuthorizationResponse struct {
	// When this :ref:`list <envoy_api_msg_type.matcher.ListStringMatcher>` is set, authorization
	// response headers that have a correspondent match will be added to the original client request.
	// Note that coexistent headers will be overridden.
	AllowedUpstreamHeaders *matcher.ListStringMatcher `` /* 129-byte string literal not displayed */
	// When this :ref:`list <envoy_api_msg_type.matcher.ListStringMatcher>`. is set, authorization
	// response headers that have a correspondent match will be added to the client's response. Note
	// that when this list is *not* set, all the authorization response headers, except *Authority
	// (Host)* will be in the response to the client. When a header is included in this list, *Path*,
	// *Status*, *Content-Length*, *WWWAuthenticate* and *Location* are automatically added.
	AllowedClientHeaders *matcher.ListStringMatcher `protobuf:"bytes,2,opt,name=allowed_client_headers,json=allowedClientHeaders,proto3" json:"allowed_client_headers,omitempty"`
	XXX_NoUnkeyedLiteral struct{}                   `json:"-"`
	XXX_unrecognized     []byte                     `json:"-"`
	XXX_sizecache        int32                      `json:"-"`
}

func (*AuthorizationResponse) Descriptor

func (*AuthorizationResponse) Descriptor() ([]byte, []int)

func (*AuthorizationResponse) GetAllowedClientHeaders

func (m *AuthorizationResponse) GetAllowedClientHeaders() *matcher.ListStringMatcher

func (*AuthorizationResponse) GetAllowedUpstreamHeaders

func (m *AuthorizationResponse) GetAllowedUpstreamHeaders() *matcher.ListStringMatcher

func (*AuthorizationResponse) Marshal

func (m *AuthorizationResponse) Marshal() (dAtA []byte, err error)

func (*AuthorizationResponse) MarshalTo

func (m *AuthorizationResponse) MarshalTo(dAtA []byte) (int, error)

func (*AuthorizationResponse) ProtoMessage

func (*AuthorizationResponse) ProtoMessage()

func (*AuthorizationResponse) Reset

func (m *AuthorizationResponse) Reset()

func (*AuthorizationResponse) Size

func (m *AuthorizationResponse) Size() (n int)

func (*AuthorizationResponse) String

func (m *AuthorizationResponse) String() string

func (*AuthorizationResponse) Unmarshal

func (m *AuthorizationResponse) Unmarshal(dAtA []byte) error

func (*AuthorizationResponse) Validate

func (m *AuthorizationResponse) Validate() error

Validate checks the field values on AuthorizationResponse with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*AuthorizationResponse) XXX_DiscardUnknown

func (m *AuthorizationResponse) XXX_DiscardUnknown()

func (*AuthorizationResponse) XXX_Marshal

func (m *AuthorizationResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AuthorizationResponse) XXX_Merge

func (m *AuthorizationResponse) XXX_Merge(src proto.Message)

func (*AuthorizationResponse) XXX_Size

func (m *AuthorizationResponse) XXX_Size() int

func (*AuthorizationResponse) XXX_Unmarshal

func (m *AuthorizationResponse) XXX_Unmarshal(b []byte) error

type AuthorizationResponseValidationError

type AuthorizationResponseValidationError struct {
	// contains filtered or unexported fields
}

AuthorizationResponseValidationError is the validation error returned by AuthorizationResponse.Validate if the designated constraints aren't met.

func (AuthorizationResponseValidationError) Cause

Cause function returns cause value.

func (AuthorizationResponseValidationError) Error

Error satisfies the builtin error interface

func (AuthorizationResponseValidationError) ErrorName

ErrorName returns error name.

func (AuthorizationResponseValidationError) Field

Field function returns field value.

func (AuthorizationResponseValidationError) Key

Key function returns key value.

func (AuthorizationResponseValidationError) Reason

Reason function returns reason value.

type BufferSettings

type BufferSettings struct {
	// Sets the maximum size of a message body that the filter will hold in memory. Envoy will return
	// *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number
	// set in this field. Note that this setting will have precedence over :ref:`failure_mode_allow
	// <envoy_api_field_config.filter.http.ext_authz.v2.ExtAuthz.failure_mode_allow>`.
	MaxRequestBytes uint32 `protobuf:"varint,1,opt,name=max_request_bytes,json=maxRequestBytes,proto3" json:"max_request_bytes,omitempty"`
	// When this field is true, Envoy will buffer the message until *max_request_bytes* is reached.
	// The authorization request will be dispatched and no 413 HTTP error will be returned by the
	// filter.
	AllowPartialMessage  bool     `protobuf:"varint,2,opt,name=allow_partial_message,json=allowPartialMessage,proto3" json:"allow_partial_message,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Configuration for buffering the request data.

func (*BufferSettings) Descriptor

func (*BufferSettings) Descriptor() ([]byte, []int)

func (*BufferSettings) GetAllowPartialMessage

func (m *BufferSettings) GetAllowPartialMessage() bool

func (*BufferSettings) GetMaxRequestBytes

func (m *BufferSettings) GetMaxRequestBytes() uint32

func (*BufferSettings) Marshal

func (m *BufferSettings) Marshal() (dAtA []byte, err error)

func (*BufferSettings) MarshalTo

func (m *BufferSettings) MarshalTo(dAtA []byte) (int, error)

func (*BufferSettings) ProtoMessage

func (*BufferSettings) ProtoMessage()

func (*BufferSettings) Reset

func (m *BufferSettings) Reset()

func (*BufferSettings) Size

func (m *BufferSettings) Size() (n int)

func (*BufferSettings) String

func (m *BufferSettings) String() string

func (*BufferSettings) Unmarshal

func (m *BufferSettings) Unmarshal(dAtA []byte) error

func (*BufferSettings) Validate

func (m *BufferSettings) Validate() error

Validate checks the field values on BufferSettings with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*BufferSettings) XXX_DiscardUnknown

func (m *BufferSettings) XXX_DiscardUnknown()

func (*BufferSettings) XXX_Marshal

func (m *BufferSettings) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*BufferSettings) XXX_Merge

func (m *BufferSettings) XXX_Merge(src proto.Message)

func (*BufferSettings) XXX_Size

func (m *BufferSettings) XXX_Size() int

func (*BufferSettings) XXX_Unmarshal

func (m *BufferSettings) XXX_Unmarshal(b []byte) error

type BufferSettingsValidationError

type BufferSettingsValidationError struct {
	// contains filtered or unexported fields
}

BufferSettingsValidationError is the validation error returned by BufferSettings.Validate if the designated constraints aren't met.

func (BufferSettingsValidationError) Cause

Cause function returns cause value.

func (BufferSettingsValidationError) Error

Error satisfies the builtin error interface

func (BufferSettingsValidationError) ErrorName

func (e BufferSettingsValidationError) ErrorName() string

ErrorName returns error name.

func (BufferSettingsValidationError) Field

Field function returns field value.

func (BufferSettingsValidationError) Key

Key function returns key value.

func (BufferSettingsValidationError) Reason

Reason function returns reason value.

type CheckSettings

type CheckSettings struct {
	// Context extensions to set on the CheckRequest's
	// :ref:`AttributeContext.context_extensions<envoy_api_field_service.auth.v2.AttributeContext.context_extensions>`
	//
	// Merge semantics for this field are such that keys from more specific configs override.
	//
	// .. note::
	//
	//   These settings are only applied to a filter configured with a
	//   :ref:`grpc_service<envoy_api_field_config.filter.http.ext_authz.v2.ExtAuthz.grpc_service>`.
	ContextExtensions    map[string]string `` /* 200-byte string literal not displayed */
	XXX_NoUnkeyedLiteral struct{}          `json:"-"`
	XXX_unrecognized     []byte            `json:"-"`
	XXX_sizecache        int32             `json:"-"`
}

Extra settings for the check request. You can use this to provide extra context for the external authorization server on specific virtual hosts \ routes. For example, adding a context extension on the virtual host level can give the ext-authz server information on what virtual host is used without needing to parse the host header. If CheckSettings is specified in multiple per-filter-configs, they will be merged in order, and the result will be used.

func (*CheckSettings) Descriptor

func (*CheckSettings) Descriptor() ([]byte, []int)

func (*CheckSettings) GetContextExtensions

func (m *CheckSettings) GetContextExtensions() map[string]string

func (*CheckSettings) Marshal

func (m *CheckSettings) Marshal() (dAtA []byte, err error)

func (*CheckSettings) MarshalTo

func (m *CheckSettings) MarshalTo(dAtA []byte) (int, error)

func (*CheckSettings) ProtoMessage

func (*CheckSettings) ProtoMessage()

func (*CheckSettings) Reset

func (m *CheckSettings) Reset()

func (*CheckSettings) Size

func (m *CheckSettings) Size() (n int)

func (*CheckSettings) String

func (m *CheckSettings) String() string

func (*CheckSettings) Unmarshal

func (m *CheckSettings) Unmarshal(dAtA []byte) error

func (*CheckSettings) Validate

func (m *CheckSettings) Validate() error

Validate checks the field values on CheckSettings with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*CheckSettings) XXX_DiscardUnknown

func (m *CheckSettings) XXX_DiscardUnknown()

func (*CheckSettings) XXX_Marshal

func (m *CheckSettings) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*CheckSettings) XXX_Merge

func (m *CheckSettings) XXX_Merge(src proto.Message)

func (*CheckSettings) XXX_Size

func (m *CheckSettings) XXX_Size() int

func (*CheckSettings) XXX_Unmarshal

func (m *CheckSettings) XXX_Unmarshal(b []byte) error

type CheckSettingsValidationError

type CheckSettingsValidationError struct {
	// contains filtered or unexported fields
}

CheckSettingsValidationError is the validation error returned by CheckSettings.Validate if the designated constraints aren't met.

func (CheckSettingsValidationError) Cause

Cause function returns cause value.

func (CheckSettingsValidationError) Error

Error satisfies the builtin error interface

func (CheckSettingsValidationError) ErrorName

func (e CheckSettingsValidationError) ErrorName() string

ErrorName returns error name.

func (CheckSettingsValidationError) Field

Field function returns field value.

func (CheckSettingsValidationError) Key

Key function returns key value.

func (CheckSettingsValidationError) Reason

Reason function returns reason value.

type ExtAuthz

type ExtAuthz struct {
	// External authorization service configuration.
	//
	// Types that are valid to be assigned to Services:
	//	*ExtAuthz_GrpcService
	//	*ExtAuthz_HttpService
	Services isExtAuthz_Services `protobuf_oneof:"services"`
	//  Changes filter's behaviour on errors:
	//
	//  1. When set to true, the filter will *accept* client request even if the communication with
	//  the authorization service has failed, or if the authorization service has returned a HTTP 5xx
	//  error.
	//
	//  2. When set to false, ext-authz will *reject* client requests and return a *Forbidden*
	//  response if the communication with the authorization service has failed, or if the
	//  authorization service has returned a HTTP 5xx error.
	//
	// Note that errors can be *always* tracked in the :ref:`stats
	// <config_http_filters_ext_authz_stats>`.
	FailureModeAllow bool `protobuf:"varint,2,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"`
	// Sets the package version the gRPC service should use. This is particularly
	// useful when transitioning from alpha to release versions assuming that both definitions are
	// semantically compatible. Deprecation note: This field is deprecated and should only be used for
	// version upgrade. See release notes for more details.
	UseAlpha bool `protobuf:"varint,4,opt,name=use_alpha,json=useAlpha,proto3" json:"use_alpha,omitempty"` // Deprecated: Do not use.
	// Enables filter to buffer the client request body and send it within the authorization request.
	WithRequestBody *BufferSettings `protobuf:"bytes,5,opt,name=with_request_body,json=withRequestBody,proto3" json:"with_request_body,omitempty"`
	// Clears route cache in order to allow the external authorization service to correctly affect
	// routing decisions. Filter clears all cached routes when:
	//
	// 1. The field is set to *true*.
	//
	// 2. The status returned from the authorization service is a HTTP 200 or gRPC 0.
	//
	// 3. At least one *authorization response header* is added to the client request, or is used for
	// altering another client request header.
	//
	ClearRouteCache      bool     `protobuf:"varint,6,opt,name=clear_route_cache,json=clearRouteCache,proto3" json:"clear_route_cache,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

func (*ExtAuthz) Descriptor

func (*ExtAuthz) Descriptor() ([]byte, []int)

func (*ExtAuthz) GetClearRouteCache

func (m *ExtAuthz) GetClearRouteCache() bool

func (*ExtAuthz) GetFailureModeAllow

func (m *ExtAuthz) GetFailureModeAllow() bool

func (*ExtAuthz) GetGrpcService

func (m *ExtAuthz) GetGrpcService() *core.GrpcService

func (*ExtAuthz) GetHttpService

func (m *ExtAuthz) GetHttpService() *HttpService

func (*ExtAuthz) GetServices

func (m *ExtAuthz) GetServices() isExtAuthz_Services

func (*ExtAuthz) GetUseAlpha deprecated

This method has been deprecated.
func (m *ExtAuthz) GetUseAlpha() bool

Deprecated: Do not use.

func (*ExtAuthz) GetWithRequestBody

func (m *ExtAuthz) GetWithRequestBody() *BufferSettings

func (*ExtAuthz) Marshal

func (m *ExtAuthz) Marshal() (dAtA []byte, err error)

func (*ExtAuthz) MarshalTo

func (m *ExtAuthz) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthz) ProtoMessage

func (*ExtAuthz) ProtoMessage()

func (*ExtAuthz) Reset

func (m *ExtAuthz) Reset()

func (*ExtAuthz) Size

func (m *ExtAuthz) Size() (n int)

func (*ExtAuthz) String

func (m *ExtAuthz) String() string

func (*ExtAuthz) Unmarshal

func (m *ExtAuthz) Unmarshal(dAtA []byte) error

func (*ExtAuthz) Validate

func (m *ExtAuthz) Validate() error

Validate checks the field values on ExtAuthz with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*ExtAuthz) XXX_DiscardUnknown

func (m *ExtAuthz) XXX_DiscardUnknown()

func (*ExtAuthz) XXX_Marshal

func (m *ExtAuthz) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ExtAuthz) XXX_Merge

func (m *ExtAuthz) XXX_Merge(src proto.Message)

func (*ExtAuthz) XXX_OneofFuncs

func (*ExtAuthz) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

func (*ExtAuthz) XXX_Size

func (m *ExtAuthz) XXX_Size() int

func (*ExtAuthz) XXX_Unmarshal

func (m *ExtAuthz) XXX_Unmarshal(b []byte) error

type ExtAuthzPerRoute

type ExtAuthzPerRoute struct {
	// Types that are valid to be assigned to Override:
	//	*ExtAuthzPerRoute_Disabled
	//	*ExtAuthzPerRoute_CheckSettings
	Override             isExtAuthzPerRoute_Override `protobuf_oneof:"override"`
	XXX_NoUnkeyedLiteral struct{}                    `json:"-"`
	XXX_unrecognized     []byte                      `json:"-"`
	XXX_sizecache        int32                       `json:"-"`
}

Extra settings on a per virtualhost/route/weighted-cluster level.

func (*ExtAuthzPerRoute) Descriptor

func (*ExtAuthzPerRoute) Descriptor() ([]byte, []int)

func (*ExtAuthzPerRoute) GetCheckSettings

func (m *ExtAuthzPerRoute) GetCheckSettings() *CheckSettings

func (*ExtAuthzPerRoute) GetDisabled

func (m *ExtAuthzPerRoute) GetDisabled() bool

func (*ExtAuthzPerRoute) GetOverride

func (m *ExtAuthzPerRoute) GetOverride() isExtAuthzPerRoute_Override

func (*ExtAuthzPerRoute) Marshal

func (m *ExtAuthzPerRoute) Marshal() (dAtA []byte, err error)

func (*ExtAuthzPerRoute) MarshalTo

func (m *ExtAuthzPerRoute) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthzPerRoute) ProtoMessage

func (*ExtAuthzPerRoute) ProtoMessage()

func (*ExtAuthzPerRoute) Reset

func (m *ExtAuthzPerRoute) Reset()

func (*ExtAuthzPerRoute) Size

func (m *ExtAuthzPerRoute) Size() (n int)

func (*ExtAuthzPerRoute) String

func (m *ExtAuthzPerRoute) String() string

func (*ExtAuthzPerRoute) Unmarshal

func (m *ExtAuthzPerRoute) Unmarshal(dAtA []byte) error

func (*ExtAuthzPerRoute) Validate

func (m *ExtAuthzPerRoute) Validate() error

Validate checks the field values on ExtAuthzPerRoute with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*ExtAuthzPerRoute) XXX_DiscardUnknown

func (m *ExtAuthzPerRoute) XXX_DiscardUnknown()

func (*ExtAuthzPerRoute) XXX_Marshal

func (m *ExtAuthzPerRoute) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*ExtAuthzPerRoute) XXX_Merge

func (m *ExtAuthzPerRoute) XXX_Merge(src proto.Message)

func (*ExtAuthzPerRoute) XXX_OneofFuncs

func (*ExtAuthzPerRoute) XXX_OneofFuncs() (func(msg proto.Message, b *proto.Buffer) error, func(msg proto.Message, tag, wire int, b *proto.Buffer) (bool, error), func(msg proto.Message) (n int), []interface{})

XXX_OneofFuncs is for the internal use of the proto package.

func (*ExtAuthzPerRoute) XXX_Size

func (m *ExtAuthzPerRoute) XXX_Size() int

func (*ExtAuthzPerRoute) XXX_Unmarshal

func (m *ExtAuthzPerRoute) XXX_Unmarshal(b []byte) error

type ExtAuthzPerRouteValidationError

type ExtAuthzPerRouteValidationError struct {
	// contains filtered or unexported fields
}

ExtAuthzPerRouteValidationError is the validation error returned by ExtAuthzPerRoute.Validate if the designated constraints aren't met.

func (ExtAuthzPerRouteValidationError) Cause

Cause function returns cause value.

func (ExtAuthzPerRouteValidationError) Error

Error satisfies the builtin error interface

func (ExtAuthzPerRouteValidationError) ErrorName

ErrorName returns error name.

func (ExtAuthzPerRouteValidationError) Field

Field function returns field value.

func (ExtAuthzPerRouteValidationError) Key

Key function returns key value.

func (ExtAuthzPerRouteValidationError) Reason

Reason function returns reason value.

type ExtAuthzPerRoute_CheckSettings

type ExtAuthzPerRoute_CheckSettings struct {
	CheckSettings *CheckSettings `protobuf:"bytes,2,opt,name=check_settings,json=checkSettings,proto3,oneof"`
}

func (*ExtAuthzPerRoute_CheckSettings) MarshalTo

func (m *ExtAuthzPerRoute_CheckSettings) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthzPerRoute_CheckSettings) Size

func (m *ExtAuthzPerRoute_CheckSettings) Size() (n int)

type ExtAuthzPerRoute_Disabled

type ExtAuthzPerRoute_Disabled struct {
	Disabled bool `protobuf:"varint,1,opt,name=disabled,proto3,oneof"`
}

func (*ExtAuthzPerRoute_Disabled) MarshalTo

func (m *ExtAuthzPerRoute_Disabled) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthzPerRoute_Disabled) Size

func (m *ExtAuthzPerRoute_Disabled) Size() (n int)

type ExtAuthzValidationError

type ExtAuthzValidationError struct {
	// contains filtered or unexported fields
}

ExtAuthzValidationError is the validation error returned by ExtAuthz.Validate if the designated constraints aren't met.

func (ExtAuthzValidationError) Cause

func (e ExtAuthzValidationError) Cause() error

Cause function returns cause value.

func (ExtAuthzValidationError) Error

func (e ExtAuthzValidationError) Error() string

Error satisfies the builtin error interface

func (ExtAuthzValidationError) ErrorName

func (e ExtAuthzValidationError) ErrorName() string

ErrorName returns error name.

func (ExtAuthzValidationError) Field

func (e ExtAuthzValidationError) Field() string

Field function returns field value.

func (ExtAuthzValidationError) Key

func (e ExtAuthzValidationError) Key() bool

Key function returns key value.

func (ExtAuthzValidationError) Reason

func (e ExtAuthzValidationError) Reason() string

Reason function returns reason value.

type ExtAuthz_GrpcService

type ExtAuthz_GrpcService struct {
	GrpcService *core.GrpcService `protobuf:"bytes,1,opt,name=grpc_service,json=grpcService,proto3,oneof"`
}

func (*ExtAuthz_GrpcService) MarshalTo

func (m *ExtAuthz_GrpcService) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthz_GrpcService) Size

func (m *ExtAuthz_GrpcService) Size() (n int)

type ExtAuthz_HttpService

type ExtAuthz_HttpService struct {
	HttpService *HttpService `protobuf:"bytes,3,opt,name=http_service,json=httpService,proto3,oneof"`
}

func (*ExtAuthz_HttpService) MarshalTo

func (m *ExtAuthz_HttpService) MarshalTo(dAtA []byte) (int, error)

func (*ExtAuthz_HttpService) Size

func (m *ExtAuthz_HttpService) Size() (n int)

type HttpService

type HttpService struct {
	// Sets the HTTP server URI which the authorization requests must be sent to.
	ServerUri *core.HttpUri `protobuf:"bytes,1,opt,name=server_uri,json=serverUri,proto3" json:"server_uri,omitempty"`
	// Sets a prefix to the value of authorization request header *Path*.
	PathPrefix string `protobuf:"bytes,2,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"`
	// Settings used for controlling authorization request metadata.
	AuthorizationRequest *AuthorizationRequest `protobuf:"bytes,7,opt,name=authorization_request,json=authorizationRequest,proto3" json:"authorization_request,omitempty"`
	// Settings used for controlling authorization response metadata.
	AuthorizationResponse *AuthorizationResponse `protobuf:"bytes,8,opt,name=authorization_response,json=authorizationResponse,proto3" json:"authorization_response,omitempty"`
	XXX_NoUnkeyedLiteral  struct{}               `json:"-"`
	XXX_unrecognized      []byte                 `json:"-"`
	XXX_sizecache         int32                  `json:"-"`
}

HttpService is used for raw HTTP communication between the filter and the authorization service. When configured, the filter will parse the client request and use these attributes to call the authorization server. Depending on the response, the filter may reject or accept the client request. Note that in any of these events, metadata can be added, removed or overridden by the filter:

*On authorization request*, a list of allowed request headers may be supplied. See :ref:`allowed_headers <envoy_api_field_config.filter.http.ext_authz.v2.AuthorizationRequest.allowed_headers>` for details. Additional headers metadata may be added to the authorization request. See :ref:`headers_to_add <envoy_api_field_config.filter.http.ext_authz.v2.AuthorizationRequest.headers_to_add>` for details.

On authorization response status HTTP 200 OK, the filter will allow traffic to the upstream and additional headers metadata may be added to the original client request. See :ref:`allowed_upstream_headers <envoy_api_field_config.filter.http.ext_authz.v2.AuthorizationResponse.allowed_upstream_headers>` for details.

On other authorization response statuses, the filter will not allow traffic. Additional headers metadata as well as body may be added to the client's response. See :ref:`allowed_client_headers <envoy_api_field_config.filter.http.ext_authz.v2.AuthorizationResponse.allowed_client_headers>` for details.

func (*HttpService) Descriptor

func (*HttpService) Descriptor() ([]byte, []int)

func (*HttpService) GetAuthorizationRequest

func (m *HttpService) GetAuthorizationRequest() *AuthorizationRequest

func (*HttpService) GetAuthorizationResponse

func (m *HttpService) GetAuthorizationResponse() *AuthorizationResponse

func (*HttpService) GetPathPrefix

func (m *HttpService) GetPathPrefix() string

func (*HttpService) GetServerUri

func (m *HttpService) GetServerUri() *core.HttpUri

func (*HttpService) Marshal

func (m *HttpService) Marshal() (dAtA []byte, err error)

func (*HttpService) MarshalTo

func (m *HttpService) MarshalTo(dAtA []byte) (int, error)

func (*HttpService) ProtoMessage

func (*HttpService) ProtoMessage()

func (*HttpService) Reset

func (m *HttpService) Reset()

func (*HttpService) Size

func (m *HttpService) Size() (n int)

func (*HttpService) String

func (m *HttpService) String() string

func (*HttpService) Unmarshal

func (m *HttpService) Unmarshal(dAtA []byte) error

func (*HttpService) Validate

func (m *HttpService) Validate() error

Validate checks the field values on HttpService with the rules defined in the proto definition for this message. If any rules are violated, an error is returned.

func (*HttpService) XXX_DiscardUnknown

func (m *HttpService) XXX_DiscardUnknown()

func (*HttpService) XXX_Marshal

func (m *HttpService) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*HttpService) XXX_Merge

func (m *HttpService) XXX_Merge(src proto.Message)

func (*HttpService) XXX_Size

func (m *HttpService) XXX_Size() int

func (*HttpService) XXX_Unmarshal

func (m *HttpService) XXX_Unmarshal(b []byte) error

type HttpServiceValidationError

type HttpServiceValidationError struct {
	// contains filtered or unexported fields
}

HttpServiceValidationError is the validation error returned by HttpService.Validate if the designated constraints aren't met.

func (HttpServiceValidationError) Cause

Cause function returns cause value.

func (HttpServiceValidationError) Error

Error satisfies the builtin error interface

func (HttpServiceValidationError) ErrorName

func (e HttpServiceValidationError) ErrorName() string

ErrorName returns error name.

func (HttpServiceValidationError) Field

Field function returns field value.

func (HttpServiceValidationError) Key

Key function returns key value.

func (HttpServiceValidationError) Reason

Reason function returns reason value.