Documentation ¶
Index ¶
- Constants
- Variables
- func NewEnterpriseEventLoop(emitter EnterpriseSnapshotEmitter, syncer EnterpriseSyncer) eventloop.EventLoop
- func NewEnterpriseSimpleEventLoop(emitter EnterpriseSimpleEmitter, syncers ...EnterpriseSyncer) eventloop.SimpleEventLoop
- func NewExtAuthConfigClient(nodeinfo *core.Node, typedApply ApplyExtAuthConfig) client.Client
- func RegisterExtAuthDiscoveryServiceServer(s *grpc.Server, srv ExtAuthDiscoveryServiceServer)
- type AccessTokenValidation
- func (*AccessTokenValidation) Descriptor() ([]byte, []int)
- func (this *AccessTokenValidation) Equal(that interface{}) bool
- func (m *AccessTokenValidation) GetCacheTimeout() *time.Duration
- func (m *AccessTokenValidation) GetIntrospectionUrl() string
- func (m *AccessTokenValidation) GetUserinfoUrl() string
- func (m *AccessTokenValidation) GetValidationType() isAccessTokenValidation_ValidationType
- func (m *AccessTokenValidation) Hash(hasher hash.Hash64) (uint64, error)
- func (*AccessTokenValidation) ProtoMessage()
- func (m *AccessTokenValidation) Reset()
- func (m *AccessTokenValidation) String() string
- func (m *AccessTokenValidation) XXX_DiscardUnknown()
- func (m *AccessTokenValidation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AccessTokenValidation) XXX_Merge(src proto.Message)
- func (*AccessTokenValidation) XXX_OneofWrappers() []interface{}
- func (m *AccessTokenValidation) XXX_Size() int
- func (m *AccessTokenValidation) XXX_Unmarshal(b []byte) error
- type AccessTokenValidation_IntrospectionUrl
- type ApiKeyAuth
- func (*ApiKeyAuth) Descriptor() ([]byte, []int)
- func (this *ApiKeyAuth) Equal(that interface{}) bool
- func (m *ApiKeyAuth) GetApiKeySecretRefs() []*core.ResourceRef
- func (m *ApiKeyAuth) GetHeaderName() string
- func (m *ApiKeyAuth) GetHeadersFromMetadata() map[string]*ApiKeyAuth_SecretKey
- func (m *ApiKeyAuth) GetLabelSelector() map[string]string
- func (m *ApiKeyAuth) Hash(hasher hash.Hash64) (uint64, error)
- func (*ApiKeyAuth) ProtoMessage()
- func (m *ApiKeyAuth) Reset()
- func (m *ApiKeyAuth) String() string
- func (m *ApiKeyAuth) XXX_DiscardUnknown()
- func (m *ApiKeyAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ApiKeyAuth) XXX_Merge(src proto.Message)
- func (m *ApiKeyAuth) XXX_Size() int
- func (m *ApiKeyAuth) XXX_Unmarshal(b []byte) error
- type ApiKeyAuth_SecretKey
- func (*ApiKeyAuth_SecretKey) Descriptor() ([]byte, []int)
- func (this *ApiKeyAuth_SecretKey) Equal(that interface{}) bool
- func (m *ApiKeyAuth_SecretKey) GetName() string
- func (m *ApiKeyAuth_SecretKey) GetRequired() bool
- func (m *ApiKeyAuth_SecretKey) Hash(hasher hash.Hash64) (uint64, error)
- func (*ApiKeyAuth_SecretKey) ProtoMessage()
- func (m *ApiKeyAuth_SecretKey) Reset()
- func (m *ApiKeyAuth_SecretKey) String() string
- func (m *ApiKeyAuth_SecretKey) XXX_DiscardUnknown()
- func (m *ApiKeyAuth_SecretKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ApiKeyAuth_SecretKey) XXX_Merge(src proto.Message)
- func (m *ApiKeyAuth_SecretKey) XXX_Size() int
- func (m *ApiKeyAuth_SecretKey) XXX_Unmarshal(b []byte) error
- type ApiKeySecret
- func (*ApiKeySecret) Descriptor() ([]byte, []int)
- func (this *ApiKeySecret) Equal(that interface{}) bool
- func (m *ApiKeySecret) GetApiKey() string
- func (m *ApiKeySecret) GetGenerateApiKey() booldeprecated
- func (m *ApiKeySecret) GetLabels() []stringdeprecated
- func (m *ApiKeySecret) GetMetadata() map[string]string
- func (m *ApiKeySecret) Hash(hasher hash.Hash64) (uint64, error)
- func (*ApiKeySecret) ProtoMessage()
- func (m *ApiKeySecret) Reset()
- func (m *ApiKeySecret) String() string
- func (m *ApiKeySecret) XXX_DiscardUnknown()
- func (m *ApiKeySecret) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ApiKeySecret) XXX_Merge(src proto.Message)
- func (m *ApiKeySecret) XXX_Size() int
- func (m *ApiKeySecret) XXX_Unmarshal(b []byte) error
- type ApplyExtAuthConfig
- type AuthConfig
- func (o *AuthConfig) DeepCopyInto(out *AuthConfig)
- func (o *AuthConfig) DeepCopyObject() runtime.Object
- func (*AuthConfig) Descriptor() ([]byte, []int)
- func (this *AuthConfig) Equal(that interface{}) bool
- func (m *AuthConfig) GetBooleanExpr() *types.StringValue
- func (m *AuthConfig) GetConfigs() []*AuthConfig_Config
- func (m *AuthConfig) GetMetadata() core.Metadata
- func (o *AuthConfig) GetObjectKind() schema.ObjectKind
- func (m *AuthConfig) GetStatus() core.Status
- func (r *AuthConfig) GroupVersionKind() schema.GroupVersionKind
- func (m *AuthConfig) Hash(hasher hash.Hash64) (uint64, error)
- func (r *AuthConfig) MustHash() uint64
- func (*AuthConfig) ProtoMessage()
- func (m *AuthConfig) Reset()
- func (r *AuthConfig) SetMetadata(meta core.Metadata)
- func (r *AuthConfig) SetStatus(status core.Status)
- func (m *AuthConfig) String() string
- func (m *AuthConfig) XXX_DiscardUnknown()
- func (m *AuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AuthConfig) XXX_Merge(src proto.Message)
- func (m *AuthConfig) XXX_Size() int
- func (m *AuthConfig) XXX_Unmarshal(b []byte) error
- type AuthConfigClient
- type AuthConfigList
- func (list AuthConfigList) AsInputResources() resources.InputResourceList
- func (list AuthConfigList) AsInterfaces() []interface{}
- func (list AuthConfigList) AsResources() resources.ResourceList
- func (list AuthConfigList) Clone() AuthConfigList
- func (list AuthConfigList) Each(f func(element *AuthConfig))
- func (list AuthConfigList) EachResource(f func(element resources.Resource))
- func (list AuthConfigList) Find(namespace, name string) (*AuthConfig, error)
- func (list AuthConfigList) Names() []string
- func (list AuthConfigList) NamespacesDotNames() []string
- func (list AuthConfigList) Sort() AuthConfigList
- type AuthConfigReconciler
- type AuthConfigWatcher
- type AuthConfig_Config
- func (*AuthConfig_Config) Descriptor() ([]byte, []int)
- func (this *AuthConfig_Config) Equal(that interface{}) bool
- func (m *AuthConfig_Config) GetApiKeyAuth() *ApiKeyAuth
- func (m *AuthConfig_Config) GetAuthConfig() isAuthConfig_Config_AuthConfig
- func (m *AuthConfig_Config) GetBasicAuth() *BasicAuth
- func (m *AuthConfig_Config) GetLdap() *Ldap
- func (m *AuthConfig_Config) GetName() *types.StringValue
- func (m *AuthConfig_Config) GetOauth() *OAuthdeprecated
- func (m *AuthConfig_Config) GetOauth2() *OAuth2
- func (m *AuthConfig_Config) GetOpaAuth() *OpaAuth
- func (m *AuthConfig_Config) GetPluginAuth() *AuthPlugin
- func (m *AuthConfig_Config) Hash(hasher hash.Hash64) (uint64, error)
- func (*AuthConfig_Config) ProtoMessage()
- func (m *AuthConfig_Config) Reset()
- func (m *AuthConfig_Config) String() string
- func (m *AuthConfig_Config) XXX_DiscardUnknown()
- func (m *AuthConfig_Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AuthConfig_Config) XXX_Merge(src proto.Message)
- func (*AuthConfig_Config) XXX_OneofWrappers() []interface{}
- func (m *AuthConfig_Config) XXX_Size() int
- func (m *AuthConfig_Config) XXX_Unmarshal(b []byte) error
- type AuthConfig_Config_ApiKeyAuth
- type AuthConfig_Config_BasicAuth
- type AuthConfig_Config_Ldap
- type AuthConfig_Config_Oauth
- type AuthConfig_Config_Oauth2
- type AuthConfig_Config_OpaAuth
- type AuthConfig_Config_PluginAuth
- type AuthPlugin
- func (*AuthPlugin) Descriptor() ([]byte, []int)
- func (this *AuthPlugin) Equal(that interface{}) bool
- func (m *AuthPlugin) GetConfig() *types.Struct
- func (m *AuthPlugin) GetExportedSymbolName() string
- func (m *AuthPlugin) GetName() string
- func (m *AuthPlugin) GetPluginFileName() string
- func (m *AuthPlugin) Hash(hasher hash.Hash64) (uint64, error)
- func (*AuthPlugin) ProtoMessage()
- func (m *AuthPlugin) Reset()
- func (m *AuthPlugin) String() string
- func (m *AuthPlugin) XXX_DiscardUnknown()
- func (m *AuthPlugin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *AuthPlugin) XXX_Merge(src proto.Message)
- func (m *AuthPlugin) XXX_Size() int
- func (m *AuthPlugin) XXX_Unmarshal(b []byte) error
- type BasicAuth
- func (*BasicAuth) Descriptor() ([]byte, []int)
- func (this *BasicAuth) Equal(that interface{}) bool
- func (m *BasicAuth) GetApr() *BasicAuth_Apr
- func (m *BasicAuth) GetRealm() string
- func (m *BasicAuth) Hash(hasher hash.Hash64) (uint64, error)
- func (*BasicAuth) ProtoMessage()
- func (m *BasicAuth) Reset()
- func (m *BasicAuth) String() string
- func (m *BasicAuth) XXX_DiscardUnknown()
- func (m *BasicAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *BasicAuth) XXX_Merge(src proto.Message)
- func (m *BasicAuth) XXX_Size() int
- func (m *BasicAuth) XXX_Unmarshal(b []byte) error
- type BasicAuth_Apr
- func (*BasicAuth_Apr) Descriptor() ([]byte, []int)
- func (this *BasicAuth_Apr) Equal(that interface{}) bool
- func (m *BasicAuth_Apr) GetUsers() map[string]*BasicAuth_Apr_SaltedHashedPassword
- func (m *BasicAuth_Apr) Hash(hasher hash.Hash64) (uint64, error)
- func (*BasicAuth_Apr) ProtoMessage()
- func (m *BasicAuth_Apr) Reset()
- func (m *BasicAuth_Apr) String() string
- func (m *BasicAuth_Apr) XXX_DiscardUnknown()
- func (m *BasicAuth_Apr) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *BasicAuth_Apr) XXX_Merge(src proto.Message)
- func (m *BasicAuth_Apr) XXX_Size() int
- func (m *BasicAuth_Apr) XXX_Unmarshal(b []byte) error
- type BasicAuth_Apr_SaltedHashedPassword
- func (*BasicAuth_Apr_SaltedHashedPassword) Descriptor() ([]byte, []int)
- func (this *BasicAuth_Apr_SaltedHashedPassword) Equal(that interface{}) bool
- func (m *BasicAuth_Apr_SaltedHashedPassword) GetHashedPassword() string
- func (m *BasicAuth_Apr_SaltedHashedPassword) GetSalt() string
- func (m *BasicAuth_Apr_SaltedHashedPassword) Hash(hasher hash.Hash64) (uint64, error)
- func (*BasicAuth_Apr_SaltedHashedPassword) ProtoMessage()
- func (m *BasicAuth_Apr_SaltedHashedPassword) Reset()
- func (m *BasicAuth_Apr_SaltedHashedPassword) String() string
- func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_DiscardUnknown()
- func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Merge(src proto.Message)
- func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Size() int
- func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Unmarshal(b []byte) error
- type BufferSettings
- func (*BufferSettings) Descriptor() ([]byte, []int)
- func (this *BufferSettings) Equal(that interface{}) bool
- func (m *BufferSettings) GetAllowPartialMessage() bool
- func (m *BufferSettings) GetMaxRequestBytes() uint32
- func (m *BufferSettings) Hash(hasher hash.Hash64) (uint64, error)
- func (*BufferSettings) ProtoMessage()
- func (m *BufferSettings) Reset()
- func (m *BufferSettings) String() string
- func (m *BufferSettings) XXX_DiscardUnknown()
- func (m *BufferSettings) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *BufferSettings) XXX_Merge(src proto.Message)
- func (m *BufferSettings) XXX_Size() int
- func (m *BufferSettings) XXX_Unmarshal(b []byte) error
- type CustomAuth
- func (*CustomAuth) Descriptor() ([]byte, []int)
- func (this *CustomAuth) Equal(that interface{}) bool
- func (m *CustomAuth) GetContextExtensions() map[string]string
- func (m *CustomAuth) Hash(hasher hash.Hash64) (uint64, error)
- func (*CustomAuth) ProtoMessage()
- func (m *CustomAuth) Reset()
- func (m *CustomAuth) String() string
- func (m *CustomAuth) XXX_DiscardUnknown()
- func (m *CustomAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *CustomAuth) XXX_Merge(src proto.Message)
- func (m *CustomAuth) XXX_Size() int
- func (m *CustomAuth) XXX_Unmarshal(b []byte) error
- type EnterpriseEmitter
- type EnterpriseSimpleEmitter
- type EnterpriseSnapshot
- type EnterpriseSnapshotEmitter
- type EnterpriseSnapshotStringer
- type EnterpriseSyncDeciderdeprecated
- type EnterpriseSyncDeciderWithContext
- type EnterpriseSyncer
- type EnterpriseSyncers
- type ExtAuthConfig
- func (*ExtAuthConfig) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig) Equal(that interface{}) bool
- func (m *ExtAuthConfig) GetAuthConfigRefName() string
- func (m *ExtAuthConfig) GetBooleanExpr() *types.StringValue
- func (m *ExtAuthConfig) GetConfigs() []*ExtAuthConfig_Config
- func (m *ExtAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig) ProtoMessage()
- func (m *ExtAuthConfig) Reset()
- func (m *ExtAuthConfig) String() string
- func (m *ExtAuthConfig) XXX_DiscardUnknown()
- func (m *ExtAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig) XXX_Merge(src proto.Message)
- func (m *ExtAuthConfig) XXX_Size() int
- func (m *ExtAuthConfig) XXX_Unmarshal(b []byte) error
- type ExtAuthConfigXdsResourceWrapper
- type ExtAuthConfig_ApiKeyAuthConfig
- func (*ExtAuthConfig_ApiKeyAuthConfig) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_ApiKeyAuthConfig) Equal(that interface{}) bool
- func (m *ExtAuthConfig_ApiKeyAuthConfig) GetHeaderName() string
- func (m *ExtAuthConfig_ApiKeyAuthConfig) GetHeadersFromKeyMetadata() map[string]string
- func (m *ExtAuthConfig_ApiKeyAuthConfig) GetValidApiKeys() map[string]*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata
- func (m *ExtAuthConfig_ApiKeyAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_ApiKeyAuthConfig) ProtoMessage()
- func (m *ExtAuthConfig_ApiKeyAuthConfig) Reset()
- func (m *ExtAuthConfig_ApiKeyAuthConfig) String() string
- func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Merge(src proto.Message)
- func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Size() int
- func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Unmarshal(b []byte) error
- type ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata
- func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Equal(that interface{}) bool
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) GetMetadata() map[string]string
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) GetUsername() string
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) ProtoMessage()
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Reset()
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) String() string
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Merge(src proto.Message)
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Size() int
- func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Unmarshal(b []byte) error
- type ExtAuthConfig_Config
- func (*ExtAuthConfig_Config) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_Config) Equal(that interface{}) bool
- func (m *ExtAuthConfig_Config) GetApiKeyAuth() *ExtAuthConfig_ApiKeyAuthConfig
- func (m *ExtAuthConfig_Config) GetAuthConfig() isExtAuthConfig_Config_AuthConfig
- func (m *ExtAuthConfig_Config) GetBasicAuth() *BasicAuth
- func (m *ExtAuthConfig_Config) GetLdap() *Ldap
- func (m *ExtAuthConfig_Config) GetName() *types.StringValue
- func (m *ExtAuthConfig_Config) GetOauth() *ExtAuthConfig_OAuthConfigdeprecated
- func (m *ExtAuthConfig_Config) GetOauth2() *ExtAuthConfig_OAuth2Config
- func (m *ExtAuthConfig_Config) GetOpaAuth() *ExtAuthConfig_OpaAuthConfig
- func (m *ExtAuthConfig_Config) GetPluginAuth() *AuthPlugin
- func (m *ExtAuthConfig_Config) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_Config) ProtoMessage()
- func (m *ExtAuthConfig_Config) Reset()
- func (m *ExtAuthConfig_Config) String() string
- func (m *ExtAuthConfig_Config) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_Config) XXX_Merge(src proto.Message)
- func (*ExtAuthConfig_Config) XXX_OneofWrappers() []interface{}
- func (m *ExtAuthConfig_Config) XXX_Size() int
- func (m *ExtAuthConfig_Config) XXX_Unmarshal(b []byte) error
- type ExtAuthConfig_Config_ApiKeyAuth
- type ExtAuthConfig_Config_BasicAuth
- type ExtAuthConfig_Config_Ldap
- type ExtAuthConfig_Config_Oauth
- type ExtAuthConfig_Config_Oauth2
- type ExtAuthConfig_Config_OpaAuth
- type ExtAuthConfig_Config_PluginAuth
- type ExtAuthConfig_OAuth2Config
- func (*ExtAuthConfig_OAuth2Config) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_OAuth2Config) Equal(that interface{}) bool
- func (m *ExtAuthConfig_OAuth2Config) GetAccessTokenValidation() *AccessTokenValidation
- func (m *ExtAuthConfig_OAuth2Config) GetOauthType() isExtAuthConfig_OAuth2Config_OauthType
- func (m *ExtAuthConfig_OAuth2Config) GetOidcAuthorizationCode() *ExtAuthConfig_OidcAuthorizationCodeConfig
- func (m *ExtAuthConfig_OAuth2Config) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_OAuth2Config) ProtoMessage()
- func (m *ExtAuthConfig_OAuth2Config) Reset()
- func (m *ExtAuthConfig_OAuth2Config) String() string
- func (m *ExtAuthConfig_OAuth2Config) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_OAuth2Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_OAuth2Config) XXX_Merge(src proto.Message)
- func (*ExtAuthConfig_OAuth2Config) XXX_OneofWrappers() []interface{}
- func (m *ExtAuthConfig_OAuth2Config) XXX_Size() int
- func (m *ExtAuthConfig_OAuth2Config) XXX_Unmarshal(b []byte) error
- type ExtAuthConfig_OAuth2Config_AccessTokenValidation
- type ExtAuthConfig_OAuth2Config_OidcAuthorizationCode
- type ExtAuthConfig_OAuthConfig
- func (*ExtAuthConfig_OAuthConfig) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_OAuthConfig) Equal(that interface{}) bool
- func (m *ExtAuthConfig_OAuthConfig) GetAppUrl() stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) GetAuthEndpointQueryParams() map[string]stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) GetCallbackPath() stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) GetClientId() stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) GetClientSecret() stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) GetIssuerUrl() stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) GetScopes() []stringdeprecated
- func (m *ExtAuthConfig_OAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_OAuthConfig) ProtoMessage()
- func (m *ExtAuthConfig_OAuthConfig) Reset()
- func (m *ExtAuthConfig_OAuthConfig) String() string
- func (m *ExtAuthConfig_OAuthConfig) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_OAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_OAuthConfig) XXX_Merge(src proto.Message)
- func (m *ExtAuthConfig_OAuthConfig) XXX_Size() int
- func (m *ExtAuthConfig_OAuthConfig) XXX_Unmarshal(b []byte) error
- type ExtAuthConfig_OidcAuthorizationCodeConfig
- func (*ExtAuthConfig_OidcAuthorizationCodeConfig) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_OidcAuthorizationCodeConfig) Equal(that interface{}) bool
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetAppUrl() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetAuthEndpointQueryParams() map[string]string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetCallbackPath() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetClientId() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetClientSecret() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetDiscoveryPollInterval() *types.Duration
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetHeaders() *HeaderConfiguration
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetIssuerUrl() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetJwksCacheRefreshPolicy() *JwksOnDemandCacheRefreshPolicy
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetLogoutPath() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetScopes() []string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetSession() *UserSession
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_OidcAuthorizationCodeConfig) ProtoMessage()
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) Reset()
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) String() string
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Merge(src proto.Message)
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Size() int
- func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Unmarshal(b []byte) error
- type ExtAuthConfig_OpaAuthConfig
- func (*ExtAuthConfig_OpaAuthConfig) Descriptor() ([]byte, []int)
- func (this *ExtAuthConfig_OpaAuthConfig) Equal(that interface{}) bool
- func (m *ExtAuthConfig_OpaAuthConfig) GetModules() map[string]string
- func (m *ExtAuthConfig_OpaAuthConfig) GetQuery() string
- func (m *ExtAuthConfig_OpaAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthConfig_OpaAuthConfig) ProtoMessage()
- func (m *ExtAuthConfig_OpaAuthConfig) Reset()
- func (m *ExtAuthConfig_OpaAuthConfig) String() string
- func (m *ExtAuthConfig_OpaAuthConfig) XXX_DiscardUnknown()
- func (m *ExtAuthConfig_OpaAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthConfig_OpaAuthConfig) XXX_Merge(src proto.Message)
- func (m *ExtAuthConfig_OpaAuthConfig) XXX_Size() int
- func (m *ExtAuthConfig_OpaAuthConfig) XXX_Unmarshal(b []byte) error
- type ExtAuthDiscoveryServiceClient
- type ExtAuthDiscoveryServiceServer
- type ExtAuthDiscoveryService_DeltaExtAuthConfigClient
- type ExtAuthDiscoveryService_DeltaExtAuthConfigServer
- type ExtAuthDiscoveryService_StreamExtAuthConfigClient
- type ExtAuthDiscoveryService_StreamExtAuthConfigServer
- type ExtAuthExtension
- func (*ExtAuthExtension) Descriptor() ([]byte, []int)
- func (this *ExtAuthExtension) Equal(that interface{}) bool
- func (m *ExtAuthExtension) GetConfigRef() *core.ResourceRef
- func (m *ExtAuthExtension) GetCustomAuth() *CustomAuth
- func (m *ExtAuthExtension) GetDisable() bool
- func (m *ExtAuthExtension) GetSpec() isExtAuthExtension_Spec
- func (m *ExtAuthExtension) Hash(hasher hash.Hash64) (uint64, error)
- func (*ExtAuthExtension) ProtoMessage()
- func (m *ExtAuthExtension) Reset()
- func (m *ExtAuthExtension) String() string
- func (m *ExtAuthExtension) XXX_DiscardUnknown()
- func (m *ExtAuthExtension) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *ExtAuthExtension) XXX_Merge(src proto.Message)
- func (*ExtAuthExtension) XXX_OneofWrappers() []interface{}
- func (m *ExtAuthExtension) XXX_Size() int
- func (m *ExtAuthExtension) XXX_Unmarshal(b []byte) error
- type ExtAuthExtension_ConfigRef
- type ExtAuthExtension_CustomAuth
- type ExtAuthExtension_Disable
- type HeaderConfiguration
- func (*HeaderConfiguration) Descriptor() ([]byte, []int)
- func (this *HeaderConfiguration) Equal(that interface{}) bool
- func (m *HeaderConfiguration) GetIdTokenHeader() string
- func (m *HeaderConfiguration) Hash(hasher hash.Hash64) (uint64, error)
- func (*HeaderConfiguration) ProtoMessage()
- func (m *HeaderConfiguration) Reset()
- func (m *HeaderConfiguration) String() string
- func (m *HeaderConfiguration) XXX_DiscardUnknown()
- func (m *HeaderConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *HeaderConfiguration) XXX_Merge(src proto.Message)
- func (m *HeaderConfiguration) XXX_Size() int
- func (m *HeaderConfiguration) XXX_Unmarshal(b []byte) error
- type HttpService
- func (*HttpService) Descriptor() ([]byte, []int)
- func (this *HttpService) Equal(that interface{}) bool
- func (m *HttpService) GetPathPrefix() string
- func (m *HttpService) GetRequest() *HttpService_Request
- func (m *HttpService) GetResponse() *HttpService_Response
- func (m *HttpService) Hash(hasher hash.Hash64) (uint64, error)
- func (*HttpService) ProtoMessage()
- func (m *HttpService) Reset()
- func (m *HttpService) String() string
- func (m *HttpService) XXX_DiscardUnknown()
- func (m *HttpService) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *HttpService) XXX_Merge(src proto.Message)
- func (m *HttpService) XXX_Size() int
- func (m *HttpService) XXX_Unmarshal(b []byte) error
- type HttpService_Request
- func (*HttpService_Request) Descriptor() ([]byte, []int)
- func (this *HttpService_Request) Equal(that interface{}) bool
- func (m *HttpService_Request) GetAllowedHeaders() []string
- func (m *HttpService_Request) GetHeadersToAdd() map[string]string
- func (m *HttpService_Request) Hash(hasher hash.Hash64) (uint64, error)
- func (*HttpService_Request) ProtoMessage()
- func (m *HttpService_Request) Reset()
- func (m *HttpService_Request) String() string
- func (m *HttpService_Request) XXX_DiscardUnknown()
- func (m *HttpService_Request) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *HttpService_Request) XXX_Merge(src proto.Message)
- func (m *HttpService_Request) XXX_Size() int
- func (m *HttpService_Request) XXX_Unmarshal(b []byte) error
- type HttpService_Response
- func (*HttpService_Response) Descriptor() ([]byte, []int)
- func (this *HttpService_Response) Equal(that interface{}) bool
- func (m *HttpService_Response) GetAllowedClientHeaders() []string
- func (m *HttpService_Response) GetAllowedUpstreamHeaders() []string
- func (m *HttpService_Response) Hash(hasher hash.Hash64) (uint64, error)
- func (*HttpService_Response) ProtoMessage()
- func (m *HttpService_Response) Reset()
- func (m *HttpService_Response) String() string
- func (m *HttpService_Response) XXX_DiscardUnknown()
- func (m *HttpService_Response) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *HttpService_Response) XXX_Merge(src proto.Message)
- func (m *HttpService_Response) XXX_Size() int
- func (m *HttpService_Response) XXX_Unmarshal(b []byte) error
- type JwksOnDemandCacheRefreshPolicy
- func (*JwksOnDemandCacheRefreshPolicy) Descriptor() ([]byte, []int)
- func (this *JwksOnDemandCacheRefreshPolicy) Equal(that interface{}) bool
- func (m *JwksOnDemandCacheRefreshPolicy) GetAlways() *types.Empty
- func (m *JwksOnDemandCacheRefreshPolicy) GetMaxIdpReqPerPollingInterval() uint32
- func (m *JwksOnDemandCacheRefreshPolicy) GetNever() *types.Empty
- func (m *JwksOnDemandCacheRefreshPolicy) GetPolicy() isJwksOnDemandCacheRefreshPolicy_Policy
- func (m *JwksOnDemandCacheRefreshPolicy) Hash(hasher hash.Hash64) (uint64, error)
- func (*JwksOnDemandCacheRefreshPolicy) ProtoMessage()
- func (m *JwksOnDemandCacheRefreshPolicy) Reset()
- func (m *JwksOnDemandCacheRefreshPolicy) String() string
- func (m *JwksOnDemandCacheRefreshPolicy) XXX_DiscardUnknown()
- func (m *JwksOnDemandCacheRefreshPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *JwksOnDemandCacheRefreshPolicy) XXX_Merge(src proto.Message)
- func (*JwksOnDemandCacheRefreshPolicy) XXX_OneofWrappers() []interface{}
- func (m *JwksOnDemandCacheRefreshPolicy) XXX_Size() int
- func (m *JwksOnDemandCacheRefreshPolicy) XXX_Unmarshal(b []byte) error
- type JwksOnDemandCacheRefreshPolicy_Always
- type JwksOnDemandCacheRefreshPolicy_MaxIdpReqPerPollingInterval
- type JwksOnDemandCacheRefreshPolicy_Never
- type Ldap
- func (*Ldap) Descriptor() ([]byte, []int)
- func (this *Ldap) Equal(that interface{}) bool
- func (m *Ldap) GetAddress() string
- func (m *Ldap) GetAllowedGroups() []string
- func (m *Ldap) GetMembershipAttributeName() string
- func (m *Ldap) GetPool() *Ldap_ConnectionPool
- func (m *Ldap) GetUserDnTemplate() string
- func (m *Ldap) Hash(hasher hash.Hash64) (uint64, error)
- func (*Ldap) ProtoMessage()
- func (m *Ldap) Reset()
- func (m *Ldap) String() string
- func (m *Ldap) XXX_DiscardUnknown()
- func (m *Ldap) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *Ldap) XXX_Merge(src proto.Message)
- func (m *Ldap) XXX_Size() int
- func (m *Ldap) XXX_Unmarshal(b []byte) error
- type Ldap_ConnectionPool
- func (*Ldap_ConnectionPool) Descriptor() ([]byte, []int)
- func (this *Ldap_ConnectionPool) Equal(that interface{}) bool
- func (m *Ldap_ConnectionPool) GetInitialSize() *types.UInt32Value
- func (m *Ldap_ConnectionPool) GetMaxSize() *types.UInt32Value
- func (m *Ldap_ConnectionPool) Hash(hasher hash.Hash64) (uint64, error)
- func (*Ldap_ConnectionPool) ProtoMessage()
- func (m *Ldap_ConnectionPool) Reset()
- func (m *Ldap_ConnectionPool) String() string
- func (m *Ldap_ConnectionPool) XXX_DiscardUnknown()
- func (m *Ldap_ConnectionPool) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *Ldap_ConnectionPool) XXX_Merge(src proto.Message)
- func (m *Ldap_ConnectionPool) XXX_Size() int
- func (m *Ldap_ConnectionPool) XXX_Unmarshal(b []byte) error
- type OAuthdeprecated
- func (*OAuth) Descriptor() ([]byte, []int)
- func (this *OAuth) Equal(that interface{}) bool
- func (m *OAuth) GetAppUrl() stringdeprecated
- func (m *OAuth) GetAuthEndpointQueryParams() map[string]stringdeprecated
- func (m *OAuth) GetCallbackPath() stringdeprecated
- func (m *OAuth) GetClientId() stringdeprecated
- func (m *OAuth) GetClientSecretRef() *core.ResourceRefdeprecated
- func (m *OAuth) GetIssuerUrl() stringdeprecated
- func (m *OAuth) GetScopes() []stringdeprecated
- func (m *OAuth) Hash(hasher hash.Hash64) (uint64, error)
- func (*OAuth) ProtoMessage()
- func (m *OAuth) Reset()
- func (m *OAuth) String() string
- func (m *OAuth) XXX_DiscardUnknown()
- func (m *OAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *OAuth) XXX_Merge(src proto.Message)
- func (m *OAuth) XXX_Size() int
- func (m *OAuth) XXX_Unmarshal(b []byte) error
- type OAuth2
- func (*OAuth2) Descriptor() ([]byte, []int)
- func (this *OAuth2) Equal(that interface{}) bool
- func (m *OAuth2) GetAccessTokenValidation() *AccessTokenValidation
- func (m *OAuth2) GetOauthType() isOAuth2_OauthType
- func (m *OAuth2) GetOidcAuthorizationCode() *OidcAuthorizationCode
- func (m *OAuth2) Hash(hasher hash.Hash64) (uint64, error)
- func (*OAuth2) ProtoMessage()
- func (m *OAuth2) Reset()
- func (m *OAuth2) String() string
- func (m *OAuth2) XXX_DiscardUnknown()
- func (m *OAuth2) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *OAuth2) XXX_Merge(src proto.Message)
- func (*OAuth2) XXX_OneofWrappers() []interface{}
- func (m *OAuth2) XXX_Size() int
- func (m *OAuth2) XXX_Unmarshal(b []byte) error
- type OAuth2_AccessTokenValidation
- type OAuth2_OidcAuthorizationCode
- type OauthSecret
- func (*OauthSecret) Descriptor() ([]byte, []int)
- func (this *OauthSecret) Equal(that interface{}) bool
- func (m *OauthSecret) GetClientSecret() string
- func (m *OauthSecret) Hash(hasher hash.Hash64) (uint64, error)
- func (*OauthSecret) ProtoMessage()
- func (m *OauthSecret) Reset()
- func (m *OauthSecret) String() string
- func (m *OauthSecret) XXX_DiscardUnknown()
- func (m *OauthSecret) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *OauthSecret) XXX_Merge(src proto.Message)
- func (m *OauthSecret) XXX_Size() int
- func (m *OauthSecret) XXX_Unmarshal(b []byte) error
- type OidcAuthorizationCode
- func (*OidcAuthorizationCode) Descriptor() ([]byte, []int)
- func (this *OidcAuthorizationCode) Equal(that interface{}) bool
- func (m *OidcAuthorizationCode) GetAppUrl() string
- func (m *OidcAuthorizationCode) GetAuthEndpointQueryParams() map[string]string
- func (m *OidcAuthorizationCode) GetCallbackPath() string
- func (m *OidcAuthorizationCode) GetClientId() string
- func (m *OidcAuthorizationCode) GetClientSecretRef() *core.ResourceRef
- func (m *OidcAuthorizationCode) GetDiscoveryPollInterval() *types.Duration
- func (m *OidcAuthorizationCode) GetHeaders() *HeaderConfiguration
- func (m *OidcAuthorizationCode) GetIssuerUrl() string
- func (m *OidcAuthorizationCode) GetJwksCacheRefreshPolicy() *JwksOnDemandCacheRefreshPolicy
- func (m *OidcAuthorizationCode) GetLogoutPath() string
- func (m *OidcAuthorizationCode) GetScopes() []string
- func (m *OidcAuthorizationCode) GetSession() *UserSession
- func (m *OidcAuthorizationCode) Hash(hasher hash.Hash64) (uint64, error)
- func (*OidcAuthorizationCode) ProtoMessage()
- func (m *OidcAuthorizationCode) Reset()
- func (m *OidcAuthorizationCode) String() string
- func (m *OidcAuthorizationCode) XXX_DiscardUnknown()
- func (m *OidcAuthorizationCode) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *OidcAuthorizationCode) XXX_Merge(src proto.Message)
- func (m *OidcAuthorizationCode) XXX_Size() int
- func (m *OidcAuthorizationCode) XXX_Unmarshal(b []byte) error
- type OpaAuth
- func (*OpaAuth) Descriptor() ([]byte, []int)
- func (this *OpaAuth) Equal(that interface{}) bool
- func (m *OpaAuth) GetModules() []*core.ResourceRef
- func (m *OpaAuth) GetQuery() string
- func (m *OpaAuth) Hash(hasher hash.Hash64) (uint64, error)
- func (*OpaAuth) ProtoMessage()
- func (m *OpaAuth) Reset()
- func (m *OpaAuth) String() string
- func (m *OpaAuth) XXX_DiscardUnknown()
- func (m *OpaAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *OpaAuth) XXX_Merge(src proto.Message)
- func (m *OpaAuth) XXX_Size() int
- func (m *OpaAuth) XXX_Unmarshal(b []byte) error
- type RedisOptions
- func (*RedisOptions) Descriptor() ([]byte, []int)
- func (this *RedisOptions) Equal(that interface{}) bool
- func (m *RedisOptions) GetDb() int32
- func (m *RedisOptions) GetHost() string
- func (m *RedisOptions) GetPoolSize() int32
- func (m *RedisOptions) Hash(hasher hash.Hash64) (uint64, error)
- func (*RedisOptions) ProtoMessage()
- func (m *RedisOptions) Reset()
- func (m *RedisOptions) String() string
- func (m *RedisOptions) XXX_DiscardUnknown()
- func (m *RedisOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *RedisOptions) XXX_Merge(src proto.Message)
- func (m *RedisOptions) XXX_Size() int
- func (m *RedisOptions) XXX_Unmarshal(b []byte) error
- type Settings
- func (*Settings) Descriptor() ([]byte, []int)
- func (this *Settings) Equal(that interface{}) bool
- func (m *Settings) GetClearRouteCache() bool
- func (m *Settings) GetExtauthzServerRef() *core.ResourceRef
- func (m *Settings) GetFailureModeAllow() bool
- func (m *Settings) GetHttpService() *HttpService
- func (m *Settings) GetRequestBody() *BufferSettings
- func (m *Settings) GetRequestTimeout() *time.Duration
- func (m *Settings) GetStatusOnError() uint32
- func (m *Settings) GetUserIdHeader() string
- func (m *Settings) Hash(hasher hash.Hash64) (uint64, error)
- func (*Settings) ProtoMessage()
- func (m *Settings) Reset()
- func (m *Settings) String() string
- func (m *Settings) XXX_DiscardUnknown()
- func (m *Settings) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *Settings) XXX_Merge(src proto.Message)
- func (m *Settings) XXX_Size() int
- func (m *Settings) XXX_Unmarshal(b []byte) error
- type TransitionAuthConfigFunc
- type UnimplementedExtAuthDiscoveryServiceServer
- func (*UnimplementedExtAuthDiscoveryServiceServer) DeltaExtAuthConfig(srv ExtAuthDiscoveryService_DeltaExtAuthConfigServer) error
- func (*UnimplementedExtAuthDiscoveryServiceServer) FetchExtAuthConfig(ctx context.Context, req *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error)
- func (*UnimplementedExtAuthDiscoveryServiceServer) StreamExtAuthConfig(srv ExtAuthDiscoveryService_StreamExtAuthConfigServer) error
- type UserSession
- func (*UserSession) Descriptor() ([]byte, []int)
- func (this *UserSession) Equal(that interface{}) bool
- func (m *UserSession) GetCookie() *UserSession_InternalSession
- func (m *UserSession) GetCookieOptions() *UserSession_CookieOptions
- func (m *UserSession) GetFailOnFetchFailure() bool
- func (m *UserSession) GetRedis() *UserSession_RedisSession
- func (m *UserSession) GetSession() isUserSession_Session
- func (m *UserSession) Hash(hasher hash.Hash64) (uint64, error)
- func (*UserSession) ProtoMessage()
- func (m *UserSession) Reset()
- func (m *UserSession) String() string
- func (m *UserSession) XXX_DiscardUnknown()
- func (m *UserSession) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *UserSession) XXX_Merge(src proto.Message)
- func (*UserSession) XXX_OneofWrappers() []interface{}
- func (m *UserSession) XXX_Size() int
- func (m *UserSession) XXX_Unmarshal(b []byte) error
- type UserSession_Cookie
- type UserSession_CookieOptions
- func (*UserSession_CookieOptions) Descriptor() ([]byte, []int)
- func (this *UserSession_CookieOptions) Equal(that interface{}) bool
- func (m *UserSession_CookieOptions) GetDomain() string
- func (m *UserSession_CookieOptions) GetMaxAge() *types.UInt32Value
- func (m *UserSession_CookieOptions) GetNotSecure() bool
- func (m *UserSession_CookieOptions) GetPath() *types.StringValue
- func (m *UserSession_CookieOptions) Hash(hasher hash.Hash64) (uint64, error)
- func (*UserSession_CookieOptions) ProtoMessage()
- func (m *UserSession_CookieOptions) Reset()
- func (m *UserSession_CookieOptions) String() string
- func (m *UserSession_CookieOptions) XXX_DiscardUnknown()
- func (m *UserSession_CookieOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *UserSession_CookieOptions) XXX_Merge(src proto.Message)
- func (m *UserSession_CookieOptions) XXX_Size() int
- func (m *UserSession_CookieOptions) XXX_Unmarshal(b []byte) error
- type UserSession_InternalSession
- func (*UserSession_InternalSession) Descriptor() ([]byte, []int)
- func (this *UserSession_InternalSession) Equal(that interface{}) bool
- func (m *UserSession_InternalSession) Hash(hasher hash.Hash64) (uint64, error)
- func (*UserSession_InternalSession) ProtoMessage()
- func (m *UserSession_InternalSession) Reset()
- func (m *UserSession_InternalSession) String() string
- func (m *UserSession_InternalSession) XXX_DiscardUnknown()
- func (m *UserSession_InternalSession) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *UserSession_InternalSession) XXX_Merge(src proto.Message)
- func (m *UserSession_InternalSession) XXX_Size() int
- func (m *UserSession_InternalSession) XXX_Unmarshal(b []byte) error
- type UserSession_Redis
- type UserSession_RedisSession
- func (*UserSession_RedisSession) Descriptor() ([]byte, []int)
- func (this *UserSession_RedisSession) Equal(that interface{}) bool
- func (m *UserSession_RedisSession) GetCookieName() string
- func (m *UserSession_RedisSession) GetKeyPrefix() string
- func (m *UserSession_RedisSession) GetOptions() *RedisOptions
- func (m *UserSession_RedisSession) Hash(hasher hash.Hash64) (uint64, error)
- func (*UserSession_RedisSession) ProtoMessage()
- func (m *UserSession_RedisSession) Reset()
- func (m *UserSession_RedisSession) String() string
- func (m *UserSession_RedisSession) XXX_DiscardUnknown()
- func (m *UserSession_RedisSession) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
- func (m *UserSession_RedisSession) XXX_Merge(src proto.Message)
- func (m *UserSession_RedisSession) XXX_Size() int
- func (m *UserSession_RedisSession) XXX_Unmarshal(b []byte) error
Constants ¶
const ExtAuthConfigType = cache.TypePrefix + "/enterprise.gloo.solo.io.ExtAuthConfig"
Variables ¶
var ( AuthConfigCrd = crd.NewCrd( "authconfigs", AuthConfigGVK.Group, AuthConfigGVK.Version, AuthConfigGVK.Kind, "ac", false, &AuthConfig{}) )
var (
AuthConfigGVK = schema.GroupVersionKind{
Version: "v1",
Group: "enterprise.gloo.solo.io",
Kind: "AuthConfig",
}
)
var ExtAuthConfigTypeRecord = client.NewTypeRecord( ExtAuthConfigType, func() cache.ResourceProto { return &ExtAuthConfig{} }, func(r cache.ResourceProto) cache.Resource { return &ExtAuthConfigXdsResourceWrapper{Resource: r.(*ExtAuthConfig)} }, )
Define a type record. This is used by the generic client library.
Functions ¶
func NewEnterpriseEventLoop ¶ added in v1.3.33
func NewEnterpriseEventLoop(emitter EnterpriseSnapshotEmitter, syncer EnterpriseSyncer) eventloop.EventLoop
func NewEnterpriseSimpleEventLoop ¶ added in v1.3.33
func NewEnterpriseSimpleEventLoop(emitter EnterpriseSimpleEmitter, syncers ...EnterpriseSyncer) eventloop.SimpleEventLoop
func NewExtAuthConfigClient ¶
func NewExtAuthConfigClient(nodeinfo *core.Node, typedApply ApplyExtAuthConfig) client.Client
func RegisterExtAuthDiscoveryServiceServer ¶
func RegisterExtAuthDiscoveryServiceServer(s *grpc.Server, srv ExtAuthDiscoveryServiceServer)
Types ¶
type AccessTokenValidation ¶ added in v1.5.0
type AccessTokenValidation struct { // Types that are valid to be assigned to ValidationType: // *AccessTokenValidation_IntrospectionUrl ValidationType isAccessTokenValidation_ValidationType `protobuf_oneof:"validation_type"` // the url for the OIDC userinfo endpoint. // if provided, the (opaque) access token provided or received from the oauth endpoint // will be queried and the userinfo response (or cached response) will be put in the `AuthorizationRequest` state. // this can be useful to leverage the userinfo response in, for example, an extauth server plugin. UserinfoUrl string `protobuf:"bytes,4,opt,name=userinfo_url,json=userinfoUrl,proto3" json:"userinfo_url,omitempty"` // how long the token introspection and userinfo endpoint response for a specific access token should be kept // in the in-memory cache. the result will be invalidated at this timeout, or at "exp" time from the introspection // result, whichever comes sooner. if omitted, defaults to 10 minutes. if zero, then no caching will be done. CacheTimeout *time.Duration `protobuf:"bytes,5,opt,name=cache_timeout,json=cacheTimeout,proto3,stdduration" json:"cache_timeout,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*AccessTokenValidation) Descriptor ¶ added in v1.5.0
func (*AccessTokenValidation) Descriptor() ([]byte, []int)
func (*AccessTokenValidation) Equal ¶ added in v1.5.0
func (this *AccessTokenValidation) Equal(that interface{}) bool
func (*AccessTokenValidation) GetCacheTimeout ¶ added in v1.5.0
func (m *AccessTokenValidation) GetCacheTimeout() *time.Duration
func (*AccessTokenValidation) GetIntrospectionUrl ¶ added in v1.5.0
func (m *AccessTokenValidation) GetIntrospectionUrl() string
func (*AccessTokenValidation) GetUserinfoUrl ¶ added in v1.5.0
func (m *AccessTokenValidation) GetUserinfoUrl() string
func (*AccessTokenValidation) GetValidationType ¶ added in v1.5.0
func (m *AccessTokenValidation) GetValidationType() isAccessTokenValidation_ValidationType
func (*AccessTokenValidation) Hash ¶ added in v1.5.0
func (m *AccessTokenValidation) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*AccessTokenValidation) ProtoMessage ¶ added in v1.5.0
func (*AccessTokenValidation) ProtoMessage()
func (*AccessTokenValidation) Reset ¶ added in v1.5.0
func (m *AccessTokenValidation) Reset()
func (*AccessTokenValidation) String ¶ added in v1.5.0
func (m *AccessTokenValidation) String() string
func (*AccessTokenValidation) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *AccessTokenValidation) XXX_DiscardUnknown()
func (*AccessTokenValidation) XXX_Marshal ¶ added in v1.5.0
func (m *AccessTokenValidation) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AccessTokenValidation) XXX_Merge ¶ added in v1.5.0
func (m *AccessTokenValidation) XXX_Merge(src proto.Message)
func (*AccessTokenValidation) XXX_OneofWrappers ¶ added in v1.5.0
func (*AccessTokenValidation) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*AccessTokenValidation) XXX_Size ¶ added in v1.5.0
func (m *AccessTokenValidation) XXX_Size() int
func (*AccessTokenValidation) XXX_Unmarshal ¶ added in v1.5.0
func (m *AccessTokenValidation) XXX_Unmarshal(b []byte) error
type AccessTokenValidation_IntrospectionUrl ¶ added in v1.5.0
type AccessTokenValidation_IntrospectionUrl struct {
IntrospectionUrl string `protobuf:"bytes,1,opt,name=introspection_url,json=introspectionUrl,proto3,oneof" json:"introspection_url,omitempty"`
}
func (*AccessTokenValidation_IntrospectionUrl) Equal ¶ added in v1.5.0
func (this *AccessTokenValidation_IntrospectionUrl) Equal(that interface{}) bool
type ApiKeyAuth ¶
type ApiKeyAuth struct { // Identify all valid API key secrets that match the provided label selector.<br/> // API key secrets must be in one of the watch namespaces for gloo to locate them. LabelSelector map[string]string `` /* 188-byte string literal not displayed */ // A way to directly reference API key secrets. This configuration can be useful for testing, // but in general the more flexible label selector should be preferred. ApiKeySecretRefs []*core.ResourceRef `protobuf:"bytes,2,rep,name=api_key_secret_refs,json=apiKeySecretRefs,proto3" json:"api_key_secret_refs,omitempty"` // When receiving a request, the Gloo Enterprise external auth server will look for an API key in a header // with this name. This field is optional; if not provided it defaults to `api-key`. HeaderName string `protobuf:"bytes,3,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"` // API key secrets might contain additional data (e.g. the ID of the user that the API key belongs to) // in the form of extra keys included in the secret's `data` field. // This configuration can be used to add this data to the headers of successfully authenticated requests. // Each key in the map represents the name of header to be added; the corresponding value determines the key // in the secret data that will be inspected to determine the value for the header. HeadersFromMetadata map[string]*ApiKeyAuth_SecretKey `` /* 208-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ApiKeyAuth) Descriptor ¶
func (*ApiKeyAuth) Descriptor() ([]byte, []int)
func (*ApiKeyAuth) Equal ¶
func (this *ApiKeyAuth) Equal(that interface{}) bool
func (*ApiKeyAuth) GetApiKeySecretRefs ¶
func (m *ApiKeyAuth) GetApiKeySecretRefs() []*core.ResourceRef
func (*ApiKeyAuth) GetHeaderName ¶ added in v1.5.0
func (m *ApiKeyAuth) GetHeaderName() string
func (*ApiKeyAuth) GetHeadersFromMetadata ¶ added in v1.5.0
func (m *ApiKeyAuth) GetHeadersFromMetadata() map[string]*ApiKeyAuth_SecretKey
func (*ApiKeyAuth) GetLabelSelector ¶
func (m *ApiKeyAuth) GetLabelSelector() map[string]string
func (*ApiKeyAuth) Hash ¶ added in v1.2.13
func (m *ApiKeyAuth) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ApiKeyAuth) ProtoMessage ¶
func (*ApiKeyAuth) ProtoMessage()
func (*ApiKeyAuth) Reset ¶
func (m *ApiKeyAuth) Reset()
func (*ApiKeyAuth) String ¶
func (m *ApiKeyAuth) String() string
func (*ApiKeyAuth) XXX_DiscardUnknown ¶
func (m *ApiKeyAuth) XXX_DiscardUnknown()
func (*ApiKeyAuth) XXX_Marshal ¶
func (m *ApiKeyAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ApiKeyAuth) XXX_Merge ¶
func (m *ApiKeyAuth) XXX_Merge(src proto.Message)
func (*ApiKeyAuth) XXX_Size ¶
func (m *ApiKeyAuth) XXX_Size() int
func (*ApiKeyAuth) XXX_Unmarshal ¶
func (m *ApiKeyAuth) XXX_Unmarshal(b []byte) error
type ApiKeyAuth_SecretKey ¶ added in v1.5.0
type ApiKeyAuth_SecretKey struct { // (Required) The key of the secret data entry to inspect. Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` // If this field is set to `true`, Gloo will reject an API key secret that does not contain the given key. // Defaults to `false`. In this case, if a secret does not contain the requested data, no header will be added // to the request. Required bool `protobuf:"varint,2,opt,name=required,proto3" json:"required,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ApiKeyAuth_SecretKey) Descriptor ¶ added in v1.5.0
func (*ApiKeyAuth_SecretKey) Descriptor() ([]byte, []int)
func (*ApiKeyAuth_SecretKey) Equal ¶ added in v1.5.0
func (this *ApiKeyAuth_SecretKey) Equal(that interface{}) bool
func (*ApiKeyAuth_SecretKey) GetName ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) GetName() string
func (*ApiKeyAuth_SecretKey) GetRequired ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) GetRequired() bool
func (*ApiKeyAuth_SecretKey) Hash ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ApiKeyAuth_SecretKey) ProtoMessage ¶ added in v1.5.0
func (*ApiKeyAuth_SecretKey) ProtoMessage()
func (*ApiKeyAuth_SecretKey) Reset ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) Reset()
func (*ApiKeyAuth_SecretKey) String ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) String() string
func (*ApiKeyAuth_SecretKey) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) XXX_DiscardUnknown()
func (*ApiKeyAuth_SecretKey) XXX_Marshal ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ApiKeyAuth_SecretKey) XXX_Merge ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) XXX_Merge(src proto.Message)
func (*ApiKeyAuth_SecretKey) XXX_Size ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) XXX_Size() int
func (*ApiKeyAuth_SecretKey) XXX_Unmarshal ¶ added in v1.5.0
func (m *ApiKeyAuth_SecretKey) XXX_Unmarshal(b []byte) error
type ApiKeySecret ¶
type ApiKeySecret struct { // If true, generate an API key. // This field is deprecated as it was used only internally by `glooctl` and is not actually part of the secret API. GenerateApiKey bool `protobuf:"varint,1,opt,name=generate_api_key,json=generateApiKey,proto3" json:"generate_api_key,omitempty"` // Deprecated: Do not use. // The value of the API key. ApiKey string `protobuf:"bytes,2,opt,name=api_key,json=apiKey,proto3" json:"api_key,omitempty"` // A list of labels (key=value) for the apikey secret.<br/> // These labels are used when creating an ApiKeySecret via `glooctl` and then are copied to the metadata of the created secret. // This field is deprecated as it was used only internally by `glooctl` and is not actually part of the secret API. Labels []string `protobuf:"bytes,3,rep,name=labels,proto3" json:"labels,omitempty"` // Deprecated: Do not use. // If the secret data contains entries in addition to the API key one, they will be copied to this field. Metadata map[string]string `` /* 157-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ApiKeySecret) Descriptor ¶
func (*ApiKeySecret) Descriptor() ([]byte, []int)
func (*ApiKeySecret) Equal ¶
func (this *ApiKeySecret) Equal(that interface{}) bool
func (*ApiKeySecret) GetApiKey ¶
func (m *ApiKeySecret) GetApiKey() string
func (*ApiKeySecret) GetGenerateApiKey
deprecated
func (m *ApiKeySecret) GetGenerateApiKey() bool
Deprecated: Do not use.
func (*ApiKeySecret) GetLabels
deprecated
func (m *ApiKeySecret) GetLabels() []string
Deprecated: Do not use.
func (*ApiKeySecret) GetMetadata ¶ added in v1.5.0
func (m *ApiKeySecret) GetMetadata() map[string]string
func (*ApiKeySecret) Hash ¶ added in v1.2.13
func (m *ApiKeySecret) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ApiKeySecret) ProtoMessage ¶
func (*ApiKeySecret) ProtoMessage()
func (*ApiKeySecret) Reset ¶
func (m *ApiKeySecret) Reset()
func (*ApiKeySecret) String ¶
func (m *ApiKeySecret) String() string
func (*ApiKeySecret) XXX_DiscardUnknown ¶
func (m *ApiKeySecret) XXX_DiscardUnknown()
func (*ApiKeySecret) XXX_Marshal ¶
func (m *ApiKeySecret) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ApiKeySecret) XXX_Merge ¶
func (m *ApiKeySecret) XXX_Merge(src proto.Message)
func (*ApiKeySecret) XXX_Size ¶
func (m *ApiKeySecret) XXX_Size() int
func (*ApiKeySecret) XXX_Unmarshal ¶
func (m *ApiKeySecret) XXX_Unmarshal(b []byte) error
type ApplyExtAuthConfig ¶
type ApplyExtAuthConfig func(version string, resources []*ExtAuthConfig) error
The apply functions receives resources and returns an error if they were applied correctly. In theory the configuration can become valid in the future (i.e. eventually consistent), but I don't think we need to worry about that now As our current use cases only have one configuration resource, so no interactions are expected.
type AuthConfig ¶
type AuthConfig struct { // Status indicates the validation status of this resource. // Status is read-only by clients, and set by gloo during validation Status core.Status `protobuf:"bytes,1,opt,name=status,proto3" json:"status" testdiff:"ignore"` // Metadata contains the object metadata for this resource Metadata core.Metadata `protobuf:"bytes,2,opt,name=metadata,proto3" json:"metadata"` // List of auth configs to be checked for requests on a route referencing this auth config, // By default, every config must be authorized for the entire request to be authorized. This // behavior can be changed by defining names for each config and defining `boolean_expr` below. // // State is shared between successful requests on the chain, i.e., the headers returned from each // successful auth service get appended into the final auth response. Configs []*AuthConfig_Config `protobuf:"bytes,3,rep,name=configs,proto3" json:"configs,omitempty"` // How to handle processing of named configs within an auth config chain. // An example config might be: ( basic1 || basic2 || (oidc1 && !oidc2) ) // The boolean expression is evaluated left to right but honors parenthesis and short-circuiting. BooleanExpr *types.StringValue `protobuf:"bytes,10,opt,name=boolean_expr,json=booleanExpr,proto3" json:"boolean_expr,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
This is the user-facing auth configuration. When processed by Gloo, certain configuration types (i.a. oauth, opa) will be translated, e.g. to resolve resource references. See the `ExtAuthConfig.AuthConfig` for the final config format that will be included in the extauth snapshot.
func NewAuthConfig ¶
func NewAuthConfig(namespace, name string) *AuthConfig
func (*AuthConfig) DeepCopyInto ¶
func (o *AuthConfig) DeepCopyInto(out *AuthConfig)
func (*AuthConfig) DeepCopyObject ¶
func (o *AuthConfig) DeepCopyObject() runtime.Object
func (*AuthConfig) Descriptor ¶
func (*AuthConfig) Descriptor() ([]byte, []int)
func (*AuthConfig) Equal ¶
func (this *AuthConfig) Equal(that interface{}) bool
func (*AuthConfig) GetBooleanExpr ¶ added in v1.5.0
func (m *AuthConfig) GetBooleanExpr() *types.StringValue
func (*AuthConfig) GetConfigs ¶
func (m *AuthConfig) GetConfigs() []*AuthConfig_Config
func (*AuthConfig) GetMetadata ¶
func (m *AuthConfig) GetMetadata() core.Metadata
func (*AuthConfig) GetObjectKind ¶
func (o *AuthConfig) GetObjectKind() schema.ObjectKind
func (*AuthConfig) GetStatus ¶
func (m *AuthConfig) GetStatus() core.Status
func (*AuthConfig) GroupVersionKind ¶
func (r *AuthConfig) GroupVersionKind() schema.GroupVersionKind
func (*AuthConfig) Hash ¶
func (m *AuthConfig) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*AuthConfig) MustHash ¶ added in v1.2.13
func (r *AuthConfig) MustHash() uint64
func (*AuthConfig) ProtoMessage ¶
func (*AuthConfig) ProtoMessage()
func (*AuthConfig) Reset ¶
func (m *AuthConfig) Reset()
func (*AuthConfig) SetMetadata ¶
func (r *AuthConfig) SetMetadata(meta core.Metadata)
func (*AuthConfig) SetStatus ¶
func (r *AuthConfig) SetStatus(status core.Status)
func (*AuthConfig) String ¶
func (m *AuthConfig) String() string
func (*AuthConfig) XXX_DiscardUnknown ¶
func (m *AuthConfig) XXX_DiscardUnknown()
func (*AuthConfig) XXX_Marshal ¶
func (m *AuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AuthConfig) XXX_Merge ¶
func (m *AuthConfig) XXX_Merge(src proto.Message)
func (*AuthConfig) XXX_Size ¶
func (m *AuthConfig) XXX_Size() int
func (*AuthConfig) XXX_Unmarshal ¶
func (m *AuthConfig) XXX_Unmarshal(b []byte) error
type AuthConfigClient ¶
type AuthConfigClient interface { BaseClient() clients.ResourceClient Register() error Read(namespace, name string, opts clients.ReadOpts) (*AuthConfig, error) Write(resource *AuthConfig, opts clients.WriteOpts) (*AuthConfig, error) Delete(namespace, name string, opts clients.DeleteOpts) error List(namespace string, opts clients.ListOpts) (AuthConfigList, error) AuthConfigWatcher }
func NewAuthConfigClient ¶
func NewAuthConfigClient(rcFactory factory.ResourceClientFactory) (AuthConfigClient, error)
func NewAuthConfigClientWithBase ¶
func NewAuthConfigClientWithBase(rc clients.ResourceClient) AuthConfigClient
func NewAuthConfigClientWithToken ¶
func NewAuthConfigClientWithToken(rcFactory factory.ResourceClientFactory, token string) (AuthConfigClient, error)
type AuthConfigList ¶
type AuthConfigList []*AuthConfig
func (AuthConfigList) AsInputResources ¶
func (list AuthConfigList) AsInputResources() resources.InputResourceList
func (AuthConfigList) AsInterfaces ¶
func (list AuthConfigList) AsInterfaces() []interface{}
func (AuthConfigList) AsResources ¶
func (list AuthConfigList) AsResources() resources.ResourceList
func (AuthConfigList) Clone ¶
func (list AuthConfigList) Clone() AuthConfigList
func (AuthConfigList) Each ¶
func (list AuthConfigList) Each(f func(element *AuthConfig))
func (AuthConfigList) EachResource ¶
func (list AuthConfigList) EachResource(f func(element resources.Resource))
func (AuthConfigList) Find ¶
func (list AuthConfigList) Find(namespace, name string) (*AuthConfig, error)
func (AuthConfigList) Names ¶
func (list AuthConfigList) Names() []string
func (AuthConfigList) NamespacesDotNames ¶
func (list AuthConfigList) NamespacesDotNames() []string
func (AuthConfigList) Sort ¶
func (list AuthConfigList) Sort() AuthConfigList
type AuthConfigReconciler ¶
type AuthConfigReconciler interface {
Reconcile(namespace string, desiredResources AuthConfigList, transition TransitionAuthConfigFunc, opts clients.ListOpts) error
}
func NewAuthConfigReconciler ¶
func NewAuthConfigReconciler(client AuthConfigClient) AuthConfigReconciler
type AuthConfigWatcher ¶
type AuthConfig_Config ¶
type AuthConfig_Config struct { // optional: used when defining complex boolean logic, if `boolean_expr` is defined below. Also used // in logging. If omitted, an automatically generated name will be used (e.g. config_0, of the // pattern 'config_$INDEX_IN_CHAIN'). In the case of plugin auth, this field is ignored in favor of // the name assigned on the plugin config itself. Name *types.StringValue `protobuf:"bytes,9,opt,name=name,proto3" json:"name,omitempty"` // Types that are valid to be assigned to AuthConfig: // *AuthConfig_Config_BasicAuth // *AuthConfig_Config_Oauth // *AuthConfig_Config_Oauth2 // *AuthConfig_Config_ApiKeyAuth // *AuthConfig_Config_PluginAuth // *AuthConfig_Config_OpaAuth // *AuthConfig_Config_Ldap AuthConfig isAuthConfig_Config_AuthConfig `protobuf_oneof:"auth_config"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*AuthConfig_Config) Descriptor ¶
func (*AuthConfig_Config) Descriptor() ([]byte, []int)
func (*AuthConfig_Config) Equal ¶
func (this *AuthConfig_Config) Equal(that interface{}) bool
func (*AuthConfig_Config) GetApiKeyAuth ¶
func (m *AuthConfig_Config) GetApiKeyAuth() *ApiKeyAuth
func (*AuthConfig_Config) GetAuthConfig ¶
func (m *AuthConfig_Config) GetAuthConfig() isAuthConfig_Config_AuthConfig
func (*AuthConfig_Config) GetBasicAuth ¶
func (m *AuthConfig_Config) GetBasicAuth() *BasicAuth
func (*AuthConfig_Config) GetLdap ¶
func (m *AuthConfig_Config) GetLdap() *Ldap
func (*AuthConfig_Config) GetName ¶ added in v1.5.0
func (m *AuthConfig_Config) GetName() *types.StringValue
func (*AuthConfig_Config) GetOauth
deprecated
func (m *AuthConfig_Config) GetOauth() *OAuth
Deprecated: Do not use.
func (*AuthConfig_Config) GetOauth2 ¶ added in v1.5.0
func (m *AuthConfig_Config) GetOauth2() *OAuth2
func (*AuthConfig_Config) GetOpaAuth ¶
func (m *AuthConfig_Config) GetOpaAuth() *OpaAuth
func (*AuthConfig_Config) GetPluginAuth ¶
func (m *AuthConfig_Config) GetPluginAuth() *AuthPlugin
func (*AuthConfig_Config) Hash ¶ added in v1.2.13
func (m *AuthConfig_Config) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*AuthConfig_Config) ProtoMessage ¶
func (*AuthConfig_Config) ProtoMessage()
func (*AuthConfig_Config) Reset ¶
func (m *AuthConfig_Config) Reset()
func (*AuthConfig_Config) String ¶
func (m *AuthConfig_Config) String() string
func (*AuthConfig_Config) XXX_DiscardUnknown ¶
func (m *AuthConfig_Config) XXX_DiscardUnknown()
func (*AuthConfig_Config) XXX_Marshal ¶
func (m *AuthConfig_Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AuthConfig_Config) XXX_Merge ¶
func (m *AuthConfig_Config) XXX_Merge(src proto.Message)
func (*AuthConfig_Config) XXX_OneofWrappers ¶
func (*AuthConfig_Config) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*AuthConfig_Config) XXX_Size ¶
func (m *AuthConfig_Config) XXX_Size() int
func (*AuthConfig_Config) XXX_Unmarshal ¶
func (m *AuthConfig_Config) XXX_Unmarshal(b []byte) error
type AuthConfig_Config_ApiKeyAuth ¶
type AuthConfig_Config_ApiKeyAuth struct {
ApiKeyAuth *ApiKeyAuth `protobuf:"bytes,4,opt,name=api_key_auth,json=apiKeyAuth,proto3,oneof" json:"api_key_auth,omitempty"`
}
func (*AuthConfig_Config_ApiKeyAuth) Equal ¶
func (this *AuthConfig_Config_ApiKeyAuth) Equal(that interface{}) bool
type AuthConfig_Config_BasicAuth ¶
type AuthConfig_Config_BasicAuth struct {
BasicAuth *BasicAuth `protobuf:"bytes,1,opt,name=basic_auth,json=basicAuth,proto3,oneof" json:"basic_auth,omitempty"`
}
func (*AuthConfig_Config_BasicAuth) Equal ¶
func (this *AuthConfig_Config_BasicAuth) Equal(that interface{}) bool
type AuthConfig_Config_Ldap ¶
type AuthConfig_Config_Ldap struct {
Ldap *Ldap `protobuf:"bytes,7,opt,name=ldap,proto3,oneof" json:"ldap,omitempty"`
}
func (*AuthConfig_Config_Ldap) Equal ¶
func (this *AuthConfig_Config_Ldap) Equal(that interface{}) bool
type AuthConfig_Config_Oauth ¶
type AuthConfig_Config_Oauth struct {
Oauth *OAuth `protobuf:"bytes,2,opt,name=oauth,proto3,oneof" json:"oauth,omitempty"`
}
func (*AuthConfig_Config_Oauth) Equal ¶
func (this *AuthConfig_Config_Oauth) Equal(that interface{}) bool
type AuthConfig_Config_Oauth2 ¶ added in v1.5.0
type AuthConfig_Config_Oauth2 struct {
Oauth2 *OAuth2 `protobuf:"bytes,8,opt,name=oauth2,proto3,oneof" json:"oauth2,omitempty"`
}
func (*AuthConfig_Config_Oauth2) Equal ¶ added in v1.5.0
func (this *AuthConfig_Config_Oauth2) Equal(that interface{}) bool
type AuthConfig_Config_OpaAuth ¶
type AuthConfig_Config_OpaAuth struct {
OpaAuth *OpaAuth `protobuf:"bytes,6,opt,name=opa_auth,json=opaAuth,proto3,oneof" json:"opa_auth,omitempty"`
}
func (*AuthConfig_Config_OpaAuth) Equal ¶
func (this *AuthConfig_Config_OpaAuth) Equal(that interface{}) bool
type AuthConfig_Config_PluginAuth ¶
type AuthConfig_Config_PluginAuth struct {
PluginAuth *AuthPlugin `protobuf:"bytes,5,opt,name=plugin_auth,json=pluginAuth,proto3,oneof" json:"plugin_auth,omitempty"`
}
func (*AuthConfig_Config_PluginAuth) Equal ¶
func (this *AuthConfig_Config_PluginAuth) Equal(that interface{}) bool
type AuthPlugin ¶
type AuthPlugin struct { // Name of the plugin Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` // Name of the compiled plugin file. If not specified, GlooE will look for an ".so" file with same name as the plugin. PluginFileName string `protobuf:"bytes,2,opt,name=plugin_file_name,json=pluginFileName,proto3" json:"plugin_file_name,omitempty"` // Name of the exported symbol that implements the plugin interface in the plugin. // If not specified, defaults to the name of the plugin ExportedSymbolName string `protobuf:"bytes,3,opt,name=exported_symbol_name,json=exportedSymbolName,proto3" json:"exported_symbol_name,omitempty"` Config *types.Struct `protobuf:"bytes,4,opt,name=config,proto3" json:"config,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*AuthPlugin) Descriptor ¶
func (*AuthPlugin) Descriptor() ([]byte, []int)
func (*AuthPlugin) Equal ¶
func (this *AuthPlugin) Equal(that interface{}) bool
func (*AuthPlugin) GetConfig ¶
func (m *AuthPlugin) GetConfig() *types.Struct
func (*AuthPlugin) GetExportedSymbolName ¶
func (m *AuthPlugin) GetExportedSymbolName() string
func (*AuthPlugin) GetName ¶
func (m *AuthPlugin) GetName() string
func (*AuthPlugin) GetPluginFileName ¶
func (m *AuthPlugin) GetPluginFileName() string
func (*AuthPlugin) Hash ¶ added in v1.2.13
func (m *AuthPlugin) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*AuthPlugin) ProtoMessage ¶
func (*AuthPlugin) ProtoMessage()
func (*AuthPlugin) Reset ¶
func (m *AuthPlugin) Reset()
func (*AuthPlugin) String ¶
func (m *AuthPlugin) String() string
func (*AuthPlugin) XXX_DiscardUnknown ¶
func (m *AuthPlugin) XXX_DiscardUnknown()
func (*AuthPlugin) XXX_Marshal ¶
func (m *AuthPlugin) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*AuthPlugin) XXX_Merge ¶
func (m *AuthPlugin) XXX_Merge(src proto.Message)
func (*AuthPlugin) XXX_Size ¶
func (m *AuthPlugin) XXX_Size() int
func (*AuthPlugin) XXX_Unmarshal ¶
func (m *AuthPlugin) XXX_Unmarshal(b []byte) error
type BasicAuth ¶
type BasicAuth struct { Realm string `protobuf:"bytes,1,opt,name=realm,proto3" json:"realm,omitempty"` Apr *BasicAuth_Apr `protobuf:"bytes,2,opt,name=apr,proto3" json:"apr,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*BasicAuth) Descriptor ¶
func (*BasicAuth) GetApr ¶
func (m *BasicAuth) GetApr() *BasicAuth_Apr
func (*BasicAuth) ProtoMessage ¶
func (*BasicAuth) ProtoMessage()
func (*BasicAuth) XXX_DiscardUnknown ¶
func (m *BasicAuth) XXX_DiscardUnknown()
func (*BasicAuth) XXX_Marshal ¶
func (*BasicAuth) XXX_Unmarshal ¶
type BasicAuth_Apr ¶
type BasicAuth_Apr struct { Users map[string]*BasicAuth_Apr_SaltedHashedPassword `` /* 151-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*BasicAuth_Apr) Descriptor ¶
func (*BasicAuth_Apr) Descriptor() ([]byte, []int)
func (*BasicAuth_Apr) Equal ¶
func (this *BasicAuth_Apr) Equal(that interface{}) bool
func (*BasicAuth_Apr) GetUsers ¶
func (m *BasicAuth_Apr) GetUsers() map[string]*BasicAuth_Apr_SaltedHashedPassword
func (*BasicAuth_Apr) Hash ¶ added in v1.2.13
func (m *BasicAuth_Apr) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*BasicAuth_Apr) ProtoMessage ¶
func (*BasicAuth_Apr) ProtoMessage()
func (*BasicAuth_Apr) Reset ¶
func (m *BasicAuth_Apr) Reset()
func (*BasicAuth_Apr) String ¶
func (m *BasicAuth_Apr) String() string
func (*BasicAuth_Apr) XXX_DiscardUnknown ¶
func (m *BasicAuth_Apr) XXX_DiscardUnknown()
func (*BasicAuth_Apr) XXX_Marshal ¶
func (m *BasicAuth_Apr) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*BasicAuth_Apr) XXX_Merge ¶
func (m *BasicAuth_Apr) XXX_Merge(src proto.Message)
func (*BasicAuth_Apr) XXX_Size ¶
func (m *BasicAuth_Apr) XXX_Size() int
func (*BasicAuth_Apr) XXX_Unmarshal ¶
func (m *BasicAuth_Apr) XXX_Unmarshal(b []byte) error
type BasicAuth_Apr_SaltedHashedPassword ¶
type BasicAuth_Apr_SaltedHashedPassword struct { Salt string `protobuf:"bytes,1,opt,name=salt,proto3" json:"salt,omitempty"` HashedPassword string `protobuf:"bytes,2,opt,name=hashed_password,json=hashedPassword,proto3" json:"hashed_password,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*BasicAuth_Apr_SaltedHashedPassword) Descriptor ¶
func (*BasicAuth_Apr_SaltedHashedPassword) Descriptor() ([]byte, []int)
func (*BasicAuth_Apr_SaltedHashedPassword) Equal ¶
func (this *BasicAuth_Apr_SaltedHashedPassword) Equal(that interface{}) bool
func (*BasicAuth_Apr_SaltedHashedPassword) GetHashedPassword ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) GetHashedPassword() string
func (*BasicAuth_Apr_SaltedHashedPassword) GetSalt ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) GetSalt() string
func (*BasicAuth_Apr_SaltedHashedPassword) Hash ¶ added in v1.2.13
func (m *BasicAuth_Apr_SaltedHashedPassword) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*BasicAuth_Apr_SaltedHashedPassword) ProtoMessage ¶
func (*BasicAuth_Apr_SaltedHashedPassword) ProtoMessage()
func (*BasicAuth_Apr_SaltedHashedPassword) Reset ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) Reset()
func (*BasicAuth_Apr_SaltedHashedPassword) String ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) String() string
func (*BasicAuth_Apr_SaltedHashedPassword) XXX_DiscardUnknown ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_DiscardUnknown()
func (*BasicAuth_Apr_SaltedHashedPassword) XXX_Marshal ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*BasicAuth_Apr_SaltedHashedPassword) XXX_Merge ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Merge(src proto.Message)
func (*BasicAuth_Apr_SaltedHashedPassword) XXX_Size ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Size() int
func (*BasicAuth_Apr_SaltedHashedPassword) XXX_Unmarshal ¶
func (m *BasicAuth_Apr_SaltedHashedPassword) XXX_Unmarshal(b []byte) error
type BufferSettings ¶
type BufferSettings struct { // Sets the maximum size of a message body that the filter will hold in memory. Envoy will return // *HTTP 413* and will *not* initiate the authorization process when buffer reaches the number // set in this field. Note that this setting will have precedence over failure_mode_allow. // Defaults to 4KB. MaxRequestBytes uint32 `protobuf:"varint,1,opt,name=max_request_bytes,json=maxRequestBytes,proto3" json:"max_request_bytes,omitempty"` // When this field is true, Envoy will buffer the message until *max_request_bytes* is reached. // The authorization request will be dispatched and no 413 HTTP error will be returned by the // filter. AllowPartialMessage bool `protobuf:"varint,2,opt,name=allow_partial_message,json=allowPartialMessage,proto3" json:"allow_partial_message,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Configuration for buffering the request data.
func (*BufferSettings) Descriptor ¶
func (*BufferSettings) Descriptor() ([]byte, []int)
func (*BufferSettings) Equal ¶
func (this *BufferSettings) Equal(that interface{}) bool
func (*BufferSettings) GetAllowPartialMessage ¶
func (m *BufferSettings) GetAllowPartialMessage() bool
func (*BufferSettings) GetMaxRequestBytes ¶
func (m *BufferSettings) GetMaxRequestBytes() uint32
func (*BufferSettings) Hash ¶ added in v1.2.13
func (m *BufferSettings) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*BufferSettings) ProtoMessage ¶
func (*BufferSettings) ProtoMessage()
func (*BufferSettings) Reset ¶
func (m *BufferSettings) Reset()
func (*BufferSettings) String ¶
func (m *BufferSettings) String() string
func (*BufferSettings) XXX_DiscardUnknown ¶
func (m *BufferSettings) XXX_DiscardUnknown()
func (*BufferSettings) XXX_Marshal ¶
func (m *BufferSettings) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*BufferSettings) XXX_Merge ¶
func (m *BufferSettings) XXX_Merge(src proto.Message)
func (*BufferSettings) XXX_Size ¶
func (m *BufferSettings) XXX_Size() int
func (*BufferSettings) XXX_Unmarshal ¶
func (m *BufferSettings) XXX_Unmarshal(b []byte) error
type CustomAuth ¶
type CustomAuth struct { // When a request matches the virtual host, route, or weighted destination on which this configuration is defined, // Gloo will add the given context_extensions to the request that is sent to the external authorization server. // This allows the server to base the auth decision on metadata that you define on the source of the request. // // This attribute is analogous to Envoy's config.filter.http.ext_authz.v2.CheckSettings. See the official // [Envoy documentation](https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/ext_authz/v2/ext_authz.proto.html?highlight=ext_authz#config-filter-http-ext-authz-v2-checksettings) // for more details. ContextExtensions map[string]string `` /* 200-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Gloo is not expected to configure the ext auth server in this case. This is used with custom auth servers.
func (*CustomAuth) Descriptor ¶
func (*CustomAuth) Descriptor() ([]byte, []int)
func (*CustomAuth) Equal ¶
func (this *CustomAuth) Equal(that interface{}) bool
func (*CustomAuth) GetContextExtensions ¶
func (m *CustomAuth) GetContextExtensions() map[string]string
func (*CustomAuth) Hash ¶ added in v1.2.13
func (m *CustomAuth) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*CustomAuth) ProtoMessage ¶
func (*CustomAuth) ProtoMessage()
func (*CustomAuth) Reset ¶
func (m *CustomAuth) Reset()
func (*CustomAuth) String ¶
func (m *CustomAuth) String() string
func (*CustomAuth) XXX_DiscardUnknown ¶
func (m *CustomAuth) XXX_DiscardUnknown()
func (*CustomAuth) XXX_Marshal ¶
func (m *CustomAuth) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*CustomAuth) XXX_Merge ¶
func (m *CustomAuth) XXX_Merge(src proto.Message)
func (*CustomAuth) XXX_Size ¶
func (m *CustomAuth) XXX_Size() int
func (*CustomAuth) XXX_Unmarshal ¶
func (m *CustomAuth) XXX_Unmarshal(b []byte) error
type EnterpriseEmitter ¶ added in v1.3.33
type EnterpriseEmitter interface { EnterpriseSnapshotEmitter Register() error AuthConfig() AuthConfigClient }
func NewEnterpriseEmitter ¶ added in v1.3.33
func NewEnterpriseEmitter(authConfigClient AuthConfigClient) EnterpriseEmitter
func NewEnterpriseEmitterWithEmit ¶ added in v1.3.33
func NewEnterpriseEmitterWithEmit(authConfigClient AuthConfigClient, emit <-chan struct{}) EnterpriseEmitter
type EnterpriseSimpleEmitter ¶ added in v1.3.33
type EnterpriseSimpleEmitter interface {
Snapshots(ctx context.Context) (<-chan *EnterpriseSnapshot, <-chan error, error)
}
func NewEnterpriseSimpleEmitter ¶ added in v1.3.33
func NewEnterpriseSimpleEmitter(aggregatedWatch clients.ResourceWatch) EnterpriseSimpleEmitter
func NewEnterpriseSimpleEmitterWithEmit ¶ added in v1.3.33
func NewEnterpriseSimpleEmitterWithEmit(aggregatedWatch clients.ResourceWatch, emit <-chan struct{}) EnterpriseSimpleEmitter
type EnterpriseSnapshot ¶ added in v1.3.33
type EnterpriseSnapshot struct {
AuthConfigs AuthConfigList
}
func (EnterpriseSnapshot) Clone ¶ added in v1.3.33
func (s EnterpriseSnapshot) Clone() EnterpriseSnapshot
func (EnterpriseSnapshot) Hash ¶ added in v1.3.33
func (s EnterpriseSnapshot) Hash(hasher hash.Hash64) (uint64, error)
func (EnterpriseSnapshot) HashFields ¶ added in v1.3.33
func (s EnterpriseSnapshot) HashFields() []zap.Field
func (EnterpriseSnapshot) Stringer ¶ added in v1.3.33
func (s EnterpriseSnapshot) Stringer() EnterpriseSnapshotStringer
type EnterpriseSnapshotEmitter ¶ added in v1.3.33
type EnterpriseSnapshotStringer ¶ added in v1.3.33
func (EnterpriseSnapshotStringer) String ¶ added in v1.3.33
func (ss EnterpriseSnapshotStringer) String() string
type EnterpriseSyncDecider
deprecated
added in
v1.3.33
type EnterpriseSyncDecider interface { EnterpriseSyncer ShouldSync(old, new *EnterpriseSnapshot) bool }
Deprecated: use EnterpriseSyncDeciderWithContext
type EnterpriseSyncDeciderWithContext ¶ added in v1.3.33
type EnterpriseSyncDeciderWithContext interface { EnterpriseSyncer ShouldSync(ctx context.Context, old, new *EnterpriseSnapshot) bool }
type EnterpriseSyncer ¶ added in v1.3.33
type EnterpriseSyncer interface {
Sync(context.Context, *EnterpriseSnapshot) error
}
type EnterpriseSyncers ¶ added in v1.3.33
type EnterpriseSyncers []EnterpriseSyncer
func (EnterpriseSyncers) Sync ¶ added in v1.3.33
func (s EnterpriseSyncers) Sync(ctx context.Context, snapshot *EnterpriseSnapshot) error
type ExtAuthConfig ¶
type ExtAuthConfig struct { // @solo-kit:resource.name // This is the identifier of the AuthConfig resource that this configuration is associated with. // Any request to the external auth server includes an identifier that is matched against this field to determine // which AuthConfig should be applied to it. AuthConfigRefName string `protobuf:"bytes,1,opt,name=auth_config_ref_name,json=authConfigRefName,proto3" json:"auth_config_ref_name,omitempty"` // List of auth configs to be checked for requests on a route referencing this auth config, // By default, every config must be authorized for the entire request to be authorized. This // behavior can be changed by defining names for each config and defining `boolean_expr` below. // // State is shared between successful requests on the chain, i.e., the headers returned from each // successful auth service get appended into the final auth response. Configs []*ExtAuthConfig_Config `protobuf:"bytes,8,rep,name=configs,proto3" json:"configs,omitempty"` // How to handle processing of named configs within an auth config chain. // An example config might be: ( basic1 || basic2 || (oidc1 && !oidc2) ) // The boolean expression is evaluated left to right but honors parenthesis and short-circuiting. BooleanExpr *types.StringValue `protobuf:"bytes,10,opt,name=boolean_expr,json=booleanExpr,proto3" json:"boolean_expr,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
@solo-kit:xds-service=ExtAuthDiscoveryService @solo-kit:resource.no_references
func (*ExtAuthConfig) Descriptor ¶
func (*ExtAuthConfig) Descriptor() ([]byte, []int)
func (*ExtAuthConfig) Equal ¶
func (this *ExtAuthConfig) Equal(that interface{}) bool
func (*ExtAuthConfig) GetAuthConfigRefName ¶
func (m *ExtAuthConfig) GetAuthConfigRefName() string
func (*ExtAuthConfig) GetBooleanExpr ¶ added in v1.5.0
func (m *ExtAuthConfig) GetBooleanExpr() *types.StringValue
func (*ExtAuthConfig) GetConfigs ¶
func (m *ExtAuthConfig) GetConfigs() []*ExtAuthConfig_Config
func (*ExtAuthConfig) Hash ¶ added in v1.2.13
func (m *ExtAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig) ProtoMessage ¶
func (*ExtAuthConfig) ProtoMessage()
func (*ExtAuthConfig) Reset ¶
func (m *ExtAuthConfig) Reset()
func (*ExtAuthConfig) String ¶
func (m *ExtAuthConfig) String() string
func (*ExtAuthConfig) XXX_DiscardUnknown ¶
func (m *ExtAuthConfig) XXX_DiscardUnknown()
func (*ExtAuthConfig) XXX_Marshal ¶
func (m *ExtAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig) XXX_Merge ¶
func (m *ExtAuthConfig) XXX_Merge(src proto.Message)
func (*ExtAuthConfig) XXX_Size ¶
func (m *ExtAuthConfig) XXX_Size() int
func (*ExtAuthConfig) XXX_Unmarshal ¶
func (m *ExtAuthConfig) XXX_Unmarshal(b []byte) error
type ExtAuthConfigXdsResourceWrapper ¶
type ExtAuthConfigXdsResourceWrapper struct { // TODO(yuval-k): This is public for mitchellh hashstructure to work properly. consider better alternatives. Resource *ExtAuthConfig }
Defined a resource - to be used by snapshot
func NewExtAuthConfigXdsResourceWrapper ¶
func NewExtAuthConfigXdsResourceWrapper(resourceProto *ExtAuthConfig) *ExtAuthConfigXdsResourceWrapper
func (*ExtAuthConfigXdsResourceWrapper) References ¶
func (e *ExtAuthConfigXdsResourceWrapper) References() []cache.XdsResourceReference
func (*ExtAuthConfigXdsResourceWrapper) ResourceProto ¶
func (e *ExtAuthConfigXdsResourceWrapper) ResourceProto() cache.ResourceProto
func (*ExtAuthConfigXdsResourceWrapper) Self ¶
func (e *ExtAuthConfigXdsResourceWrapper) Self() cache.XdsResourceReference
type ExtAuthConfig_ApiKeyAuthConfig ¶
type ExtAuthConfig_ApiKeyAuthConfig struct { // A mapping of valid API keys to their associated metadata. // This map is automatically populated with the information from the relevant `ApiKeySecret`s. ValidApiKeys map[string]*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata `` /* 204-byte string literal not displayed */ // (Optional) When receiving a request, the Gloo Enterprise external auth server will look for an API key // in a header with this name. This field is optional; if not provided it defaults to `api-key`. HeaderName string `protobuf:"bytes,2,opt,name=header_name,json=headerName,proto3" json:"header_name,omitempty"` // Determines the key metadata that will be included as headers on the upstream request. // Each entry represents a header to add: the key is the name of the header, and the // value is the key that will be used to look up the data entry in the key metadata. HeadersFromKeyMetadata map[string]string `` /* 219-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
**NOTE: This configuration is not user-facing and will be auto generated**
func (*ExtAuthConfig_ApiKeyAuthConfig) Descriptor ¶
func (*ExtAuthConfig_ApiKeyAuthConfig) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_ApiKeyAuthConfig) Equal ¶
func (this *ExtAuthConfig_ApiKeyAuthConfig) Equal(that interface{}) bool
func (*ExtAuthConfig_ApiKeyAuthConfig) GetHeaderName ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig) GetHeaderName() string
func (*ExtAuthConfig_ApiKeyAuthConfig) GetHeadersFromKeyMetadata ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig) GetHeadersFromKeyMetadata() map[string]string
func (*ExtAuthConfig_ApiKeyAuthConfig) GetValidApiKeys ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig) GetValidApiKeys() map[string]*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata
func (*ExtAuthConfig_ApiKeyAuthConfig) Hash ¶ added in v1.2.13
func (m *ExtAuthConfig_ApiKeyAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_ApiKeyAuthConfig) ProtoMessage ¶
func (*ExtAuthConfig_ApiKeyAuthConfig) ProtoMessage()
func (*ExtAuthConfig_ApiKeyAuthConfig) Reset ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) Reset()
func (*ExtAuthConfig_ApiKeyAuthConfig) String ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) String() string
func (*ExtAuthConfig_ApiKeyAuthConfig) XXX_DiscardUnknown ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_DiscardUnknown()
func (*ExtAuthConfig_ApiKeyAuthConfig) XXX_Marshal ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_ApiKeyAuthConfig) XXX_Merge ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_ApiKeyAuthConfig) XXX_Size ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Size() int
func (*ExtAuthConfig_ApiKeyAuthConfig) XXX_Unmarshal ¶
func (m *ExtAuthConfig_ApiKeyAuthConfig) XXX_Unmarshal(b []byte) error
type ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata ¶ added in v1.5.0
type ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata struct { // The user is mapped as the name of `Secret` which contains the `ApiKeySecret` Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"` // The metadata present on the `ApiKeySecret`. Metadata map[string]string `` /* 157-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Descriptor ¶ added in v1.5.0
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Equal ¶ added in v1.5.0
func (this *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Equal(that interface{}) bool
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) GetMetadata ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) GetMetadata() map[string]string
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) GetUsername ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) GetUsername() string
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Hash ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) ProtoMessage ¶ added in v1.5.0
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) ProtoMessage()
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Reset ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) Reset()
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) String ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) String() string
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_DiscardUnknown()
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Marshal ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Merge ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Size ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Size() int
func (*ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Unmarshal ¶ added in v1.5.0
func (m *ExtAuthConfig_ApiKeyAuthConfig_KeyMetadata) XXX_Unmarshal(b []byte) error
type ExtAuthConfig_Config ¶
type ExtAuthConfig_Config struct { // optional: used when defining complex boolean logic, if `boolean_expr` is defined below. Also used // in logging. If omitted, an automatically generated name will be used (e.g. config_0, of the // pattern 'config_$INDEX_IN_CHAIN'). In the case of plugin auth, this field is ignored in favor of // the name assigned on the plugin config itself. Name *types.StringValue `protobuf:"bytes,11,opt,name=name,proto3" json:"name,omitempty"` // Types that are valid to be assigned to AuthConfig: // *ExtAuthConfig_Config_Oauth // *ExtAuthConfig_Config_Oauth2 // *ExtAuthConfig_Config_BasicAuth // *ExtAuthConfig_Config_ApiKeyAuth // *ExtAuthConfig_Config_PluginAuth // *ExtAuthConfig_Config_OpaAuth // *ExtAuthConfig_Config_Ldap AuthConfig isExtAuthConfig_Config_AuthConfig `protobuf_oneof:"auth_config"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ExtAuthConfig_Config) Descriptor ¶
func (*ExtAuthConfig_Config) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_Config) Equal ¶
func (this *ExtAuthConfig_Config) Equal(that interface{}) bool
func (*ExtAuthConfig_Config) GetApiKeyAuth ¶
func (m *ExtAuthConfig_Config) GetApiKeyAuth() *ExtAuthConfig_ApiKeyAuthConfig
func (*ExtAuthConfig_Config) GetAuthConfig ¶
func (m *ExtAuthConfig_Config) GetAuthConfig() isExtAuthConfig_Config_AuthConfig
func (*ExtAuthConfig_Config) GetBasicAuth ¶
func (m *ExtAuthConfig_Config) GetBasicAuth() *BasicAuth
func (*ExtAuthConfig_Config) GetLdap ¶
func (m *ExtAuthConfig_Config) GetLdap() *Ldap
func (*ExtAuthConfig_Config) GetName ¶ added in v1.5.0
func (m *ExtAuthConfig_Config) GetName() *types.StringValue
func (*ExtAuthConfig_Config) GetOauth
deprecated
func (m *ExtAuthConfig_Config) GetOauth() *ExtAuthConfig_OAuthConfig
Deprecated: Do not use.
func (*ExtAuthConfig_Config) GetOauth2 ¶ added in v1.5.0
func (m *ExtAuthConfig_Config) GetOauth2() *ExtAuthConfig_OAuth2Config
func (*ExtAuthConfig_Config) GetOpaAuth ¶
func (m *ExtAuthConfig_Config) GetOpaAuth() *ExtAuthConfig_OpaAuthConfig
func (*ExtAuthConfig_Config) GetPluginAuth ¶
func (m *ExtAuthConfig_Config) GetPluginAuth() *AuthPlugin
func (*ExtAuthConfig_Config) Hash ¶ added in v1.2.13
func (m *ExtAuthConfig_Config) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_Config) ProtoMessage ¶
func (*ExtAuthConfig_Config) ProtoMessage()
func (*ExtAuthConfig_Config) Reset ¶
func (m *ExtAuthConfig_Config) Reset()
func (*ExtAuthConfig_Config) String ¶
func (m *ExtAuthConfig_Config) String() string
func (*ExtAuthConfig_Config) XXX_DiscardUnknown ¶
func (m *ExtAuthConfig_Config) XXX_DiscardUnknown()
func (*ExtAuthConfig_Config) XXX_Marshal ¶
func (m *ExtAuthConfig_Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_Config) XXX_Merge ¶
func (m *ExtAuthConfig_Config) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_Config) XXX_OneofWrappers ¶
func (*ExtAuthConfig_Config) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*ExtAuthConfig_Config) XXX_Size ¶
func (m *ExtAuthConfig_Config) XXX_Size() int
func (*ExtAuthConfig_Config) XXX_Unmarshal ¶
func (m *ExtAuthConfig_Config) XXX_Unmarshal(b []byte) error
type ExtAuthConfig_Config_ApiKeyAuth ¶
type ExtAuthConfig_Config_ApiKeyAuth struct {
ApiKeyAuth *ExtAuthConfig_ApiKeyAuthConfig `protobuf:"bytes,5,opt,name=api_key_auth,json=apiKeyAuth,proto3,oneof" json:"api_key_auth,omitempty"`
}
func (*ExtAuthConfig_Config_ApiKeyAuth) Equal ¶
func (this *ExtAuthConfig_Config_ApiKeyAuth) Equal(that interface{}) bool
type ExtAuthConfig_Config_BasicAuth ¶
type ExtAuthConfig_Config_BasicAuth struct {
BasicAuth *BasicAuth `protobuf:"bytes,4,opt,name=basic_auth,json=basicAuth,proto3,oneof" json:"basic_auth,omitempty"`
}
func (*ExtAuthConfig_Config_BasicAuth) Equal ¶
func (this *ExtAuthConfig_Config_BasicAuth) Equal(that interface{}) bool
type ExtAuthConfig_Config_Ldap ¶
type ExtAuthConfig_Config_Ldap struct {
Ldap *Ldap `protobuf:"bytes,8,opt,name=ldap,proto3,oneof" json:"ldap,omitempty"`
}
func (*ExtAuthConfig_Config_Ldap) Equal ¶
func (this *ExtAuthConfig_Config_Ldap) Equal(that interface{}) bool
type ExtAuthConfig_Config_Oauth ¶
type ExtAuthConfig_Config_Oauth struct {
Oauth *ExtAuthConfig_OAuthConfig `protobuf:"bytes,3,opt,name=oauth,proto3,oneof" json:"oauth,omitempty"`
}
func (*ExtAuthConfig_Config_Oauth) Equal ¶
func (this *ExtAuthConfig_Config_Oauth) Equal(that interface{}) bool
type ExtAuthConfig_Config_Oauth2 ¶ added in v1.5.0
type ExtAuthConfig_Config_Oauth2 struct {
Oauth2 *ExtAuthConfig_OAuth2Config `protobuf:"bytes,9,opt,name=oauth2,proto3,oneof" json:"oauth2,omitempty"`
}
func (*ExtAuthConfig_Config_Oauth2) Equal ¶ added in v1.5.0
func (this *ExtAuthConfig_Config_Oauth2) Equal(that interface{}) bool
type ExtAuthConfig_Config_OpaAuth ¶
type ExtAuthConfig_Config_OpaAuth struct {
OpaAuth *ExtAuthConfig_OpaAuthConfig `protobuf:"bytes,7,opt,name=opa_auth,json=opaAuth,proto3,oneof" json:"opa_auth,omitempty"`
}
func (*ExtAuthConfig_Config_OpaAuth) Equal ¶
func (this *ExtAuthConfig_Config_OpaAuth) Equal(that interface{}) bool
type ExtAuthConfig_Config_PluginAuth ¶
type ExtAuthConfig_Config_PluginAuth struct {
PluginAuth *AuthPlugin `protobuf:"bytes,6,opt,name=plugin_auth,json=pluginAuth,proto3,oneof" json:"plugin_auth,omitempty"`
}
func (*ExtAuthConfig_Config_PluginAuth) Equal ¶
func (this *ExtAuthConfig_Config_PluginAuth) Equal(that interface{}) bool
type ExtAuthConfig_OAuth2Config ¶ added in v1.5.0
type ExtAuthConfig_OAuth2Config struct { // Types that are valid to be assigned to OauthType: // *ExtAuthConfig_OAuth2Config_OidcAuthorizationCode // *ExtAuthConfig_OAuth2Config_AccessTokenValidation OauthType isExtAuthConfig_OAuth2Config_OauthType `protobuf_oneof:"oauth_type"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ExtAuthConfig_OAuth2Config) Descriptor ¶ added in v1.5.0
func (*ExtAuthConfig_OAuth2Config) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_OAuth2Config) Equal ¶ added in v1.5.0
func (this *ExtAuthConfig_OAuth2Config) Equal(that interface{}) bool
func (*ExtAuthConfig_OAuth2Config) GetAccessTokenValidation ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) GetAccessTokenValidation() *AccessTokenValidation
func (*ExtAuthConfig_OAuth2Config) GetOauthType ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) GetOauthType() isExtAuthConfig_OAuth2Config_OauthType
func (*ExtAuthConfig_OAuth2Config) GetOidcAuthorizationCode ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) GetOidcAuthorizationCode() *ExtAuthConfig_OidcAuthorizationCodeConfig
func (*ExtAuthConfig_OAuth2Config) Hash ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_OAuth2Config) ProtoMessage ¶ added in v1.5.0
func (*ExtAuthConfig_OAuth2Config) ProtoMessage()
func (*ExtAuthConfig_OAuth2Config) Reset ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) Reset()
func (*ExtAuthConfig_OAuth2Config) String ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) String() string
func (*ExtAuthConfig_OAuth2Config) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) XXX_DiscardUnknown()
func (*ExtAuthConfig_OAuth2Config) XXX_Marshal ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_OAuth2Config) XXX_Merge ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_OAuth2Config) XXX_OneofWrappers ¶ added in v1.5.0
func (*ExtAuthConfig_OAuth2Config) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*ExtAuthConfig_OAuth2Config) XXX_Size ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) XXX_Size() int
func (*ExtAuthConfig_OAuth2Config) XXX_Unmarshal ¶ added in v1.5.0
func (m *ExtAuthConfig_OAuth2Config) XXX_Unmarshal(b []byte) error
type ExtAuthConfig_OAuth2Config_AccessTokenValidation ¶ added in v1.5.0
type ExtAuthConfig_OAuth2Config_AccessTokenValidation struct {
AccessTokenValidation *AccessTokenValidation `` /* 132-byte string literal not displayed */
}
func (*ExtAuthConfig_OAuth2Config_AccessTokenValidation) Equal ¶ added in v1.5.0
func (this *ExtAuthConfig_OAuth2Config_AccessTokenValidation) Equal(that interface{}) bool
type ExtAuthConfig_OAuth2Config_OidcAuthorizationCode ¶ added in v1.5.0
type ExtAuthConfig_OAuth2Config_OidcAuthorizationCode struct {
OidcAuthorizationCode *ExtAuthConfig_OidcAuthorizationCodeConfig `` /* 132-byte string literal not displayed */
}
func (*ExtAuthConfig_OAuth2Config_OidcAuthorizationCode) Equal ¶ added in v1.5.0
func (this *ExtAuthConfig_OAuth2Config_OidcAuthorizationCode) Equal(that interface{}) bool
type ExtAuthConfig_OAuthConfig ¶
type ExtAuthConfig_OAuthConfig struct { // your client id as registered with the issuer ClientId string `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"` // Deprecated: Do not use. // your client secret as registered with the issuer ClientSecret string `protobuf:"bytes,2,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty" logging:"redact"` // Deprecated: Do not use. // The url of the issuer. We will look for OIDC information in issuerUrl+ // ".well-known/openid-configuration" IssuerUrl string `protobuf:"bytes,3,opt,name=issuer_url,json=issuerUrl,proto3" json:"issuer_url,omitempty"` // Deprecated: Do not use. // extra query parameters to apply to the Ext-Auth service's authorization request to the identity provider. AuthEndpointQueryParams map[string]string `` // Deprecated: Do not use. /* 222-byte string literal not displayed */ // we to redirect after successful auth, if we can't determine the original // url this should be your publicly available app url. AppUrl string `protobuf:"bytes,4,opt,name=app_url,json=appUrl,proto3" json:"app_url,omitempty"` // Deprecated: Do not use. // a callback path relative to app url that will be used for OIDC callbacks. // needs to not be used by the application CallbackPath string `protobuf:"bytes,5,opt,name=callback_path,json=callbackPath,proto3" json:"callback_path,omitempty"` // Deprecated: Do not use. // scopes to request in addition to the openid scope. Scopes []string `protobuf:"bytes,6,rep,name=scopes,proto3" json:"scopes,omitempty"` // Deprecated: Do not use. XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Deprecated, prefer OAuth2Config
func (*ExtAuthConfig_OAuthConfig) Descriptor ¶
func (*ExtAuthConfig_OAuthConfig) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_OAuthConfig) Equal ¶
func (this *ExtAuthConfig_OAuthConfig) Equal(that interface{}) bool
func (*ExtAuthConfig_OAuthConfig) GetAppUrl
deprecated
func (m *ExtAuthConfig_OAuthConfig) GetAppUrl() string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) GetAuthEndpointQueryParams
deprecated
added in
v1.3.0
func (m *ExtAuthConfig_OAuthConfig) GetAuthEndpointQueryParams() map[string]string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) GetCallbackPath
deprecated
func (m *ExtAuthConfig_OAuthConfig) GetCallbackPath() string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) GetClientId
deprecated
func (m *ExtAuthConfig_OAuthConfig) GetClientId() string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) GetClientSecret
deprecated
func (m *ExtAuthConfig_OAuthConfig) GetClientSecret() string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) GetIssuerUrl
deprecated
func (m *ExtAuthConfig_OAuthConfig) GetIssuerUrl() string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) GetScopes
deprecated
func (m *ExtAuthConfig_OAuthConfig) GetScopes() []string
Deprecated: Do not use.
func (*ExtAuthConfig_OAuthConfig) Hash ¶ added in v1.2.13
func (m *ExtAuthConfig_OAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_OAuthConfig) ProtoMessage ¶
func (*ExtAuthConfig_OAuthConfig) ProtoMessage()
func (*ExtAuthConfig_OAuthConfig) Reset ¶
func (m *ExtAuthConfig_OAuthConfig) Reset()
func (*ExtAuthConfig_OAuthConfig) String ¶
func (m *ExtAuthConfig_OAuthConfig) String() string
func (*ExtAuthConfig_OAuthConfig) XXX_DiscardUnknown ¶
func (m *ExtAuthConfig_OAuthConfig) XXX_DiscardUnknown()
func (*ExtAuthConfig_OAuthConfig) XXX_Marshal ¶
func (m *ExtAuthConfig_OAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_OAuthConfig) XXX_Merge ¶
func (m *ExtAuthConfig_OAuthConfig) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_OAuthConfig) XXX_Size ¶
func (m *ExtAuthConfig_OAuthConfig) XXX_Size() int
func (*ExtAuthConfig_OAuthConfig) XXX_Unmarshal ¶
func (m *ExtAuthConfig_OAuthConfig) XXX_Unmarshal(b []byte) error
type ExtAuthConfig_OidcAuthorizationCodeConfig ¶ added in v1.5.0
type ExtAuthConfig_OidcAuthorizationCodeConfig struct { // your client id as registered with the issuer ClientId string `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"` // your client secret as registered with the issuer ClientSecret string `protobuf:"bytes,2,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty" logging:"redact"` // The url of the issuer. We will look for OIDC information in issuerUrl+ // ".well-known/openid-configuration" IssuerUrl string `protobuf:"bytes,3,opt,name=issuer_url,json=issuerUrl,proto3" json:"issuer_url,omitempty"` // extra query parameters to apply to the Ext-Auth service's authorization request to the identity provider. AuthEndpointQueryParams map[string]string `` /* 222-byte string literal not displayed */ // we to redirect after successful auth, if we can't determine the original // url this should be your publicly available app url. AppUrl string `protobuf:"bytes,5,opt,name=app_url,json=appUrl,proto3" json:"app_url,omitempty"` // a callback path relative to app url that will be used for OIDC callbacks. // needs to not be used by the application CallbackPath string `protobuf:"bytes,6,opt,name=callback_path,json=callbackPath,proto3" json:"callback_path,omitempty"` // a path relative to app url that will be used for logging out from an OIDC session. // should not be used by the application. // If not provided, logout functionality will be disabled. LogoutPath string `protobuf:"bytes,9,opt,name=logout_path,json=logoutPath,proto3" json:"logout_path,omitempty"` // scopes to request in addition to the openid scope. Scopes []string `protobuf:"bytes,7,rep,name=scopes,proto3" json:"scopes,omitempty"` Session *UserSession `protobuf:"bytes,8,opt,name=session,proto3" json:"session,omitempty"` // Configures headers added to requests. Headers *HeaderConfiguration `protobuf:"bytes,10,opt,name=headers,proto3" json:"headers,omitempty"` // The interval at which OIDC configuration is discovered at <issuerUrl>/.well-known/openid-configuration // If not specified, the default value is 30 minutes. DiscoveryPollInterval *types.Duration `` /* 127-byte string literal not displayed */ // If a user executes a request with a key that is not found in the JWKS, it could be // that the keys have rotated on the remote source, and not yet in the local cache. // This policy lets you define the behavior for how to refresh the local cache during a request // where an invalid key is provided JwksCacheRefreshPolicy *JwksOnDemandCacheRefreshPolicy `` /* 132-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) Descriptor ¶ added in v1.5.0
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) Equal ¶ added in v1.5.0
func (this *ExtAuthConfig_OidcAuthorizationCodeConfig) Equal(that interface{}) bool
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetAppUrl ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetAppUrl() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetAuthEndpointQueryParams ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetAuthEndpointQueryParams() map[string]string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetCallbackPath ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetCallbackPath() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetClientId ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetClientId() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetClientSecret ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetClientSecret() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetDiscoveryPollInterval ¶ added in v1.5.17
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetDiscoveryPollInterval() *types.Duration
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetHeaders ¶ added in v1.5.8
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetHeaders() *HeaderConfiguration
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetIssuerUrl ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetIssuerUrl() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetJwksCacheRefreshPolicy ¶ added in v1.5.18
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetJwksCacheRefreshPolicy() *JwksOnDemandCacheRefreshPolicy
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetLogoutPath ¶ added in v1.5.8
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetLogoutPath() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetScopes ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetScopes() []string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) GetSession ¶ added in v1.5.8
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) GetSession() *UserSession
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) Hash ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) ProtoMessage ¶ added in v1.5.0
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) ProtoMessage()
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) Reset ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) Reset()
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) String ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) String() string
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_DiscardUnknown()
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Marshal ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Merge ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Size ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Size() int
func (*ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Unmarshal ¶ added in v1.5.0
func (m *ExtAuthConfig_OidcAuthorizationCodeConfig) XXX_Unmarshal(b []byte) error
type ExtAuthConfig_OpaAuthConfig ¶
type ExtAuthConfig_OpaAuthConfig struct { // An optional modules (filename, module content) maps containing modules assist in the resolution of `query`. Modules map[string]string `` /* 155-byte string literal not displayed */ // The query that determines the auth decision. The result of this query must be either a boolean // or an array with boolean as the first element. A boolean `true` value means that the request // will be authorized. Any other value, or error, means that the request will be denied. Query string `protobuf:"bytes,2,opt,name=query,proto3" json:"query,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*ExtAuthConfig_OpaAuthConfig) Descriptor ¶
func (*ExtAuthConfig_OpaAuthConfig) Descriptor() ([]byte, []int)
func (*ExtAuthConfig_OpaAuthConfig) Equal ¶
func (this *ExtAuthConfig_OpaAuthConfig) Equal(that interface{}) bool
func (*ExtAuthConfig_OpaAuthConfig) GetModules ¶
func (m *ExtAuthConfig_OpaAuthConfig) GetModules() map[string]string
func (*ExtAuthConfig_OpaAuthConfig) GetQuery ¶
func (m *ExtAuthConfig_OpaAuthConfig) GetQuery() string
func (*ExtAuthConfig_OpaAuthConfig) Hash ¶ added in v1.2.13
func (m *ExtAuthConfig_OpaAuthConfig) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthConfig_OpaAuthConfig) ProtoMessage ¶
func (*ExtAuthConfig_OpaAuthConfig) ProtoMessage()
func (*ExtAuthConfig_OpaAuthConfig) Reset ¶
func (m *ExtAuthConfig_OpaAuthConfig) Reset()
func (*ExtAuthConfig_OpaAuthConfig) String ¶
func (m *ExtAuthConfig_OpaAuthConfig) String() string
func (*ExtAuthConfig_OpaAuthConfig) XXX_DiscardUnknown ¶
func (m *ExtAuthConfig_OpaAuthConfig) XXX_DiscardUnknown()
func (*ExtAuthConfig_OpaAuthConfig) XXX_Marshal ¶
func (m *ExtAuthConfig_OpaAuthConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthConfig_OpaAuthConfig) XXX_Merge ¶
func (m *ExtAuthConfig_OpaAuthConfig) XXX_Merge(src proto.Message)
func (*ExtAuthConfig_OpaAuthConfig) XXX_Size ¶
func (m *ExtAuthConfig_OpaAuthConfig) XXX_Size() int
func (*ExtAuthConfig_OpaAuthConfig) XXX_Unmarshal ¶
func (m *ExtAuthConfig_OpaAuthConfig) XXX_Unmarshal(b []byte) error
type ExtAuthDiscoveryServiceClient ¶
type ExtAuthDiscoveryServiceClient interface { StreamExtAuthConfig(ctx context.Context, opts ...grpc.CallOption) (ExtAuthDiscoveryService_StreamExtAuthConfigClient, error) DeltaExtAuthConfig(ctx context.Context, opts ...grpc.CallOption) (ExtAuthDiscoveryService_DeltaExtAuthConfigClient, error) FetchExtAuthConfig(ctx context.Context, in *v2.DiscoveryRequest, opts ...grpc.CallOption) (*v2.DiscoveryResponse, error) }
ExtAuthDiscoveryServiceClient is the client API for ExtAuthDiscoveryService service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
func NewExtAuthDiscoveryServiceClient ¶
func NewExtAuthDiscoveryServiceClient(cc *grpc.ClientConn) ExtAuthDiscoveryServiceClient
type ExtAuthDiscoveryServiceServer ¶
type ExtAuthDiscoveryServiceServer interface { StreamExtAuthConfig(ExtAuthDiscoveryService_StreamExtAuthConfigServer) error DeltaExtAuthConfig(ExtAuthDiscoveryService_DeltaExtAuthConfigServer) error FetchExtAuthConfig(context.Context, *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error) }
ExtAuthDiscoveryServiceServer is the server API for ExtAuthDiscoveryService service.
func NewExtAuthDiscoveryServiceServer ¶
func NewExtAuthDiscoveryServiceServer(genericServer server.Server) ExtAuthDiscoveryServiceServer
type ExtAuthDiscoveryService_DeltaExtAuthConfigClient ¶
type ExtAuthDiscoveryService_DeltaExtAuthConfigClient interface { Send(*v2.DeltaDiscoveryRequest) error Recv() (*v2.DeltaDiscoveryResponse, error) grpc.ClientStream }
type ExtAuthDiscoveryService_DeltaExtAuthConfigServer ¶
type ExtAuthDiscoveryService_DeltaExtAuthConfigServer interface { Send(*v2.DeltaDiscoveryResponse) error Recv() (*v2.DeltaDiscoveryRequest, error) grpc.ServerStream }
type ExtAuthDiscoveryService_StreamExtAuthConfigClient ¶
type ExtAuthDiscoveryService_StreamExtAuthConfigClient interface { Send(*v2.DiscoveryRequest) error Recv() (*v2.DiscoveryResponse, error) grpc.ClientStream }
type ExtAuthDiscoveryService_StreamExtAuthConfigServer ¶
type ExtAuthDiscoveryService_StreamExtAuthConfigServer interface { Send(*v2.DiscoveryResponse) error Recv() (*v2.DiscoveryRequest, error) grpc.ServerStream }
type ExtAuthExtension ¶
type ExtAuthExtension struct { // Types that are valid to be assigned to Spec: // *ExtAuthExtension_Disable // *ExtAuthExtension_ConfigRef // *ExtAuthExtension_CustomAuth Spec isExtAuthExtension_Spec `protobuf_oneof:"spec"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Auth configurations defined on virtual hosts, routes, and weighted destinations will be unmarshalled to this message.
func (*ExtAuthExtension) Descriptor ¶
func (*ExtAuthExtension) Descriptor() ([]byte, []int)
func (*ExtAuthExtension) Equal ¶
func (this *ExtAuthExtension) Equal(that interface{}) bool
func (*ExtAuthExtension) GetConfigRef ¶
func (m *ExtAuthExtension) GetConfigRef() *core.ResourceRef
func (*ExtAuthExtension) GetCustomAuth ¶
func (m *ExtAuthExtension) GetCustomAuth() *CustomAuth
func (*ExtAuthExtension) GetDisable ¶
func (m *ExtAuthExtension) GetDisable() bool
func (*ExtAuthExtension) GetSpec ¶
func (m *ExtAuthExtension) GetSpec() isExtAuthExtension_Spec
func (*ExtAuthExtension) Hash ¶ added in v1.2.13
func (m *ExtAuthExtension) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*ExtAuthExtension) ProtoMessage ¶
func (*ExtAuthExtension) ProtoMessage()
func (*ExtAuthExtension) Reset ¶
func (m *ExtAuthExtension) Reset()
func (*ExtAuthExtension) String ¶
func (m *ExtAuthExtension) String() string
func (*ExtAuthExtension) XXX_DiscardUnknown ¶
func (m *ExtAuthExtension) XXX_DiscardUnknown()
func (*ExtAuthExtension) XXX_Marshal ¶
func (m *ExtAuthExtension) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*ExtAuthExtension) XXX_Merge ¶
func (m *ExtAuthExtension) XXX_Merge(src proto.Message)
func (*ExtAuthExtension) XXX_OneofWrappers ¶
func (*ExtAuthExtension) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*ExtAuthExtension) XXX_Size ¶
func (m *ExtAuthExtension) XXX_Size() int
func (*ExtAuthExtension) XXX_Unmarshal ¶
func (m *ExtAuthExtension) XXX_Unmarshal(b []byte) error
type ExtAuthExtension_ConfigRef ¶
type ExtAuthExtension_ConfigRef struct {
ConfigRef *core.ResourceRef `protobuf:"bytes,2,opt,name=config_ref,json=configRef,proto3,oneof" json:"config_ref,omitempty"`
}
func (*ExtAuthExtension_ConfigRef) Equal ¶
func (this *ExtAuthExtension_ConfigRef) Equal(that interface{}) bool
type ExtAuthExtension_CustomAuth ¶
type ExtAuthExtension_CustomAuth struct {
CustomAuth *CustomAuth `protobuf:"bytes,3,opt,name=custom_auth,json=customAuth,proto3,oneof" json:"custom_auth,omitempty"`
}
func (*ExtAuthExtension_CustomAuth) Equal ¶
func (this *ExtAuthExtension_CustomAuth) Equal(that interface{}) bool
type ExtAuthExtension_Disable ¶
type ExtAuthExtension_Disable struct {
Disable bool `protobuf:"varint,1,opt,name=disable,proto3,oneof" json:"disable,omitempty"`
}
func (*ExtAuthExtension_Disable) Equal ¶
func (this *ExtAuthExtension_Disable) Equal(that interface{}) bool
type HeaderConfiguration ¶ added in v1.5.8
type HeaderConfiguration struct { // If set, the id token will be forward upstream using this header name. IdTokenHeader string `protobuf:"bytes,1,opt,name=id_token_header,json=idTokenHeader,proto3" json:"id_token_header,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*HeaderConfiguration) Descriptor ¶ added in v1.5.8
func (*HeaderConfiguration) Descriptor() ([]byte, []int)
func (*HeaderConfiguration) Equal ¶ added in v1.5.8
func (this *HeaderConfiguration) Equal(that interface{}) bool
func (*HeaderConfiguration) GetIdTokenHeader ¶ added in v1.5.8
func (m *HeaderConfiguration) GetIdTokenHeader() string
func (*HeaderConfiguration) Hash ¶ added in v1.5.8
func (m *HeaderConfiguration) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*HeaderConfiguration) ProtoMessage ¶ added in v1.5.8
func (*HeaderConfiguration) ProtoMessage()
func (*HeaderConfiguration) Reset ¶ added in v1.5.8
func (m *HeaderConfiguration) Reset()
func (*HeaderConfiguration) String ¶ added in v1.5.8
func (m *HeaderConfiguration) String() string
func (*HeaderConfiguration) XXX_DiscardUnknown ¶ added in v1.5.8
func (m *HeaderConfiguration) XXX_DiscardUnknown()
func (*HeaderConfiguration) XXX_Marshal ¶ added in v1.5.8
func (m *HeaderConfiguration) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*HeaderConfiguration) XXX_Merge ¶ added in v1.5.8
func (m *HeaderConfiguration) XXX_Merge(src proto.Message)
func (*HeaderConfiguration) XXX_Size ¶ added in v1.5.8
func (m *HeaderConfiguration) XXX_Size() int
func (*HeaderConfiguration) XXX_Unmarshal ¶ added in v1.5.8
func (m *HeaderConfiguration) XXX_Unmarshal(b []byte) error
type HttpService ¶
type HttpService struct { // Sets a prefix to the value of authorization request header *Path*. PathPrefix string `protobuf:"bytes,1,opt,name=path_prefix,json=pathPrefix,proto3" json:"path_prefix,omitempty"` Request *HttpService_Request `protobuf:"bytes,2,opt,name=request,proto3" json:"request,omitempty"` Response *HttpService_Response `protobuf:"bytes,3,opt,name=response,proto3" json:"response,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*HttpService) Descriptor ¶
func (*HttpService) Descriptor() ([]byte, []int)
func (*HttpService) Equal ¶
func (this *HttpService) Equal(that interface{}) bool
func (*HttpService) GetPathPrefix ¶
func (m *HttpService) GetPathPrefix() string
func (*HttpService) GetRequest ¶
func (m *HttpService) GetRequest() *HttpService_Request
func (*HttpService) GetResponse ¶
func (m *HttpService) GetResponse() *HttpService_Response
func (*HttpService) Hash ¶ added in v1.2.13
func (m *HttpService) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*HttpService) ProtoMessage ¶
func (*HttpService) ProtoMessage()
func (*HttpService) Reset ¶
func (m *HttpService) Reset()
func (*HttpService) String ¶
func (m *HttpService) String() string
func (*HttpService) XXX_DiscardUnknown ¶
func (m *HttpService) XXX_DiscardUnknown()
func (*HttpService) XXX_Marshal ¶
func (m *HttpService) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*HttpService) XXX_Merge ¶
func (m *HttpService) XXX_Merge(src proto.Message)
func (*HttpService) XXX_Size ¶
func (m *HttpService) XXX_Size() int
func (*HttpService) XXX_Unmarshal ¶
func (m *HttpService) XXX_Unmarshal(b []byte) error
type HttpService_Request ¶
type HttpService_Request struct { // These headers will be copied from the incoming request to the request going // to the auth server. Note that in addition to the user's supplied matchers: // // 1. *Host*, *Method*, *Path* and *Content-Length* are automatically included to the list. // // 2. *Content-Length* will be set to 0 and the request to the authorization service will not have // a message body. AllowedHeaders []string `protobuf:"bytes,1,rep,name=allowed_headers,json=allowedHeaders,proto3" json:"allowed_headers,omitempty"` // These headers that will be included to the request to authorization service. Note that // client request of the same key will be overridden. HeadersToAdd map[string]string `` /* 187-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*HttpService_Request) Descriptor ¶
func (*HttpService_Request) Descriptor() ([]byte, []int)
func (*HttpService_Request) Equal ¶
func (this *HttpService_Request) Equal(that interface{}) bool
func (*HttpService_Request) GetAllowedHeaders ¶
func (m *HttpService_Request) GetAllowedHeaders() []string
func (*HttpService_Request) GetHeadersToAdd ¶
func (m *HttpService_Request) GetHeadersToAdd() map[string]string
func (*HttpService_Request) Hash ¶ added in v1.2.13
func (m *HttpService_Request) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*HttpService_Request) ProtoMessage ¶
func (*HttpService_Request) ProtoMessage()
func (*HttpService_Request) Reset ¶
func (m *HttpService_Request) Reset()
func (*HttpService_Request) String ¶
func (m *HttpService_Request) String() string
func (*HttpService_Request) XXX_DiscardUnknown ¶
func (m *HttpService_Request) XXX_DiscardUnknown()
func (*HttpService_Request) XXX_Marshal ¶
func (m *HttpService_Request) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*HttpService_Request) XXX_Merge ¶
func (m *HttpService_Request) XXX_Merge(src proto.Message)
func (*HttpService_Request) XXX_Size ¶
func (m *HttpService_Request) XXX_Size() int
func (*HttpService_Request) XXX_Unmarshal ¶
func (m *HttpService_Request) XXX_Unmarshal(b []byte) error
type HttpService_Response ¶
type HttpService_Response struct { // When this is set, authorization response headers that have a will be added to the original client request and sent to the upstream. // Note that coexistent headers will be overridden. AllowedUpstreamHeaders []string `` /* 129-byte string literal not displayed */ // When this. is set, authorization response headers that will be added to the client's response when auth request is denied. // Note that when this list is *not* set, all the authorization response headers, except *Authority // (Host)* will be in the response to the client. When a header is included in this list, *Path*, // *Status*, *Content-Length*, *WWW-Authenticate* and *Location* are automatically added. AllowedClientHeaders []string `protobuf:"bytes,2,rep,name=allowed_client_headers,json=allowedClientHeaders,proto3" json:"allowed_client_headers,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*HttpService_Response) Descriptor ¶
func (*HttpService_Response) Descriptor() ([]byte, []int)
func (*HttpService_Response) Equal ¶
func (this *HttpService_Response) Equal(that interface{}) bool
func (*HttpService_Response) GetAllowedClientHeaders ¶
func (m *HttpService_Response) GetAllowedClientHeaders() []string
func (*HttpService_Response) GetAllowedUpstreamHeaders ¶
func (m *HttpService_Response) GetAllowedUpstreamHeaders() []string
func (*HttpService_Response) Hash ¶ added in v1.2.13
func (m *HttpService_Response) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*HttpService_Response) ProtoMessage ¶
func (*HttpService_Response) ProtoMessage()
func (*HttpService_Response) Reset ¶
func (m *HttpService_Response) Reset()
func (*HttpService_Response) String ¶
func (m *HttpService_Response) String() string
func (*HttpService_Response) XXX_DiscardUnknown ¶
func (m *HttpService_Response) XXX_DiscardUnknown()
func (*HttpService_Response) XXX_Marshal ¶
func (m *HttpService_Response) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*HttpService_Response) XXX_Merge ¶
func (m *HttpService_Response) XXX_Merge(src proto.Message)
func (*HttpService_Response) XXX_Size ¶
func (m *HttpService_Response) XXX_Size() int
func (*HttpService_Response) XXX_Unmarshal ¶
func (m *HttpService_Response) XXX_Unmarshal(b []byte) error
type JwksOnDemandCacheRefreshPolicy ¶ added in v1.5.18
type JwksOnDemandCacheRefreshPolicy struct { // Types that are valid to be assigned to Policy: // *JwksOnDemandCacheRefreshPolicy_Never // *JwksOnDemandCacheRefreshPolicy_Always // *JwksOnDemandCacheRefreshPolicy_MaxIdpReqPerPollingInterval Policy isJwksOnDemandCacheRefreshPolicy_Policy `protobuf_oneof:"policy"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
The json web key set (JWKS) (https://tools.ietf.org/html/rfc7517) is discovered at an interval from a remote source. When keys rotate in the remote source, there may be a delay in the local source picking up those new keys. Therefore, a user could execute a request with a token that has been signed by a key in the remote JWKS, but the local cache doesn't have the key yet. The request would fail because the key isn't contained in the local set. Since most IdPs publish key keys in their remote JWKS before they are used, this is not an issue most of the time. This policy lets you define the behavior for when a user has a token with a key not yet in the local cache.
func (*JwksOnDemandCacheRefreshPolicy) Descriptor ¶ added in v1.5.18
func (*JwksOnDemandCacheRefreshPolicy) Descriptor() ([]byte, []int)
func (*JwksOnDemandCacheRefreshPolicy) Equal ¶ added in v1.5.18
func (this *JwksOnDemandCacheRefreshPolicy) Equal(that interface{}) bool
func (*JwksOnDemandCacheRefreshPolicy) GetAlways ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) GetAlways() *types.Empty
func (*JwksOnDemandCacheRefreshPolicy) GetMaxIdpReqPerPollingInterval ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) GetMaxIdpReqPerPollingInterval() uint32
func (*JwksOnDemandCacheRefreshPolicy) GetNever ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) GetNever() *types.Empty
func (*JwksOnDemandCacheRefreshPolicy) GetPolicy ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) GetPolicy() isJwksOnDemandCacheRefreshPolicy_Policy
func (*JwksOnDemandCacheRefreshPolicy) Hash ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*JwksOnDemandCacheRefreshPolicy) ProtoMessage ¶ added in v1.5.18
func (*JwksOnDemandCacheRefreshPolicy) ProtoMessage()
func (*JwksOnDemandCacheRefreshPolicy) Reset ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) Reset()
func (*JwksOnDemandCacheRefreshPolicy) String ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) String() string
func (*JwksOnDemandCacheRefreshPolicy) XXX_DiscardUnknown ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) XXX_DiscardUnknown()
func (*JwksOnDemandCacheRefreshPolicy) XXX_Marshal ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*JwksOnDemandCacheRefreshPolicy) XXX_Merge ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) XXX_Merge(src proto.Message)
func (*JwksOnDemandCacheRefreshPolicy) XXX_OneofWrappers ¶ added in v1.5.18
func (*JwksOnDemandCacheRefreshPolicy) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*JwksOnDemandCacheRefreshPolicy) XXX_Size ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) XXX_Size() int
func (*JwksOnDemandCacheRefreshPolicy) XXX_Unmarshal ¶ added in v1.5.18
func (m *JwksOnDemandCacheRefreshPolicy) XXX_Unmarshal(b []byte) error
type JwksOnDemandCacheRefreshPolicy_Always ¶ added in v1.5.18
type JwksOnDemandCacheRefreshPolicy_Always struct {
Always *types.Empty `protobuf:"bytes,2,opt,name=always,proto3,oneof" json:"always,omitempty"`
}
func (*JwksOnDemandCacheRefreshPolicy_Always) Equal ¶ added in v1.5.18
func (this *JwksOnDemandCacheRefreshPolicy_Always) Equal(that interface{}) bool
type JwksOnDemandCacheRefreshPolicy_MaxIdpReqPerPollingInterval ¶ added in v1.5.18
type JwksOnDemandCacheRefreshPolicy_MaxIdpReqPerPollingInterval struct {
MaxIdpReqPerPollingInterval uint32 `` /* 157-byte string literal not displayed */
}
func (*JwksOnDemandCacheRefreshPolicy_MaxIdpReqPerPollingInterval) Equal ¶ added in v1.5.18
func (this *JwksOnDemandCacheRefreshPolicy_MaxIdpReqPerPollingInterval) Equal(that interface{}) bool
type JwksOnDemandCacheRefreshPolicy_Never ¶ added in v1.5.18
type JwksOnDemandCacheRefreshPolicy_Never struct {
Never *types.Empty `protobuf:"bytes,1,opt,name=never,proto3,oneof" json:"never,omitempty"`
}
func (*JwksOnDemandCacheRefreshPolicy_Never) Equal ¶ added in v1.5.18
func (this *JwksOnDemandCacheRefreshPolicy_Never) Equal(that interface{}) bool
type Ldap ¶
type Ldap struct { // Address of the LDAP server to query. Should be in the form ADDRESS:PORT, e.g. `ldap.default.svc.cluster.local:389`. Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` // Template to build user entry distinguished names (DN). This must contains a single occurrence of the "%s" placeholder. // When processing a request, Gloo will substitute the name of the user (extracted from the auth header) for the // placeholder and issue a search request with the resulting DN as baseDN (and 'base' search scope). // E.g. "uid=%s,ou=people,dc=solo,dc=io" UserDnTemplate string `protobuf:"bytes,2,opt,name=userDnTemplate,proto3" json:"userDnTemplate,omitempty"` // Case-insensitive name of the attribute that contains the names of the groups an entry is member of. Gloo will look // for attributes with the given name to determine which groups the user entry belongs to. Defaults to 'memberOf' if not provided. MembershipAttributeName string `protobuf:"bytes,3,opt,name=membershipAttributeName,proto3" json:"membershipAttributeName,omitempty"` // In order for the request to be authenticated, the membership attribute (e.g. *memberOf*) on the user entry must // contain at least of one of the group DNs specified via this option. // E.g. []string{ "cn=managers,ou=groups,dc=solo,dc=io", "cn=developers,ou=groups,dc=solo,dc=io" } AllowedGroups []string `protobuf:"bytes,4,rep,name=allowedGroups,proto3" json:"allowedGroups,omitempty"` // Use this property to tune the pool of connections to the LDAP server that Gloo maintains. Pool *Ldap_ConnectionPool `protobuf:"bytes,5,opt,name=pool,proto3" json:"pool,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Authenticates and authorizes requests by querying an LDAP server. Gloo makes the following assumptions:
- Requests provide credentials via the basic HTTP authentication header. Gloo will BIND to the LDAP server using the credentials extracted from the header.
- Your LDAP server is configured so that each entry you want to authorize has an attribute that indicates its group memberships. A common way of achieving this is by using the [*memberof* overlay](http://www.openldap.org/software/man.cgi?query=slapo-memberof).
func (*Ldap) Descriptor ¶
func (*Ldap) GetAddress ¶
func (*Ldap) GetAllowedGroups ¶
func (*Ldap) GetMembershipAttributeName ¶
func (*Ldap) GetPool ¶
func (m *Ldap) GetPool() *Ldap_ConnectionPool
func (*Ldap) GetUserDnTemplate ¶
func (*Ldap) ProtoMessage ¶
func (*Ldap) ProtoMessage()
func (*Ldap) XXX_DiscardUnknown ¶
func (m *Ldap) XXX_DiscardUnknown()
func (*Ldap) XXX_Unmarshal ¶
type Ldap_ConnectionPool ¶
type Ldap_ConnectionPool struct { // Maximum number connections that are pooled at any give time. The default value is 5. MaxSize *types.UInt32Value `protobuf:"bytes,1,opt,name=maxSize,proto3" json:"maxSize,omitempty"` // Number of connections that the pool will be pre-populated with upon initialization. The default value is 2. InitialSize *types.UInt32Value `protobuf:"bytes,2,opt,name=initialSize,proto3" json:"initialSize,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Configuration properties for pooling connections to the LDAP server. If the pool is exhausted when a connection is requested (meaning that all the polled connections are in use), the connection will be created on the fly.
func (*Ldap_ConnectionPool) Descriptor ¶
func (*Ldap_ConnectionPool) Descriptor() ([]byte, []int)
func (*Ldap_ConnectionPool) Equal ¶
func (this *Ldap_ConnectionPool) Equal(that interface{}) bool
func (*Ldap_ConnectionPool) GetInitialSize ¶
func (m *Ldap_ConnectionPool) GetInitialSize() *types.UInt32Value
func (*Ldap_ConnectionPool) GetMaxSize ¶
func (m *Ldap_ConnectionPool) GetMaxSize() *types.UInt32Value
func (*Ldap_ConnectionPool) Hash ¶ added in v1.2.13
func (m *Ldap_ConnectionPool) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*Ldap_ConnectionPool) ProtoMessage ¶
func (*Ldap_ConnectionPool) ProtoMessage()
func (*Ldap_ConnectionPool) Reset ¶
func (m *Ldap_ConnectionPool) Reset()
func (*Ldap_ConnectionPool) String ¶
func (m *Ldap_ConnectionPool) String() string
func (*Ldap_ConnectionPool) XXX_DiscardUnknown ¶
func (m *Ldap_ConnectionPool) XXX_DiscardUnknown()
func (*Ldap_ConnectionPool) XXX_Marshal ¶
func (m *Ldap_ConnectionPool) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*Ldap_ConnectionPool) XXX_Merge ¶
func (m *Ldap_ConnectionPool) XXX_Merge(src proto.Message)
func (*Ldap_ConnectionPool) XXX_Size ¶
func (m *Ldap_ConnectionPool) XXX_Size() int
func (*Ldap_ConnectionPool) XXX_Unmarshal ¶
func (m *Ldap_ConnectionPool) XXX_Unmarshal(b []byte) error
type OAuth
deprecated
type OAuth struct { // your client id as registered with the issuer ClientId string `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"` // Deprecated: Do not use. // your client secret as registered with the issuer ClientSecretRef *core.ResourceRef `protobuf:"bytes,2,opt,name=client_secret_ref,json=clientSecretRef,proto3" json:"client_secret_ref,omitempty"` // Deprecated: Do not use. // The url of the issuer. We will look for OIDC information in issuerUrl+ // ".well-known/openid-configuration" IssuerUrl string `protobuf:"bytes,3,opt,name=issuer_url,json=issuerUrl,proto3" json:"issuer_url,omitempty"` // Deprecated: Do not use. // extra query parameters to apply to the Ext-Auth service's authorization request to the identity provider. AuthEndpointQueryParams map[string]string `` // Deprecated: Do not use. /* 222-byte string literal not displayed */ // we to redirect after successful auth, if we can't determine the original // url this should be your publicly available app url. AppUrl string `protobuf:"bytes,4,opt,name=app_url,json=appUrl,proto3" json:"app_url,omitempty"` // Deprecated: Do not use. // a callback path relative to app url that will be used for OIDC callbacks. // needs to not be used by the application CallbackPath string `protobuf:"bytes,5,opt,name=callback_path,json=callbackPath,proto3" json:"callback_path,omitempty"` // Deprecated: Do not use. // Scopes to request in addition to openid scope. Scopes []string `protobuf:"bytes,6,rep,name=scopes,proto3" json:"scopes,omitempty"` // Deprecated: Do not use. XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Deprecated: Prefer OAuth2
func (*OAuth) Descriptor ¶
func (*OAuth) GetAuthEndpointQueryParams
deprecated
added in
v1.3.0
func (*OAuth) GetCallbackPath
deprecated
func (*OAuth) GetClientId
deprecated
func (*OAuth) GetClientSecretRef
deprecated
func (m *OAuth) GetClientSecretRef() *core.ResourceRef
Deprecated: Do not use.
func (*OAuth) GetIssuerUrl
deprecated
func (*OAuth) ProtoMessage ¶
func (*OAuth) ProtoMessage()
func (*OAuth) XXX_DiscardUnknown ¶
func (m *OAuth) XXX_DiscardUnknown()
func (*OAuth) XXX_Marshal ¶
func (*OAuth) XXX_Unmarshal ¶
type OAuth2 ¶ added in v1.5.0
type OAuth2 struct { // Types that are valid to be assigned to OauthType: // *OAuth2_OidcAuthorizationCode // *OAuth2_AccessTokenValidation OauthType isOAuth2_OauthType `protobuf_oneof:"oauth_type"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*OAuth2) Descriptor ¶ added in v1.5.0
func (*OAuth2) GetAccessTokenValidation ¶ added in v1.5.0
func (m *OAuth2) GetAccessTokenValidation() *AccessTokenValidation
func (*OAuth2) GetOauthType ¶ added in v1.5.0
func (m *OAuth2) GetOauthType() isOAuth2_OauthType
func (*OAuth2) GetOidcAuthorizationCode ¶ added in v1.5.0
func (m *OAuth2) GetOidcAuthorizationCode() *OidcAuthorizationCode
func (*OAuth2) ProtoMessage ¶ added in v1.5.0
func (*OAuth2) ProtoMessage()
func (*OAuth2) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *OAuth2) XXX_DiscardUnknown()
func (*OAuth2) XXX_Marshal ¶ added in v1.5.0
func (*OAuth2) XXX_OneofWrappers ¶ added in v1.5.0
func (*OAuth2) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*OAuth2) XXX_Unmarshal ¶ added in v1.5.0
type OAuth2_AccessTokenValidation ¶ added in v1.5.0
type OAuth2_AccessTokenValidation struct {
AccessTokenValidation *AccessTokenValidation `` /* 132-byte string literal not displayed */
}
func (*OAuth2_AccessTokenValidation) Equal ¶ added in v1.5.0
func (this *OAuth2_AccessTokenValidation) Equal(that interface{}) bool
type OAuth2_OidcAuthorizationCode ¶ added in v1.5.0
type OAuth2_OidcAuthorizationCode struct {
OidcAuthorizationCode *OidcAuthorizationCode `` /* 132-byte string literal not displayed */
}
func (*OAuth2_OidcAuthorizationCode) Equal ¶ added in v1.5.0
func (this *OAuth2_OidcAuthorizationCode) Equal(that interface{}) bool
type OauthSecret ¶
type OauthSecret struct { ClientSecret string `protobuf:"bytes,1,opt,name=client_secret,json=clientSecret,proto3" json:"client_secret,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*OauthSecret) Descriptor ¶
func (*OauthSecret) Descriptor() ([]byte, []int)
func (*OauthSecret) Equal ¶
func (this *OauthSecret) Equal(that interface{}) bool
func (*OauthSecret) GetClientSecret ¶
func (m *OauthSecret) GetClientSecret() string
func (*OauthSecret) Hash ¶ added in v1.2.13
func (m *OauthSecret) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*OauthSecret) ProtoMessage ¶
func (*OauthSecret) ProtoMessage()
func (*OauthSecret) Reset ¶
func (m *OauthSecret) Reset()
func (*OauthSecret) String ¶
func (m *OauthSecret) String() string
func (*OauthSecret) XXX_DiscardUnknown ¶
func (m *OauthSecret) XXX_DiscardUnknown()
func (*OauthSecret) XXX_Marshal ¶
func (m *OauthSecret) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*OauthSecret) XXX_Merge ¶
func (m *OauthSecret) XXX_Merge(src proto.Message)
func (*OauthSecret) XXX_Size ¶
func (m *OauthSecret) XXX_Size() int
func (*OauthSecret) XXX_Unmarshal ¶
func (m *OauthSecret) XXX_Unmarshal(b []byte) error
type OidcAuthorizationCode ¶ added in v1.5.0
type OidcAuthorizationCode struct { // your client id as registered with the issuer ClientId string `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"` // your client secret as registered with the issuer ClientSecretRef *core.ResourceRef `protobuf:"bytes,2,opt,name=client_secret_ref,json=clientSecretRef,proto3" json:"client_secret_ref,omitempty"` // The url of the issuer. We will look for OIDC information in issuerUrl+ // ".well-known/openid-configuration" IssuerUrl string `protobuf:"bytes,3,opt,name=issuer_url,json=issuerUrl,proto3" json:"issuer_url,omitempty"` // extra query parameters to apply to the Ext-Auth service's authorization request to the identity provider. AuthEndpointQueryParams map[string]string `` /* 222-byte string literal not displayed */ // we to redirect after successful auth, if we can't determine the original // url this should be your publicly available app url. AppUrl string `protobuf:"bytes,5,opt,name=app_url,json=appUrl,proto3" json:"app_url,omitempty"` // a callback path relative to app url that will be used for OIDC callbacks. // should not be used by the application. CallbackPath string `protobuf:"bytes,6,opt,name=callback_path,json=callbackPath,proto3" json:"callback_path,omitempty"` // a path relative to app url that will be used for logging out from an OIDC session. // should not be used by the application. // If not provided, logout functionality will be disabled. LogoutPath string `protobuf:"bytes,9,opt,name=logout_path,json=logoutPath,proto3" json:"logout_path,omitempty"` // Scopes to request in addition to openid scope. Scopes []string `protobuf:"bytes,7,rep,name=scopes,proto3" json:"scopes,omitempty"` // Configuration related to the user session. Session *UserSession `protobuf:"bytes,8,opt,name=session,proto3" json:"session,omitempty"` // Configures headers added to requests. Headers *HeaderConfiguration `protobuf:"bytes,10,opt,name=headers,proto3" json:"headers,omitempty"` // The interval at which OIDC configuration is discovered at <issuerUrl>/.well-known/openid-configuration // If not specified, the default value is 30 minutes. DiscoveryPollInterval *types.Duration `` /* 127-byte string literal not displayed */ // If a user executes a request with a key that is not found in the JWKS, it could be // that the keys have rotated on the remote source, and not yet in the local cache. // This policy lets you define the behavior for how to refresh the local cache during a request // where an invalid key is provided JwksCacheRefreshPolicy *JwksOnDemandCacheRefreshPolicy `` /* 132-byte string literal not displayed */ XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*OidcAuthorizationCode) Descriptor ¶ added in v1.5.0
func (*OidcAuthorizationCode) Descriptor() ([]byte, []int)
func (*OidcAuthorizationCode) Equal ¶ added in v1.5.0
func (this *OidcAuthorizationCode) Equal(that interface{}) bool
func (*OidcAuthorizationCode) GetAppUrl ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetAppUrl() string
func (*OidcAuthorizationCode) GetAuthEndpointQueryParams ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetAuthEndpointQueryParams() map[string]string
func (*OidcAuthorizationCode) GetCallbackPath ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetCallbackPath() string
func (*OidcAuthorizationCode) GetClientId ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetClientId() string
func (*OidcAuthorizationCode) GetClientSecretRef ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetClientSecretRef() *core.ResourceRef
func (*OidcAuthorizationCode) GetDiscoveryPollInterval ¶ added in v1.5.17
func (m *OidcAuthorizationCode) GetDiscoveryPollInterval() *types.Duration
func (*OidcAuthorizationCode) GetHeaders ¶ added in v1.5.8
func (m *OidcAuthorizationCode) GetHeaders() *HeaderConfiguration
func (*OidcAuthorizationCode) GetIssuerUrl ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetIssuerUrl() string
func (*OidcAuthorizationCode) GetJwksCacheRefreshPolicy ¶ added in v1.5.18
func (m *OidcAuthorizationCode) GetJwksCacheRefreshPolicy() *JwksOnDemandCacheRefreshPolicy
func (*OidcAuthorizationCode) GetLogoutPath ¶ added in v1.5.8
func (m *OidcAuthorizationCode) GetLogoutPath() string
func (*OidcAuthorizationCode) GetScopes ¶ added in v1.5.0
func (m *OidcAuthorizationCode) GetScopes() []string
func (*OidcAuthorizationCode) GetSession ¶ added in v1.5.8
func (m *OidcAuthorizationCode) GetSession() *UserSession
func (*OidcAuthorizationCode) Hash ¶ added in v1.5.0
func (m *OidcAuthorizationCode) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*OidcAuthorizationCode) ProtoMessage ¶ added in v1.5.0
func (*OidcAuthorizationCode) ProtoMessage()
func (*OidcAuthorizationCode) Reset ¶ added in v1.5.0
func (m *OidcAuthorizationCode) Reset()
func (*OidcAuthorizationCode) String ¶ added in v1.5.0
func (m *OidcAuthorizationCode) String() string
func (*OidcAuthorizationCode) XXX_DiscardUnknown ¶ added in v1.5.0
func (m *OidcAuthorizationCode) XXX_DiscardUnknown()
func (*OidcAuthorizationCode) XXX_Marshal ¶ added in v1.5.0
func (m *OidcAuthorizationCode) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*OidcAuthorizationCode) XXX_Merge ¶ added in v1.5.0
func (m *OidcAuthorizationCode) XXX_Merge(src proto.Message)
func (*OidcAuthorizationCode) XXX_Size ¶ added in v1.5.0
func (m *OidcAuthorizationCode) XXX_Size() int
func (*OidcAuthorizationCode) XXX_Unmarshal ¶ added in v1.5.0
func (m *OidcAuthorizationCode) XXX_Unmarshal(b []byte) error
type OpaAuth ¶
type OpaAuth struct { // An optional resource reference to config maps containing modules to assist in the resolution of `query`. Modules []*core.ResourceRef `protobuf:"bytes,1,rep,name=modules,proto3" json:"modules,omitempty"` // The query that determines the auth decision. The result of this query must be either a boolean // or an array with boolean as the first element. A boolean `true` value means that the request // will be authorized. Any other value, or error, means that the request will be denied. Query string `protobuf:"bytes,2,opt,name=query,proto3" json:"query,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*OpaAuth) Descriptor ¶
func (*OpaAuth) GetModules ¶
func (m *OpaAuth) GetModules() []*core.ResourceRef
func (*OpaAuth) ProtoMessage ¶
func (*OpaAuth) ProtoMessage()
func (*OpaAuth) XXX_DiscardUnknown ¶
func (m *OpaAuth) XXX_DiscardUnknown()
func (*OpaAuth) XXX_Marshal ¶
func (*OpaAuth) XXX_Unmarshal ¶
type RedisOptions ¶ added in v1.5.8
type RedisOptions struct { // address of the redis. can be address:port or unix://path/to/unix.sock Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` // db to use. can leave unset for db 0. Db int32 `protobuf:"varint,2,opt,name=db,proto3" json:"db,omitempty"` // size of the connection pool. can leave unset for default. // defaults to 10 connections per every CPU PoolSize int32 `protobuf:"varint,3,opt,name=pool_size,json=poolSize,proto3" json:"pool_size,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*RedisOptions) Descriptor ¶ added in v1.5.8
func (*RedisOptions) Descriptor() ([]byte, []int)
func (*RedisOptions) Equal ¶ added in v1.5.8
func (this *RedisOptions) Equal(that interface{}) bool
func (*RedisOptions) GetDb ¶ added in v1.5.8
func (m *RedisOptions) GetDb() int32
func (*RedisOptions) GetHost ¶ added in v1.5.8
func (m *RedisOptions) GetHost() string
func (*RedisOptions) GetPoolSize ¶ added in v1.5.8
func (m *RedisOptions) GetPoolSize() int32
func (*RedisOptions) Hash ¶ added in v1.5.8
func (m *RedisOptions) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*RedisOptions) ProtoMessage ¶ added in v1.5.8
func (*RedisOptions) ProtoMessage()
func (*RedisOptions) Reset ¶ added in v1.5.8
func (m *RedisOptions) Reset()
func (*RedisOptions) String ¶ added in v1.5.8
func (m *RedisOptions) String() string
func (*RedisOptions) XXX_DiscardUnknown ¶ added in v1.5.8
func (m *RedisOptions) XXX_DiscardUnknown()
func (*RedisOptions) XXX_Marshal ¶ added in v1.5.8
func (m *RedisOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*RedisOptions) XXX_Merge ¶ added in v1.5.8
func (m *RedisOptions) XXX_Merge(src proto.Message)
func (*RedisOptions) XXX_Size ¶ added in v1.5.8
func (m *RedisOptions) XXX_Size() int
func (*RedisOptions) XXX_Unmarshal ¶ added in v1.5.8
func (m *RedisOptions) XXX_Unmarshal(b []byte) error
type Settings ¶
type Settings struct { // The upstream to ask about auth decisions ExtauthzServerRef *core.ResourceRef `protobuf:"bytes,1,opt,name=extauthz_server_ref,json=extauthzServerRef,proto3" json:"extauthz_server_ref,omitempty"` // If this is set, communication to the upstream will be via HTTP and not GRPC. HttpService *HttpService `protobuf:"bytes,2,opt,name=http_service,json=httpService,proto3" json:"http_service,omitempty"` // If the auth server trusted id of the user, it will be set in this header. // Specifically this means that this header will be sanitized form the incoming request. UserIdHeader string `protobuf:"bytes,3,opt,name=user_id_header,json=userIdHeader,proto3" json:"user_id_header,omitempty"` // Timeout for the ext auth service to respond. Defaults to 200ms RequestTimeout *time.Duration `protobuf:"bytes,4,opt,name=request_timeout,json=requestTimeout,proto3,stdduration" json:"request_timeout,omitempty"` // In case of a failure or timeout querying the auth server, normally a request is denied. // if this is set to true, the request will be allowed. FailureModeAllow bool `protobuf:"varint,5,opt,name=failure_mode_allow,json=failureModeAllow,proto3" json:"failure_mode_allow,omitempty"` // Set this if you also want to send the body of the request, and not just the headers. RequestBody *BufferSettings `protobuf:"bytes,6,opt,name=request_body,json=requestBody,proto3" json:"request_body,omitempty"` // Clears route cache in order to allow the external authorization service to correctly affect // routing decisions. Filter clears all cached routes when: // // 1. The field is set to *true*. // // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0. // // 3. At least one *authorization response header* is added to the client request, or is used for // altering another client request header. // ClearRouteCache bool `protobuf:"varint,7,opt,name=clear_route_cache,json=clearRouteCache,proto3" json:"clear_route_cache,omitempty"` // Sets the HTTP status that is returned to the client when there is a network error between the // filter and the authorization server. The default status is HTTP 403 Forbidden. // If set, this must be one of the following: // - 100 // - 200 201 202 203 204 205 206 207 208 226 // - 300 301 302 303 304 305 307 308 // - 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 421 422 423 424 426 428 429 431 // - 500 501 502 503 504 505 506 507 508 510 511 StatusOnError uint32 `protobuf:"varint,8,opt,name=status_on_error,json=statusOnError,proto3" json:"status_on_error,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
Global external auth settings
func (*Settings) Descriptor ¶
func (*Settings) GetClearRouteCache ¶
func (*Settings) GetExtauthzServerRef ¶
func (m *Settings) GetExtauthzServerRef() *core.ResourceRef
func (*Settings) GetFailureModeAllow ¶
func (*Settings) GetHttpService ¶
func (m *Settings) GetHttpService() *HttpService
func (*Settings) GetRequestBody ¶
func (m *Settings) GetRequestBody() *BufferSettings
func (*Settings) GetRequestTimeout ¶
func (*Settings) GetStatusOnError ¶
func (*Settings) GetUserIdHeader ¶
func (*Settings) ProtoMessage ¶
func (*Settings) ProtoMessage()
func (*Settings) XXX_DiscardUnknown ¶
func (m *Settings) XXX_DiscardUnknown()
func (*Settings) XXX_Marshal ¶
func (*Settings) XXX_Unmarshal ¶
type TransitionAuthConfigFunc ¶
type TransitionAuthConfigFunc func(original, desired *AuthConfig) (bool, error)
Option to copy anything from the original to the desired before writing. Return value of false means don't update
type UnimplementedExtAuthDiscoveryServiceServer ¶
type UnimplementedExtAuthDiscoveryServiceServer struct { }
UnimplementedExtAuthDiscoveryServiceServer can be embedded to have forward compatible implementations.
func (*UnimplementedExtAuthDiscoveryServiceServer) DeltaExtAuthConfig ¶
func (*UnimplementedExtAuthDiscoveryServiceServer) DeltaExtAuthConfig(srv ExtAuthDiscoveryService_DeltaExtAuthConfigServer) error
func (*UnimplementedExtAuthDiscoveryServiceServer) FetchExtAuthConfig ¶
func (*UnimplementedExtAuthDiscoveryServiceServer) FetchExtAuthConfig(ctx context.Context, req *v2.DiscoveryRequest) (*v2.DiscoveryResponse, error)
func (*UnimplementedExtAuthDiscoveryServiceServer) StreamExtAuthConfig ¶
func (*UnimplementedExtAuthDiscoveryServiceServer) StreamExtAuthConfig(srv ExtAuthDiscoveryService_StreamExtAuthConfigServer) error
type UserSession ¶ added in v1.5.8
type UserSession struct { // should we fail auth flow when failing to get a session from redis, or allow it to continue, // potentially starting a new auth flow and setting a new session. FailOnFetchFailure bool `protobuf:"varint,1,opt,name=fail_on_fetch_failure,json=failOnFetchFailure,proto3" json:"fail_on_fetch_failure,omitempty"` // Set-Cookie options CookieOptions *UserSession_CookieOptions `protobuf:"bytes,2,opt,name=cookie_options,json=cookieOptions,proto3" json:"cookie_options,omitempty"` // Types that are valid to be assigned to Session: // *UserSession_Cookie // *UserSession_Redis Session isUserSession_Session `protobuf_oneof:"session"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*UserSession) Descriptor ¶ added in v1.5.8
func (*UserSession) Descriptor() ([]byte, []int)
func (*UserSession) Equal ¶ added in v1.5.8
func (this *UserSession) Equal(that interface{}) bool
func (*UserSession) GetCookie ¶ added in v1.5.8
func (m *UserSession) GetCookie() *UserSession_InternalSession
func (*UserSession) GetCookieOptions ¶ added in v1.5.8
func (m *UserSession) GetCookieOptions() *UserSession_CookieOptions
func (*UserSession) GetFailOnFetchFailure ¶ added in v1.5.8
func (m *UserSession) GetFailOnFetchFailure() bool
func (*UserSession) GetRedis ¶ added in v1.5.8
func (m *UserSession) GetRedis() *UserSession_RedisSession
func (*UserSession) GetSession ¶ added in v1.5.8
func (m *UserSession) GetSession() isUserSession_Session
func (*UserSession) Hash ¶ added in v1.5.8
func (m *UserSession) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*UserSession) ProtoMessage ¶ added in v1.5.8
func (*UserSession) ProtoMessage()
func (*UserSession) Reset ¶ added in v1.5.8
func (m *UserSession) Reset()
func (*UserSession) String ¶ added in v1.5.8
func (m *UserSession) String() string
func (*UserSession) XXX_DiscardUnknown ¶ added in v1.5.8
func (m *UserSession) XXX_DiscardUnknown()
func (*UserSession) XXX_Marshal ¶ added in v1.5.8
func (m *UserSession) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*UserSession) XXX_Merge ¶ added in v1.5.8
func (m *UserSession) XXX_Merge(src proto.Message)
func (*UserSession) XXX_OneofWrappers ¶ added in v1.5.8
func (*UserSession) XXX_OneofWrappers() []interface{}
XXX_OneofWrappers is for the internal use of the proto package.
func (*UserSession) XXX_Size ¶ added in v1.5.8
func (m *UserSession) XXX_Size() int
func (*UserSession) XXX_Unmarshal ¶ added in v1.5.8
func (m *UserSession) XXX_Unmarshal(b []byte) error
type UserSession_Cookie ¶ added in v1.5.8
type UserSession_Cookie struct {
Cookie *UserSession_InternalSession `protobuf:"bytes,3,opt,name=cookie,proto3,oneof" json:"cookie,omitempty"`
}
func (*UserSession_Cookie) Equal ¶ added in v1.5.8
func (this *UserSession_Cookie) Equal(that interface{}) bool
type UserSession_CookieOptions ¶ added in v1.5.8
type UserSession_CookieOptions struct { // Max age for the cookie. Leave unset for a default of 30 days (2592000 seconds). // To disable cookie expiry, set explicitly to 0. MaxAge *types.UInt32Value `protobuf:"bytes,1,opt,name=max_age,json=maxAge,proto3" json:"max_age,omitempty"` // Use a non-secure cookie. Note - this should only be used for testing and in trusted // environments. NotSecure bool `protobuf:"varint,2,opt,name=not_secure,json=notSecure,proto3" json:"not_secure,omitempty"` // Path of the cookie. If unset, defaults to "/". Set it explicitly to "" to avoid setting a // path. Path *types.StringValue `protobuf:"bytes,3,opt,name=path,proto3" json:"path,omitempty"` // Cookie domain Domain string `protobuf:"bytes,4,opt,name=domain,proto3" json:"domain,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*UserSession_CookieOptions) Descriptor ¶ added in v1.5.8
func (*UserSession_CookieOptions) Descriptor() ([]byte, []int)
func (*UserSession_CookieOptions) Equal ¶ added in v1.5.8
func (this *UserSession_CookieOptions) Equal(that interface{}) bool
func (*UserSession_CookieOptions) GetDomain ¶ added in v1.5.8
func (m *UserSession_CookieOptions) GetDomain() string
func (*UserSession_CookieOptions) GetMaxAge ¶ added in v1.5.8
func (m *UserSession_CookieOptions) GetMaxAge() *types.UInt32Value
func (*UserSession_CookieOptions) GetNotSecure ¶ added in v1.5.8
func (m *UserSession_CookieOptions) GetNotSecure() bool
func (*UserSession_CookieOptions) GetPath ¶ added in v1.5.8
func (m *UserSession_CookieOptions) GetPath() *types.StringValue
func (*UserSession_CookieOptions) Hash ¶ added in v1.5.8
func (m *UserSession_CookieOptions) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*UserSession_CookieOptions) ProtoMessage ¶ added in v1.5.8
func (*UserSession_CookieOptions) ProtoMessage()
func (*UserSession_CookieOptions) Reset ¶ added in v1.5.8
func (m *UserSession_CookieOptions) Reset()
func (*UserSession_CookieOptions) String ¶ added in v1.5.8
func (m *UserSession_CookieOptions) String() string
func (*UserSession_CookieOptions) XXX_DiscardUnknown ¶ added in v1.5.8
func (m *UserSession_CookieOptions) XXX_DiscardUnknown()
func (*UserSession_CookieOptions) XXX_Marshal ¶ added in v1.5.8
func (m *UserSession_CookieOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*UserSession_CookieOptions) XXX_Merge ¶ added in v1.5.8
func (m *UserSession_CookieOptions) XXX_Merge(src proto.Message)
func (*UserSession_CookieOptions) XXX_Size ¶ added in v1.5.8
func (m *UserSession_CookieOptions) XXX_Size() int
func (*UserSession_CookieOptions) XXX_Unmarshal ¶ added in v1.5.8
func (m *UserSession_CookieOptions) XXX_Unmarshal(b []byte) error
type UserSession_InternalSession ¶ added in v1.5.8
type UserSession_InternalSession struct { XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*UserSession_InternalSession) Descriptor ¶ added in v1.5.8
func (*UserSession_InternalSession) Descriptor() ([]byte, []int)
func (*UserSession_InternalSession) Equal ¶ added in v1.5.8
func (this *UserSession_InternalSession) Equal(that interface{}) bool
func (*UserSession_InternalSession) Hash ¶ added in v1.5.8
func (m *UserSession_InternalSession) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*UserSession_InternalSession) ProtoMessage ¶ added in v1.5.8
func (*UserSession_InternalSession) ProtoMessage()
func (*UserSession_InternalSession) Reset ¶ added in v1.5.8
func (m *UserSession_InternalSession) Reset()
func (*UserSession_InternalSession) String ¶ added in v1.5.8
func (m *UserSession_InternalSession) String() string
func (*UserSession_InternalSession) XXX_DiscardUnknown ¶ added in v1.5.8
func (m *UserSession_InternalSession) XXX_DiscardUnknown()
func (*UserSession_InternalSession) XXX_Marshal ¶ added in v1.5.8
func (m *UserSession_InternalSession) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*UserSession_InternalSession) XXX_Merge ¶ added in v1.5.8
func (m *UserSession_InternalSession) XXX_Merge(src proto.Message)
func (*UserSession_InternalSession) XXX_Size ¶ added in v1.5.8
func (m *UserSession_InternalSession) XXX_Size() int
func (*UserSession_InternalSession) XXX_Unmarshal ¶ added in v1.5.8
func (m *UserSession_InternalSession) XXX_Unmarshal(b []byte) error
type UserSession_Redis ¶ added in v1.5.8
type UserSession_Redis struct {
Redis *UserSession_RedisSession `protobuf:"bytes,4,opt,name=redis,proto3,oneof" json:"redis,omitempty"`
}
func (*UserSession_Redis) Equal ¶ added in v1.5.8
func (this *UserSession_Redis) Equal(that interface{}) bool
type UserSession_RedisSession ¶ added in v1.5.8
type UserSession_RedisSession struct { // Options to connect to redis Options *RedisOptions `protobuf:"bytes,1,opt,name=options,proto3" json:"options,omitempty"` // Key prefix inside redis KeyPrefix string `protobuf:"bytes,2,opt,name=key_prefix,json=keyPrefix,proto3" json:"key_prefix,omitempty"` // Cookie name to set and store the session id. If empty the default "__session" is used. CookieName string `protobuf:"bytes,3,opt,name=cookie_name,json=cookieName,proto3" json:"cookie_name,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` }
func (*UserSession_RedisSession) Descriptor ¶ added in v1.5.8
func (*UserSession_RedisSession) Descriptor() ([]byte, []int)
func (*UserSession_RedisSession) Equal ¶ added in v1.5.8
func (this *UserSession_RedisSession) Equal(that interface{}) bool
func (*UserSession_RedisSession) GetCookieName ¶ added in v1.5.8
func (m *UserSession_RedisSession) GetCookieName() string
func (*UserSession_RedisSession) GetKeyPrefix ¶ added in v1.5.8
func (m *UserSession_RedisSession) GetKeyPrefix() string
func (*UserSession_RedisSession) GetOptions ¶ added in v1.5.8
func (m *UserSession_RedisSession) GetOptions() *RedisOptions
func (*UserSession_RedisSession) Hash ¶ added in v1.5.8
func (m *UserSession_RedisSession) Hash(hasher hash.Hash64) (uint64, error)
Hash function
func (*UserSession_RedisSession) ProtoMessage ¶ added in v1.5.8
func (*UserSession_RedisSession) ProtoMessage()
func (*UserSession_RedisSession) Reset ¶ added in v1.5.8
func (m *UserSession_RedisSession) Reset()
func (*UserSession_RedisSession) String ¶ added in v1.5.8
func (m *UserSession_RedisSession) String() string
func (*UserSession_RedisSession) XXX_DiscardUnknown ¶ added in v1.5.8
func (m *UserSession_RedisSession) XXX_DiscardUnknown()
func (*UserSession_RedisSession) XXX_Marshal ¶ added in v1.5.8
func (m *UserSession_RedisSession) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)
func (*UserSession_RedisSession) XXX_Merge ¶ added in v1.5.8
func (m *UserSession_RedisSession) XXX_Merge(src proto.Message)
func (*UserSession_RedisSession) XXX_Size ¶ added in v1.5.8
func (m *UserSession_RedisSession) XXX_Size() int
func (*UserSession_RedisSession) XXX_Unmarshal ¶ added in v1.5.8
func (m *UserSession_RedisSession) XXX_Unmarshal(b []byte) error
Source Files ¶
- auth_config.sk.go
- auth_config_client.sk.go
- auth_config_reconciler.sk.go
- enterprise_event_loop.sk.go
- enterprise_simple_event_loop.sk.go
- enterprise_snapshot.sk.go
- enterprise_snapshot_emitter.sk.go
- enterprise_snapshot_simple_emitter.sk.go
- ext_auth_discovery_service_xds.sk.sk.go
- extauth.pb.go
- extauth.pb.hash.go
Directories ¶
Path | Synopsis |
---|---|
kube
|
|
apis/enterprise.gloo.solo.io/v1
Package v1 is the v1 version of the API.
|
Package v1 is the v1 version of the API. |
client/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
client/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
client/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
client/clientset/versioned/typed/enterprise.gloo.solo.io/v1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
client/clientset/versioned/typed/enterprise.gloo.solo.io/v1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |