Chiebot-Mirror
/
data-plane-api
mirror of https://github.com/envoyproxy/data-plane-api.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity
[READ ONLY MIRROR] Envoy REST/proto API definitions and documentation. (grpc依赖)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
547 Commits
2 Branches
0 Tags
17 MiB
Tag: Branch: Tree: a551842313
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a551842313'
${ noResults }
data-plane-api/envoy/service/auth/v2alpha/external_auth.proto

45 lines
1.3 KiB
Raw Normal View History Unescape

External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
syntax = "proto3";
// [#proto-status: draft]
authz_filter: configuration to support Ambassador authorization flow (#563) This PR includes the necessary modifications in support of envoyproxy/envoy#2828. Added additional configuration to ext_authz.proto so that the filter is able to call an HTTP/1.1 authorization service. In external_auth.proto, added a nested message to CheckResponse that allows the authorization service to pass additional HTTP response attributes back to the authz filter. Signed-off-by: Gabriel <gsagula@gmail.com>
7 years ago
package envoy.service.auth.v2alpha;
option go_package = "v2alpha";
Add java_generic_services option to service proto files (#516) This enables generating generic service stubs for all the data-plane-api proto services when generating Java classes with protoc. This is generally not needed when implementing a gRPC server but in our case we're implementing it behind our legacy protobuf RPC framework which rely on these stubs. As far as I know the only negative with enabling these is generating some potentially unnecessary Java classes. Signed-off-by: Snow Pettersen <snowp@squareup.com>
7 years ago
option java_generic_services = true;
External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
authz_filter: configuration to support Ambassador authorization flow (#563) This PR includes the necessary modifications in support of envoyproxy/envoy#2828. Added additional configuration to ext_authz.proto so that the filter is able to call an HTTP/1.1 authorization service. In external_auth.proto, added a nested message to CheckResponse that allows the authorization service to pass additional HTTP response attributes back to the authz filter. Signed-off-by: Gabriel <gsagula@gmail.com>
7 years ago
import "envoy/service/auth/v2alpha/attribute_context.proto";
Split base API package into sub-packages (#421) Signed-off-by: Kuat Yessenov <kuat@google.com>
7 years ago
External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
import "google/rpc/status.proto";
authz_filter: configuration to support Ambassador authorization flow (#563) This PR includes the necessary modifications in support of envoyproxy/envoy#2828. Added additional configuration to ext_authz.proto so that the filter is able to call an HTTP/1.1 authorization service. In external_auth.proto, added a nested message to CheckResponse that allows the authorization service to pass additional HTTP response attributes back to the authz filter. Signed-off-by: Gabriel <gsagula@gmail.com>
7 years ago
import "validate/validate.proto";
External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
Improve documentation to the AttributeContext (#366) Signed-off-by: Hong Zhang <wora2000@gmail.com>
7 years ago
// A generic interface for performing authorization check on incoming
// requests to a networked service.
External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
service Authorization {
Improve documentation to the AttributeContext (#366) Signed-off-by: Hong Zhang <wora2000@gmail.com>
7 years ago
// Performs authorization check based on the attributes associated with the
// incoming request, and returns status `OK` or not `OK`.
External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
rpc Check(CheckRequest) returns (CheckResponse);
}
message CheckRequest {
// The request attributes.
AttributeContext attributes = 1;
}
message CheckResponse {
// Status `OK` allows the request. Any other status indicates the request should be denied.
google.rpc.Status status = 1;
authz_filter: configuration to support Ambassador authorization flow (#563) This PR includes the necessary modifications in support of envoyproxy/envoy#2828. Added additional configuration to ext_authz.proto so that the filter is able to call an HTTP/1.1 authorization service. In external_auth.proto, added a nested message to CheckResponse that allows the authorization service to pass additional HTTP response attributes back to the authz filter. Signed-off-by: Gabriel <gsagula@gmail.com>
7 years ago
// An optional message that contains HTTP response attributes. This message is
// used when the authorization service needs to send custom responses to the
// downstream client or, to modify/add request headers being dispatched to the upstream.
message HttpResponse {
// Http status code.
uint32 status_code = 1 [(validate.rules).uint32 = {gte: 100, lt: 600}];
// Http entity headers.
map<string, string> headers = 2;
// Http entity body.
string body = 3;
}
External auth filter2 (#296) Signed-off-by: Mandar U Jog <mjog@google.com>
7 years ago
}