Add rule requirement feature to jwt_authn filter (#4101)

Signed-off-by: Kai Yang <kai.yang@intradiem.com>

Mirrored from https://github.com/envoyproxy/envoy @ c7b290085582a089afea078ca17b8ab7709ec51b
pull/620/head
data-plane-api(CircleCI) 6 years ago
parent 0144f7662b
commit 0492dff2a2
  1. 5
      envoy/config/filter/http/jwt_authn/v2alpha/config.proto

@ -7,6 +7,7 @@ import "envoy/api/v2/core/base.proto";
import "envoy/api/v2/core/http_uri.proto"; import "envoy/api/v2/core/http_uri.proto";
import "envoy/api/v2/route/route.proto"; import "envoy/api/v2/route/route.proto";
import "google/protobuf/duration.proto"; import "google/protobuf/duration.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/wrappers.proto"; import "google/protobuf/wrappers.proto";
import "validate/validate.proto"; import "validate/validate.proto";
@ -30,7 +31,6 @@ import "validate/validate.proto";
// cache_duration: // cache_duration:
// seconds: 300 // seconds: 300
// //
// [#not-implemented-hide:]
message JwtProvider { message JwtProvider {
// Identifies the principal that issued the JWT. See `here // Identifies the principal that issued the JWT. See `here
// <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_. Usually a URL or an email address. // <https://tools.ietf.org/html/rfc7519#section-4.1.1>`_. Usually a URL or an email address.
@ -253,7 +253,7 @@ message JwtRequirement {
// verification fails. A typical usage is: this filter is used to only verify // verification fails. A typical usage is: this filter is used to only verify
// JWTs and pass the verified JWT payloads to another filter, the other filter // JWTs and pass the verified JWT payloads to another filter, the other filter
// will make decision. In this mode, all JWT tokens will be verified. // will make decision. In this mode, all JWT tokens will be verified.
google.protobuf.BoolValue allow_missing_or_failed = 5; google.protobuf.Empty allow_missing_or_failed = 5;
} }
} }
@ -350,7 +350,6 @@ message RequirementRule {
// - provider_name: "provider1" // - provider_name: "provider1"
// - provider_name: "provider2" // - provider_name: "provider2"
// //
//// [#not-implemented-hide:]
message JwtAuthentication { message JwtAuthentication {
// Map of provider names to JwtProviders. // Map of provider names to JwtProviders.
// //

Loading…
Cancel
Save