Documentation
¶
Index ¶
Constants ¶
View Source
const ( HeaderForwardedClientCert = "x-forwarded-client-cert" HeaderAuthorization = "authorization" )
View Source
const ( UNKNOWN checkResultCode = iota ALLOWED DENIED UNAUTHENTICATED ALWAYS_ALLOW = 100 )
Variables ¶
View Source
var ( ReExSubject = regexp.MustCompile(`Subject="([^"]+)"`) ErrSubjectNotFound = errors.New("subject not found") )
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func NewServer ¶
func NewServer(opts ...ServerOption) (*Server, error)
NewServer creates a new server and applies the given options.
func (*Server) Check ¶
func (srv *Server) Check(ctx context.Context, req *envoy_auth.CheckRequest) (*envoy_auth.CheckResponse, error)
Check processes the JWT token and/or client certificate to authorize the request.
type ServerOption ¶
ServerOption is used to configure a server.
func WithClientDataFactory ¶ added in v0.4.0
func WithClientDataFactory(cdp *clientdata.Factory) ServerOption
func WithFeatureGates ¶ added in v0.3.0
func WithFeatureGates(fg *commoncfg.FeatureGates) ServerOption
func WithJWTHandler ¶
func WithJWTHandler(hdl *jwthandler.Handler) ServerOption
func WithPolicyEngine ¶
func WithPolicyEngine(pe policies.Engine) ServerOption
func WithTrustedSubjects ¶
func WithTrustedSubjects(m map[string]string) ServerOption
Click to show internal directories.
Click to hide internal directories.