HTTPRouteRulesFiltersExternalAuth

gateway_api::apis::experimental::httproutes

Struct HTTPRouteRulesFiltersExternalAuth 

Source 
pub struct HTTPRouteRulesFiltersExternalAuth {
    pub backend_ref: HTTPRouteRulesFiltersExternalAuthBackendRef,
    pub forward_body: Option<HTTPRouteRulesFiltersExternalAuthForwardBody>,
    pub grpc: Option<HTTPRouteRulesFiltersExternalAuthGrpc>,
    pub http: Option<HTTPRouteRulesFiltersExternalAuthHttp>,
    pub protocol: HTTPRouteRulesFiltersExternalAuthProtocol,
}
Expand description

ExternalAuth configures settings related to sending request details to an external auth service. The external service MUST authenticate the request, and MAY authorize the request as well.

If there is any problem communicating with the external service, this filter MUST fail closed.

Support: Extended

Fields§

§backend_ref: HTTPRouteRulesFiltersExternalAuthBackendRef

BackendRef is a reference to a backend to send authorization requests to.

The backend must speak the selected protocol (GRPC or HTTP) on the referenced port.

If the backend service requires TLS, use BackendTLSPolicy to tell the implementation to supply the TLS details to be used to connect to that backend.

§forward_body: Option<HTTPRouteRulesFiltersExternalAuthForwardBody>

ForwardBody controls if requests to the authorization server should include the body of the client request; and if so, how big that body is allowed to be.

It is expected that implementations will buffer the request body up to forwardBody.maxSize bytes. Bodies over that size must be rejected with a 4xx series error (413 or 403 are common examples), and fail processing of the filter.

If unset, or forwardBody.maxSize is set to 0, then the body will not be forwarded.

Feature Name: HTTPRouteExternalAuthForwardBody

§grpc: Option<HTTPRouteRulesFiltersExternalAuthGrpc>

GRPCAuthConfig contains configuration for communication with ext_authz protocol-speaking backends.

If unset, implementations must assume the default behavior for each included field is intended.

§http: Option<HTTPRouteRulesFiltersExternalAuthHttp>

HTTPAuthConfig contains configuration for communication with HTTP-speaking backends.

If unset, implementations must assume the default behavior for each included field is intended.

§protocol: HTTPRouteRulesFiltersExternalAuthProtocol

ExternalAuthProtocol describes which protocol to use when communicating with an ext_authz authorization server.

When this is set to GRPC, each backend must use the Envoy ext_authz protocol on the port specified in backendRefs. Requests and responses are defined in the protobufs explained at: https://www.envoyproxy.io/docs/envoy/latest/api-v3/service/auth/v3/external_auth.proto

When this is set to HTTP, each backend must respond with a 200 status code in on a successful authorization. Any other code is considered an authorization failure.

Feature Names: GRPC Support - HTTPRouteExternalAuthGRPC HTTP Support - HTTPRouteExternalAuthHTTP

Trait Implementations§

Source§

impl Clone for HTTPRouteRulesFiltersExternalAuth

Source§

fn clone(&self) -> HTTPRouteRulesFiltersExternalAuth

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for HTTPRouteRulesFiltersExternalAuth

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for HTTPRouteRulesFiltersExternalAuth

Source§

fn default() -> HTTPRouteRulesFiltersExternalAuth

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for HTTPRouteRulesFiltersExternalAuth

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl JsonSchema for HTTPRouteRulesFiltersExternalAuth

Source§

fn schema_name() -> Cow<'static, str>

The name of the generated JSON Schema. Read more
Source§

fn schema_id() -> Cow<'static, str>

Returns a string that uniquely identifies the schema produced by this type. Read more
Source§

fn json_schema(generator: &mut SchemaGenerator) -> Schema

Generates a JSON Schema for this type. Read more
Source§

fn inline_schema() -> bool

Whether JSON Schemas generated for this type should be included directly in parent schemas, rather than being re-used where possible using the $ref keyword. Read more
Source§

impl PartialEq for HTTPRouteRulesFiltersExternalAuth

Source§

fn eq(&self, other: &HTTPRouteRulesFiltersExternalAuth) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for HTTPRouteRulesFiltersExternalAuth

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl StructuralPartialEq for HTTPRouteRulesFiltersExternalAuth

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,