Struct AttributeContext

pub struct AttributeContext {
    pub source: Option<Peer>,
    pub destination: Option<Peer>,
    pub request: Option<Request>,
    pub context_extensions: HashMap<String, String>,
    pub metadata_context: Option<Metadata>,
    pub route_metadata_context: Option<Metadata>,
    pub tls_session: Option<TlsSession>,
}

An attribute is a piece of metadata that describes an activity on a network. For example, the size of an HTTP request, or the status code of an HTTP response.

Each attribute has a type and a name, which is logically defined as a proto message field of the AttributeContext. The AttributeContext is a collection of individual attributes supported by Envoy authorization system. [#comment: The following items are left out of this proto Request.Auth field for jwt tokens Request.Api for api management Origin peer that originated the request Caching Protocol request_context return values to inject back into the filter chain peer.claims – from X.509 extensions Configuration

• field mask to send
• which return values from request_context are copied back
• which return values are copied into request_headers] [#next-free-field: 14]

Fields

source: Option<Peer>

The source of a network activity, such as starting a TCP connection. In a multi hop network activity, the source represents the sender of the last hop.

destination: Option<Peer>

The destination of a network activity, such as accepting a TCP connection. In a multi hop network activity, the destination represents the receiver of the last hop.

request: Option<Request>

Represents a network request, such as an HTTP request.

context_extensions: HashMap<String, String>

This is analogous to http_request.headers, however these contents will not be sent to the upstream server. Context_extensions provide an extension mechanism for sending additional information to the auth server without modifying the proto definition. It maps to the internal opaque context in the filter chain.

metadata_context: Option<Metadata>

Dynamic metadata associated with the request.

route_metadata_context: Option<Metadata>

Metadata associated with the selected route.

tls_session: Option<TlsSession>

TLS session details of the underlying connection. This is not populated by default and will be populated only if the ext_authz filter has been specifically configured to include this information. For HTTP ext_authz, that requires :ref:include_tls_session <config_http_filters_ext_authz> to be set to true. For network ext_authz, that requires :ref:include_tls_session <config_network_filters_ext_authz> to be set to true.

Trait Implementations

impl Clone for AttributeContext

fn clone(&self) -> AttributeContext

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AttributeContext

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for AttributeContext

fn default() -> Self

Returns the “default value” for a type.

impl Message for AttributeContext

fn encoded_len(&self) -> usize

Returns the encoded length of the message without a length delimiter.

fn clear(&mut self)

Clears the message, resetting all fields to their default.

fn encode(&self, buf: &mut impl BufMut) -> Result<(), EncodeError>

where Self: Sized,

Encodes the message to a buffer.

fn encode_to_vec(&self) -> Vec<u8>

where Self: Sized,

Encodes the message to a newly allocated buffer.

fn encode_length_delimited( &self, buf: &mut impl BufMut, ) -> Result<(), EncodeError>

where Self: Sized,

Encodes the message with a length-delimiter to a buffer.

fn encode_length_delimited_to_vec(&self) -> Vec<u8>

where Self: Sized,

Encodes the message with a length-delimiter to a newly allocated buffer.

fn decode(buf: impl Buf) -> Result<Self, DecodeError>

where Self: Default,

Decodes an instance of the message from a buffer.

fn decode_length_delimited(buf: impl Buf) -> Result<Self, DecodeError>

where Self: Default,

Decodes a length-delimited instance of the message from the buffer.

fn merge(&mut self, buf: impl Buf) -> Result<(), DecodeError>

where Self: Sized,

Decodes an instance of the message from a buffer, and merges it into self.

fn merge_length_delimited(&mut self, buf: impl Buf) -> Result<(), DecodeError>

where Self: Sized,

Decodes a length-delimited instance of the message from buffer, and merges it into self.

impl Name for AttributeContext

const NAME: &'static str = "AttributeContext"

Simple name for this Message. This name is the same as it appears in the source .proto file, e.g. FooBar.

const PACKAGE: &'static str = "envoy.service.auth.v3"

Package name this message type is contained in. They are domain-like and delimited by ., e.g. google.protobuf.

fn full_name() -> String

Fully-qualified unique name for this Message. It’s prefixed with the package name and names of any parent messages, e.g. google.rpc.BadRequest.FieldViolation. By default, this is the package name followed by the message name. Fully-qualified names must be unique within a domain of Type URLs.

fn type_url() -> String

Type URL for this Message, which by default is the full name with a leading slash, but may also include a leading domain name, e.g. type.googleapis.com/google.profile.Person. This can be used when serializing into the google.protobuf.Any type.

impl PartialEq for AttributeContext

fn eq(&self, other: &AttributeContext) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for AttributeContext