Package io.grpc.xds
Class RbacFilter
- java.lang.Object
-
- io.grpc.xds.RbacFilter
-
- All Implemented Interfaces:
Filter
,Filter.ServerInterceptorBuilder
final class RbacFilter extends java.lang.Object implements Filter, Filter.ServerInterceptorBuilder
RBAC Http filter implementation.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface io.grpc.xds.Filter
Filter.ClientInterceptorBuilder, Filter.FilterConfig, Filter.NamedFilterConfig, Filter.ServerInterceptorBuilder
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static RbacFilter
INSTANCE
private static java.util.logging.Logger
logger
(package private) static java.lang.String
TYPE_URL
private static java.lang.String
TYPE_URL_OVERRIDE_CONFIG
-
Constructor Summary
Constructors Constructor Description RbacFilter()
-
Method Summary
-
-
-
Field Detail
-
logger
private static final java.util.logging.Logger logger
-
INSTANCE
static final RbacFilter INSTANCE
-
TYPE_URL
static final java.lang.String TYPE_URL
- See Also:
- Constant Field Values
-
TYPE_URL_OVERRIDE_CONFIG
private static final java.lang.String TYPE_URL_OVERRIDE_CONFIG
- See Also:
- Constant Field Values
-
-
Method Detail
-
typeUrls
public java.lang.String[] typeUrls()
Description copied from interface:Filter
The proto message types supported by this filter. A filter will be registered by each of its supported message types.
-
parseFilterConfig
public ConfigOrError<RbacConfig> parseFilterConfig(com.google.protobuf.Message rawProtoMessage)
Description copied from interface:Filter
Parses the top-level filter config from raw proto message. The message may be either aAny
or aStruct
.- Specified by:
parseFilterConfig
in interfaceFilter
-
parseRbacConfig
static ConfigOrError<RbacConfig> parseRbacConfig(RBAC rbac)
-
parseFilterConfigOverride
public ConfigOrError<RbacConfig> parseFilterConfigOverride(com.google.protobuf.Message rawProtoMessage)
Description copied from interface:Filter
Parses the per-filter override filter config from raw proto message. The message may be either aAny
or aStruct
.- Specified by:
parseFilterConfigOverride
in interfaceFilter
-
buildServerInterceptor
@Nullable public io.grpc.ServerInterceptor buildServerInterceptor(Filter.FilterConfig config, @Nullable Filter.FilterConfig overrideConfig)
- Specified by:
buildServerInterceptor
in interfaceFilter.ServerInterceptorBuilder
-
generateAuthorizationInterceptor
private io.grpc.ServerInterceptor generateAuthorizationInterceptor(GrpcAuthorizationEngine.AuthConfig config)
-
parsePermissionList
private static GrpcAuthorizationEngine.OrMatcher parsePermissionList(java.util.List<Permission> permissions)
-
parsePermission
private static GrpcAuthorizationEngine.Matcher parsePermission(Permission permission)
-
parsePrincipalList
private static GrpcAuthorizationEngine.OrMatcher parsePrincipalList(java.util.List<Principal> principals)
-
parsePrincipal
private static GrpcAuthorizationEngine.Matcher parsePrincipal(Principal principal)
-
parsePathMatcher
private static GrpcAuthorizationEngine.PathMatcher parsePathMatcher(PathMatcher proto)
-
parseRequestedServerNameMatcher
private static GrpcAuthorizationEngine.RequestedServerNameMatcher parseRequestedServerNameMatcher(StringMatcher proto)
-
parseHeaderMatcher
private static GrpcAuthorizationEngine.AuthHeaderMatcher parseHeaderMatcher(HeaderMatcher proto)
-
parseAuthenticatedMatcher
private static GrpcAuthorizationEngine.AuthenticatedMatcher parseAuthenticatedMatcher(Principal.Authenticated proto)
-
createDestinationPortMatcher
private static GrpcAuthorizationEngine.DestinationPortMatcher createDestinationPortMatcher(int port)
-
parseDestinationPortRangeMatcher
private static GrpcAuthorizationEngine.DestinationPortRangeMatcher parseDestinationPortRangeMatcher(Int32Range range)
-
createDestinationIpMatcher
private static GrpcAuthorizationEngine.DestinationIpMatcher createDestinationIpMatcher(CidrRange cidrRange)
-
createSourceIpMatcher
private static GrpcAuthorizationEngine.SourceIpMatcher createSourceIpMatcher(CidrRange cidrRange)
-
resolve
private static java.net.InetAddress resolve(CidrRange cidrRange)
-
-