Package io.grpc.xds
Class RbacFilter
java.lang.Object
io.grpc.xds.RbacFilter
- All Implemented Interfaces:
Filter
,Filter.ServerInterceptorBuilder
RBAC Http filter implementation.
-
Nested Class Summary
Nested classes/interfaces inherited from interface io.grpc.xds.Filter
Filter.ClientInterceptorBuilder, Filter.FilterConfig, Filter.NamedFilterConfig, Filter.ServerInterceptorBuilder
-
Field Summary
FieldsModifier and TypeFieldDescription(package private) static final RbacFilter
private static final Logger
(package private) static final String
private static final String
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionio.grpc.ServerInterceptor
buildServerInterceptor
(Filter.FilterConfig config, Filter.FilterConfig overrideConfig) private static GrpcAuthorizationEngine.DestinationIpMatcher
createDestinationIpMatcher
(CidrRange cidrRange) private static GrpcAuthorizationEngine.DestinationPortMatcher
createDestinationPortMatcher
(int port) private static GrpcAuthorizationEngine.SourceIpMatcher
createSourceIpMatcher
(CidrRange cidrRange) private io.grpc.ServerInterceptor
private static GrpcAuthorizationEngine.AuthenticatedMatcher
private static GrpcAuthorizationEngine.DestinationPortRangeMatcher
parseFilterConfig
(com.google.protobuf.Message rawProtoMessage) Parses the top-level filter config from raw proto message.parseFilterConfigOverride
(com.google.protobuf.Message rawProtoMessage) Parses the per-filter override filter config from raw proto message.private static GrpcAuthorizationEngine.AuthHeaderMatcher
parseHeaderMatcher
(HeaderMatcher proto) private static GrpcAuthorizationEngine.PathMatcher
parsePathMatcher
(PathMatcher proto) private static GrpcAuthorizationEngine.Matcher
parsePermission
(Permission permission) private static GrpcAuthorizationEngine.OrMatcher
parsePermissionList
(List<Permission> permissions) private static GrpcAuthorizationEngine.Matcher
parsePrincipal
(Principal principal) private static GrpcAuthorizationEngine.OrMatcher
parsePrincipalList
(List<Principal> principals) (package private) static ConfigOrError
<RbacConfig> parseRbacConfig
(RBAC rbac) private static GrpcAuthorizationEngine.RequestedServerNameMatcher
private static InetAddress
String[]
typeUrls()
The proto message types supported by this filter.
-
Field Details
-
logger
-
INSTANCE
-
TYPE_URL
- See Also:
-
TYPE_URL_OVERRIDE_CONFIG
- See Also:
-
-
Constructor Details
-
RbacFilter
RbacFilter()
-
-
Method Details
-
typeUrls
Description copied from interface:Filter
The proto message types supported by this filter. A filter will be registered by each of its supported message types. -
parseFilterConfig
Description copied from interface:Filter
Parses the top-level filter config from raw proto message. The message may be either aAny
or aStruct
.- Specified by:
parseFilterConfig
in interfaceFilter
-
parseRbacConfig
-
parseFilterConfigOverride
public ConfigOrError<RbacConfig> parseFilterConfigOverride(com.google.protobuf.Message rawProtoMessage) Description copied from interface:Filter
Parses the per-filter override filter config from raw proto message. The message may be either aAny
or aStruct
.- Specified by:
parseFilterConfigOverride
in interfaceFilter
-
buildServerInterceptor
@Nullable public io.grpc.ServerInterceptor buildServerInterceptor(Filter.FilterConfig config, @Nullable Filter.FilterConfig overrideConfig) - Specified by:
buildServerInterceptor
in interfaceFilter.ServerInterceptorBuilder
-
generateAuthorizationInterceptor
private io.grpc.ServerInterceptor generateAuthorizationInterceptor(GrpcAuthorizationEngine.AuthConfig config) -
parsePermissionList
-
parsePermission
-
parsePrincipalList
-
parsePrincipal
-
parsePathMatcher
-
parseRequestedServerNameMatcher
private static GrpcAuthorizationEngine.RequestedServerNameMatcher parseRequestedServerNameMatcher(StringMatcher proto) -
parseHeaderMatcher
-
parseAuthenticatedMatcher
private static GrpcAuthorizationEngine.AuthenticatedMatcher parseAuthenticatedMatcher(Principal.Authenticated proto) -
createDestinationPortMatcher
private static GrpcAuthorizationEngine.DestinationPortMatcher createDestinationPortMatcher(int port) -
parseDestinationPortRangeMatcher
private static GrpcAuthorizationEngine.DestinationPortRangeMatcher parseDestinationPortRangeMatcher(Int32Range range) -
createDestinationIpMatcher
private static GrpcAuthorizationEngine.DestinationIpMatcher createDestinationIpMatcher(CidrRange cidrRange) -
createSourceIpMatcher
-
resolve
-