Search in sources :

Example 1 with HeaderMatcher

use of io.envoyproxy.envoy.config.route.v3.HeaderMatcher in project grpc-java by grpc.

the class RbacFilterTest method headerParser.

@Test
@SuppressWarnings({ "unchecked", "deprecation" })
public void headerParser() {
    HeaderMatcher headerMatcher = HeaderMatcher.newBuilder().setName("party").setExactMatch("win").build();
    List<Permission> permissionList = Arrays.asList(Permission.newBuilder().setHeader(headerMatcher).build());
    List<Principal> principalList = Arrays.asList(Principal.newBuilder().setHeader(headerMatcher).build());
    ConfigOrError<RbacConfig> result = parseOverride(permissionList, principalList);
    assertThat(result.errorDetail).isNull();
    ServerCall<Void, Void> serverCall = mock(ServerCall.class);
    GrpcAuthorizationEngine engine = new GrpcAuthorizationEngine(result.config.authConfig());
    AuthDecision decision = engine.evaluate(metadata("party", "win"), serverCall);
    assertThat(decision.decision()).isEqualTo(GrpcAuthorizationEngine.Action.DENY);
}
Also used : HeaderMatcher(io.envoyproxy.envoy.config.route.v3.HeaderMatcher) AuthDecision(io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine.AuthDecision) Permission(io.envoyproxy.envoy.config.rbac.v3.Permission) GrpcAuthorizationEngine(io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine) Principal(io.envoyproxy.envoy.config.rbac.v3.Principal) Test(org.junit.Test)

Example 2 with HeaderMatcher

use of io.envoyproxy.envoy.config.route.v3.HeaderMatcher in project grpc-java by grpc.

the class RbacFilterTest method headerParser_headerName.

@Test
@SuppressWarnings("deprecation")
public void headerParser_headerName() {
    HeaderMatcher headerMatcher = HeaderMatcher.newBuilder().setName("grpc--feature").setExactMatch("win").build();
    List<Permission> permissionList = Arrays.asList(Permission.newBuilder().setHeader(headerMatcher).build());
    HeaderMatcher headerMatcher2 = HeaderMatcher.newBuilder().setName(":scheme").setExactMatch("win").build();
    List<Principal> principalList = Arrays.asList(Principal.newBuilder().setHeader(headerMatcher2).build());
    ConfigOrError<RbacConfig> result = parseOverride(permissionList, principalList);
    assertThat(result.errorDetail).isNotNull();
}
Also used : HeaderMatcher(io.envoyproxy.envoy.config.route.v3.HeaderMatcher) Permission(io.envoyproxy.envoy.config.rbac.v3.Permission) Principal(io.envoyproxy.envoy.config.rbac.v3.Principal) Test(org.junit.Test)

Aggregations

Permission (io.envoyproxy.envoy.config.rbac.v3.Permission)2 Principal (io.envoyproxy.envoy.config.rbac.v3.Principal)2 HeaderMatcher (io.envoyproxy.envoy.config.route.v3.HeaderMatcher)2 Test (org.junit.Test)2 GrpcAuthorizationEngine (io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine)1 AuthDecision (io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine.AuthDecision)1