Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add inline auth middleware #148

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

feat: add inline auth middleware #148

wants to merge 5 commits into from

Commits on Oct 23, 2022

  1. feat: OPA based inline auth middleware 

    Create a middleware that allows executing OPA policies prior to invoking
the function.

The policy can be configurd via the `OPA_POLICY` environment variable.
The query is defined via the `OPA_QUERY` variable. The OPA_POLICY can be
a comma separated list of paths.

The default query input will contain `path`, `method`, and the
`authorization` header value. You can optional include the parsed `body`
`rawBody` and the raw `headers` via the `OPA_INCLUDE_JSON_BODY`,
`OPA_INCLUDE_RAW_BODY` and `OPA_INCLUDE_HEADERS` environment variables.

Signed-off-by: Lucas Roesler <[email protected]>
    @LucasRoesler
    LucasRoesler committed Oct 23, 2022
    Configuration menu
    Copy the full SHA
    bd548a3 View commit details
    Browse the repository at this point in the history

  2. feat: add ability to skip paths when auth is enabled 

    Add `OPA_SKIP_PATHS` configuration and update the implementation to skip
these paths.

chore: add HMAC auth example in the tests

Signed-off-by: Lucas Roesler <[email protected]>
    @LucasRoesler
    LucasRoesler committed Oct 23, 2022
    Configuration menu
    Copy the full SHA
    2d7a7de View commit details
    Browse the repository at this point in the history

Commits on Dec 3, 2022

  1. add oicd example policy 

    Signed-off-by: Lucas Roesler <[email protected]>
    @LucasRoesler
    LucasRoesler committed Dec 3, 2022
    Configuration menu
    Copy the full SHA
    552f278 View commit details
    Browse the repository at this point in the history

  2. add test to demonstrate jwt valdiation 

    Signed-off-by: Lucas Roesler <[email protected]>
    @LucasRoesler
    LucasRoesler committed Dec 3, 2022
    Configuration menu
    Copy the full SHA
    b39f804 View commit details
    Browse the repository at this point in the history

Commits on Dec 28, 2022

  1. feat: implement auth result parsing 

    Support parsing structured auth policy results. This allows the policy
to customize the error response code. The policy can also attach
additional headers to the request so that the implementation. The
primary use case for the additional headers is to pass user or client
identification to the implmentation to allow for auditing and/or
additional authorization checks.

Signed-off-by: Lucas Roesler <[email protected]>
    @LucasRoesler
    LucasRoesler committed Dec 28, 2022
    Configuration menu
    Copy the full SHA
    c8683d5 View commit details
    Browse the repository at this point in the history