forward-auth: use envoy's ext_authz check (#1482)

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
2025-05-22 21:47:16 +02:00 · 2020-10-04 20:01:06 -07:00 · 2020-10-04 20:01:06 -07:00 · 9b39deabd8
commit 9b39deabd8
parent 155213857e
16 changed files with 248 additions and 406 deletions
--- a/proxy/proxy_test.go
+++ b/proxy/proxy_test.go
@ -13,7 +13,6 @@ import (
 func testOptions(t *testing.T) *config.Options {
 	opts := config.NewDefaultOptions()
 	opts.AuthenticateURLString = "https://authenticate.example"
-	opts.AuthorizeURLString = "https://authorize.example"

 	testPolicy := config.Policy{From: "https://corp.example.example", To: "https://example.example"}
 	opts.Policies = []config.Policy{testPolicy}
@ -38,10 +37,6 @@ func TestOptions_Validate(t *testing.T) {
 	authurl, _ := url.Parse("authenticate.corp.beyondperimeter.com")
 	authenticateBadScheme := testOptions(t)
 	authenticateBadScheme.AuthenticateURL = authurl
-	authorizeBadSCheme := testOptions(t)
-	authorizeBadSCheme.AuthorizeURL = authurl
-	authorizeNil := testOptions(t)
-	authorizeNil.AuthorizeURL = nil
 	emptyCookieSecret := testOptions(t)
 	emptyCookieSecret.CookieSecret = ""
 	invalidCookieSecret := testOptions(t)
@ -64,8 +59,6 @@ func TestOptions_Validate(t *testing.T) {
 		{"nil options", &config.Options{}, true},
 		{"authenticate service url", badAuthURL, true},
 		{"authenticate service url no scheme", authenticateBadScheme, true},
-		{"authorize service url no scheme", authorizeBadSCheme, true},
-		{"authorize service cannot be nil", authorizeNil, true},
 		{"no cookie secret", emptyCookieSecret, true},
 		{"invalid cookie secret", invalidCookieSecret, true},
 		{"short cookie secret", shortCookieLength, true},