3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-17 11:07:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

ppl: refactor authorize to evaluate PPL (#2224)

Browse source 
* ppl: refactor authorize to evaluate PPL

* remove opa test step

* add log statement

* simplify assignment

* deny with forbidden if logged in

* add safeEval function

* create evaluator-specific config and options

* embed the headers rego file directly
This commit is contained in:
Caleb Doxsey 2021-05-21 09:50:18 -06:00 committed by GitHub
parent 8c56d64f31
commit dad35bcfb0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
26 changed files with 1451 additions and 2211 deletions
Download patch file Download diff file Expand all files Collapse all files

5
authorize/evaluator/functions.go
View file

@ -8,7 +8,6 @@ import (
lru "github.com/hashicorp/golang-lru"
"github.com/pomerium/pomerium/authorize/evaluator/opa"
"github.com/pomerium/pomerium/internal/log"
)
@ -65,7 +64,3 @@ func parseCertificate(pemStr string) (*x509.Certificate, error) {
}
return x509.ParseCertificate(block.Bytes)
}
func readPolicy() ([]byte, error) {
return opa.FS.ReadFile("policy/authz.rego")
}