mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-28 18:06:34 +02:00
2e7d1c7f12
Currently, policy evaluation and authorize logging are coupled to the Envoy CheckRequest proto message (part of the ext_authz API). In the context of ssh proxy authentication, we won't have a CheckRequest. Instead, let's make the existing evaluator.Request type the source of truth for the authorize log fields. This way, whether we populate the evaluator.Request struct from an ext_authz request or from an ssh proxy request, we can use the same logAuthorizeCheck() method for logging. Add some additional fields to evaluator.RequestHTTP for the authorize log fields that are not currently represented in this struct. |
||
|---|---|---|
| .. | ||
| checkrequest | ||
| evaluator | ||
| internal/store | ||
| access_tracker.go | ||
| access_tracker_test.go | ||
| authorize.go | ||
| authorize_test.go | ||
| check_response.go | ||
| check_response_grpc.go | ||
| check_response_test.go | ||
| databroker.go | ||
| databroker_test.go | ||
| grpc.go | ||
| grpc_test.go | ||
| log.go | ||
| log_test.go | ||
| state.go | ||