LCOV - code coverage report
Current view: top level - envoy/http - original_ip_detection.h (source / functions) Hit Total Coverage
Test: coverage.dat Lines: 3 3 100.0 %
Date: 2024-01-05 06:35:25 Functions: 3 3 100.0 % 

          Line data    Source code
       1             : #pragma once
       2             : 
       3             : #include <memory>
       4             : #include <string>
       5             : 
       6             : #include "envoy/common/pure.h"
       7             : #include "envoy/config/typed_config.h"
       8             : #include "envoy/http/codes.h"
       9             : #include "envoy/http/header_map.h"
      10             : #include "envoy/network/address.h"
      11             : #include "envoy/server/factory_context.h"
      12             : 
      13             : namespace Envoy {
      14             : namespace Http {
      15             : 
      16             : struct OriginalIPDetectionParams {
      17             :   // The request headers from downstream.
      18             :   //
      19             :   // Note that while extensions can modify the headers, they will undergo standard Envoy
      20             :   // sanitation after the detect() call so additions made here may be removed before
      21             :   // filters have access to headers.
      22             :   Http::RequestHeaderMap& request_headers;
      23             :   // The downstream directly connected address.
      24             :   const Network::Address::InstanceConstSharedPtr& downstream_remote_address;
      25             : };
      26             : 
      27             : // Parameters to be used for sending a local reply when detection fails.
      28             : struct OriginalIPRejectRequestOptions {
      29             :   Code response_code;
      30             :   std::string body;
      31             : };
      32             : 
      33             : struct OriginalIPDetectionResult {
      34             :   // An address that represents the detected address or nullptr if detection failed.
      35             :   Network::Address::InstanceConstSharedPtr detected_remote_address;
      36             :   // Is the detected address trusted (e.g.: can it be used to determine if this is an internal
      37             :   // request).
      38             :   bool allow_trusted_address_checks;
      39             :   // If set, these parameters will be used to signal that detection failed and the request should
      40             :   // be rejected.
      41             :   absl::optional<OriginalIPRejectRequestOptions> reject_options;
      42             : };
      43             : 
      44             : /**
      45             :  * Interface class for original IP detection extensions.
      46             :  */
      47             : class OriginalIPDetection {
      48             : public:
      49         140 :   virtual ~OriginalIPDetection() = default;
      50             : 
      51             :   /**
      52             :    * Detect the final remote address.
      53             :    *
      54             :    * If the call to this method succeeds in detecting the remote IP address or
      55             :    * fails and is configured to reject the request in that case, no other
      56             :    * configured extensions will be called (if any).
      57             :    *
      58             :    * @param param supplies the OriginalIPDetectionParams params for detection.
      59             :    * @return OriginalIPDetectionResult the result of the extension's attempt to detect
      60             :    * the final remote address.
      61             :    */
      62             :   virtual OriginalIPDetectionResult detect(OriginalIPDetectionParams& params) PURE;
      63             : };
      64             : 
      65             : using OriginalIPDetectionSharedPtr = std::shared_ptr<OriginalIPDetection>;
      66             : 
      67             : /*
      68             :  * A factory for creating original IP detection extensions.
      69             :  */
      70             : class OriginalIPDetectionFactory : public Envoy::Config::TypedFactory {
      71             : public:
      72           1 :   ~OriginalIPDetectionFactory() override = default;
      73             : 
      74             :   /**
      75             :    * Creates a particular extension implementation.
      76             :    *
      77             :    * @param config supplies the configuration for the original IP detection extension.
      78             :    * @return OriginalIPDetectionSharedPtr the extension instance.
      79             :    */
      80             :   virtual OriginalIPDetectionSharedPtr
      81             :   createExtension(const Protobuf::Message& config,
      82             :                   Server::Configuration::FactoryContext& context) PURE;
      83             : 
      84         116 :   std::string category() const override { return "envoy.http.original_ip_detection"; }
      85             : };
      86             : 
      87             : using OriginalIPDetectionFactoryPtr = std::unique_ptr<OriginalIPDetectionFactory>;
      88             : 
      89             : } // namespace Http
      90             : } // namespace Envoy

Generated by: LCOV version 1.15