AdditionalClaimsProvider creates and returns an additional claims object which is will be filled during identity token verification.

AdminGroupRoleMapping maps the adminGroup to the specified adminRole for authorization request.

AppName for auhtz runtime.

Authorizer performs authz for every request.

CurrentUser for the request.

CurrentUserClaims for the request.

CurrentUserRoles for the request.

IDResolver to resolve the ID for authenticated user.

Logger for runtime.

NewRuntime returns a new Runtime.

OIDCAudience OIDC Audience which is the OIDC Client ID.

OIDCCAFile CA file.

OIDCIssuer OIDC token issuer.

OIDCRequiredClaims OIDC Required Claims.

OIDCSigningAlgos OIDC Signing Algos.

ResourceIdentifier look at incoming request and identify the resource.

ResourceResolver uses this resolver to lookup the resource attributes that can be used for authorization checks.

RoleBindingResolver uses this resolver to map a subject to a set of roles.

ServiceName for authz runtime.

Anonymous user.

AuthorizationData provides additional context data for auth policy evaluation engine.

AuthorizationRequest describes information required (who and what) to perform authorization check for ex.

AuthorizationResult describes policy evaluation result.

Claims represents a standard profile info returned as result of an OpenID Authentication Event.

Runtime interface for authN/authZ.

AddtionalClaimsProviderFn provides custom claims object are specified in the token use this if certain claims are returned as federated claims.

AuthorizerFn is a function that authorizes each grpc requests.

IDResolverFn resolves the Identity of the authenticated user which is available as the current user in the context by defaut it email is used as the identifier.

ResourceIdentifierFn looks at in coming request and picks out the resource id.

ResourceResolverFn resolves resource returns resource attributes that can be used for authz purpose.

RoleBindingResolverFn returns the role bindings for a subject.