Package opa implements the policy evaluator interface to make authorization decisions.

MergeRuleResultsWithOr merges all the results using `or`.

New creates a new Evaluator.

NewHeadersEvaluator creates a new HeadersEvaluator.

NewHeadersRequestFromPolicy creates a new HeadersRequest from a policy.

NewPolicyEvaluator creates a new PolicyEvaluator.

NewPolicyResponse creates a new PolicyResponse.

NewRequestHTTP creates a new RequestHTTP.

NewRuleResult creates a new RuleResult.

WithAuthenticateURL sets the authenticate URL in the config.

WithClientCA sets the client CA in the config.

WithGoogleCloudServerlessAuthenticationServiceAccount sets the google cloud serverless authentication service account in the config.

WithJWTClaimsHeaders sets the JWT claims headers in the config.

WithPolicies sets the policies in the config.

WithSigningKey sets the signing key and algorithm in the config.

GCP pre-defined values.

GCP pre-defined values.

GCP pre-defined values.

tokens expire after one hour according to the GCP docs.

An Evaluator evaluates policies.

A HeadersEvaluator evaluates the headers.rego script.

HeadersRequest is the input to the headers.rego script.

HeadersResponse is the output from the headers.rego script.

A PolicyEvaluator evaluates policies.

PolicyRequest is the input to policy evaluation.

PolicyResponse is the result of evaluating a policy.

Request contains the inputs needed for evaluation.

RequestHTTP is the HTTP field in the request.

RequestSession is the session field in the request.

Result is the result of evaluation.

A RuleResult is the result of evaluating a rule.

An Option customizes the evaluator config.