Package io.envoyproxy.envoy.extensions.filters.network.ext_authz.v3

Class ExtAuthz.Builder

java.lang.Object
com.google.protobuf.AbstractMessageLite.Builder
com.google.protobuf.AbstractMessage.Builder<BuilderT>
com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>
io.envoyproxy.envoy.extensions.filters.network.ext_authz.v3.ExtAuthz.Builder
All Implemented Interfaces:
com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, ExtAuthzOrBuilder, Cloneable
Enclosing class:
ExtAuthz
public static final class ExtAuthz.Builder extends com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder> implements ExtAuthzOrBuilder
 External Authorization filter calls out to an external service over the
 gRPC Authorization API defined by
 :ref:`CheckRequest <envoy_v3_api_msg_service.auth.v3.CheckRequest>`.
 A failed check will cause this filter to close the TCP connection.
 [#next-free-field: 12]
Protobuf type envoy.extensions.filters.network.ext_authz.v3.ExtAuthz

  • Method Details

    • getDescriptor

      public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

    • internalGetFieldAccessorTable

      protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
      Specified by:
      internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • clear

      public ExtAuthz.Builder clear()
      Specified by:
      clear in interface com.google.protobuf.Message.Builder
      Specified by:
      clear in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clear in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • getDescriptorForType

      public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()
      Specified by:
      getDescriptorForType in interface com.google.protobuf.Message.Builder
      Specified by:
      getDescriptorForType in interface com.google.protobuf.MessageOrBuilder
      Overrides:
      getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • getDefaultInstanceForType

      public ExtAuthz getDefaultInstanceForType()
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder
      Specified by:
      getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

    • build

      public ExtAuthz build()
      Specified by:
      build in interface com.google.protobuf.Message.Builder
      Specified by:
      build in interface com.google.protobuf.MessageLite.Builder

    • buildPartial

      public ExtAuthz buildPartial()
      Specified by:
      buildPartial in interface com.google.protobuf.Message.Builder
      Specified by:
      buildPartial in interface com.google.protobuf.MessageLite.Builder

    • clone

      public ExtAuthz.Builder clone()
      Specified by:
      clone in interface com.google.protobuf.Message.Builder
      Specified by:
      clone in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      clone in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • setField

      public ExtAuthz.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      setField in interface com.google.protobuf.Message.Builder
      Overrides:
      setField in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • clearField

      public ExtAuthz.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
      Specified by:
      clearField in interface com.google.protobuf.Message.Builder
      Overrides:
      clearField in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • clearOneof

      public ExtAuthz.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
      Specified by:
      clearOneof in interface com.google.protobuf.Message.Builder
      Overrides:
      clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • setRepeatedField

      public ExtAuthz.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
      Specified by:
      setRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • addRepeatedField

      public ExtAuthz.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
      Specified by:
      addRepeatedField in interface com.google.protobuf.Message.Builder
      Overrides:
      addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • mergeFrom

      public ExtAuthz.Builder mergeFrom(com.google.protobuf.Message other)
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<ExtAuthz.Builder>

    • mergeFrom

      public ExtAuthz.Builder mergeFrom(ExtAuthz other)

    • isInitialized

      public final boolean isInitialized()
      Specified by:
      isInitialized in interface com.google.protobuf.MessageLiteOrBuilder
      Overrides:
      isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • mergeFrom

      public ExtAuthz.Builder mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry) throws IOException
      Specified by:
      mergeFrom in interface com.google.protobuf.Message.Builder
      Specified by:
      mergeFrom in interface com.google.protobuf.MessageLite.Builder
      Overrides:
      mergeFrom in class com.google.protobuf.AbstractMessage.Builder<ExtAuthz.Builder>
      Throws:
      IOException

    • getStatPrefix

      public String getStatPrefix()
       The prefix to use when emitting statistics.
      string stat_prefix = 1 [(.validate.rules) = { ... }
      Specified by:
      getStatPrefix in interface ExtAuthzOrBuilder
      Returns:
      The statPrefix.

    • getStatPrefixBytes

      public com.google.protobuf.ByteString getStatPrefixBytes()
       The prefix to use when emitting statistics.
      string stat_prefix = 1 [(.validate.rules) = { ... }
      Specified by:
      getStatPrefixBytes in interface ExtAuthzOrBuilder
      Returns:
      The bytes for statPrefix.

    • setStatPrefix

      public ExtAuthz.Builder setStatPrefix(String value)
       The prefix to use when emitting statistics.
      string stat_prefix = 1 [(.validate.rules) = { ... }
      Parameters:
      value - The statPrefix to set.
      Returns:
      This builder for chaining.

    • clearStatPrefix

      public ExtAuthz.Builder clearStatPrefix()
       The prefix to use when emitting statistics.
      string stat_prefix = 1 [(.validate.rules) = { ... }
      Returns:
      This builder for chaining.

    • setStatPrefixBytes

      public ExtAuthz.Builder setStatPrefixBytes(com.google.protobuf.ByteString value)
       The prefix to use when emitting statistics.
      string stat_prefix = 1 [(.validate.rules) = { ... }
      Parameters:
      value - The bytes for statPrefix to set.
      Returns:
      This builder for chaining.

    • hasGrpcService

      public boolean hasGrpcService()
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;
      Specified by:
      hasGrpcService in interface ExtAuthzOrBuilder
      Returns:
      Whether the grpcService field is set.

    • getGrpcService

      public GrpcService getGrpcService()
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;
      Specified by:
      getGrpcService in interface ExtAuthzOrBuilder
      Returns:
      The grpcService.

    • setGrpcService

      public ExtAuthz.Builder setGrpcService(GrpcService value)
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;

    • setGrpcService

      public ExtAuthz.Builder setGrpcService(GrpcService.Builder builderForValue)
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;

    • mergeGrpcService

      public ExtAuthz.Builder mergeGrpcService(GrpcService value)
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;

    • clearGrpcService

      public ExtAuthz.Builder clearGrpcService()
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;

    • getGrpcServiceBuilder

      public GrpcService.Builder getGrpcServiceBuilder()
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;

    • getGrpcServiceOrBuilder

      public GrpcServiceOrBuilder getGrpcServiceOrBuilder()
       The external authorization gRPC service configuration.
 The default timeout is set to 200ms by this filter.
      .envoy.config.core.v3.GrpcService grpc_service = 2;
      Specified by:
      getGrpcServiceOrBuilder in interface ExtAuthzOrBuilder

    • getFailureModeAllow

      public boolean getFailureModeAllow()
       The filter's behaviour in case the external authorization service does
 not respond back. When it is set to true, Envoy will also allow traffic in case of
 communication failure between authorization service and the proxy.
 Defaults to false.
      bool failure_mode_allow = 3;
      Specified by:
      getFailureModeAllow in interface ExtAuthzOrBuilder
      Returns:
      The failureModeAllow.

    • setFailureModeAllow

      public ExtAuthz.Builder setFailureModeAllow(boolean value)
       The filter's behaviour in case the external authorization service does
 not respond back. When it is set to true, Envoy will also allow traffic in case of
 communication failure between authorization service and the proxy.
 Defaults to false.
      bool failure_mode_allow = 3;
      Parameters:
      value - The failureModeAllow to set.
      Returns:
      This builder for chaining.

    • clearFailureModeAllow

      public ExtAuthz.Builder clearFailureModeAllow()
       The filter's behaviour in case the external authorization service does
 not respond back. When it is set to true, Envoy will also allow traffic in case of
 communication failure between authorization service and the proxy.
 Defaults to false.
      bool failure_mode_allow = 3;
      Returns:
      This builder for chaining.

    • getIncludePeerCertificate

      public boolean getIncludePeerCertificate()
       Specifies if the peer certificate is sent to the external service.

 When this field is true, Envoy will include the peer X.509 certificate, if available, in the
 :ref:`certificate<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.certificate>`.
      bool include_peer_certificate = 4;
      Specified by:
      getIncludePeerCertificate in interface ExtAuthzOrBuilder
      Returns:
      The includePeerCertificate.

    • setIncludePeerCertificate

      public ExtAuthz.Builder setIncludePeerCertificate(boolean value)
       Specifies if the peer certificate is sent to the external service.

 When this field is true, Envoy will include the peer X.509 certificate, if available, in the
 :ref:`certificate<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.certificate>`.
      bool include_peer_certificate = 4;
      Parameters:
      value - The includePeerCertificate to set.
      Returns:
      This builder for chaining.

    • clearIncludePeerCertificate

      public ExtAuthz.Builder clearIncludePeerCertificate()
       Specifies if the peer certificate is sent to the external service.

 When this field is true, Envoy will include the peer X.509 certificate, if available, in the
 :ref:`certificate<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.certificate>`.
      bool include_peer_certificate = 4;
      Returns:
      This builder for chaining.

    • getTransportApiVersionValue

      public int getTransportApiVersionValue()
       API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
 version of Check{Request,Response} used on the wire.
      .envoy.config.core.v3.ApiVersion transport_api_version = 5 [(.validate.rules) = { ... }
      Specified by:
      getTransportApiVersionValue in interface ExtAuthzOrBuilder
      Returns:
      The enum numeric value on the wire for transportApiVersion.

    • setTransportApiVersionValue

      public ExtAuthz.Builder setTransportApiVersionValue(int value)
       API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
 version of Check{Request,Response} used on the wire.
      .envoy.config.core.v3.ApiVersion transport_api_version = 5 [(.validate.rules) = { ... }
      Parameters:
      value - The enum numeric value on the wire for transportApiVersion to set.
      Returns:
      This builder for chaining.

    • getTransportApiVersion

      public ApiVersion getTransportApiVersion()
       API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
 version of Check{Request,Response} used on the wire.
      .envoy.config.core.v3.ApiVersion transport_api_version = 5 [(.validate.rules) = { ... }
      Specified by:
      getTransportApiVersion in interface ExtAuthzOrBuilder
      Returns:
      The transportApiVersion.

    • setTransportApiVersion

      public ExtAuthz.Builder setTransportApiVersion(ApiVersion value)
       API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
 version of Check{Request,Response} used on the wire.
      .envoy.config.core.v3.ApiVersion transport_api_version = 5 [(.validate.rules) = { ... }
      Parameters:
      value - The transportApiVersion to set.
      Returns:
      This builder for chaining.

    • clearTransportApiVersion

      public ExtAuthz.Builder clearTransportApiVersion()
       API version for ext_authz transport protocol. This describes the ext_authz gRPC endpoint and
 version of Check{Request,Response} used on the wire.
      .envoy.config.core.v3.ApiVersion transport_api_version = 5 [(.validate.rules) = { ... }
      Returns:
      This builder for chaining.

    • hasFilterEnabledMetadata

      public boolean hasFilterEnabledMetadata()
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;
      Specified by:
      hasFilterEnabledMetadata in interface ExtAuthzOrBuilder
      Returns:
      Whether the filterEnabledMetadata field is set.

    • getFilterEnabledMetadata

      public MetadataMatcher getFilterEnabledMetadata()
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;
      Specified by:
      getFilterEnabledMetadata in interface ExtAuthzOrBuilder
      Returns:
      The filterEnabledMetadata.

    • setFilterEnabledMetadata

      public ExtAuthz.Builder setFilterEnabledMetadata(MetadataMatcher value)
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;

    • setFilterEnabledMetadata

      public ExtAuthz.Builder setFilterEnabledMetadata(MetadataMatcher.Builder builderForValue)
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;

    • mergeFilterEnabledMetadata

      public ExtAuthz.Builder mergeFilterEnabledMetadata(MetadataMatcher value)
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;

    • clearFilterEnabledMetadata

      public ExtAuthz.Builder clearFilterEnabledMetadata()
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;

    • getFilterEnabledMetadataBuilder

      public MetadataMatcher.Builder getFilterEnabledMetadataBuilder()
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;

    • getFilterEnabledMetadataOrBuilder

      public MetadataMatcherOrBuilder getFilterEnabledMetadataOrBuilder()
       Specifies if the filter is enabled with metadata matcher.
 If this field is not specified, the filter will be enabled for all requests.
      .envoy.type.matcher.v3.MetadataMatcher filter_enabled_metadata = 6;
      Specified by:
      getFilterEnabledMetadataOrBuilder in interface ExtAuthzOrBuilder

    • getBootstrapMetadataLabelsKey

      public String getBootstrapMetadataLabelsKey()
       Optional labels that will be passed to :ref:`labels<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.labels>` in
 :ref:`destination<envoy_v3_api_field_service.auth.v3.AttributeContext.destination>`.
 The labels will be read from :ref:`metadata<envoy_v3_api_msg_config.core.v3.Node>` with the specified key.
      string bootstrap_metadata_labels_key = 7;
      Specified by:
      getBootstrapMetadataLabelsKey in interface ExtAuthzOrBuilder
      Returns:
      The bootstrapMetadataLabelsKey.

    • getBootstrapMetadataLabelsKeyBytes

      public com.google.protobuf.ByteString getBootstrapMetadataLabelsKeyBytes()
       Optional labels that will be passed to :ref:`labels<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.labels>` in
 :ref:`destination<envoy_v3_api_field_service.auth.v3.AttributeContext.destination>`.
 The labels will be read from :ref:`metadata<envoy_v3_api_msg_config.core.v3.Node>` with the specified key.
      string bootstrap_metadata_labels_key = 7;
      Specified by:
      getBootstrapMetadataLabelsKeyBytes in interface ExtAuthzOrBuilder
      Returns:
      The bytes for bootstrapMetadataLabelsKey.

    • setBootstrapMetadataLabelsKey

      public ExtAuthz.Builder setBootstrapMetadataLabelsKey(String value)
       Optional labels that will be passed to :ref:`labels<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.labels>` in
 :ref:`destination<envoy_v3_api_field_service.auth.v3.AttributeContext.destination>`.
 The labels will be read from :ref:`metadata<envoy_v3_api_msg_config.core.v3.Node>` with the specified key.
      string bootstrap_metadata_labels_key = 7;
      Parameters:
      value - The bootstrapMetadataLabelsKey to set.
      Returns:
      This builder for chaining.

    • clearBootstrapMetadataLabelsKey

      public ExtAuthz.Builder clearBootstrapMetadataLabelsKey()
       Optional labels that will be passed to :ref:`labels<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.labels>` in
 :ref:`destination<envoy_v3_api_field_service.auth.v3.AttributeContext.destination>`.
 The labels will be read from :ref:`metadata<envoy_v3_api_msg_config.core.v3.Node>` with the specified key.
      string bootstrap_metadata_labels_key = 7;
      Returns:
      This builder for chaining.

    • setBootstrapMetadataLabelsKeyBytes

      public ExtAuthz.Builder setBootstrapMetadataLabelsKeyBytes(com.google.protobuf.ByteString value)
       Optional labels that will be passed to :ref:`labels<envoy_v3_api_field_service.auth.v3.AttributeContext.Peer.labels>` in
 :ref:`destination<envoy_v3_api_field_service.auth.v3.AttributeContext.destination>`.
 The labels will be read from :ref:`metadata<envoy_v3_api_msg_config.core.v3.Node>` with the specified key.
      string bootstrap_metadata_labels_key = 7;
      Parameters:
      value - The bytes for bootstrapMetadataLabelsKey to set.
      Returns:
      This builder for chaining.

    • getIncludeTlsSession

      public boolean getIncludeTlsSession()
       Specifies if the TLS session level details like SNI are sent to the external service.

 When this field is true, Envoy will include the SNI name used for TLSClientHello, if available, in the
 :ref:`tls_session<envoy_v3_api_field_service.auth.v3.AttributeContext.tls_session>`.
      bool include_tls_session = 8;
      Specified by:
      getIncludeTlsSession in interface ExtAuthzOrBuilder
      Returns:
      The includeTlsSession.

    • setIncludeTlsSession

      public ExtAuthz.Builder setIncludeTlsSession(boolean value)
       Specifies if the TLS session level details like SNI are sent to the external service.

 When this field is true, Envoy will include the SNI name used for TLSClientHello, if available, in the
 :ref:`tls_session<envoy_v3_api_field_service.auth.v3.AttributeContext.tls_session>`.
      bool include_tls_session = 8;
      Parameters:
      value - The includeTlsSession to set.
      Returns:
      This builder for chaining.

    • clearIncludeTlsSession

      public ExtAuthz.Builder clearIncludeTlsSession()
       Specifies if the TLS session level details like SNI are sent to the external service.

 When this field is true, Envoy will include the SNI name used for TLSClientHello, if available, in the
 :ref:`tls_session<envoy_v3_api_field_service.auth.v3.AttributeContext.tls_session>`.
      bool include_tls_session = 8;
      Returns:
      This builder for chaining.

    • getSendTlsAlertOnDenial

      public boolean getSendTlsAlertOnDenial()
       When set to ``true``, the filter will send a TLS ``access_denied(49)`` alert before closing
 the connection when authorization is denied. This provides better visibility to TLS clients
 about the reason for connection closure. This alert is only sent for TLS connections. The
 non-TLS connections will be closed without sending an alert.

 Defaults to ``false``.
      bool send_tls_alert_on_denial = 9;
      Specified by:
      getSendTlsAlertOnDenial in interface ExtAuthzOrBuilder
      Returns:
      The sendTlsAlertOnDenial.

    • setSendTlsAlertOnDenial

      public ExtAuthz.Builder setSendTlsAlertOnDenial(boolean value)
       When set to ``true``, the filter will send a TLS ``access_denied(49)`` alert before closing
 the connection when authorization is denied. This provides better visibility to TLS clients
 about the reason for connection closure. This alert is only sent for TLS connections. The
 non-TLS connections will be closed without sending an alert.

 Defaults to ``false``.
      bool send_tls_alert_on_denial = 9;
      Parameters:
      value - The sendTlsAlertOnDenial to set.
      Returns:
      This builder for chaining.

    • clearSendTlsAlertOnDenial

      public ExtAuthz.Builder clearSendTlsAlertOnDenial()
       When set to ``true``, the filter will send a TLS ``access_denied(49)`` alert before closing
 the connection when authorization is denied. This provides better visibility to TLS clients
 about the reason for connection closure. This alert is only sent for TLS connections. The
 non-TLS connections will be closed without sending an alert.

 Defaults to ``false``.
      bool send_tls_alert_on_denial = 9;
      Returns:
      This builder for chaining.

    • getMetadataContextNamespacesList

      public com.google.protobuf.ProtocolStringList getMetadataContextNamespacesList()
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Specified by:
      getMetadataContextNamespacesList in interface ExtAuthzOrBuilder
      Returns:
      A list containing the metadataContextNamespaces.

    • getMetadataContextNamespacesCount

      public int getMetadataContextNamespacesCount()
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Specified by:
      getMetadataContextNamespacesCount in interface ExtAuthzOrBuilder
      Returns:
      The count of metadataContextNamespaces.

    • getMetadataContextNamespaces

      public String getMetadataContextNamespaces(int index)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Specified by:
      getMetadataContextNamespaces in interface ExtAuthzOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The metadataContextNamespaces at the given index.

    • getMetadataContextNamespacesBytes

      public com.google.protobuf.ByteString getMetadataContextNamespacesBytes(int index)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Specified by:
      getMetadataContextNamespacesBytes in interface ExtAuthzOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the metadataContextNamespaces at the given index.

    • setMetadataContextNamespaces

      public ExtAuthz.Builder setMetadataContextNamespaces(int index, String value)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Parameters:
      index - The index to set the value at.
      value - The metadataContextNamespaces to set.
      Returns:
      This builder for chaining.

    • addMetadataContextNamespaces

      public ExtAuthz.Builder addMetadataContextNamespaces(String value)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Parameters:
      value - The metadataContextNamespaces to add.
      Returns:
      This builder for chaining.

    • addAllMetadataContextNamespaces

      public ExtAuthz.Builder addAllMetadataContextNamespaces(Iterable<String> values)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Parameters:
      values - The metadataContextNamespaces to add.
      Returns:
      This builder for chaining.

    • clearMetadataContextNamespaces

      public ExtAuthz.Builder clearMetadataContextNamespaces()
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Returns:
      This builder for chaining.

    • addMetadataContextNamespacesBytes

      public ExtAuthz.Builder addMetadataContextNamespacesBytes(com.google.protobuf.ByteString value)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. The :ref:`filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.filter_metadata>`
 is passed as an opaque ``protobuf::Struct``.

 For example, if the ``proxy_protocol`` listener filter is used and populates TLV metadata,
 then the following will pass that metadata to the authorization server for making decisions
 based on proxy protocol information.

 .. code-block:: yaml

    metadata_context_namespaces:
    - envoy.filters.listener.proxy_protocol
      repeated string metadata_context_namespaces = 10;
      Parameters:
      value - The bytes of the metadataContextNamespaces to add.
      Returns:
      This builder for chaining.

    • getTypedMetadataContextNamespacesList

      public com.google.protobuf.ProtocolStringList getTypedMetadataContextNamespacesList()
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Specified by:
      getTypedMetadataContextNamespacesList in interface ExtAuthzOrBuilder
      Returns:
      A list containing the typedMetadataContextNamespaces.

    • getTypedMetadataContextNamespacesCount

      public int getTypedMetadataContextNamespacesCount()
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Specified by:
      getTypedMetadataContextNamespacesCount in interface ExtAuthzOrBuilder
      Returns:
      The count of typedMetadataContextNamespaces.

    • getTypedMetadataContextNamespaces

      public String getTypedMetadataContextNamespaces(int index)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Specified by:
      getTypedMetadataContextNamespaces in interface ExtAuthzOrBuilder
      Parameters:
      index - The index of the element to return.
      Returns:
      The typedMetadataContextNamespaces at the given index.

    • getTypedMetadataContextNamespacesBytes

      public com.google.protobuf.ByteString getTypedMetadataContextNamespacesBytes(int index)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Specified by:
      getTypedMetadataContextNamespacesBytes in interface ExtAuthzOrBuilder
      Parameters:
      index - The index of the value to return.
      Returns:
      The bytes of the typedMetadataContextNamespaces at the given index.

    • setTypedMetadataContextNamespaces

      public ExtAuthz.Builder setTypedMetadataContextNamespaces(int index, String value)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Parameters:
      index - The index to set the value at.
      value - The typedMetadataContextNamespaces to set.
      Returns:
      This builder for chaining.

    • addTypedMetadataContextNamespaces

      public ExtAuthz.Builder addTypedMetadataContextNamespaces(String value)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Parameters:
      value - The typedMetadataContextNamespaces to add.
      Returns:
      This builder for chaining.

    • addAllTypedMetadataContextNamespaces

      public ExtAuthz.Builder addAllTypedMetadataContextNamespaces(Iterable<String> values)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Parameters:
      values - The typedMetadataContextNamespaces to add.
      Returns:
      This builder for chaining.

    • clearTypedMetadataContextNamespaces

      public ExtAuthz.Builder clearTypedMetadataContextNamespaces()
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Returns:
      This builder for chaining.

    • addTypedMetadataContextNamespacesBytes

      public ExtAuthz.Builder addTypedMetadataContextNamespacesBytes(com.google.protobuf.ByteString value)
       Specifies a list of metadata namespaces whose values, if present, will be passed to the
 ext_authz service. :ref:`typed_filter_metadata <envoy_v3_api_field_config.core.v3.Metadata.typed_filter_metadata>`
 is passed as a ``protobuf::Any``.

 This works similarly to ``metadata_context_namespaces`` but allows Envoy and the ext_authz server to share
 the protobuf message definition in order to perform safe parsing.
      repeated string typed_metadata_context_namespaces = 11;
      Parameters:
      value - The bytes of the typedMetadataContextNamespaces to add.
      Returns:
      This builder for chaining.

    • setUnknownFields

      public final ExtAuthz.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      setUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>

    • mergeUnknownFields

      public final ExtAuthz.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
      Specified by:
      mergeUnknownFields in interface com.google.protobuf.Message.Builder
      Overrides:
      mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<ExtAuthz.Builder>