github.com/cilium/cilium@v1.16.2/pkg/auth/always_fail_authhandler.go

github.com/cilium/cilium@v1.16.2/pkg/auth/always_fail_authhandler.go (about)

     1  // SPDX-License-Identifier: Apache-2.0
     2  // Copyright Authors of Cilium
     3  
     4  package auth
     5  
     6  import (
     7  	"errors"
     8  
     9  	"github.com/cilium/cilium/api/v1/models"
    10  	"github.com/cilium/cilium/pkg/auth/certs"
    11  	"github.com/cilium/cilium/pkg/policy"
    12  )
    13  
    14  func newAlwaysFailAuthHandler() authHandlerResult {
    15  	return authHandlerResult{
    16  		AuthHandler: &alwaysFailAuthHandler{},
    17  	}
    18  }
    19  
    20  // alwaysFailAuthHandler implements an authHandler for auth type always-fail to deny every request.
    21  type alwaysFailAuthHandler struct {
    22  }
    23  
    24  func (r *alwaysFailAuthHandler) authenticate(authReq *authRequest) (*authResponse, error) {
    25  	return nil, errors.New("authenticating failed by the always-fail auth handler")
    26  }
    27  
    28  func (r *alwaysFailAuthHandler) authType() policy.AuthType {
    29  	return policy.AuthTypeAlwaysFail
    30  }
    31  
    32  func (r *alwaysFailAuthHandler) subscribeToRotatedIdentities() <-chan certs.CertificateRotationEvent {
    33  	return nil
    34  }
    35  
    36  func (r *alwaysFailAuthHandler) certProviderStatus() *models.Status {
    37  	return nil // reporting no status as we have no cert provider
    38  }