istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/testdata/requestauthn/headers-params.yaml.tmpl

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/testdata/requestauthn/headers-params.yaml.tmpl (about)

     1  apiVersion: security.istio.io/v1beta1
     2  kind: RequestAuthentication
     3  metadata:
     4    name: {{ .To.ServiceName }}
     5  spec:
     6    selector:
     7      matchLabels:
     8        app: {{ .To.ServiceName }}
     9    jwtRules:
    10    - issuer: "test-issuer-1@istio.io"
    11      jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json"
    12      fromHeaders:
    13      - name: "x-jwt-token"
    14        prefix: "Value "
    15      - name: "auth-token"
    16        prefix: "Token "
    17      fromParams:
    18      - "token"
    19      - "secondary_token"
    20  ---
    21  # The following policy enables authorization on workload dst.
    22  apiVersion: security.istio.io/v1beta1
    23  kind: AuthorizationPolicy
    24  metadata:
    25    name: {{ .To.ServiceName }}
    26  spec:
    27    selector:
    28      matchLabels:
    29        app: {{ .To.ServiceName }}
    30    rules:
    31    - to:
    32      - operation:
    33          methods: ["GET"]
    34      from:
    35      - source:
    36          requestPrincipals: ["test-issuer-1@istio.io/sub-1"]