patterns:
        - exact: Authorization
          ignoreCase: true
        - ignoreCase: true
          prefix: x-prefix-
        - ignoreCase: true
          suffix: -suffix
    pathPrefix: /check
    serverUri:
      cluster: outbound|9000||my-custom-ext-authz.foo.svc.cluster.local
      timeout: 10s
      uri: http://my-custom-ext-authz.foo.svc.cluster.local
  statusOnError:
    code: Forbidden
  transportApiVersion: V3

        this.backingRepository = new IvyFileRepository(server.file(contextPath.substring(1)), m2Compatible, dirPattern, ivyFilePattern, artifactFilePattern)
    }

    URI getUri() {
        return new URI("${serverUri}${contextPath}")
    }

    URI getServerUri() {
        server.uri
    }

    String getIvyPattern() {
        return "$uri/${backingRepository.baseIvyPattern}"
    }

import java.net.InetAddress
import java.net.URLEncoder

plugins {
    id("gradlebuild.collect-failed-tasks")
    id("gradlebuild.cache-miss-monitor")
    id("gradlebuild.module-identity")
}

val serverUrl = "https://ge.gradle.org"
val gitCommitName = "gitCommitId"
val tcBuildTypeName = "tcBuildType"

// We can not use plugin {} because this is registered by a settings plugin.

	server := httptest.NewUnstartedServer(http.HandlerFunc(serveHTTP))
	server.TLS = tlsConfig
	server.StartTLS()

	// Adjust the path to point to our custom path
	serverURL, _ := url.Parse(server.URL)
	serverURL.Path = webhookPath
	server.URL = serverURL.String()

	return server, nil
}

// A service that can be set to allow all or deny all authorization requests.
type mockV1beta1Service struct {
	allow      bool

// isServerResolvable - checks if the endpoint is resolvable
// by sending a naked HTTP request with liveness checks.
func isServerResolvable(endpoint Endpoint, timeout time.Duration) error {
	serverURL := &url.URL{
		Scheme: endpoint.Scheme,
		Host:   endpoint.Host,
		Path:   pathJoin(healthCheckPathPrefix, healthCheckLivenessPath),
	}

	httpClient := &http.Client{
		Transport: globalInternodeTransport,

func newStorageRESTClient(endpoint Endpoint, healthCheck bool, gm *grid.Manager) (*storageRESTClient, error) {
	serverURL := &url.URL{
		Scheme: endpoint.Scheme,
		Host:   endpoint.Host,
		Path:   path.Join(storageRESTPrefix, endpoint.Path, storageRESTVersion),
	}

	restClient := rest.NewClient(serverURL, globalInternodeTransport, newCachedAuthToken())
	if healthCheck {
		// Use a separate client to avoid recursive calls.

	config *meshconfig.MeshConfig_ExtensionProvider_EnvoyExternalAuthorizationHttpProvider,
) *builtExtAuthz {
	service := &extauthzhttp.HttpService{
		PathPrefix: config.PathPrefix,
		ServerUri: &core.HttpUri{
			// Timeout is required.
			Timeout: timeoutOrDefault(config.Timeout),
			// Uri is required but actually not used in the ext_authz filter.
			Uri: fmt.Sprintf("http://%s", hostname),

	scheme := "http"
	if globalIsTLS {
		scheme = "https"
	}

	serverURL := &url.URL{
		Scheme: scheme,
		Host:   peer.String(),
		Path:   peerRESTPath,
	}

	restClient := rest.NewClient(serverURL, globalInternodeTransport, newCachedAuthToken())
	// Use a separate client to avoid recursive calls.
	healthClient := rest.NewClient(serverURL, globalInternodeTransport, newCachedAuthToken())
	healthClient.NoMetrics = true

			}
			globalBrowserRedirectURL = u
		}
		globalBrowserRedirect = env.Get(config.EnvBrowserRedirect, config.EnableOn) == config.EnableOn
	}

	if serverURL := env.Get(config.EnvMinIOServerURL, ""); serverURL != "" {
		u, err := xnet.ParseHTTPURL(serverURL)
		if err != nil {
			logger.Fatal(err, "Invalid MINIO_SERVER_URL value in environment variable")
		}
		// Look for if URL has invalid values and return error.

	server := httptest.NewUnstartedServer(http.HandlerFunc(serveHTTP))
	server.TLS = tlsConfig
	server.StartTLS()

	// Adjust the path to point to our custom path
	serverURL, _ := url.Parse(server.URL)
	serverURL.Path = webhookPath
	server.URL = serverURL.String()

	return server, nil
}

// A service that can be set to allow all or deny all authorization requests.
type mockV1Service struct {
	allow      bool