Detected new managed modules references

modules/sync/envoyproxy/envoy/cas/98b1c26901946bf3ffca0a0528724578ea47c176c8de0354aad5c4d2daa7a8436b3b7444741d8645c9ce01f679b1ff83a22daebb1060af8bad082193088b4242

@@ -0,0 +1,180 @@
+syntax = "proto3";
+
+package envoy.config.cluster.v3;
+
+import "envoy/config/core/v3/extension.proto";
+
+import "google/protobuf/duration.proto";
+import "google/protobuf/wrappers.proto";
+
+import "udpa/annotations/status.proto";
+import "udpa/annotations/versioning.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.config.cluster.v3";
+option java_outer_classname = "OutlierDetectionProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3;clusterv3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: Outlier detection]
+
+// See the :ref:`architecture overview <arch_overview_outlier_detection>` for
+// more information on outlier detection.
+// [#next-free-field: 26]
+message OutlierDetection {
+  option (udpa.annotations.versioning).previous_message_type =
+      "envoy.api.v2.cluster.OutlierDetection";
+
+  // The number of consecutive server-side error responses (for HTTP traffic,
+  // 5xx responses; for TCP traffic, connection failures; for Redis, failure to
+  // respond PONG; etc.) before a consecutive 5xx ejection occurs. Defaults to 5.
+  google.protobuf.UInt32Value consecutive_5xx = 1;
+
+  // The time interval between ejection analysis sweeps. This can result in
+  // both new ejections as well as hosts being returned to service. Defaults
+  // to 10000ms or 10s.
+  google.protobuf.Duration interval = 2 [(validate.rules).duration = {gt {}}];
+
+  // The base time that a host is ejected for. The real time is equal to the
+  // base time multiplied by the number of times the host has been ejected and is
+  // capped by :ref:`max_ejection_time<envoy_v3_api_field_config.cluster.v3.OutlierDetection.max_ejection_time>`.
+  // Defaults to 30000ms or 30s.
+  google.protobuf.Duration base_ejection_time = 3 [(validate.rules).duration = {gt {}}];
+
+  // The maximum % of an upstream cluster that can be ejected due to outlier detection. Defaults to 10% .
+  // Will eject at least one host regardless of the value if :ref:`always_eject_one_host<envoy_v3_api_field_config.cluster.v3.OutlierDetection.always_eject_one_host>` is enabled.
+  google.protobuf.UInt32Value max_ejection_percent = 4 [(validate.rules).uint32 = {lte: 100}];
+
+  // The % chance that a host will be actually ejected when an outlier status
+  // is detected through consecutive 5xx. This setting can be used to disable
+  // ejection or to ramp it up slowly. Defaults to 100.
+  google.protobuf.UInt32Value enforcing_consecutive_5xx = 5 [(validate.rules).uint32 = {lte: 100}];
+
+  // The % chance that a host will be actually ejected when an outlier status
+  // is detected through success rate statistics. This setting can be used to
+  // disable ejection or to ramp it up slowly. Defaults to 100.
+  google.protobuf.UInt32Value enforcing_success_rate = 6 [(validate.rules).uint32 = {lte: 100}];
+
+  // The number of hosts in a cluster that must have enough request volume to
+  // detect success rate outliers. If the number of hosts is less than this
+  // setting, outlier detection via success rate statistics is not performed
+  // for any host in the cluster. Defaults to 5.
+  google.protobuf.UInt32Value success_rate_minimum_hosts = 7;
+
+  // The minimum number of total requests that must be collected in one
+  // interval (as defined by the interval duration above) to include this host
+  // in success rate based outlier detection. If the volume is lower than this
+  // setting, outlier detection via success rate statistics is not performed
+  // for that host. Defaults to 100.
+  google.protobuf.UInt32Value success_rate_request_volume = 8;
+
+  // This factor is used to determine the ejection threshold for success rate
+  // outlier ejection. The ejection threshold is the difference between the
+  // mean success rate, and the product of this factor and the standard
+  // deviation of the mean success rate: mean - (stdev *
+  // success_rate_stdev_factor). This factor is divided by a thousand to get a
+  // double. That is, if the desired factor is 1.9, the runtime value should
+  // be 1900. Defaults to 1900.
+  google.protobuf.UInt32Value success_rate_stdev_factor = 9;
+
+  // The number of consecutive gateway failures (502, 503, 504 status codes)
+  // before a consecutive gateway failure ejection occurs. Defaults to 5.
+  google.protobuf.UInt32Value consecutive_gateway_failure = 10;
+
+  // The % chance that a host will be actually ejected when an outlier status
+  // is detected through consecutive gateway failures. This setting can be
+  // used to disable ejection or to ramp it up slowly. Defaults to 0.
+  google.protobuf.UInt32Value enforcing_consecutive_gateway_failure = 11
+      [(validate.rules).uint32 = {lte: 100}];
+
+  // Determines whether to distinguish local origin failures from external errors. If set to true
+  // the following configuration parameters are taken into account:
+  // :ref:`consecutive_local_origin_failure<envoy_v3_api_field_config.cluster.v3.OutlierDetection.consecutive_local_origin_failure>`,
+  // :ref:`enforcing_consecutive_local_origin_failure<envoy_v3_api_field_config.cluster.v3.OutlierDetection.enforcing_consecutive_local_origin_failure>`
+  // and
+  // :ref:`enforcing_local_origin_success_rate<envoy_v3_api_field_config.cluster.v3.OutlierDetection.enforcing_local_origin_success_rate>`.
+  // Defaults to false.
+  bool split_external_local_origin_errors = 12;
+
+  // The number of consecutive locally originated failures before ejection
+  // occurs. Defaults to 5. Parameter takes effect only when
+  // :ref:`split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+  // is set to true.
+  google.protobuf.UInt32Value consecutive_local_origin_failure = 13;
+
+  // The % chance that a host will be actually ejected when an outlier status
+  // is detected through consecutive locally originated failures. This setting can be
+  // used to disable ejection or to ramp it up slowly. Defaults to 100.
+  // Parameter takes effect only when
+  // :ref:`split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+  // is set to true.
+  google.protobuf.UInt32Value enforcing_consecutive_local_origin_failure = 14
+      [(validate.rules).uint32 = {lte: 100}];
+
+  // The % chance that a host will be actually ejected when an outlier status
+  // is detected through success rate statistics for locally originated errors.
+  // This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
+  // Parameter takes effect only when
+  // :ref:`split_external_local_origin_errors<envoy_v3_api_field_config.cluster.v3.OutlierDetection.split_external_local_origin_errors>`
+  // is set to true.
+  google.protobuf.UInt32Value enforcing_local_origin_success_rate = 15
+      [(validate.rules).uint32 = {lte: 100}];
+
+  // The failure percentage to use when determining failure percentage-based outlier detection. If
+  // the failure percentage of a given host is greater than or equal to this value, it will be
+  // ejected. Defaults to 85.
+  google.protobuf.UInt32Value failure_percentage_threshold = 16
+      [(validate.rules).uint32 = {lte: 100}];
+
+  // The % chance that a host will be actually ejected when an outlier status is detected through
+  // failure percentage statistics. This setting can be used to disable ejection or to ramp it up
+  // slowly. Defaults to 0.
+  //
+  // [#next-major-version: setting this without setting failure_percentage_threshold should be
+  // invalid in v4.]
+  google.protobuf.UInt32Value enforcing_failure_percentage = 17
+      [(validate.rules).uint32 = {lte: 100}];
+
+  // The % chance that a host will be actually ejected when an outlier status is detected through
+  // local-origin failure percentage statistics. This setting can be used to disable ejection or to
+  // ramp it up slowly. Defaults to 0.
+  google.protobuf.UInt32Value enforcing_failure_percentage_local_origin = 18
+      [(validate.rules).uint32 = {lte: 100}];
+
+  // The minimum number of hosts in a cluster in order to perform failure percentage-based ejection.
+  // If the total number of hosts in the cluster is less than this value, failure percentage-based
+  // ejection will not be performed. Defaults to 5.
+  google.protobuf.UInt32Value failure_percentage_minimum_hosts = 19;
+
+  // The minimum number of total requests that must be collected in one interval (as defined by the
+  // interval duration above) to perform failure percentage-based ejection for this host. If the
+  // volume is lower than this setting, failure percentage-based ejection will not be performed for
+  // this host. Defaults to 50.
+  google.protobuf.UInt32Value failure_percentage_request_volume = 20;
+
+  // The maximum time that a host is ejected for. See :ref:`base_ejection_time<envoy_v3_api_field_config.cluster.v3.OutlierDetection.base_ejection_time>`
+  // for more information. If not specified, the default value (300000ms or 300s) or
+  // :ref:`base_ejection_time<envoy_v3_api_field_config.cluster.v3.OutlierDetection.base_ejection_time>` value is applied, whatever is larger.
+  google.protobuf.Duration max_ejection_time = 21 [(validate.rules).duration = {gt {}}];
+
+  // The maximum amount of jitter to add to the ejection time, in order to prevent
+  // a 'thundering herd' effect where all proxies try to reconnect to host at the same time.
+  // See :ref:`max_ejection_time_jitter<envoy_v3_api_field_config.cluster.v3.OutlierDetection.base_ejection_time>`
+  // Defaults to 0s.
+  google.protobuf.Duration max_ejection_time_jitter = 22;
+
+  // If active health checking is enabled and a host is ejected by outlier detection, a successful active health check
+  // unejects the host by default and considers it as healthy. Unejection also clears all the outlier detection counters.
+  // To change this default behavior set this config to ``false`` where active health checking will not uneject the host.
+  // Defaults to true.
+  google.protobuf.BoolValue successful_active_health_check_uneject_host = 23;
+
+  // Set of host's passive monitors.
+  // [#not-implemented-hide:]
+  repeated core.v3.TypedExtensionConfig monitors = 24;
+
+  // If enabled, at least one host is ejected regardless of the value of :ref:`max_ejection_percent<envoy_v3_api_field_config.cluster.v3.OutlierDetection.max_ejection_percent>`.
+  // Defaults to false.
+  google.protobuf.BoolValue always_eject_one_host = 25;
+}

modules/sync/envoyproxy/envoy/cas/d778b127215f6d27c1e1d6de2980df793fefe0f6e29d1dc0a683ce9bb940af28eb8c740dc648034d058b14e2234934f144a0ce528ea7e6b28a917ca81a483e43

@@ -0,0 +1,170 @@
+syntax = "proto3";
+
+package envoy.extensions.filters.http.oauth2.v3;
+
+import "envoy/config/core/v3/http_uri.proto";
+import "envoy/config/route/v3/route_components.proto";
+import "envoy/extensions/transport_sockets/tls/v3/secret.proto";
+import "envoy/type/matcher/v3/path.proto";
+
+import "google/protobuf/duration.proto";
+import "google/protobuf/wrappers.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.filters.http.oauth2.v3";
+option java_outer_classname = "OauthProto";
+option java_multiple_files = true;
+option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/oauth2/v3;oauth2v3";
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+
+// [#protodoc-title: OAuth]
+// OAuth :ref:`configuration overview <config_http_filters_oauth>`.
+// [#extension: envoy.filters.http.oauth2]
+//
+
+message OAuth2Credentials {
+  // [#next-free-field: 6]
+  message CookieNames {
+    // Cookie name to hold OAuth bearer token value. When the authentication server validates the
+    // client and returns an authorization token back to the OAuth filter, no matter what format
+    // that token is, if :ref:`forward_bearer_token <envoy_v3_api_field_extensions.filters.http.oauth2.v3.OAuth2Config.forward_bearer_token>`
+    // is set to true the filter will send over the bearer token as a cookie with this name to the
+    // upstream. Defaults to ``BearerToken``.
+    string bearer_token = 1
+        [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}];
+
+    // Cookie name to hold OAuth HMAC value. Defaults to ``OauthHMAC``.
+    string oauth_hmac = 2
+        [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}];
+
+    // Cookie name to hold OAuth expiry value. Defaults to ``OauthExpires``.
+    string oauth_expires = 3
+        [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}];
+
+    // Cookie name to hold the id token. Defaults to ``IdToken``.
+    string id_token = 4
+        [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}];
+
+    // Cookie name to hold the refresh token. Defaults to ``RefreshToken``.
+    string refresh_token = 5
+        [(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}];
+  }
+
+  // The client_id to be used in the authorize calls. This value will be URL encoded when sent to the OAuth server.
+  string client_id = 1 [(validate.rules).string = {min_len: 1}];
+
+  // The secret used to retrieve the access token. This value will be URL encoded when sent to the OAuth server.
+  transport_sockets.tls.v3.SdsSecretConfig token_secret = 2
+      [(validate.rules).message = {required: true}];
+
+  // Configures how the secret token should be created.
+  oneof token_formation {
+    option (validate.required) = true;
+
+    // If present, the secret token will be a HMAC using the provided secret.
+    transport_sockets.tls.v3.SdsSecretConfig hmac_secret = 3
+        [(validate.rules).message = {required: true}];
+  }
+
+  // The cookie names used in OAuth filters flow.
+  CookieNames cookie_names = 4;
+}
+
+// OAuth config
+//
+// [#next-free-field: 18]
+message OAuth2Config {
+  enum AuthType {
+    // The ``client_id`` and ``client_secret`` will be sent in the URL encoded request body.
+    // This type should only be used when Auth server does not support Basic authentication.
+    URL_ENCODED_BODY = 0;
+
+    // The ``client_id`` and ``client_secret`` will be sent using HTTP Basic authentication scheme.
+    BASIC_AUTH = 1;
+  }
+
+  // Endpoint on the authorization server to retrieve the access token from.
+  config.core.v3.HttpUri token_endpoint = 1;
+
+  // The endpoint redirect to for authorization in response to unauthorized requests.
+  string authorization_endpoint = 2 [(validate.rules).string = {min_len: 1}];
+
+  // Credentials used for OAuth.
+  OAuth2Credentials credentials = 3 [(validate.rules).message = {required: true}];
+
+  // The redirect URI passed to the authorization endpoint. Supports header formatting
+  // tokens. For more information, including details on header value syntax, see the
+  // documentation on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.
+  //
+  // This URI should not contain any query parameters.
+  string redirect_uri = 4 [(validate.rules).string = {min_len: 1}];
+
+  // Matching criteria used to determine whether a path appears to be the result of a redirect from the authorization server.
+  type.matcher.v3.PathMatcher redirect_path_matcher = 5
+      [(validate.rules).message = {required: true}];
+
+  // The path to sign a user out, clearing their credential cookies.
+  type.matcher.v3.PathMatcher signout_path = 6 [(validate.rules).message = {required: true}];
+
+  // Forward the OAuth token as a Bearer to upstream web service.
+  bool forward_bearer_token = 7;
+
+  // If set to true, preserve the existing authorization header.
+  // By default Envoy strips the existing authorization header before forwarding upstream.
+  // Can not be set to true if forward_bearer_token is already set to true.
+  // Default value is false.
+  bool preserve_authorization_header = 16;
+
+  // Any request that matches any of the provided matchers will be passed through without OAuth validation.
+  repeated config.route.v3.HeaderMatcher pass_through_matcher = 8;
+
+  // Optional list of OAuth scopes to be claimed in the authorization request. If not specified,
+  // defaults to "user" scope.
+  // OAuth RFC https://tools.ietf.org/html/rfc6749#section-3.3
+  repeated string auth_scopes = 9;
+
+  // Optional resource parameter for authorization request
+  // RFC: https://tools.ietf.org/html/rfc8707
+  repeated string resources = 10;
+
+  // Defines how ``client_id`` and ``client_secret`` are sent in OAuth client to OAuth server requests.
+  // RFC https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1
+  AuthType auth_type = 11 [(validate.rules).enum = {defined_only: true}];
+
+  // If set to true, allows automatic access token refresh using the associated refresh token (see
+  // `RFC 6749 section 6 <https://datatracker.ietf.org/doc/html/rfc6749#section-6>`_), provided that the OAuth server supports that.
+  // Default value is false.
+  google.protobuf.BoolValue use_refresh_token = 12;
+
+  // The default lifetime in seconds of the access token, if omitted by the authorization server.
+  //
+  // If this value is not set, it will default to ``0s``. In this case, the expiry must be set by
+  // the authorization server or the OAuth flow will fail.
+  google.protobuf.Duration default_expires_in = 13;
+
+  // Any request that matches any of the provided matchers won't be redirected to OAuth server when tokens are not valid.
+  // Automatic access token refresh will be performed for these requests, if enabled.
+  // This behavior can be useful for AJAX requests.
+  repeated config.route.v3.HeaderMatcher deny_redirect_matcher = 14;
+
+  // The default lifetime in seconds of the refresh token, if the exp (expiration time) claim is omitted in the refresh token or the refresh token is not JWT.
+  //
+  // If this value is not set, it will default to ``604800s``. In this case, the cookie with the refresh token will be expired
+  // in a week.
+  // This setting is only considered if ``use_refresh_token`` is set to true, otherwise the authorization server expiration or ``defaul_expires_in`` is used.
+  google.protobuf.Duration default_refresh_token_expires_in = 15;
+
+  // If set to true, Envoy will not set a cookie for ID Token even if one is received from the Identity Provider. This may be useful in cases where the ID
+  // Token is too large for HTTP cookies (longer than 4096 characters). Enabling this option will only disable setting the cookie response header, the filter
+  // will still process incoming ID Tokens as part of the HMAC if they are there. This is to ensure compatibility while switching this setting on. Future
+  // sessions would not set the IdToken cookie header.
+  bool disable_id_token_set_cookie = 17;
+}
+
+// Filter config.
+message OAuth2 {
+  // Leave this empty to disable OAuth2 for a specific route, using per filter config.
+  OAuth2Config config = 1;
+}