set securitypolicy name to oauth2 stats prefix

zhaohuabing · zhaohuabing · commit 6d18f0a6b05d · 2025-11-13T15:30:39.000+08:00
Signed-off-by: Huabing Zhao &lt;zhaohuabing@gmail.com&gt;
diff --git a/internal/xds/translator/oidc.go b/internal/xds/translator/oidc.go
@@ -127,6 +127,7 @@ func oauth2Config(securityFeatures *ir.SecurityFeatures) (*oauth2v3.OAuth2, erro
 	preserveAuthorizationHeader := !oidc.ForwardAccessToken
 	oauth2 := &oauth2v3.OAuth2{
 		Config: &oauth2v3.OAuth2Config{
+			StatPrefix: oidc.Name,
 			TokenEndpoint: &corev3.HttpUri{
 				Uri: oidc.Provider.TokenEndpoint,
 				HttpUpstreamType: &corev3.HttpUri_Cluster{
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
@@ -77,6 +77,7 @@
               signoutPath:
                 path:
                   exact: /foo/logout
+              statPrefix: securitypolicy/default/policy-for-gateway-2
               tokenEndpoint:
                 cluster: oauth_foo_com_443
                 timeout: 10s
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
@@ -58,6 +58,7 @@
               signoutPath:
                 path:
                   exact: /logout
+              statPrefix: securitypolicy/envoy-gateway/security-policy-1
               tokenEndpoint:
                 cluster: oauth_foo_com_443
                 timeout: 10s
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-backencluster-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-backencluster-provider.listeners.yaml
@@ -19,6 +19,7 @@
           typedConfig:
             '@type': type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2
             config:
+              statPrefix: securitypolicy/envoy-gateway/policy-for-gateway
               authScopes:
               - openid
               authType: BASIC_AUTH
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
@@ -58,6 +58,7 @@
               signoutPath:
                 path:
                   exact: /bar/logout
+              statPrefix: securitypolicy/envoy-gateway/policy-for-gateway
               tokenEndpoint:
                 cluster: securitypolicy/envoy-gateway/policy-for-gateway/0
                 timeout: 10s
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
@@ -57,6 +57,7 @@
               signoutPath:
                 path:
                   exact: /foo/logout
+              statPrefix: securitypolicy/default/policy-for-first-route
               tokenEndpoint:
                 cluster: oauth_foo_com_443
                 timeout: 10s
@@ -121,6 +122,7 @@
               signoutPath:
                 path:
                   exact: /bar/logout
+              statPrefix: securitypolicy/default/policy-for-second-route
               tokenEndpoint:
                 cluster: oauth_bar_com_443
                 timeout: 10s
diff --git a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
@@ -52,6 +52,7 @@
               signoutPath:
                 path:
                   exact: /logout
+              statPrefix: securitypolicy/default/policy-for-http-route
               tokenEndpoint:
                 cluster: oidc_example_com_443
                 timeout: 10s
