Request headers are not propagated even from SIDECAR_INBOUND to SIDECAR_OUTBOUND even after using streamInfo:dynamicMetadata
91 views
Skip to first unread message
kamesh....@gmail.com
Apr 28, 2020, 2:03:06 AM4/28/20
to envoy-dev
Envoy documentation fo "Data sharing between filters" claims that using "DynamicMetadata" api ...filters can share data amongst them. But i have observed that the request headers are NOT EVEN available from SIDECAR_INBOUND to SIDECAR_OUTBOUND. The value of "authorization" header received form original request was added back using
request_handle:streamInfo():dynamicMetadata():set("envoy.lua", "x-envoy-userjwt", jwt-value)
In function envoy_on_request(request_handle) In SIDECAR_INBOUND of "bookinfo.productpage" .
When the same metadata value was retrieved in SIDECAR_OUTBOUND as below returns "nil".
Sample filter config code as below:
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: custom-auth-productpage-metadata
namespace: default
spec:
workloadSelector:
labels:
app: productpage
version: v1
configPatches:
# The first patch adds the lua filter to the listener/http connection manager
- applyTo: HTTP_FILTER
match:
context: SIDECAR_INBOUND
listener:
# portNumber: 9080
filterChain:
filter:
name: "envoy.http_connection_manager"
subFilter:
name: "envoy.filters.http.wasm"
patch:
operation: INSERT_AFTER # Make it AFTER, if forwardOriginalToken: false in gatewsay jwt
value: # lua filter specification
name: envoy.lua
typed_config:
inlineCode: |
function envoy_on_request(request_handle)
request_handle:logWarn("SIDECAR_OUTBOUND")
local headers = request_handle:headers()
--local auth = headers:get("Authorization")
local jwt = headers:get("x-envoy-userjwt"). -- has same value as "Authorization"
request_handle:streamInfo():dynamicMetadata():set("envoy.lua", "x-envoy-userjwt", jwt)
request_handle:logWarn("token1: "..jwt)
end
function envoy_on_response(response_handle)
local headers = response_handle:headers()
local meta = response_handle:streamInfo():dynamicMetadata():get("envoy.filters.http.lua")["x-envoy-userjwt"]
response_handle:logWarn("token2: "..meta)
response_handle:streamInfo():dynamicMetadata():set("envoy.lua", "x-envoy-userjwt", meta)
end
- applyTo: HTTP_FILTER
match:
context: SIDECAR_OUTBOUND
listener:
# portNumber: 9080
filterChain:
filter:
name: "envoy.http_connection_manager"
subFilter:
name: "envoy.filters.http.wasm"
patch:
operation: INSERT_AFTER
value: # lua filter specification
name: envoy.lua
typed_config:
inlineCode: |
function envoy_on_request(request_handle)
request_handle:logWarn("SIDECAR_OUTBOUND")
local meta = request_handle:streamInfo():dynamicMetadata():get("envoy.filters.http.lua")["x-envoy-userjwt"]
response_handle:logWarn("token3: "..meta)
request_handle:streamInfo():dynamicMetadata():set("envoy.lua", "x-envoy-userjwt", meta)
end
function envoy_on_response(response_handle)
local headers = response_handle:headers()
local meta = response_handle:streamInfo():dynamicMetadata():get("envoy.filters.http.lua")["x-envoy-userjwt"]
response_handle:logWarn("token4: "..meta)
response_handle:streamInfo():dynamicMetadata():set("envoy.lua", "x-envoy-userjwt", meta)
end
---
Reply all
Reply to author
Forward
0 new messages