Collection of protobuf types to work with the [Envoy Proxy] through Rust services.
Among other use cases, this crate can be used to implement an [Envoy External Authorization] (ExtAuthz) gRPC Server written in Rust.
[Examples] | [Docs]
toml
[dependencies]
envoy-types = "<envoy-types-version>"
The protobuf types made available are already pre-compiled, so you only need to
have the Protocol Buffer Compiler (protoc) installed to run the crate's tests.
Installation instructions can be found here.
The example bellow covers a bare-bones implementation of an Envoy ExtAuthz gRPC
AuthorizationServer, with [tonic]. A more complete implementation, including
query parameters and header manipulation, can be found at the [examples]
directory.
```rust use std::collections::HashMap; use tonic::{transport::Server, Request, Response, Status};
use envoytypes::extauthz::v3::pb::{ Address, Authorization, AuthorizationServer, CheckRequest, CheckResponse, }; use envoy_types::pb::google::rpc;
struct MyServer;
fn getexternalrequestdata(
request: Request
impl Authorization for MyServer {
async fn check(
&self,
request: Request
if let Some((client_address, client_headers)) = get_external_request_data(request) {
// Validate `client_address` and/or `client_headers`
// ...
if let Some(authorization) = client_headers.get("authorization") {
if authorization == "Bearer valid-token" {
// Mark request as authenticated
response_status.code = rpc::Code::Ok.into();
}
}
}
let mut response = CheckResponse::default();
response.status = Some(response_status);
Ok(Response::new(response))
}
}
async fn main() -> Result<(), Box
println!("AuthorizationServer listening on 50051");
Server::builder()
.add_service(AuthorizationServer::new(server))
.serve(addr)
.await?;
Ok(())
} ```
This project is licensed under the Apache License (Version 2.0).
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion by you, shall be licensed as Apache-2.0, without any additional terms or conditions.