Collection of protobuf types and other assets to work with the [Envoy Proxy] through Rust services.
Among other use cases, this crate can be used to implement an [Envoy External Authorization] (ExtAuthz) gRPC Server written in Rust.
[Examples] | [Docs]
toml
[dependencies]
envoy-types = "<envoy-types-version>"
The protobuf types made available are already pre-compiled, so you only need to
have the Protocol Buffer Compiler (protoc) installed to run the crate's tests.
Installation instructions can be found here.
The example bellow covers a bare-bones implementation of an Envoy ExtAuthz gRPC
AuthorizationServer, with [tonic]. A more complete implementation, including
query parameters and header manipulation, can be found at the [examples]
directory.
```rust use tonic::{transport::Server, Request, Response, Status};
use envoytypes::extauthz::v3::pb::{ Authorization, AuthorizationServer, CheckRequest, CheckResponse, }; use envoytypes::extauthz::v3::{CheckRequestExt, CheckResponseExt};
struct MyServer;
impl Authorization for MyServer {
async fn check(
&self,
request: Request
let client_headers = request
.get_client_headers()
.ok_or_else(|| Status::invalid_argument("client headers not populated by envoy"))?;
let mut request_status = Status::unauthenticated("not authorized");
if let Some(authorization) = client_headers.get("authorization") {
if authorization == "Bearer valid-token" {
request_status = Status::ok("request is valid");
}
}
Ok(Response::new(CheckResponse::with_status(request_status)))
}
}
async fn main() -> Result<(), Box
println!("AuthorizationServer listening on {addr}");
Server::builder()
.add_service(AuthorizationServer::new(server))
.serve(addr)
.await?;
Ok(())
} ```
This project is licensed under the Apache License (Version 2.0).
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion by you, shall be licensed as Apache-2.0, without any additional terms or conditions.