Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Request Authentication Support #790

Closed
6 of 7 tasks
danehans opened this issue Dec 9, 2022 · 5 comments
Closed
6 of 7 tasks

Add Request Authentication Support #790

danehans opened this issue Dec 9, 2022 · 5 comments
Assignees
@danehans
Labels
area/api API-related issues area/config Issues related to config management, e.g. Config Manager, Config Sources, etc. area/extensions area/ir Issues related to Gateway's internal representation, e.g. data model. area/message-service Issues related to Gateway's message service used for communication among components. area/translator Issues related to Gateway's translation service, e.g. translating Gateway APIs into the IR. area/xds-server Issues related to the xDS Server used for managing Envoy configuration. documentation Improvements or additions to documentation kind/enhancement New feature or request priority/high Label used to express the "high" priority level provider/kubernetes Issues related to the Kubernetes provider release-note Indicates a required release note
Milestone
0.3.0

Comments

@danehans
Copy link
Contributor

danehans commented Dec 9, 2022
edited
Loading

  • Design user-facing API for authentication requests (Design Authentication Policy as a GatewayAPI Extension #336).
  • Add API support to Kube provider.
  • Add API support to gatewayapi translator.
  • Add API support to IR.
  • Add API support to xds translator and server.
  • Update user docs with config example.
  • E2E testing.
@danehans danehans self-assigned this Dec 9, 2022
@danehans danehans added documentation Improvements or additions to documentation kind/enhancement New feature or request area/api API-related issues area/config Issues related to config management, e.g. Config Manager, Config Sources, etc. area/ir Issues related to Gateway's internal representation, e.g. data model. area/message-service Issues related to Gateway's message service used for communication among components. area/translator Issues related to Gateway's translation service, e.g. translating Gateway APIs into the IR. area/xds-server Issues related to the xDS Server used for managing Envoy configuration. area/extensions provider/kubernetes Issues related to the Kubernetes provider release-note Indicates a required release note priority/high Label used to express the "high" priority level labels Dec 9, 2022
This was referenced Dec 9, 2022
Merged
Merged
Merged
@zhshw
Copy link

zhshw commented Jan 4, 2023
edited
Loading

envoy ext_authz filiter need define request body buffer MaxRequestBytes

@danehans
Copy link
Contributor Author

danehans commented Jan 4, 2023

@zhshw does a default value exist for MaxRequestBytes? If not, what is an appropriate default value? We should also consider the min/max values too.

@arkodg
Copy link
Contributor

arkodg commented Jan 4, 2023

@danehans any idea on how E2E will be implemented for this feature ?

@danehans danehans added this to the 0.3.0-rc.1 milestone Jan 13, 2023
@danehans
Copy link
Contributor Author

@arkodg my thoughts are:

  • Use the kind cluster from the conformance tests for running e2e testing.
  • Mock a JWKS in our e2e testing package.
  • Create an HTTP request that contains a JWT.
  • Create a test backend app, Gateway, HTTPRoute, AuthenticationFilter, etc.
  • Send the request to the Gateway.

@danehans danehans mentioned this issue Jan 13, 2023
Merged
@arkodg arkodg mentioned this issue Jan 17, 2023
Closed
@danehans danehans modified the milestones: 0.3.0-rc.1, 0.3.0 Feb 2, 2023
@danehans danehans mentioned this issue Feb 7, 2023
Merged
@danehans
Copy link
Contributor Author

danehans commented Feb 8, 2023
edited
Loading

This feature is shipping in v0.3 with manual testing (see authn user doc). Closing this issue since #863 tracks the need for an e2e framework

@danehans danehans removed their assignment Feb 8, 2023
@danehans danehans added help wanted Extra attention is needed and removed help wanted Extra attention is needed labels Feb 8, 2023
@danehans danehans self-assigned this Feb 8, 2023
@danehans danehans closed this as completed Feb 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danehans danehans

Labels
area/api API-related issues area/config Issues related to config management, e.g. Config Manager, Config Sources, etc. area/extensions area/ir Issues related to Gateway's internal representation, e.g. data model. area/message-service Issues related to Gateway's message service used for communication among components. area/translator Issues related to Gateway's translation service, e.g. translating Gateway APIs into the IR. area/xds-server Issues related to the xDS Server used for managing Envoy configuration. documentation Improvements or additions to documentation kind/enhancement New feature or request priority/high Label used to express the "high" priority level provider/kubernetes Issues related to the Kubernetes provider release-note Indicates a required release note
Projects
None yet
Milestone
0.3.0
Development

No branches or pull requests
3 participants
@danehans @zhshw @arkodg