Please describe your use case / problem.
I have an existing GRPC service supporting Envoy's [external auth] (https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/ext_authz_filter) protocol. I would like to use it with ambassador. However, Ambassador only supports configuring the http version of the protocol.
Describe the solution you'd like
I would like Ambassador to choose between the http and grpc version of the protocol by inspecting the scheme portion of the url provided to AuthService.auth_service as follows:
One unfortunate part to this is that the http and grpc configurations for the auth service are quite different, so the solution is not as simple as just passing the url down to envoy.
Describe alternatives you've considered
I could have rewritten the service, but that's not a very scaleable solution. :)
Additional context
I proposed this on the ambassador-dev slack channel. I also prototyped it.
I can probably do a PR for this in the next week or two. I just need a bit of time to clean up my prototype code and test out some stuff I didn't consider in it.
A PR over the release/0.50.0 branch would be wonderful!
Note that technically this is a duplicate of #63 -- I'm going to leave both of them open, though, since there's so much more information here.
Supported! as of 0.50.0-ea7.
Is there any documentation/sample code available demonstrating how to implement external auth via gRPC?
Most helpful comment
Is there any documentation/sample code available demonstrating how to implement external auth via gRPC?