Request_header_operations to add cookie as header

Networking
1

How can I extract a cookie to become an header without using filters?

I have used the following to extract something from JWT

apiVersion: config.istio.io/v1alpha2
kind: rule
metadata:
  name: auth-headers
  namespace: istio-system
spec:
  match: source.labels["istio"] == "ingressgateway"
  - name: X-company-userId
    values:
    - request.auth.claims["sub"]

However the JWT itself is currently in a cookie.
I am forced to use the following lua code to extract it

  function envoy_on_request(request_handle)
    local jwtHeaderName = "authorization"
    local headers = request_handle:headers()
    local cookieString = headers:get("cookie")
    local jwt = nil 
    if cookieString ~= nil then
      local splitCookieString = stringSplit(cookieString, ";")

      for i, cookieItem in ipairs(splitCookieString) do
        if string.find(cookieItem, jwtHeaderName) ~= nil then
          jwt = stringSplit(cookieItem, "=")[2]
        end 
      end 
    end 

    if jwt == nil then
      headers:add("jwt","headernotfound")
    else
      headers:replace("x-auth", jwt)
    end 
  end

But I would ideally like to avoid custom Lua

Is there any plan to extend the request.headers attribute to also allow to extract cookies, it would make it much simpler.

Any suggestion?

1 Like
2

Hi @ademaria I cannot even extract the sub claim from JWT to add it as a header.

istio version 1.6.0

3

Hi @ademaria ,i can not extract the sub claim from JWT in istio 1.6.4 , how did you do that ,what flag should open
Hi @Eduardo_Lago_Aguilar,did you resolve the jwt exact issue ? can you exact JWT from JWT to add a header now ?