I have a Envoy Lua HTTP filter at SIDECAR_INBOUND. The filter received the token in
Authorization header and does the signVerify and checks claim. The filter will further generate a new token e.g.
sesson-token to be passed to next service in call chain if any. E.g. talking of bookinfo example:
Request(Auth token)-> Istio Ingressgateway -> Filter at
productpage ->(new token “session-token”) -> filter at
The application code at
details relies on the new token ( session token) to allow code execution. Even though this is service-to-service communication, I need to have either the original
authorization header or the newly generated header
session-token to be available to next service in call chain.
I tried using dynamica metadata api of Envoy Lua also but it just forwards the header added in
request-handle to make it available in
response_handle only. https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/lua_filter#dynamic-metadata-object-api
I am looking for some Envoy Lua filter mechanism to transparently propagate custom headers from service to service without the application code modification.