Re: request authorization with grpc (failure status code)

bmacphee Wed, 17 Jul 2019 05:33:24 -0700

I had some success doing the intercept at the next level above the auth
proxy location like this:
(using grpc_intercept_errors)


  server {
     listen 443 ssl http2;
     include grpc_servers.conf;

     # send all requests to the `/validate` endpoint for authorization
     auth_request /validate;

     grpc_intercept_errors on;
     error_page 401 @grpc_auth_fail;

     location = /validate {
       proxy_pass http://auth:5000;

       #proxy_intercept_errors on;
       #error_page 401 @grpc_auth_fail;
     }

     location @grpc_auth_fail {
       add_trailer grpc-status 16 always;
       add_header grpc-status 16 always;
       add_trailer grpc-message Unauthorized always;
       add_header grpc-message Unauthorized always;
       return 200;
     }
   }

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,284718,284880#msg-284880

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: request authorization with grpc (failure status code)

Reply via email to