Skip to content

xds: Add ExtAuthzClientInterceptor and call buffering#12897

Open
sauravzg wants to merge 1 commit into
dev/sauravzg/response-handlingfrom
dev/sauravzg/client-interceptor
Open

xds: Add ExtAuthzClientInterceptor and call buffering#12897
sauravzg wants to merge 1 commit into
dev/sauravzg/response-handlingfrom
dev/sauravzg/client-interceptor

Conversation

@sauravzg

@sauravzg sauravzg commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

Part 3 of the client-side ext_authz filter. Sits on top of the response handling PR.

Introduces the ClientInterceptor that performs async ext_authz checks on outgoing RPCs. Because the authorization call is asynchronous, outgoing sendMessage() and halfClose() frames are buffered in ExtAuthzClientCall until a decision arrives. On allow, buffered operations are replayed with any header mutations applied. On deny, the call is terminated immediately.

Key classes:

  • AuthzCallbackObserver — async listener on the authz gRPC stream that signals the buffering call on completion.
  • ExtAuthzClientCall — buffers outgoing frames while authz is pending; drains or cancels based on the decision.
  • MutatingClientCall — wraps the real call to inject header mutations from the authz response.
  • FailingClientCall / FailingCallWithTrailerMutations — immediate termination paths for denied or disabled-filter scenarios.

Part 3 of the client-side ext_authz filter. Sits on top of the
response handling PR.

Introduces the ClientInterceptor that performs async ext_authz
checks on outgoing RPCs. Because the authorization call is
asynchronous, outgoing sendMessage() and halfClose() frames are
buffered in ExtAuthzClientCall until a decision arrives. On allow,
buffered operations are replayed with any header mutations applied.
On deny, the call is terminated immediately.

Key classes:
- AuthzCallbackObserver — async listener on the authz gRPC stream
  that signals the buffering call on completion.
- ExtAuthzClientCall — buffers outgoing frames while authz is
  pending; drains or cancels based on the decision.
- MutatingClientCall — wraps the real call to inject header
  mutations from the authz response.
- FailingClientCall / FailingCallWithTrailerMutations — immediate
  termination paths for denied or disabled-filter scenarios.
@sauravzg sauravzg requested a review from kannanjgithub July 7, 2026 13:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant