request authorization with grpc (failure status code)

bmacphee nginx-forum at forum.nginx.org
Wed Jul 17 12:32:33 UTC 2019


I had some success doing the intercept at the next level above the auth
proxy location like this:
(using grpc_intercept_errors)

  server {
     listen 443 ssl http2;
     include grpc_servers.conf;

     # send all requests to the `/validate` endpoint for authorization
     auth_request /validate;

     grpc_intercept_errors on;
     error_page 401 @grpc_auth_fail;

     location = /validate {
       proxy_pass http://auth:5000;

       #proxy_intercept_errors on;
       #error_page 401 @grpc_auth_fail;
     }

     location @grpc_auth_fail {
       add_trailer grpc-status 16 always;
       add_header grpc-status 16 always;
       add_trailer grpc-message Unauthorized always;
       add_header grpc-message Unauthorized always;
       return 200;
     }
   }

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,284718,284880#msg-284880



More information about the nginx mailing list