responseObserver) {
+ return io.grpc.stub.ServerCalls.asyncUnimplementedStreamingCall(getProcessMethod(), responseObserver);
+ }
+ }
+
+ /**
+ * Base class for the server implementation of the service ExternalProcessor.
+ *
+ * A service that can access and modify HTTP requests and responses
+ * as part of a filter chain.
+ * The overall external processing protocol works like this:
+ * 1. The data plane sends to the service information about the HTTP request.
+ * 2. The service sends back a ProcessingResponse message that directs
+ * the data plane to either stop processing, continue without it, or send
+ * it the next chunk of the message body.
+ * 3. If so requested, the data plane sends the server the message body in
+ * chunks, or the entire body at once. In either case, the server may send
+ * back a ProcessingResponse for each message it receives, or wait for
+ * a certain amount of body chunks received before streaming back the
+ * ProcessingResponse messages.
+ * 4. If so requested, the data plane sends the server the HTTP trailers,
+ * and the server sends back a ProcessingResponse.
+ * 5. At this point, request processing is done, and we pick up again
+ * at step 1 when the data plane receives a response from the upstream
+ * server.
+ * 6. At any point above, if the server closes the gRPC stream cleanly,
+ * then the data plane proceeds without consulting the server.
+ * 7. At any point above, if the server closes the gRPC stream with an error,
+ * then the data plane returns a 500 error to the client, unless the filter
+ * was configured to ignore errors.
+ * In other words, the process is a request/response conversation, but
+ * using a gRPC stream to make it easier for the server to
+ * maintain state.
+ *
+ */
+ public static abstract class ExternalProcessorImplBase
+ implements io.grpc.BindableService, AsyncService {
+
+ @java.lang.Override public final io.grpc.ServerServiceDefinition bindService() {
+ return ExternalProcessorGrpc.bindService(this);
+ }
+ }
+
+ /**
+ * A stub to allow clients to do asynchronous rpc calls to service ExternalProcessor.
+ *
+ * A service that can access and modify HTTP requests and responses
+ * as part of a filter chain.
+ * The overall external processing protocol works like this:
+ * 1. The data plane sends to the service information about the HTTP request.
+ * 2. The service sends back a ProcessingResponse message that directs
+ * the data plane to either stop processing, continue without it, or send
+ * it the next chunk of the message body.
+ * 3. If so requested, the data plane sends the server the message body in
+ * chunks, or the entire body at once. In either case, the server may send
+ * back a ProcessingResponse for each message it receives, or wait for
+ * a certain amount of body chunks received before streaming back the
+ * ProcessingResponse messages.
+ * 4. If so requested, the data plane sends the server the HTTP trailers,
+ * and the server sends back a ProcessingResponse.
+ * 5. At this point, request processing is done, and we pick up again
+ * at step 1 when the data plane receives a response from the upstream
+ * server.
+ * 6. At any point above, if the server closes the gRPC stream cleanly,
+ * then the data plane proceeds without consulting the server.
+ * 7. At any point above, if the server closes the gRPC stream with an error,
+ * then the data plane returns a 500 error to the client, unless the filter
+ * was configured to ignore errors.
+ * In other words, the process is a request/response conversation, but
+ * using a gRPC stream to make it easier for the server to
+ * maintain state.
+ *
+ */
+ public static final class ExternalProcessorStub
+ extends io.grpc.stub.AbstractAsyncStub {
+ private ExternalProcessorStub(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ super(channel, callOptions);
+ }
+
+ @java.lang.Override
+ protected ExternalProcessorStub build(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ return new ExternalProcessorStub(channel, callOptions);
+ }
+
+ /**
+ *
+ * This begins the bidirectional stream that the data plane will use to
+ * give the server control over what the filter does. The actual
+ * protocol is described by the ProcessingRequest and ProcessingResponse
+ * messages below.
+ *
+ */
+ public io.grpc.stub.StreamObserver process(
+ io.grpc.stub.StreamObserver responseObserver) {
+ return io.grpc.stub.ClientCalls.asyncBidiStreamingCall(
+ getChannel().newCall(getProcessMethod(), getCallOptions()), responseObserver);
+ }
+ }
+
+ /**
+ * A stub to allow clients to do synchronous rpc calls to service ExternalProcessor.
+ *
+ * A service that can access and modify HTTP requests and responses
+ * as part of a filter chain.
+ * The overall external processing protocol works like this:
+ * 1. The data plane sends to the service information about the HTTP request.
+ * 2. The service sends back a ProcessingResponse message that directs
+ * the data plane to either stop processing, continue without it, or send
+ * it the next chunk of the message body.
+ * 3. If so requested, the data plane sends the server the message body in
+ * chunks, or the entire body at once. In either case, the server may send
+ * back a ProcessingResponse for each message it receives, or wait for
+ * a certain amount of body chunks received before streaming back the
+ * ProcessingResponse messages.
+ * 4. If so requested, the data plane sends the server the HTTP trailers,
+ * and the server sends back a ProcessingResponse.
+ * 5. At this point, request processing is done, and we pick up again
+ * at step 1 when the data plane receives a response from the upstream
+ * server.
+ * 6. At any point above, if the server closes the gRPC stream cleanly,
+ * then the data plane proceeds without consulting the server.
+ * 7. At any point above, if the server closes the gRPC stream with an error,
+ * then the data plane returns a 500 error to the client, unless the filter
+ * was configured to ignore errors.
+ * In other words, the process is a request/response conversation, but
+ * using a gRPC stream to make it easier for the server to
+ * maintain state.
+ *
+ */
+ public static final class ExternalProcessorBlockingV2Stub
+ extends io.grpc.stub.AbstractBlockingStub {
+ private ExternalProcessorBlockingV2Stub(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ super(channel, callOptions);
+ }
+
+ @java.lang.Override
+ protected ExternalProcessorBlockingV2Stub build(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ return new ExternalProcessorBlockingV2Stub(channel, callOptions);
+ }
+
+ /**
+ *
+ * This begins the bidirectional stream that the data plane will use to
+ * give the server control over what the filter does. The actual
+ * protocol is described by the ProcessingRequest and ProcessingResponse
+ * messages below.
+ *
+ */
+ @io.grpc.ExperimentalApi("https://github.com/grpc/grpc-java/issues/10918")
+ public io.grpc.stub.BlockingClientCall
+ process() {
+ return io.grpc.stub.ClientCalls.blockingBidiStreamingCall(
+ getChannel(), getProcessMethod(), getCallOptions());
+ }
+ }
+
+ /**
+ * A stub to allow clients to do limited synchronous rpc calls to service ExternalProcessor.
+ *
+ * A service that can access and modify HTTP requests and responses
+ * as part of a filter chain.
+ * The overall external processing protocol works like this:
+ * 1. The data plane sends to the service information about the HTTP request.
+ * 2. The service sends back a ProcessingResponse message that directs
+ * the data plane to either stop processing, continue without it, or send
+ * it the next chunk of the message body.
+ * 3. If so requested, the data plane sends the server the message body in
+ * chunks, or the entire body at once. In either case, the server may send
+ * back a ProcessingResponse for each message it receives, or wait for
+ * a certain amount of body chunks received before streaming back the
+ * ProcessingResponse messages.
+ * 4. If so requested, the data plane sends the server the HTTP trailers,
+ * and the server sends back a ProcessingResponse.
+ * 5. At this point, request processing is done, and we pick up again
+ * at step 1 when the data plane receives a response from the upstream
+ * server.
+ * 6. At any point above, if the server closes the gRPC stream cleanly,
+ * then the data plane proceeds without consulting the server.
+ * 7. At any point above, if the server closes the gRPC stream with an error,
+ * then the data plane returns a 500 error to the client, unless the filter
+ * was configured to ignore errors.
+ * In other words, the process is a request/response conversation, but
+ * using a gRPC stream to make it easier for the server to
+ * maintain state.
+ *
+ */
+ public static final class ExternalProcessorBlockingStub
+ extends io.grpc.stub.AbstractBlockingStub {
+ private ExternalProcessorBlockingStub(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ super(channel, callOptions);
+ }
+
+ @java.lang.Override
+ protected ExternalProcessorBlockingStub build(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ return new ExternalProcessorBlockingStub(channel, callOptions);
+ }
+ }
+
+ /**
+ * A stub to allow clients to do ListenableFuture-style rpc calls to service ExternalProcessor.
+ *
+ * A service that can access and modify HTTP requests and responses
+ * as part of a filter chain.
+ * The overall external processing protocol works like this:
+ * 1. The data plane sends to the service information about the HTTP request.
+ * 2. The service sends back a ProcessingResponse message that directs
+ * the data plane to either stop processing, continue without it, or send
+ * it the next chunk of the message body.
+ * 3. If so requested, the data plane sends the server the message body in
+ * chunks, or the entire body at once. In either case, the server may send
+ * back a ProcessingResponse for each message it receives, or wait for
+ * a certain amount of body chunks received before streaming back the
+ * ProcessingResponse messages.
+ * 4. If so requested, the data plane sends the server the HTTP trailers,
+ * and the server sends back a ProcessingResponse.
+ * 5. At this point, request processing is done, and we pick up again
+ * at step 1 when the data plane receives a response from the upstream
+ * server.
+ * 6. At any point above, if the server closes the gRPC stream cleanly,
+ * then the data plane proceeds without consulting the server.
+ * 7. At any point above, if the server closes the gRPC stream with an error,
+ * then the data plane returns a 500 error to the client, unless the filter
+ * was configured to ignore errors.
+ * In other words, the process is a request/response conversation, but
+ * using a gRPC stream to make it easier for the server to
+ * maintain state.
+ *
+ */
+ public static final class ExternalProcessorFutureStub
+ extends io.grpc.stub.AbstractFutureStub {
+ private ExternalProcessorFutureStub(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ super(channel, callOptions);
+ }
+
+ @java.lang.Override
+ protected ExternalProcessorFutureStub build(
+ io.grpc.Channel channel, io.grpc.CallOptions callOptions) {
+ return new ExternalProcessorFutureStub(channel, callOptions);
+ }
+ }
+
+ private static final int METHODID_PROCESS = 0;
+
+ private static final class MethodHandlers implements
+ io.grpc.stub.ServerCalls.UnaryMethod,
+ io.grpc.stub.ServerCalls.ServerStreamingMethod,
+ io.grpc.stub.ServerCalls.ClientStreamingMethod,
+ io.grpc.stub.ServerCalls.BidiStreamingMethod {
+ private final AsyncService serviceImpl;
+ private final int methodId;
+
+ MethodHandlers(AsyncService serviceImpl, int methodId) {
+ this.serviceImpl = serviceImpl;
+ this.methodId = methodId;
+ }
+
+ @java.lang.Override
+ @java.lang.SuppressWarnings("unchecked")
+ public void invoke(Req request, io.grpc.stub.StreamObserver responseObserver) {
+ switch (methodId) {
+ default:
+ throw new AssertionError();
+ }
+ }
+
+ @java.lang.Override
+ @java.lang.SuppressWarnings("unchecked")
+ public io.grpc.stub.StreamObserver invoke(
+ io.grpc.stub.StreamObserver responseObserver) {
+ switch (methodId) {
+ case METHODID_PROCESS:
+ return (io.grpc.stub.StreamObserver) serviceImpl.process(
+ (io.grpc.stub.StreamObserver) responseObserver);
+ default:
+ throw new AssertionError();
+ }
+ }
+ }
+
+ public static final io.grpc.ServerServiceDefinition bindService(AsyncService service) {
+ return io.grpc.ServerServiceDefinition.builder(getServiceDescriptor())
+ .addMethod(
+ getProcessMethod(),
+ io.grpc.stub.ServerCalls.asyncBidiStreamingCall(
+ new MethodHandlers<
+ io.envoyproxy.envoy.service.ext_proc.v3.ProcessingRequest,
+ io.envoyproxy.envoy.service.ext_proc.v3.ProcessingResponse>(
+ service, METHODID_PROCESS)))
+ .build();
+ }
+
+ private static abstract class ExternalProcessorBaseDescriptorSupplier
+ implements io.grpc.protobuf.ProtoFileDescriptorSupplier, io.grpc.protobuf.ProtoServiceDescriptorSupplier {
+ ExternalProcessorBaseDescriptorSupplier() {}
+
+ @java.lang.Override
+ public com.google.protobuf.Descriptors.FileDescriptor getFileDescriptor() {
+ return io.envoyproxy.envoy.service.ext_proc.v3.ExternalProcessorProto.getDescriptor();
+ }
+
+ @java.lang.Override
+ public com.google.protobuf.Descriptors.ServiceDescriptor getServiceDescriptor() {
+ return getFileDescriptor().findServiceByName("ExternalProcessor");
+ }
+ }
+
+ private static final class ExternalProcessorFileDescriptorSupplier
+ extends ExternalProcessorBaseDescriptorSupplier {
+ ExternalProcessorFileDescriptorSupplier() {}
+ }
+
+ private static final class ExternalProcessorMethodDescriptorSupplier
+ extends ExternalProcessorBaseDescriptorSupplier
+ implements io.grpc.protobuf.ProtoMethodDescriptorSupplier {
+ private final java.lang.String methodName;
+
+ ExternalProcessorMethodDescriptorSupplier(java.lang.String methodName) {
+ this.methodName = methodName;
+ }
+
+ @java.lang.Override
+ public com.google.protobuf.Descriptors.MethodDescriptor getMethodDescriptor() {
+ return getServiceDescriptor().findMethodByName(methodName);
+ }
+ }
+
+ private static volatile io.grpc.ServiceDescriptor serviceDescriptor;
+
+ public static io.grpc.ServiceDescriptor getServiceDescriptor() {
+ io.grpc.ServiceDescriptor result = serviceDescriptor;
+ if (result == null) {
+ synchronized (ExternalProcessorGrpc.class) {
+ result = serviceDescriptor;
+ if (result == null) {
+ serviceDescriptor = result = io.grpc.ServiceDescriptor.newBuilder(SERVICE_NAME)
+ .setSchemaDescriptor(new ExternalProcessorFileDescriptorSupplier())
+ .addMethod(getProcessMethod())
+ .build();
+ }
+ }
+ }
+ return result;
+ }
+}
diff --git a/xds/src/main/java/io/grpc/xds/ExtAuthzConfigParser.java b/xds/src/main/java/io/grpc/xds/ExtAuthzConfigParser.java
deleted file mode 100644
index 853e8a5c03a..00000000000
--- a/xds/src/main/java/io/grpc/xds/ExtAuthzConfigParser.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
- * Copyright 2025 The gRPC Authors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package io.grpc.xds;
-
-import com.google.common.collect.ImmutableList;
-import io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz;
-import io.grpc.internal.GrpcUtil;
-import io.grpc.xds.client.Bootstrapper.BootstrapInfo;
-import io.grpc.xds.client.Bootstrapper.ServerInfo;
-import io.grpc.xds.internal.MatcherParser;
-import io.grpc.xds.internal.extauthz.ExtAuthzConfig;
-import io.grpc.xds.internal.extauthz.ExtAuthzParseException;
-import io.grpc.xds.internal.grpcservice.GrpcServiceConfig;
-import io.grpc.xds.internal.grpcservice.GrpcServiceParseException;
-import io.grpc.xds.internal.headermutations.HeaderMutationRulesParseException;
-import io.grpc.xds.internal.headermutations.HeaderMutationRulesParser;
-
-
-/**
- * Parser for {@link io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz}.
- */
-final class ExtAuthzConfigParser {
-
- private ExtAuthzConfigParser() {}
-
- /**
- * Parses the {@link io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz} proto to
- * create an {@link ExtAuthzConfig} instance.
- *
- * @param extAuthzProto The ext_authz proto to parse.
- * @return An {@link ExtAuthzConfig} instance.
- * @throws ExtAuthzParseException if the proto is invalid or contains unsupported features.
- */
- public static ExtAuthzConfig parse(
- ExtAuthz extAuthzProto, BootstrapInfo bootstrapInfo, ServerInfo serverInfo)
- throws ExtAuthzParseException {
- if (!extAuthzProto.hasGrpcService()) {
- throw new ExtAuthzParseException(
- "unsupported ExtAuthz service type: only grpc_service is supported");
- }
- GrpcServiceConfig grpcServiceConfig;
- try {
- grpcServiceConfig =
- GrpcServiceConfigParser.parse(extAuthzProto.getGrpcService(), bootstrapInfo, serverInfo);
- } catch (GrpcServiceParseException e) {
- throw new ExtAuthzParseException("Failed to parse GrpcService config: " + e.getMessage(), e);
- }
- ExtAuthzConfig.Builder builder = ExtAuthzConfig.builder().grpcService(grpcServiceConfig)
- .failureModeAllow(extAuthzProto.getFailureModeAllow())
- .failureModeAllowHeaderAdd(extAuthzProto.getFailureModeAllowHeaderAdd())
- .includePeerCertificate(extAuthzProto.getIncludePeerCertificate())
- .denyAtDisable(extAuthzProto.getDenyAtDisable().getDefaultValue().getValue());
-
- if (extAuthzProto.hasFilterEnabled()) {
- try {
- builder.filterEnabled(
- MatcherParser.parseFractionMatcher(extAuthzProto.getFilterEnabled().getDefaultValue()));
- } catch (IllegalArgumentException e) {
- throw new ExtAuthzParseException(e.getMessage());
- }
- }
-
- if (extAuthzProto.hasStatusOnError()) {
- builder.statusOnError(
- GrpcUtil.httpStatusToGrpcStatus(extAuthzProto.getStatusOnError().getCodeValue()));
- }
-
- if (extAuthzProto.hasAllowedHeaders()) {
- builder.allowedHeaders(extAuthzProto.getAllowedHeaders().getPatternsList().stream()
- .map(MatcherParser::parseStringMatcher).collect(ImmutableList.toImmutableList()));
- }
-
- if (extAuthzProto.hasDisallowedHeaders()) {
- builder.disallowedHeaders(extAuthzProto.getDisallowedHeaders().getPatternsList().stream()
- .map(MatcherParser::parseStringMatcher).collect(ImmutableList.toImmutableList()));
- }
-
- if (extAuthzProto.hasDecoderHeaderMutationRules()) {
- try {
- builder.decoderHeaderMutationRules(
- HeaderMutationRulesParser.parse(extAuthzProto.getDecoderHeaderMutationRules()));
- } catch (HeaderMutationRulesParseException e) {
- throw new ExtAuthzParseException(e.getMessage(), e);
- }
- }
-
- return builder.build();
- }
-}
diff --git a/xds/src/main/java/io/grpc/xds/ExternalProcessorFilter.java b/xds/src/main/java/io/grpc/xds/ExternalProcessorFilter.java
new file mode 100644
index 00000000000..ab695f8b76e
--- /dev/null
+++ b/xds/src/main/java/io/grpc/xds/ExternalProcessorFilter.java
@@ -0,0 +1,1621 @@
+/*
+ * Copyright 2024 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds;
+
+import static com.google.common.base.Preconditions.checkNotNull;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.io.BaseEncoding;
+import com.google.common.io.ByteStreams;
+import com.google.protobuf.Any;
+import com.google.protobuf.ByteString;
+import com.google.protobuf.Duration;
+import com.google.protobuf.InvalidProtocolBufferException;
+import com.google.protobuf.Message;
+import com.google.protobuf.Struct;
+import com.google.protobuf.Value;
+import com.google.protobuf.util.Durations;
+import io.envoyproxy.envoy.config.core.v3.GrpcService;
+import io.envoyproxy.envoy.config.core.v3.HeaderMap;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ExtProcOverrides;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ExtProcPerRoute;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ExternalProcessor;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.HeaderForwardingRules;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode;
+import io.envoyproxy.envoy.service.ext_proc.v3.BodyMutation;
+import io.envoyproxy.envoy.service.ext_proc.v3.BodyResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.CommonResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.ExternalProcessorGrpc;
+import io.envoyproxy.envoy.service.ext_proc.v3.HeaderMutation;
+import io.envoyproxy.envoy.service.ext_proc.v3.HttpBody;
+import io.envoyproxy.envoy.service.ext_proc.v3.HttpHeaders;
+import io.envoyproxy.envoy.service.ext_proc.v3.HttpTrailers;
+import io.envoyproxy.envoy.service.ext_proc.v3.ImmediateResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.ProcessingRequest;
+import io.envoyproxy.envoy.service.ext_proc.v3.ProcessingResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.ProtocolConfiguration;
+import io.envoyproxy.envoy.service.ext_proc.v3.StreamedBodyResponse;
+import io.grpc.Attributes;
+import io.grpc.CallOptions;
+import io.grpc.Channel;
+import io.grpc.ClientCall;
+import io.grpc.ClientInterceptor;
+import io.grpc.Deadline;
+import io.grpc.ForwardingClientCall.SimpleForwardingClientCall;
+import io.grpc.Metadata;
+import io.grpc.MethodDescriptor;
+import io.grpc.Status;
+import io.grpc.StatusRuntimeException;
+import io.grpc.internal.DelayedClientCall;
+import io.grpc.internal.SerializingExecutor;
+import io.grpc.stub.ClientCallStreamObserver;
+import io.grpc.stub.ClientResponseObserver;
+import io.grpc.xds.internal.MatcherParser;
+import io.grpc.xds.internal.Matchers;
+import io.grpc.xds.internal.grpcservice.CachedChannelManager;
+import io.grpc.xds.internal.grpcservice.GrpcServiceConfig;
+import io.grpc.xds.internal.grpcservice.GrpcServiceParseException;
+import io.grpc.xds.internal.grpcservice.HeaderValue;
+import io.grpc.xds.internal.headermutations.HeaderMutationDisallowedException;
+import io.grpc.xds.internal.headermutations.HeaderMutationFilter;
+import io.grpc.xds.internal.headermutations.HeaderMutationRulesConfig;
+import io.grpc.xds.internal.headermutations.HeaderMutationRulesParseException;
+import io.grpc.xds.internal.headermutations.HeaderMutationRulesParser;
+import io.grpc.xds.internal.headermutations.HeaderMutations;
+import io.grpc.xds.internal.headermutations.HeaderMutator;
+import io.grpc.xds.internal.headermutations.HeaderValueOption;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Locale;
+import java.util.Optional;
+import java.util.Queue;
+import java.util.concurrent.ConcurrentLinkedQueue;
+import java.util.concurrent.Executor;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicInteger;
+import javax.annotation.Nullable;
+
+/**
+ * Filter for external processing as per gRFC A93.
+ */
+public class ExternalProcessorFilter implements Filter {
+ static final String TYPE_URL =
+ "type.googleapis.com/envoy.extensions.filters.http.ext_proc.v3.ExternalProcessor";
+
+ private final CachedChannelManager cachedChannelManager;
+
+ public ExternalProcessorFilter(String name) {
+ this(name, new CachedChannelManager());
+ }
+
+ ExternalProcessorFilter(String name, CachedChannelManager cachedChannelManager) {
+ this.cachedChannelManager = checkNotNull(cachedChannelManager, "cachedChannelManager");
+ }
+
+ @Override
+ public void close() {
+ cachedChannelManager.close();
+ }
+
+ static final class Provider implements Filter.Provider {
+ @Override
+ public String[] typeUrls() {
+ return new String[]{TYPE_URL};
+ }
+
+ @Override
+ public boolean isClientFilter() {
+ return true;
+ }
+
+ @Override
+ public ExternalProcessorFilter newInstance(String name) {
+ return new ExternalProcessorFilter(name);
+ }
+
+ @Override
+ public ConfigOrError parseFilterConfig(
+ Message rawProtoMessage, FilterContext context) {
+ if (!(rawProtoMessage instanceof Any)) {
+ return ConfigOrError.fromError("Invalid config type: " + rawProtoMessage.getClass());
+ }
+ ExternalProcessor externalProcessor;
+ try {
+ externalProcessor = ((Any) rawProtoMessage).unpack(ExternalProcessor.class);
+ } catch (InvalidProtocolBufferException e) {
+ return ConfigOrError.fromError("Invalid proto: " + e);
+ }
+
+ return ExternalProcessorFilterConfig.create(externalProcessor, context);
+ }
+
+ @Override
+ public ConfigOrError parseFilterConfigOverride(
+ Message rawProtoMessage, FilterContext context) {
+ if (!(rawProtoMessage instanceof Any)) {
+ return ConfigOrError.fromError("Invalid config type: " + rawProtoMessage.getClass());
+ }
+ ExtProcPerRoute perRoute;
+ try {
+ perRoute = ((Any) rawProtoMessage).unpack(ExtProcPerRoute.class);
+ } catch (InvalidProtocolBufferException e) {
+ return ConfigOrError.fromError("Invalid proto: " + e);
+ }
+ ExtProcOverrides overrides = perRoute.hasOverrides()
+ ? perRoute.getOverrides() : ExtProcOverrides.getDefaultInstance();
+ return ExternalProcessorFilterOverrideConfig.create(overrides, context);
+ }
+ }
+
+ @Nullable
+ @Override
+ public ClientInterceptor buildClientInterceptor(FilterConfig filterConfig,
+ @Nullable FilterConfig overrideConfig, ScheduledExecutorService scheduler) {
+ ExternalProcessorFilterConfig extProcFilterConfig =
+ (ExternalProcessorFilterConfig) filterConfig;
+ if (overrideConfig != null) {
+ extProcFilterConfig = mergeConfigs(extProcFilterConfig,
+ (ExternalProcessorFilterOverrideConfig) overrideConfig);
+ }
+ return new ExternalProcessorInterceptor(extProcFilterConfig, cachedChannelManager, scheduler);
+ }
+
+ private static ExternalProcessorFilterConfig mergeConfigs(
+ ExternalProcessorFilterConfig extProcFilterConfig,
+ ExternalProcessorFilterOverrideConfig extProcFilterConfigOverride) {
+ ExternalProcessor parentProto = extProcFilterConfig.getExternalProcessor();
+ ExternalProcessor.Builder mergedProtoBuilder = parentProto.toBuilder();
+
+ if (extProcFilterConfigOverride.hasProcessingMode()) {
+ mergedProtoBuilder.setProcessingMode(extProcFilterConfigOverride.getProcessingMode());
+ }
+
+ if (extProcFilterConfigOverride.hasRequestAttributes()) {
+ mergedProtoBuilder.clearRequestAttributes()
+ .addAllRequestAttributes(extProcFilterConfigOverride.getRequestAttributesList());
+ }
+ if (extProcFilterConfigOverride.hasResponseAttributes()) {
+ mergedProtoBuilder.clearResponseAttributes()
+ .addAllResponseAttributes(extProcFilterConfigOverride.getResponseAttributesList());
+ }
+ if (extProcFilterConfigOverride.hasGrpcService()) {
+ mergedProtoBuilder.setGrpcService(extProcFilterConfigOverride.getGrpcService());
+ }
+
+ if (extProcFilterConfigOverride.hasFailureModeAllow()) {
+ mergedProtoBuilder.setFailureModeAllow(extProcFilterConfigOverride.getFailureModeAllow());
+ }
+
+ GrpcServiceConfig grpcServiceConfig =
+ extProcFilterConfigOverride.getGrpcServiceConfig() != null
+ ? extProcFilterConfigOverride.getGrpcServiceConfig()
+ : extProcFilterConfig.getGrpcServiceConfig();
+
+ return new ExternalProcessorFilterConfig(
+ mergedProtoBuilder.build(),
+ grpcServiceConfig,
+ extProcFilterConfig.getMutationRulesConfig(),
+ extProcFilterConfig.getForwardRulesConfig());
+ }
+
+ private static ConfigOrError> parseAndValidate(
+ ProcessingMode mode, GrpcService grpcService, boolean isParent, FilterContext context) {
+ if (mode.getRequestBodyMode() != ProcessingMode.BodySendMode.GRPC
+ && mode.getRequestBodyMode() != ProcessingMode.BodySendMode.NONE) {
+ return ConfigOrError.fromError("Invalid request_body_mode: " + mode.getRequestBodyMode()
+ + ". Only GRPC and NONE are supported.");
+ }
+ if (mode.getResponseBodyMode() != ProcessingMode.BodySendMode.GRPC
+ && mode.getResponseBodyMode() != ProcessingMode.BodySendMode.NONE) {
+ return ConfigOrError.fromError("Invalid response_body_mode: " + mode.getResponseBodyMode()
+ + ". Only GRPC and NONE are supported.");
+ }
+
+ try {
+ GrpcServiceConfig grpcServiceConfig = null;
+ if (grpcService != null && grpcService.hasGoogleGrpc()) {
+ grpcServiceConfig = GrpcServiceConfigParser.parse(
+ grpcService, context.bootstrapInfo(), context.serverInfo());
+ } else if (isParent) {
+ return ConfigOrError.fromError("Error parsing GrpcService config: "
+ + "Unsupported: GrpcService must have GoogleGrpc, got: " + grpcService);
+ }
+ return ConfigOrError.fromConfig(Optional.ofNullable(grpcServiceConfig));
+ } catch (GrpcServiceParseException e) {
+ return ConfigOrError.fromError("Error parsing GrpcService config: " + e.getMessage());
+ }
+ }
+
+ static final class ExternalProcessorFilterConfig implements FilterConfig {
+
+ private final ExternalProcessor externalProcessor;
+ private final GrpcServiceConfig grpcServiceConfig;
+ private final Optional mutationRulesConfig;
+ private final Optional forwardRulesConfig;
+
+ static ConfigOrError create(
+ ExternalProcessor externalProcessor, FilterContext context) {
+ ProcessingMode mode = externalProcessor.getProcessingMode();
+ GrpcService grpcService = externalProcessor.getGrpcService();
+ HeaderMutationRulesConfig mutationRulesConfig = null;
+ HeaderForwardingRulesConfig forwardRulesConfig = null;
+
+ if (externalProcessor.hasMutationRules()) {
+ try {
+ mutationRulesConfig =
+ HeaderMutationRulesParser.parse(externalProcessor.getMutationRules());
+ } catch (HeaderMutationRulesParseException e) {
+ return ConfigOrError.fromError("Error parsing HeaderMutationRules: " + e.getMessage());
+ }
+ }
+
+ if (externalProcessor.hasForwardRules()) {
+ forwardRulesConfig =
+ HeaderForwardingRulesConfig.create(externalProcessor.getForwardRules());
+ }
+
+ if (externalProcessor.hasDeferredCloseTimeout()) {
+ Duration deferredCloseTimeout = externalProcessor.getDeferredCloseTimeout();
+ try {
+ Durations.checkValid(deferredCloseTimeout);
+ } catch (IllegalArgumentException e) {
+ return ConfigOrError.fromError("Invalid deferred_close_timeout: " + e.getMessage());
+ }
+ long deferredCloseTimeoutNanos = Durations.toNanos(deferredCloseTimeout);
+ if (deferredCloseTimeoutNanos <= 0) {
+ return ConfigOrError.fromError("deferred_close_timeout must be positive");
+ }
+ }
+
+ ConfigOrError> parsed =
+ parseAndValidate(mode, grpcService, true, context);
+ if (parsed.errorDetail != null) {
+ return ConfigOrError.fromError(parsed.errorDetail);
+ }
+
+ return ConfigOrError.fromConfig(new ExternalProcessorFilterConfig(
+ externalProcessor, parsed.config.orElse(null),
+ Optional.ofNullable(mutationRulesConfig),
+ Optional.ofNullable(forwardRulesConfig)));
+ }
+
+ ExternalProcessorFilterConfig(
+ ExternalProcessor externalProcessor,
+ GrpcServiceConfig grpcServiceConfig,
+ Optional mutationRulesConfig,
+ Optional forwardRulesConfig) {
+ this.externalProcessor = checkNotNull(externalProcessor, "externalProcessor");
+ this.grpcServiceConfig = grpcServiceConfig;
+ this.mutationRulesConfig = mutationRulesConfig;
+ this.forwardRulesConfig = forwardRulesConfig;
+ }
+
+ @Override
+ public String typeUrl() {
+ return TYPE_URL;
+ }
+
+ ExternalProcessor getExternalProcessor() {
+ return externalProcessor;
+ }
+
+ GrpcServiceConfig getGrpcServiceConfig() {
+ return grpcServiceConfig;
+ }
+
+ Optional getMutationRulesConfig() {
+ return mutationRulesConfig;
+ }
+
+ Optional getForwardRulesConfig() {
+ return forwardRulesConfig;
+ }
+
+ ImmutableList getRequestAttributes() {
+ return ImmutableList.copyOf(externalProcessor.getRequestAttributesList());
+ }
+
+ boolean getDisableImmediateResponse() {
+ return externalProcessor.getDisableImmediateResponse();
+ }
+
+ long getDeferredCloseTimeoutNanos() {
+ if (externalProcessor.hasDeferredCloseTimeout()) {
+ return Durations.toNanos(externalProcessor.getDeferredCloseTimeout());
+ }
+ return TimeUnit.SECONDS.toNanos(5);
+ }
+
+ boolean getObservabilityMode() {
+ return externalProcessor.getObservabilityMode();
+ }
+
+ boolean getFailureModeAllow() {
+ return externalProcessor.getFailureModeAllow();
+ }
+ }
+
+ static final class ExternalProcessorFilterOverrideConfig implements FilterConfig {
+ private final ExtProcOverrides extProcOverrides;
+ private final GrpcServiceConfig grpcServiceConfig;
+
+ static ConfigOrError create(
+ ExtProcOverrides overrides, FilterContext context) {
+ ConfigOrError> parsed =
+ parseAndValidate(
+ overrides.getProcessingMode(), overrides.getGrpcService(), false, context);
+ if (parsed.errorDetail != null) {
+ return ConfigOrError.fromError(parsed.errorDetail);
+ }
+ return ConfigOrError.fromConfig(
+ new ExternalProcessorFilterOverrideConfig(overrides, parsed.config.orElse(null)));
+ }
+
+ ExternalProcessorFilterOverrideConfig(
+ ExtProcOverrides extProcOverrides, GrpcServiceConfig grpcServiceConfig) {
+ this.extProcOverrides = checkNotNull(extProcOverrides, "extProcOverrides");
+ this.grpcServiceConfig = grpcServiceConfig;
+ }
+
+ @Override
+ public String typeUrl() {
+ return TYPE_URL;
+ }
+
+ boolean hasProcessingMode() {
+ return extProcOverrides.hasProcessingMode();
+ }
+
+ ProcessingMode getProcessingMode() {
+ return extProcOverrides.getProcessingMode();
+ }
+
+ boolean hasRequestAttributes() {
+ return extProcOverrides.getRequestAttributesCount() > 0;
+ }
+
+ List getRequestAttributesList() {
+ return extProcOverrides.getRequestAttributesList();
+ }
+
+ boolean hasResponseAttributes() {
+ return extProcOverrides.getResponseAttributesCount() > 0;
+ }
+
+ List getResponseAttributesList() {
+ return extProcOverrides.getResponseAttributesList();
+ }
+
+ boolean hasGrpcService() {
+ return extProcOverrides.hasGrpcService();
+ }
+
+ GrpcService getGrpcService() {
+ return extProcOverrides.getGrpcService();
+ }
+
+ boolean hasFailureModeAllow() {
+ return extProcOverrides.hasFailureModeAllow();
+ }
+
+ boolean getFailureModeAllow() {
+ return extProcOverrides.hasFailureModeAllow()
+ && extProcOverrides.getFailureModeAllow().getValue();
+ }
+
+ GrpcServiceConfig getGrpcServiceConfig() {
+ return grpcServiceConfig;
+ }
+ }
+
+ static final class HeaderForwardingRulesConfig {
+ private final ImmutableList allowedHeaders;
+ private final ImmutableList disallowedHeaders;
+
+ HeaderForwardingRulesConfig(
+ ImmutableList allowedHeaders,
+ ImmutableList disallowedHeaders) {
+ this.allowedHeaders = checkNotNull(allowedHeaders, "allowedHeaders");
+ this.disallowedHeaders = checkNotNull(disallowedHeaders, "disallowedHeaders");
+ }
+
+ static HeaderForwardingRulesConfig create(HeaderForwardingRules proto) {
+ ImmutableList allowedHeaders = ImmutableList.of();
+ if (proto.hasAllowedHeaders()) {
+ allowedHeaders = MatcherParser.parseListStringMatcher(proto.getAllowedHeaders());
+ }
+ ImmutableList disallowedHeaders = ImmutableList.of();
+ if (proto.hasDisallowedHeaders()) {
+ disallowedHeaders = MatcherParser.parseListStringMatcher(proto.getDisallowedHeaders());
+ }
+ return new HeaderForwardingRulesConfig(allowedHeaders, disallowedHeaders);
+ }
+
+ boolean isAllowed(String headerName) {
+ String lowerHeaderName = headerName.toLowerCase(Locale.ROOT);
+ if (!allowedHeaders.isEmpty()) {
+ boolean matched = false;
+ for (Matchers.StringMatcher matcher : allowedHeaders) {
+ if (matcher.matches(lowerHeaderName)) {
+ matched = true;
+ break;
+ }
+ }
+ if (!matched) {
+ return false;
+ }
+ }
+ if (!disallowedHeaders.isEmpty()) {
+ for (Matchers.StringMatcher matcher : disallowedHeaders) {
+ if (matcher.matches(lowerHeaderName)) {
+ return false;
+ }
+ }
+ }
+ return true;
+ }
+ }
+
+ static final class ExternalProcessorInterceptor implements ClientInterceptor {
+ private final CachedChannelManager cachedChannelManager;
+ private final ExternalProcessorFilterConfig filterConfig;
+ private final ScheduledExecutorService scheduler;
+
+ private static final MethodDescriptor.Marshaller RAW_MARSHALLER =
+ new MethodDescriptor.Marshaller() {
+ @Override
+ public InputStream stream(InputStream value) {
+ return value;
+ }
+
+ @Override
+ public InputStream parse(InputStream stream) {
+ return stream;
+ }
+ };
+
+ ExternalProcessorInterceptor(ExternalProcessorFilterConfig filterConfig,
+ CachedChannelManager cachedChannelManager,
+ ScheduledExecutorService scheduler) {
+ this.filterConfig = filterConfig;
+ this.cachedChannelManager = checkNotNull(cachedChannelManager, "cachedChannelManager");
+ this.scheduler = checkNotNull(scheduler, "scheduler");
+ }
+
+ @VisibleForTesting
+ ExternalProcessorFilterConfig getFilterConfig() {
+ return filterConfig;
+ }
+
+ @Override
+ public ClientCall interceptCall(
+ MethodDescriptor method,
+ CallOptions callOptions,
+ Channel next) {
+ SerializingExecutor serializingExecutor = new SerializingExecutor(callOptions.getExecutor());
+
+ ExternalProcessorGrpc.ExternalProcessorStub extProcStub = ExternalProcessorGrpc.newStub(
+ cachedChannelManager.getChannel(filterConfig.grpcServiceConfig))
+ .withExecutor(serializingExecutor);
+
+ if (filterConfig.grpcServiceConfig.timeout() != null
+ && filterConfig.grpcServiceConfig.timeout().isPresent()) {
+ long timeoutNanos = filterConfig.grpcServiceConfig.timeout().get().toNanos();
+ if (timeoutNanos > 0) {
+ extProcStub = extProcStub.withDeadlineAfter(timeoutNanos, TimeUnit.NANOSECONDS);
+ }
+ }
+
+ ImmutableList initialMetadata = filterConfig.grpcServiceConfig.initialMetadata();
+ extProcStub = extProcStub.withInterceptors(new ClientInterceptor() {
+ @Override
+ public ClientCall interceptCall(
+ MethodDescriptor extMethod,
+ CallOptions extCallOptions,
+ Channel extNext) {
+ return new SimpleForwardingClientCall(
+ extNext.newCall(extMethod, extCallOptions)) {
+ @Override
+ public void start(Listener responseListener, Metadata headers) {
+ for (HeaderValue headerValue : initialMetadata) {
+ String key = headerValue.key();
+ if (key.endsWith(Metadata.BINARY_HEADER_SUFFIX)) {
+ if (headerValue.rawValue().isPresent()) {
+ Metadata.Key metadataKey =
+ Metadata.Key.of(key, Metadata.BINARY_BYTE_MARSHALLER);
+ headers.put(metadataKey, headerValue.rawValue().get().toByteArray());
+ }
+ } else {
+ if (headerValue.value().isPresent()) {
+ Metadata.Key metadataKey =
+ Metadata.Key.of(key, Metadata.ASCII_STRING_MARSHALLER);
+ headers.put(metadataKey, headerValue.value().get());
+ }
+ }
+ }
+ super.start(responseListener, headers);
+ }
+ };
+ }
+ });
+
+ MethodDescriptor rawMethod =
+ method.toBuilder(RAW_MARSHALLER, RAW_MARSHALLER).build();
+ ClientCall rawCall = next.newCall(rawMethod, callOptions);
+
+ // Create a local subclass instance to buffer outbound actions
+ DataPlaneDelayedCall delayedCall =
+ new DataPlaneDelayedCall<>(
+ serializingExecutor, scheduler, callOptions.getDeadline());
+
+ DataPlaneClientCall dataPlaneCall = new DataPlaneClientCall(
+ delayedCall, rawCall, extProcStub, filterConfig, filterConfig.getMutationRulesConfig(),
+ scheduler, method, next);
+
+ return new ClientCall() {
+ @Override
+ public void start(Listener responseListener, Metadata headers) {
+ dataPlaneCall.start(new Listener() {
+ @Override
+ public void onHeaders(Metadata headers) {
+ responseListener.onHeaders(headers);
+ }
+
+ @Override
+ public void onMessage(InputStream message) {
+ responseListener.onMessage(method.getResponseMarshaller().parse(message));
+ }
+
+ @Override
+ public void onClose(Status status, Metadata trailers) {
+ responseListener.onClose(status, trailers);
+ }
+
+ @Override
+ public void onReady() {
+ responseListener.onReady();
+ }
+ }, headers);
+ }
+
+ @Override
+ public void request(int numMessages) {
+ dataPlaneCall.request(numMessages);
+ }
+
+ @Override
+ public void cancel(@Nullable String message, @Nullable Throwable cause) {
+ dataPlaneCall.cancel(message, cause);
+ }
+
+ @Override
+ public void halfClose() {
+ dataPlaneCall.halfClose();
+ }
+
+ @Override
+ public void sendMessage(ReqT message) {
+ dataPlaneCall.sendMessage(method.getRequestMarshaller().stream(message));
+ }
+
+ @Override
+ public boolean isReady() {
+ return dataPlaneCall.isReady();
+ }
+
+ @Override
+ public void setMessageCompression(boolean enabled) {
+ dataPlaneCall.setMessageCompression(enabled);
+ }
+
+ @Override
+ public Attributes getAttributes() {
+ return dataPlaneCall.getAttributes();
+ }
+ };
+ }
+
+ // --- SHARED UTILITY METHODS ---
+ private static HeaderMap toHeaderMap(
+ Metadata metadata, Optional forwardRules) {
+ HeaderMap.Builder builder =
+ HeaderMap.newBuilder();
+
+ for (String key : metadata.keys()) {
+ if (forwardRules.isPresent() && !forwardRules.get().isAllowed(key)) {
+ continue;
+ }
+ // Skip binary headers for this basic mapping
+ if (key.endsWith(Metadata.BINARY_HEADER_SUFFIX)) {
+ Metadata.Key binKey = Metadata.Key.of(key, Metadata.BINARY_BYTE_MARSHALLER);
+ Iterable values = metadata.getAll(binKey);
+ if (values != null) {
+ for (byte[] binValue : values) {
+ String encoded = BaseEncoding.base64().encode(binValue);
+ io.envoyproxy.envoy.config.core.v3.HeaderValue headerValue =
+ io.envoyproxy.envoy.config.core.v3.HeaderValue.newBuilder()
+ .setKey(key.toLowerCase(Locale.ROOT))
+ .setValue(encoded)
+ .build();
+ builder.addHeaders(headerValue);
+ }
+ }
+ } else {
+ Metadata.Key asciiKey = Metadata.Key.of(key, Metadata.ASCII_STRING_MARSHALLER);
+ Iterable values = metadata.getAll(asciiKey);
+ if (values != null) {
+ for (String value : values) {
+ io.envoyproxy.envoy.config.core.v3.HeaderValue headerValue =
+ io.envoyproxy.envoy.config.core.v3.HeaderValue.newBuilder()
+ .setKey(key.toLowerCase(Locale.ROOT))
+ .setValue(value)
+ .build();
+ builder.addHeaders(headerValue);
+ }
+ }
+ }
+ }
+ return builder.build();
+ }
+
+ private static ImmutableMap collectAttributes(
+ ImmutableList requestedAttributes,
+ MethodDescriptor method,
+ Channel channel,
+ Metadata headers) {
+ if (requestedAttributes.isEmpty()) {
+ return ImmutableMap.of();
+ }
+ ImmutableMap.Builder attributes = ImmutableMap.builder();
+ for (String attr : requestedAttributes) {
+ switch (attr) {
+ case "request.path":
+ case "request.url_path":
+ attributes.put(attr, encodeAttribute("/" + method.getFullMethodName()));
+ break;
+ case "request.host":
+ attributes.put(attr, encodeAttribute(channel.authority()));
+ break;
+ case "request.method":
+ attributes.put(attr, encodeAttribute("POST"));
+ break;
+ case "request.headers":
+ attributes.put(attr, encodeHeaders(headers));
+ break;
+ case "request.referer":
+ String referer = getHeaderValue(headers, "referer");
+ if (referer != null) {
+ attributes.put(attr, encodeAttribute(referer));
+ }
+ break;
+ case "request.useragent":
+ String ua = getHeaderValue(headers, "user-agent");
+ if (ua != null) {
+ attributes.put(attr, encodeAttribute(ua));
+ }
+ break;
+ case "request.id":
+ String id = getHeaderValue(headers, "x-request-id");
+ if (id != null) {
+ attributes.put(attr, encodeAttribute(id));
+ }
+ break;
+ case "request.query":
+ attributes.put(attr, encodeAttribute(""));
+ break;
+ default:
+ // "Not set" attributes or unrecognized ones (already validated) are skipped.
+ break;
+ }
+ }
+ return attributes.buildOrThrow();
+ }
+
+ private static Struct encodeAttribute(String value) {
+ return Struct.newBuilder()
+ .putFields("", Value.newBuilder().setStringValue(value).build())
+ .build();
+ }
+
+ private static Struct encodeHeaders(Metadata headers) {
+ Struct.Builder builder = Struct.newBuilder();
+ for (String key : headers.keys()) {
+ String value = getHeaderValue(headers, key);
+ if (value != null) {
+ builder.putFields(key.toLowerCase(Locale.ROOT),
+ Value.newBuilder().setStringValue(value).build());
+ }
+ }
+ return builder.build();
+ }
+
+ @Nullable
+ private static String getHeaderValue(Metadata headers, String headerName) {
+ if (headerName.endsWith(Metadata.BINARY_HEADER_SUFFIX)) {
+ Metadata.Key key;
+ try {
+ key = Metadata.Key.of(headerName, Metadata.BINARY_BYTE_MARSHALLER);
+ } catch (IllegalArgumentException e) {
+ return null;
+ }
+ Iterable values = headers.getAll(key);
+ if (values == null) {
+ return null;
+ }
+ java.util.List encoded = new ArrayList<>();
+ for (byte[] v : values) {
+ encoded.add(BaseEncoding.base64().omitPadding().encode(v));
+ }
+ return com.google.common.base.Joiner.on(",").join(encoded);
+ }
+ Metadata.Key key;
+ try {
+ key = Metadata.Key.of(headerName, Metadata.ASCII_STRING_MARSHALLER);
+ } catch (IllegalArgumentException e) {
+ return null;
+ }
+ Iterable values = headers.getAll(key);
+ return values == null ? null : com.google.common.base.Joiner.on(",").join(values);
+ }
+
+ /**
+ * A local subclass to expose the protected constructor of DelayedClientCall.
+ */
+ private static class DataPlaneDelayedCall extends DelayedClientCall {
+ DataPlaneDelayedCall(
+ Executor executor, ScheduledExecutorService scheduler, @Nullable Deadline deadline) {
+ super(executor, scheduler, deadline);
+ }
+ }
+
+ /**
+ * Handles the bidirectional stream with the External Processor.
+ * Buffers the actual RPC start until the Ext Proc header response is received.
+ */
+ private static class DataPlaneClientCall
+ extends SimpleForwardingClientCall {
+ private enum EventType {
+ REQUEST_HEADERS,
+ REQUEST_BODY,
+ RESPONSE_HEADERS,
+ RESPONSE_BODY,
+ RESPONSE_TRAILERS
+ }
+
+ private final ExternalProcessorGrpc.ExternalProcessorStub stub;
+ private final ExternalProcessorFilterConfig config;
+ private final ClientCall rawCall;
+ private final DataPlaneDelayedCall delayedCall;
+ private final ScheduledExecutorService scheduler;
+ private final Object streamLock = new Object();
+ private final Queue expectedResponses = new ConcurrentLinkedQueue<>();
+ private volatile ClientCallStreamObserver extProcClientCallRequestObserver;
+ private final Queue pendingProcessingRequests =
+ new ConcurrentLinkedQueue<>();
+ private volatile DataPlaneListener wrappedListener;
+ private final HeaderMutationFilter mutationFilter;
+ private final HeaderMutator mutator = HeaderMutator.create();
+ private final AtomicInteger pendingRequests = new AtomicInteger(0);
+ private final ProcessingMode currentProcessingMode;
+ private final MethodDescriptor method;
+ private final Channel channel;
+
+ private volatile Metadata requestHeaders;
+ final AtomicBoolean activated = new AtomicBoolean(false);
+ final AtomicBoolean extProcStreamFailed = new AtomicBoolean(false);
+ final AtomicBoolean extProcStreamCompleted = new AtomicBoolean(false);
+ final AtomicBoolean passThroughMode = new AtomicBoolean(false);
+ final AtomicBoolean notifiedApp = new AtomicBoolean(false);
+ final AtomicBoolean drainingExtProcStream = new AtomicBoolean(false);
+ final AtomicBoolean halfClosed = new AtomicBoolean(false);
+ final AtomicBoolean requestSideClosed = new AtomicBoolean(false);
+ final AtomicBoolean isProcessingTrailers = new AtomicBoolean(false);
+
+ protected DataPlaneClientCall(
+ DataPlaneDelayedCall delayedCall,
+ ClientCall rawCall,
+ ExternalProcessorGrpc.ExternalProcessorStub stub,
+ ExternalProcessorFilterConfig config,
+ Optional mutationRulesConfig,
+ ScheduledExecutorService scheduler,
+ MethodDescriptor method,
+ Channel channel) {
+ super(delayedCall);
+ this.delayedCall = delayedCall;
+ this.rawCall = rawCall;
+ this.stub = stub;
+ this.config = config;
+ this.currentProcessingMode = config.getExternalProcessor().getProcessingMode();
+ this.mutationFilter = new HeaderMutationFilter(mutationRulesConfig);
+ this.scheduler = scheduler;
+ this.method = method;
+ this.channel = channel;
+ }
+
+ private void activateCall() {
+ if (extProcStreamFailed.get() || !activated.compareAndSet(false, true)) {
+ return;
+ }
+ Runnable toRun = delayedCall.setCall(rawCall);
+ if (toRun != null) {
+ toRun.run();
+ }
+ drainPendingRequests();
+ onReadyNotify();
+ }
+
+ private boolean checkCompressionSupport(BodyResponse bodyResponse) {
+ if (bodyResponse.hasResponse() && bodyResponse.getResponse().hasBodyMutation()) {
+ BodyMutation mutation =
+ bodyResponse.getResponse().getBodyMutation();
+ if (mutation.hasStreamedResponse()
+ && mutation.getStreamedResponse().getGrpcMessageCompressed()) {
+ StatusRuntimeException ex = Status.UNAVAILABLE
+ .withDescription("gRPC message compression not supported in ext_proc")
+ .asRuntimeException();
+ if (!extProcStreamCompleted.get() && extProcClientCallRequestObserver != null) {
+ extProcClientCallRequestObserver.onError(ex);
+ }
+ activateCall();
+ extProcStreamFailed.set(true);
+ delayedCall.cancel("gRPC message compression not supported in ext_proc", ex);
+ closeExtProcStream();
+ return false;
+ }
+ }
+ return true;
+ }
+
+ private void applyHeaderMutations(Metadata metadata,
+ HeaderMutation mutation)
+ throws HeaderMutationDisallowedException {
+ if (metadata == null) {
+ return;
+ }
+ ImmutableList.Builder headersToModify = ImmutableList.builder();
+ for (io.envoyproxy.envoy.config.core.v3.HeaderValueOption protoOption
+ : mutation.getSetHeadersList()) {
+ io.envoyproxy.envoy.config.core.v3.HeaderValue protoHeader = protoOption.getHeader();
+ HeaderValue headerValue;
+ if (protoHeader.getKey().endsWith(Metadata.BINARY_HEADER_SUFFIX)) {
+ headerValue = HeaderValue.create(protoHeader.getKey(),
+ ByteString.copyFrom(
+ BaseEncoding.base64().decode(protoHeader.getValue())));
+ } else {
+ headerValue = HeaderValue.create(protoHeader.getKey(), protoHeader.getValue());
+ }
+ headersToModify.add(HeaderValueOption.create(
+ headerValue,
+ HeaderValueOption.HeaderAppendAction.valueOf(protoOption.getAppendAction().name()),
+ protoOption.getKeepEmptyValue()));
+ }
+
+ HeaderMutations mutations = HeaderMutations.create(
+ headersToModify.build(),
+ ImmutableList.copyOf(mutation.getRemoveHeadersList()));
+
+ HeaderMutations filteredMutations = mutationFilter.filter(mutations);
+ mutator.applyMutations(filteredMutations, metadata);
+ }
+
+ @Override
+ public void start(Listener responseListener, Metadata headers) {
+ this.requestHeaders = headers;
+ this.wrappedListener = new DataPlaneListener(responseListener, rawCall, this);
+
+ // DelayedClientCall.start will buffer the listener and headers until setCall is called.
+ super.start(wrappedListener, headers);
+
+ stub.process(new ClientResponseObserver() {
+ @Override
+ public void beforeStart(ClientCallStreamObserver requestStream) {
+ synchronized (streamLock) {
+ extProcClientCallRequestObserver = requestStream;
+ while (!pendingProcessingRequests.isEmpty()) {
+ requestStream.onNext(pendingProcessingRequests.poll());
+ }
+ }
+ requestStream.setOnReadyHandler(DataPlaneClientCall.this::onExtProcStreamReady);
+ }
+
+ @Override
+ public void onNext(ProcessingResponse response) {
+ try {
+ if (response.hasImmediateResponse()) {
+ if (config.getDisableImmediateResponse()) {
+ onError(Status.UNAVAILABLE
+ .withDescription(
+ "Immediate response is disabled but received from external processor")
+ .asRuntimeException());
+ return;
+ }
+ handleImmediateResponse(response.getImmediateResponse(), wrappedListener);
+ return;
+ }
+
+ if (config.getObservabilityMode()) {
+ return;
+ }
+
+ EventType expected = expectedResponses.peek();
+ EventType received = null;
+ if (response.hasRequestHeaders()) {
+ received = EventType.REQUEST_HEADERS;
+ } else if (response.hasRequestBody()) {
+ received = EventType.REQUEST_BODY;
+ } else if (response.hasResponseHeaders()) {
+ received = EventType.RESPONSE_HEADERS;
+ } else if (response.hasResponseBody()) {
+ received = EventType.RESPONSE_BODY;
+ } else if (response.hasResponseTrailers()) {
+ received = EventType.RESPONSE_TRAILERS;
+ }
+
+ if (received != null) {
+ if (expected == null || expected != received) {
+ onError(Status.UNAVAILABLE
+ .withDescription("Protocol error: received response out of order. Expected: "
+ + expected + ", Received: " + received)
+ .asRuntimeException());
+ return;
+ }
+ expectedResponses.poll();
+ }
+
+ if (response.getRequestDrain()) {
+ drainingExtProcStream.set(true);
+ halfCloseExtProcStream();
+ activateCall();
+ }
+
+ // 1. Client Headers
+ if (response.hasRequestHeaders()) {
+ if (response.getRequestHeaders().hasResponse()) {
+ if (response.getRequestHeaders().getResponse().getStatus()
+ == CommonResponse.ResponseStatus.CONTINUE_AND_REPLACE) {
+ onError(Status.UNAVAILABLE
+ .withDescription("CONTINUE_AND_REPLACE is not supported")
+ .asRuntimeException());
+ return;
+ }
+ applyHeaderMutations(
+ requestHeaders,
+ response.getRequestHeaders().getResponse().getHeaderMutation());
+ }
+ activateCall();
+ }
+ // 2. Client Message (Request Body)
+ else if (response.hasRequestBody()) {
+ if (checkCompressionSupport(response.getRequestBody())) {
+ handleRequestBodyResponse(response.getRequestBody());
+ }
+ }
+ // 3. Client Trailers
+ else if (response.hasRequestTrailers()) {
+ wrappedListener.proceedWithClose();
+ }
+ // 4. Server Headers
+ else if (response.hasResponseHeaders()) {
+ if (response.getResponseHeaders().hasResponse()) {
+ if (response.getResponseHeaders().getResponse().getStatus()
+ == CommonResponse.ResponseStatus.CONTINUE_AND_REPLACE) {
+ onError(Status.UNAVAILABLE
+ .withDescription("CONTINUE_AND_REPLACE is not supported")
+ .asRuntimeException());
+ return;
+ }
+ Metadata target = wrappedListener.trailersOnly.get()
+ ? wrappedListener.savedTrailers : wrappedListener.savedHeaders;
+ applyHeaderMutations(
+ target, response.getResponseHeaders().getResponse().getHeaderMutation());
+ }
+ if (wrappedListener.trailersOnly.get()) {
+ wrappedListener.proceedWithClose();
+ } else {
+ wrappedListener.proceedWithHeaders();
+ }
+ }
+ // 5. Server Message (Response Body)
+ else if (response.hasResponseBody()) {
+ if (checkCompressionSupport(response.getResponseBody())) {
+ handleResponseBodyResponse(response.getResponseBody(), wrappedListener);
+ }
+ }
+ // 6. Response Trailers
+ else if (response.hasResponseTrailers()) {
+ if (response.getResponseTrailers().hasHeaderMutation()) {
+ applyHeaderMutations(
+ wrappedListener.savedTrailers,
+ response.getResponseTrailers().getHeaderMutation()
+ );
+ }
+ }
+
+ checkEndOfStream(response);
+ } catch (Throwable t) {
+ onError(t);
+ }
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ if (extProcStreamCompleted.compareAndSet(false, true)) {
+ synchronized (streamLock) {
+ if (extProcClientCallRequestObserver != null) {
+ extProcClientCallRequestObserver.onError(t);
+ extProcClientCallRequestObserver = null;
+ }
+ }
+ if (config.getFailureModeAllow()) {
+ handleFailOpen(wrappedListener);
+ } else {
+ extProcStreamFailed.set(true);
+ String message = "External processor stream failed";
+ delayedCall.cancel(message, t);
+ wrappedListener.proceedWithClose();
+ }
+ }
+ }
+
+ @Override
+ public void onCompleted() {
+ if (extProcStreamCompleted.compareAndSet(false, true)) {
+ drainingExtProcStream.set(false);
+ handleFailOpen(wrappedListener);
+ }
+ }
+ });
+
+ boolean sendRequestHeaders =
+ currentProcessingMode.getRequestHeaderMode() == ProcessingMode.HeaderSendMode.SEND
+ || currentProcessingMode.getRequestHeaderMode()
+ == ProcessingMode.HeaderSendMode.DEFAULT;
+
+ if (sendRequestHeaders) {
+ sendToExtProc(ProcessingRequest.newBuilder()
+ .setRequestHeaders(HttpHeaders.newBuilder()
+ .setHeaders(toHeaderMap(headers, config.getForwardRulesConfig()))
+ .setEndOfStream(false)
+ .build())
+ .putAllAttributes(
+ collectAttributes(config.getRequestAttributes(), method, channel, headers))
+ .setProtocolConfig(ProtocolConfiguration.newBuilder()
+ .setRequestBodyMode(currentProcessingMode.getRequestBodyMode())
+ .setResponseBodyMode(currentProcessingMode.getResponseBodyMode())
+ .build())
+ .build());
+ }
+
+ if (config.getObservabilityMode() || !sendRequestHeaders) {
+ activateCall();
+ }
+ }
+
+ private void sendToExtProc(ProcessingRequest request) {
+ synchronized (streamLock) {
+ if (extProcStreamCompleted.get()) {
+ return;
+ }
+
+ if (request.hasRequestHeaders()) {
+ expectedResponses.add(EventType.REQUEST_HEADERS);
+ } else if (request.hasRequestBody()) {
+ expectedResponses.add(EventType.REQUEST_BODY);
+ } else if (request.hasResponseHeaders()) {
+ expectedResponses.add(EventType.RESPONSE_HEADERS);
+ } else if (request.hasResponseBody()) {
+ expectedResponses.add(EventType.RESPONSE_BODY);
+ } else if (request.hasResponseTrailers()) {
+ expectedResponses.add(EventType.RESPONSE_TRAILERS);
+ }
+
+ if (extProcClientCallRequestObserver != null) {
+ extProcClientCallRequestObserver.onNext(request);
+ } else {
+ pendingProcessingRequests.add(request);
+ }
+ }
+ }
+
+ private void onExtProcStreamReady() {
+ drainPendingRequests();
+ onReadyNotify();
+ }
+
+ private void drainPendingRequests() {
+ int toRequest = pendingRequests.getAndSet(0);
+ if (toRequest > 0) {
+ super.request(toRequest);
+ }
+ }
+
+ private void closeExtProcStream() {
+ synchronized (streamLock) {
+ if (extProcStreamCompleted.compareAndSet(false, true)) {
+ if (extProcClientCallRequestObserver != null) {
+ extProcClientCallRequestObserver.onCompleted();
+ }
+ }
+ }
+ }
+
+ private void halfCloseExtProcStream() {
+ synchronized (streamLock) {
+ if (!extProcStreamCompleted.get() && extProcClientCallRequestObserver != null) {
+ extProcClientCallRequestObserver.onCompleted();
+ }
+ }
+ }
+
+ private void onReadyNotify() {
+ wrappedListener.onReadyNotify();
+ }
+
+ private boolean isSidecarReady() {
+ if (extProcStreamCompleted.get()) {
+ return true;
+ }
+ if (drainingExtProcStream.get()) {
+ return false;
+ }
+ synchronized (streamLock) {
+ ClientCallStreamObserver observer = extProcClientCallRequestObserver;
+ return observer != null && observer.isReady();
+ }
+ }
+
+ @Override
+ public boolean isReady() {
+ if (passThroughMode.get()) {
+ return super.isReady();
+ }
+ if (extProcStreamCompleted.get()) {
+ return super.isReady();
+ }
+ if (!activated.get() && !config.getObservabilityMode()) {
+ return false;
+ }
+ boolean sidecarReady = isSidecarReady();
+ if (config.getObservabilityMode()) {
+ return super.isReady() && sidecarReady;
+ }
+ return sidecarReady;
+ }
+
+ @Override
+ public void request(int numMessages) {
+ if (passThroughMode.get() || extProcStreamCompleted.get()) {
+ super.request(numMessages);
+ return;
+ }
+ if (!isSidecarReady()) {
+ pendingRequests.addAndGet(numMessages);
+ return;
+ }
+ super.request(numMessages);
+ }
+
+ @Override
+ public void sendMessage(InputStream message) {
+ if (requestSideClosed.get()) {
+ // External processor already closed the request stream. Discard further messages.
+ return;
+ }
+
+ if (passThroughMode.get() || extProcStreamCompleted.get()) {
+ super.sendMessage(message);
+ return;
+ }
+
+ if (currentProcessingMode.getRequestBodyMode() == ProcessingMode.BodySendMode.NONE) {
+ super.sendMessage(message);
+ return;
+ }
+
+ // Mode is GRPC
+ try {
+ byte[] bodyBytes = ByteStreams.toByteArray(message);
+ sendToExtProc(ProcessingRequest.newBuilder()
+ .setRequestBody(HttpBody.newBuilder()
+ .setBody(ByteString.copyFrom(bodyBytes))
+ .setEndOfStream(false)
+ .build())
+ .build());
+
+ if (config.getObservabilityMode()) {
+ super.sendMessage(new ByteArrayInputStream(bodyBytes));
+ }
+ } catch (IOException e) {
+ rawCall.cancel("Failed to serialize message for External Processor", e);
+ }
+ }
+
+ @Override
+ public void halfClose() {
+ halfClosed.set(true);
+ if (passThroughMode.get() || extProcStreamCompleted.get()) {
+ if (requestSideClosed.compareAndSet(false, true)) {
+ super.halfClose();
+ }
+ return;
+ }
+
+ if (currentProcessingMode.getRequestBodyMode() == ProcessingMode.BodySendMode.NONE) {
+ if (requestSideClosed.compareAndSet(false, true)) {
+ super.halfClose();
+ }
+ return;
+ }
+
+ // Mode is GRPC
+ sendToExtProc(ProcessingRequest.newBuilder()
+ .setRequestBody(HttpBody.newBuilder()
+ .setEndOfStreamWithoutMessage(true)
+ .build())
+ .build());
+
+ // Defer super.halfClose() until ext-proc response signals end_of_stream.
+ }
+
+ @Override
+ public void cancel(@Nullable String message, @Nullable Throwable cause) {
+ synchronized (streamLock) {
+ if (!extProcStreamCompleted.get() && extProcClientCallRequestObserver != null) {
+ extProcClientCallRequestObserver.onError(
+ Status.CANCELLED
+ .withDescription(message)
+ .withCause(cause)
+ .asRuntimeException());
+ }
+ }
+ super.cancel(message, cause);
+ }
+
+ private void handleRequestBodyResponse(BodyResponse bodyResponse) {
+ if (bodyResponse.hasResponse() && bodyResponse.getResponse().hasBodyMutation()) {
+ BodyMutation mutation = bodyResponse.getResponse().getBodyMutation();
+ if (mutation.hasStreamedResponse()) {
+ StreamedBodyResponse streamed = mutation.getStreamedResponse();
+ if (!streamed.getBody().isEmpty()) {
+ super.sendMessage(streamed.getBody().newInput());
+ }
+ }
+ }
+ // If the application already half-closed, and we just received a response from
+ // the sidecar for the last part of the request body, we can now half-close the data plane.
+ if (halfClosed.get()) {
+ if (requestSideClosed.compareAndSet(false, true)) {
+ super.halfClose();
+ }
+ }
+ }
+
+ private void handleResponseBodyResponse(
+ BodyResponse bodyResponse, DataPlaneListener listener) {
+ if (bodyResponse.hasResponse() && bodyResponse.getResponse().hasBodyMutation()) {
+ BodyMutation mutation = bodyResponse.getResponse().getBodyMutation();
+ if (mutation.hasStreamedResponse()) {
+ StreamedBodyResponse streamed = mutation.getStreamedResponse();
+ if (!streamed.getBody().isEmpty()) {
+ listener.onExternalBody(streamed.getBody());
+ }
+ if (streamed.getEndOfStream() || streamed.getEndOfStreamWithoutMessage()) {
+ listener.proceedWithClose();
+ }
+ }
+ }
+ }
+
+ private void handleImmediateResponse(ImmediateResponse immediate, DataPlaneListener listener)
+ throws HeaderMutationDisallowedException {
+ Status status = Status.fromCodeValue(immediate.getGrpcStatus().getStatus());
+ if (!immediate.getDetails().isEmpty()) {
+ status = status.withDescription(immediate.getDetails());
+ }
+
+ Metadata trailers = new Metadata();
+ if (immediate.hasHeaders()) {
+ applyHeaderMutations(trailers, immediate.getHeaders());
+ }
+
+ // ImmediateResponse should take precedence over any other closure
+ // if it arrives before the app is notified.
+ listener.savedStatus = status;
+ listener.savedTrailers = trailers;
+
+ if (isProcessingTrailers.get()) {
+ // If sent in response to a server trailers event, sets the status and optionally
+ // headers to be included in the trailers.
+ listener.unblockAfterStreamComplete();
+ } else {
+ // If sent in response to any other event, it will cause the data plane RPC to
+ // immediately fail with the specified status as if it were an out-of-band
+ // cancellation.
+ rawCall.cancel(status.getDescription(), null);
+ listener.unblockAfterStreamComplete();
+ }
+ closeExtProcStream();
+ }
+
+ private void handleFailOpen(DataPlaneListener listener) {
+ activateCall();
+ listener.unblockAfterStreamComplete();
+ closeExtProcStream();
+ }
+
+ private void checkEndOfStream(ProcessingResponse response) {
+ boolean terminal = false;
+ if (response.hasResponseTrailers()) {
+ terminal = true;
+ } else if (response.hasResponseHeaders() && wrappedListener.trailersOnly.get()) {
+ terminal = true;
+ }
+
+ if (terminal) {
+ wrappedListener.unblockAfterStreamComplete();
+ closeExtProcStream();
+ }
+ }
+ }
+
+ private static class DataPlaneListener extends ClientCall.Listener {
+ private final ClientCall.Listener delegate;
+ private final ClientCall rawCall;
+ private final DataPlaneClientCall dataPlaneClientCall;
+ private final Queue savedMessages = new ConcurrentLinkedQueue<>();
+ private volatile Metadata savedHeaders;
+ private volatile Metadata savedTrailers;
+ private volatile Status savedStatus;
+ private final AtomicBoolean terminationTriggered = new AtomicBoolean(false);
+ private final AtomicBoolean responseHeadersSent = new AtomicBoolean(false);
+ private final AtomicBoolean trailersOnly = new AtomicBoolean(false);
+
+ protected DataPlaneListener(
+ ClientCall.Listener delegate,
+ ClientCall rawCall,
+ DataPlaneClientCall dataPlaneClientCall) {
+ this.delegate = checkNotNull(delegate, "delegate");
+ this.rawCall = rawCall;
+ this.dataPlaneClientCall = dataPlaneClientCall;
+ }
+
+ @Override
+ public void onReady() {
+ dataPlaneClientCall.drainPendingRequests();
+ onReadyNotify();
+ }
+
+ void onReadyNotify() {
+ delegate.onReady();
+ }
+
+ @Override
+ public void onHeaders(Metadata headers) {
+ responseHeadersSent.set(true);
+ boolean sendResponseHeaders =
+ dataPlaneClientCall.currentProcessingMode.getResponseHeaderMode()
+ == ProcessingMode.HeaderSendMode.SEND
+ || dataPlaneClientCall.currentProcessingMode.getResponseHeaderMode()
+ == ProcessingMode.HeaderSendMode.DEFAULT;
+
+ if (dataPlaneClientCall.passThroughMode.get()
+ || dataPlaneClientCall.extProcStreamCompleted.get()
+ || !sendResponseHeaders) {
+ delegate.onHeaders(headers);
+ return;
+ }
+
+ this.savedHeaders = headers;
+ dataPlaneClientCall.sendToExtProc(ProcessingRequest.newBuilder()
+ .setResponseHeaders(HttpHeaders.newBuilder()
+ .setHeaders(
+ toHeaderMap(headers, dataPlaneClientCall.config.getForwardRulesConfig()))
+ .build())
+ .build());
+
+ if (dataPlaneClientCall.config.getObservabilityMode()) {
+ proceedWithHeaders();
+ }
+ }
+
+ void proceedWithHeaders() {
+ if (savedHeaders != null) {
+ delegate.onHeaders(savedHeaders);
+ savedHeaders = null;
+ InputStream msg;
+ while ((msg = savedMessages.poll()) != null) {
+ onMessage(msg);
+ }
+ onReadyNotify();
+ if (savedStatus != null) {
+ triggerCloseHandshake();
+ }
+ }
+ }
+
+ @Override
+ public void onMessage(InputStream message) {
+ if (dataPlaneClientCall.passThroughMode.get()) {
+ delegate.onMessage(message);
+ return;
+ }
+
+ if (savedHeaders != null) {
+ savedMessages.add(message);
+ return;
+ }
+
+ if (dataPlaneClientCall.extProcStreamCompleted.get()
+ || dataPlaneClientCall.currentProcessingMode.getResponseBodyMode()
+ != ProcessingMode.BodySendMode.GRPC) {
+ delegate.onMessage(message);
+ return;
+ }
+
+ try {
+ byte[] bodyBytes = ByteStreams.toByteArray(message);
+ sendResponseBodyToExtProc(bodyBytes, false);
+
+ if (dataPlaneClientCall.config.getObservabilityMode()) {
+ delegate.onMessage(new ByteArrayInputStream(bodyBytes));
+ }
+ } catch (IOException e) {
+ rawCall.cancel("Failed to read server response", e);
+ }
+ }
+
+ @Override
+ public void onClose(Status status, Metadata trailers) {
+ if (dataPlaneClientCall.extProcStreamFailed.get()) {
+ if (dataPlaneClientCall.notifiedApp.compareAndSet(false, true)) {
+ delegate.onClose(Status.UNAVAILABLE.withDescription("External processor stream failed")
+ .withCause(status.getCause()), new Metadata());
+ }
+ return;
+ }
+ if (dataPlaneClientCall.passThroughMode.get()) {
+ if (dataPlaneClientCall.notifiedApp.compareAndSet(false, true)) {
+ delegate.onClose(status, trailers);
+ }
+ return;
+ }
+
+ this.savedStatus = status;
+ this.savedTrailers = trailers;
+
+ if (dataPlaneClientCall.extProcStreamCompleted.get()) {
+ proceedWithClose();
+ return;
+ }
+
+ if (savedHeaders != null) {
+ return;
+ }
+
+ if (!responseHeadersSent.get()) {
+ trailersOnly.set(true);
+ }
+
+ triggerCloseHandshake();
+
+ if (dataPlaneClientCall.config.getObservabilityMode()) {
+ proceedWithClose();
+ @SuppressWarnings("unused")
+ ScheduledFuture unused = dataPlaneClientCall.scheduler.schedule(
+ dataPlaneClientCall::closeExtProcStream,
+ dataPlaneClientCall.config.getDeferredCloseTimeoutNanos(),
+ TimeUnit.NANOSECONDS);
+ }
+ }
+
+ private void triggerCloseHandshake() {
+ if (dataPlaneClientCall.extProcStreamCompleted.get()
+ || !terminationTriggered.compareAndSet(false, true)) {
+ return;
+ }
+
+ if (trailersOnly.get()) {
+ dataPlaneClientCall.sendToExtProc(ProcessingRequest.newBuilder()
+ .setResponseHeaders(HttpHeaders.newBuilder()
+ .setHeaders(
+ toHeaderMap(
+ savedTrailers,
+ dataPlaneClientCall.config.getForwardRulesConfig()))
+ .setEndOfStream(true)
+ .build())
+ .build());
+ return;
+ }
+
+ boolean sendResponseTrailers =
+ dataPlaneClientCall.currentProcessingMode.getResponseTrailerMode()
+ == ProcessingMode.HeaderSendMode.SEND;
+
+ if (sendResponseTrailers) {
+ dataPlaneClientCall.isProcessingTrailers.set(true);
+ dataPlaneClientCall.sendToExtProc(ProcessingRequest.newBuilder()
+ .setResponseTrailers(HttpTrailers.newBuilder()
+ .setTrailers(
+ toHeaderMap(
+ savedTrailers,
+ dataPlaneClientCall.config.getForwardRulesConfig()))
+ .build())
+ .build());
+ } else {
+ // Send EOS signal via empty body
+ dataPlaneClientCall.sendToExtProc(ProcessingRequest.newBuilder()
+ .setResponseBody(HttpBody.newBuilder()
+ .setEndOfStreamWithoutMessage(true)
+ .build())
+ .build());
+
+ if (dataPlaneClientCall.config.getObservabilityMode()) {
+ // In observability mode we don't wait for handshake response
+ proceedWithClose();
+ }
+ }
+ }
+
+ private void sendResponseBodyToExtProc(@Nullable byte[] bodyBytes, boolean endOfStream) {
+ if (dataPlaneClientCall.extProcStreamCompleted.get()
+ || dataPlaneClientCall.currentProcessingMode.getResponseBodyMode()
+ != ProcessingMode.BodySendMode.GRPC) {
+ return;
+ }
+
+ HttpBody.Builder bodyBuilder =
+ HttpBody.newBuilder();
+ if (bodyBytes != null) {
+ bodyBuilder.setBody(ByteString.copyFrom(bodyBytes));
+ }
+ bodyBuilder.setEndOfStream(endOfStream);
+
+ dataPlaneClientCall.sendToExtProc(ProcessingRequest.newBuilder()
+ .setResponseBody(bodyBuilder.build())
+ .build());
+ }
+
+ void proceedWithClose() {
+ if (savedStatus != null) {
+ if (dataPlaneClientCall.notifiedApp.compareAndSet(false, true)) {
+ delegate.onClose(savedStatus, savedTrailers);
+ }
+ savedStatus = null;
+ savedTrailers = null;
+ }
+ }
+
+ void onExternalBody(ByteString body) {
+ delegate.onMessage(body.newInput());
+ }
+
+ void unblockAfterStreamComplete() {
+ proceedWithHeaders();
+ dataPlaneClientCall.passThroughMode.set(true);
+ proceedWithClose();
+ }
+ }
+ }
+}
diff --git a/xds/src/main/java/io/grpc/xds/FaultFilter.java b/xds/src/main/java/io/grpc/xds/FaultFilter.java
index 0f3bb5b0557..e0533889d74 100644
--- a/xds/src/main/java/io/grpc/xds/FaultFilter.java
+++ b/xds/src/main/java/io/grpc/xds/FaultFilter.java
@@ -104,7 +104,8 @@ public FaultFilter newInstance(String name) {
}
@Override
- public ConfigOrError parseFilterConfig(Message rawProtoMessage) {
+ public ConfigOrError parseFilterConfig(
+ Message rawProtoMessage, FilterContext context) {
HTTPFault httpFaultProto;
if (!(rawProtoMessage instanceof Any)) {
return ConfigOrError.fromError("Invalid config type: " + rawProtoMessage.getClass());
@@ -119,8 +120,9 @@ public ConfigOrError parseFilterConfig(Message rawProtoMessage) {
}
@Override
- public ConfigOrError parseFilterConfigOverride(Message rawProtoMessage) {
- return parseFilterConfig(rawProtoMessage);
+ public ConfigOrError parseFilterConfigOverride(
+ Message rawProtoMessage, FilterContext context) {
+ return parseFilterConfig(rawProtoMessage, context);
}
private static ConfigOrError parseHttpFault(HTTPFault httpFault) {
diff --git a/xds/src/main/java/io/grpc/xds/Filter.java b/xds/src/main/java/io/grpc/xds/Filter.java
index 416d929becf..d70b3063a50 100644
--- a/xds/src/main/java/io/grpc/xds/Filter.java
+++ b/xds/src/main/java/io/grpc/xds/Filter.java
@@ -16,10 +16,14 @@
package io.grpc.xds;
+
+import com.google.auto.value.AutoValue;
import com.google.common.base.MoreObjects;
import com.google.protobuf.Message;
import io.grpc.ClientInterceptor;
import io.grpc.ServerInterceptor;
+import io.grpc.xds.client.Bootstrapper.BootstrapInfo;
+import io.grpc.xds.client.Bootstrapper.ServerInfo;
import java.io.Closeable;
import java.util.Objects;
import java.util.concurrent.ScheduledExecutorService;
@@ -93,13 +97,15 @@ default boolean isServerFilter() {
* Parses the top-level filter config from raw proto message. The message may be either a {@link
* com.google.protobuf.Any} or a {@link com.google.protobuf.Struct}.
*/
- ConfigOrError parseFilterConfig(Message rawProtoMessage);
+ ConfigOrError parseFilterConfig(
+ Message rawProtoMessage, FilterContext context);
/**
* Parses the per-filter override filter config from raw proto message. The message may be
* either a {@link com.google.protobuf.Any} or a {@link com.google.protobuf.Struct}.
*/
- ConfigOrError parseFilterConfigOverride(Message rawProtoMessage);
+ ConfigOrError parseFilterConfigOverride(
+ Message rawProtoMessage, FilterContext context);
}
/** Uses the FilterConfigs produced above to produce an HTTP filter interceptor for clients. */
@@ -125,6 +131,27 @@ default ServerInterceptor buildServerInterceptor(
@Override
default void close() {}
+ /** Context carrying dynamic metadata for a filter. */
+ @AutoValue
+ abstract static class FilterContext {
+ abstract BootstrapInfo bootstrapInfo();
+
+ abstract ServerInfo serverInfo();
+
+ static Builder builder() {
+ return new AutoValue_Filter_FilterContext.Builder();
+ }
+
+ @AutoValue.Builder
+ abstract static class Builder {
+ abstract Builder bootstrapInfo(BootstrapInfo info);
+
+ abstract Builder serverInfo(ServerInfo info);
+
+ abstract FilterContext build();
+ }
+ }
+
/** Filter config with instance name. */
final class NamedFilterConfig {
// filter instance name
diff --git a/xds/src/main/java/io/grpc/xds/FilterRegistry.java b/xds/src/main/java/io/grpc/xds/FilterRegistry.java
index da3a59fe8c1..29241fc1da8 100644
--- a/xds/src/main/java/io/grpc/xds/FilterRegistry.java
+++ b/xds/src/main/java/io/grpc/xds/FilterRegistry.java
@@ -17,6 +17,7 @@
package io.grpc.xds;
import com.google.common.annotations.VisibleForTesting;
+import io.grpc.internal.GrpcUtil;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.Nullable;
@@ -39,6 +40,9 @@ static synchronized FilterRegistry getDefaultRegistry() {
new RouterFilter.Provider(),
new RbacFilter.Provider(),
new GcpAuthenticationFilter.Provider());
+ if (GrpcUtil.getFlag("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT", false)) {
+ instance.register(new ExternalProcessorFilter.Provider());
+ }
}
return instance;
}
diff --git a/xds/src/main/java/io/grpc/xds/GcpAuthenticationFilter.java b/xds/src/main/java/io/grpc/xds/GcpAuthenticationFilter.java
index 8ec02f4f809..78d20edec46 100644
--- a/xds/src/main/java/io/grpc/xds/GcpAuthenticationFilter.java
+++ b/xds/src/main/java/io/grpc/xds/GcpAuthenticationFilter.java
@@ -86,7 +86,8 @@ public GcpAuthenticationFilter newInstance(String name) {
}
@Override
- public ConfigOrError parseFilterConfig(Message rawProtoMessage) {
+ public ConfigOrError parseFilterConfig(
+ Message rawProtoMessage, FilterContext context) {
GcpAuthnFilterConfig gcpAuthnProto;
if (!(rawProtoMessage instanceof Any)) {
return ConfigOrError.fromError("Invalid config type: " + rawProtoMessage.getClass());
@@ -121,8 +122,8 @@ public ConfigOrError parseFilterConfig(Message rawProto
@Override
public ConfigOrError parseFilterConfigOverride(
- Message rawProtoMessage) {
- return parseFilterConfig(rawProtoMessage);
+ Message rawProtoMessage, FilterContext context) {
+ return parseFilterConfig(rawProtoMessage, context);
}
}
diff --git a/xds/src/main/java/io/grpc/xds/RbacFilter.java b/xds/src/main/java/io/grpc/xds/RbacFilter.java
index 91df1e68802..035bfd06607 100644
--- a/xds/src/main/java/io/grpc/xds/RbacFilter.java
+++ b/xds/src/main/java/io/grpc/xds/RbacFilter.java
@@ -94,7 +94,8 @@ public RbacFilter newInstance(String name) {
}
@Override
- public ConfigOrError parseFilterConfig(Message rawProtoMessage) {
+ public ConfigOrError parseFilterConfig(
+ Message rawProtoMessage, FilterContext context) {
RBAC rbacProto;
if (!(rawProtoMessage instanceof Any)) {
return ConfigOrError.fromError("Invalid config type: " + rawProtoMessage.getClass());
@@ -109,7 +110,8 @@ public ConfigOrError parseFilterConfig(Message rawProtoMessage) {
}
@Override
- public ConfigOrError parseFilterConfigOverride(Message rawProtoMessage) {
+ public ConfigOrError parseFilterConfigOverride(
+ Message rawProtoMessage, FilterContext context) {
RBACPerRoute rbacPerRoute;
if (!(rawProtoMessage instanceof Any)) {
return ConfigOrError.fromError("Invalid config type: " + rawProtoMessage.getClass());
diff --git a/xds/src/main/java/io/grpc/xds/RouterFilter.java b/xds/src/main/java/io/grpc/xds/RouterFilter.java
index 504c4213149..c80e57c9010 100644
--- a/xds/src/main/java/io/grpc/xds/RouterFilter.java
+++ b/xds/src/main/java/io/grpc/xds/RouterFilter.java
@@ -61,13 +61,14 @@ public RouterFilter newInstance(String name) {
}
@Override
- public ConfigOrError parseFilterConfig(Message rawProtoMessage) {
+ public ConfigOrError parseFilterConfig(
+ Message rawProtoMessage, FilterContext context) {
return ConfigOrError.fromConfig(ROUTER_CONFIG);
}
@Override
public ConfigOrError parseFilterConfigOverride(
- Message rawProtoMessage) {
+ Message rawProtoMessage, FilterContext context) {
return ConfigOrError.fromError("Router Filter should not have override config");
}
}
diff --git a/xds/src/main/java/io/grpc/xds/XdsListenerResource.java b/xds/src/main/java/io/grpc/xds/XdsListenerResource.java
index 041b659b4c3..4bf1b0066c2 100644
--- a/xds/src/main/java/io/grpc/xds/XdsListenerResource.java
+++ b/xds/src/main/java/io/grpc/xds/XdsListenerResource.java
@@ -527,7 +527,7 @@ static io.grpc.xds.HttpConnectionManager parseHttpConnectionManager(
"HttpConnectionManager contains duplicate HttpFilter: " + filterName);
}
StructOrError filterConfig =
- parseHttpFilter(httpFilter, filterRegistry, isForClient);
+ parseHttpFilter(httpFilter, filterRegistry, isForClient, args);
if ((i == proto.getHttpFiltersCount() - 1)
&& (filterConfig == null || !isTerminalFilter(filterConfig.getStruct()))) {
throw new ResourceInvalidException("The last HttpFilter must be a terminal filter: "
@@ -581,7 +581,8 @@ private static boolean isTerminalFilter(Filter.FilterConfig filterConfig) {
@Nullable // Returns null if the filter is optional but not supported.
static StructOrError parseHttpFilter(
io.envoyproxy.envoy.extensions.filters.network.http_connection_manager.v3.HttpFilter
- httpFilter, FilterRegistry filterRegistry, boolean isForClient) {
+ httpFilter, FilterRegistry filterRegistry, boolean isForClient,
+ XdsResourceType.Args args) {
String filterName = httpFilter.getName();
boolean isOptional = httpFilter.getIsOptional();
if (!httpFilter.hasTypedConfig()) {
@@ -616,7 +617,13 @@ static StructOrError parseHttpFilter(
"HttpFilter [" + filterName + "](" + typeUrl + ") is required but unsupported for " + (
isForClient ? "client" : "server"));
}
- ConfigOrError filterConfig = provider.parseFilterConfig(rawConfig);
+
+ Filter.FilterContext filterContext = Filter.FilterContext.builder()
+ .bootstrapInfo(args.getBootstrapInfo())
+ .serverInfo(args.getServerInfo())
+ .build();
+ ConfigOrError filterConfig =
+ provider.parseFilterConfig(rawConfig, filterContext);
if (filterConfig.errorDetail != null) {
return StructOrError.fromError(
"Invalid filter config for HttpFilter [" + filterName + "]: " + filterConfig.errorDetail);
diff --git a/xds/src/main/java/io/grpc/xds/XdsNameResolver.java b/xds/src/main/java/io/grpc/xds/XdsNameResolver.java
index 69b0b824433..78550582d27 100644
--- a/xds/src/main/java/io/grpc/xds/XdsNameResolver.java
+++ b/xds/src/main/java/io/grpc/xds/XdsNameResolver.java
@@ -110,7 +110,7 @@ final class XdsNameResolver extends NameResolver {
@Nullable
private final String targetAuthority;
private final String serviceAuthority;
- // Encoded version of the service authority as per
+ // Encoded version of the service authority as per
// https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.
private final String encodedServiceAuthority;
private final String overrideAuthority;
@@ -154,8 +154,8 @@ final class XdsNameResolver extends NameResolver {
this(target, targetAuthority, name, overrideAuthority, serviceConfigParser,
syncContext, scheduler,
bootstrapOverride == null
- ? SharedXdsClientPoolProvider.getDefaultProvider()
- : new SharedXdsClientPoolProvider(),
+ ? SharedXdsClientPoolProvider.getDefaultProvider()
+ : new SharedXdsClientPoolProvider(),
ThreadSafeRandomImpl.instance, FilterRegistry.getDefaultRegistry(), bootstrapOverride,
metricRecorder, nameResolverArgs);
}
@@ -172,8 +172,8 @@ final class XdsNameResolver extends NameResolver {
// The name might have multiple slashes so encode it before verifying.
serviceAuthority = checkNotNull(name, "name");
- this.encodedServiceAuthority =
- GrpcUtil.checkAuthority(GrpcUtil.AuthorityEscaper.encodeAuthority(serviceAuthority));
+ this.encodedServiceAuthority =
+ GrpcUtil.checkAuthority(GrpcUtil.AuthorityEscaper.encodeAuthority(serviceAuthority));
this.overrideAuthority = overrideAuthority;
this.serviceConfigParser = checkNotNull(serviceConfigParser, "serviceConfigParser");
@@ -234,7 +234,7 @@ public void start(Listener2 listener) {
}
String ldsResourceName = expandPercentS(listenerNameTemplate, replacement);
if (!XdsClient.isResourceNameValid(ldsResourceName, XdsListenerResource.getInstance().typeUrl())
- ) {
+ ) {
listener.onError(Status.INVALID_ARGUMENT.withDescription(
"invalid listener resource URI for service authority: " + serviceAuthority));
return;
@@ -921,8 +921,8 @@ private void cleanUpRoutes(Status error) {
// the config selector handles the error message itself.
listener.onResult2(ResolutionResult.newBuilder()
.setAttributes(Attributes.newBuilder()
- .set(InternalConfigSelector.KEY, configSelector)
- .build())
+ .set(InternalConfigSelector.KEY, configSelector)
+ .build())
.setServiceConfig(emptyServiceConfig)
.build());
}
diff --git a/xds/src/main/java/io/grpc/xds/XdsNameResolverProvider.java b/xds/src/main/java/io/grpc/xds/XdsNameResolverProvider.java
index 51b1ff49bf0..c395c363acb 100644
--- a/xds/src/main/java/io/grpc/xds/XdsNameResolverProvider.java
+++ b/xds/src/main/java/io/grpc/xds/XdsNameResolverProvider.java
@@ -63,7 +63,7 @@ public XdsNameResolverProvider() {
}
private XdsNameResolverProvider(String scheme,
- @Nullable Map bootstrapOverride) {
+ @Nullable Map bootstrapOverride) {
this.scheme = checkNotNull(scheme, "scheme");
this.bootstrapOverride = bootstrapOverride;
}
@@ -73,7 +73,7 @@ private XdsNameResolverProvider(String scheme,
* and bootstrap.
*/
public static XdsNameResolverProvider createForTest(String scheme,
- @Nullable Map bootstrapOverride) {
+ @Nullable Map bootstrapOverride) {
return new XdsNameResolverProvider(scheme, bootstrapOverride);
}
diff --git a/xds/src/main/java/io/grpc/xds/XdsRouteConfigureResource.java b/xds/src/main/java/io/grpc/xds/XdsRouteConfigureResource.java
index 24ec0659b42..890a2936861 100644
--- a/xds/src/main/java/io/grpc/xds/XdsRouteConfigureResource.java
+++ b/xds/src/main/java/io/grpc/xds/XdsRouteConfigureResource.java
@@ -198,7 +198,7 @@ private static StructOrError parseVirtualHost(
routes.add(route.getStruct());
}
StructOrError> overrideConfigs =
- parseOverrideFilterConfigs(proto.getTypedPerFilterConfigMap(), filterRegistry);
+ parseOverrideFilterConfigs(proto.getTypedPerFilterConfigMap(), filterRegistry, args);
if (overrideConfigs.getErrorDetail() != null) {
return StructOrError.fromError(
"VirtualHost [" + proto.getName() + "] contains invalid HttpFilter config: "
@@ -210,7 +210,12 @@ private static StructOrError parseVirtualHost(
@VisibleForTesting
static StructOrError> parseOverrideFilterConfigs(
- Map rawFilterConfigMap, FilterRegistry filterRegistry) {
+ Map rawFilterConfigMap, FilterRegistry filterRegistry,
+ XdsResourceType.Args args) {
+ Filter.FilterContext context = Filter.FilterContext.builder()
+ .bootstrapInfo(args.getBootstrapInfo())
+ .serverInfo(args.getServerInfo())
+ .build();
Map overrideConfigs = new HashMap<>();
for (String name : rawFilterConfigMap.keySet()) {
Any anyConfig = rawFilterConfigMap.get(name);
@@ -254,7 +259,7 @@ static StructOrError> parseOverrideFilterConfigs(
"HttpFilter [" + name + "](" + typeUrl + ") is required but unsupported");
}
ConfigOrError filterConfig =
- provider.parseFilterConfigOverride(rawConfig);
+ provider.parseFilterConfigOverride(rawConfig, context);
if (filterConfig.errorDetail != null) {
return StructOrError.fromError(
"Invalid filter config for HttpFilter [" + name + "]: " + filterConfig.errorDetail);
@@ -281,7 +286,7 @@ static StructOrError parseRoute(
}
StructOrError> overrideConfigsOrError =
- parseOverrideFilterConfigs(proto.getTypedPerFilterConfigMap(), filterRegistry);
+ parseOverrideFilterConfigs(proto.getTypedPerFilterConfigMap(), filterRegistry, args);
if (overrideConfigsOrError.getErrorDetail() != null) {
return StructOrError.fromError(
"Route [" + proto.getName() + "] contains invalid HttpFilter config: "
@@ -490,7 +495,7 @@ static StructOrError parseRouteAction(
for (io.envoyproxy.envoy.config.route.v3.WeightedCluster.ClusterWeight clusterWeight
: clusterWeights) {
StructOrError clusterWeightOrError =
- parseClusterWeight(clusterWeight, filterRegistry);
+ parseClusterWeight(clusterWeight, filterRegistry, args);
if (clusterWeightOrError.getErrorDetail() != null) {
return StructOrError.fromError("RouteAction contains invalid ClusterWeight: "
+ clusterWeightOrError.getErrorDetail());
@@ -599,9 +604,9 @@ private static StructOrError parseRet
@VisibleForTesting
static StructOrError parseClusterWeight(
io.envoyproxy.envoy.config.route.v3.WeightedCluster.ClusterWeight proto,
- FilterRegistry filterRegistry) {
+ FilterRegistry filterRegistry, XdsResourceType.Args args) {
StructOrError> overrideConfigs =
- parseOverrideFilterConfigs(proto.getTypedPerFilterConfigMap(), filterRegistry);
+ parseOverrideFilterConfigs(proto.getTypedPerFilterConfigMap(), filterRegistry, args);
if (overrideConfigs.getErrorDetail() != null) {
return StructOrError.fromError(
"ClusterWeight [" + proto.getName() + "] contains invalid HttpFilter config: "
diff --git a/xds/src/main/java/io/grpc/xds/internal/MatcherParser.java b/xds/src/main/java/io/grpc/xds/internal/MatcherParser.java
index 91b77b05d01..4303ef5efce 100644
--- a/xds/src/main/java/io/grpc/xds/internal/MatcherParser.java
+++ b/xds/src/main/java/io/grpc/xds/internal/MatcherParser.java
@@ -16,11 +16,22 @@
package io.grpc.xds.internal;
+import com.google.common.collect.ImmutableList;
import com.google.re2j.Pattern;
import com.google.re2j.PatternSyntaxException;
// TODO(zivy@): may reuse common matchers parsers.
public final class MatcherParser {
+ /** Translate ListStringMatcher envoy proto to a list of internal StringMatcher. */
+ public static ImmutableList parseListStringMatcher(
+ io.envoyproxy.envoy.type.matcher.v3.ListStringMatcher proto) {
+ ImmutableList.Builder matchers = ImmutableList.builder();
+ for (io.envoyproxy.envoy.type.matcher.v3.StringMatcher matcherProto : proto.getPatternsList()) {
+ matchers.add(parseStringMatcher(matcherProto));
+ }
+ return matchers.build();
+ }
+
/** Translates envoy proto HeaderMatcher to internal HeaderMatcher.*/
public static Matchers.HeaderMatcher parseHeaderMatcher(
io.envoyproxy.envoy.config.route.v3.HeaderMatcher proto) {
diff --git a/xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java b/xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java
deleted file mode 100644
index 5aeb44c6e2a..00000000000
--- a/xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * Copyright 2025 The gRPC Authors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package io.grpc.xds.internal.extauthz;
-
-import com.google.auto.value.AutoValue;
-import com.google.common.collect.ImmutableList;
-import io.grpc.Status;
-import io.grpc.xds.internal.Matchers;
-import io.grpc.xds.internal.grpcservice.GrpcServiceConfig;
-import io.grpc.xds.internal.headermutations.HeaderMutationRulesConfig;
-import java.util.Optional;
-
-/**
- * Represents the configuration for the external authorization (ext_authz) filter. This class
- * encapsulates the settings defined in the
- * {@link io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz} proto, providing a
- * structured, immutable representation for use within gRPC. It includes configurations for the gRPC
- * service used for authorization, header mutation rules, and other filter behaviors.
- */
-@AutoValue
-public abstract class ExtAuthzConfig {
-
- /** Creates a new builder for creating {@link ExtAuthzConfig} instances. */
- public static Builder builder() {
- return new AutoValue_ExtAuthzConfig.Builder().allowedHeaders(ImmutableList.of())
- .disallowedHeaders(ImmutableList.of()).statusOnError(Status.PERMISSION_DENIED)
- .filterEnabled(Matchers.FractionMatcher.create(100, 100));
- }
-
- /**
- * The gRPC service configuration for the external authorization service. This is a required
- * field.
- *
- * @see ExtAuthz#getGrpcService()
- */
- public abstract GrpcServiceConfig grpcService();
-
- /**
- * Changes the filter's behavior on errors from the authorization service. If {@code true}, the
- * filter will accept the request even if the authorization service fails or returns an error.
- *
- * @see ExtAuthz#getFailureModeAllow()
- */
- public abstract boolean failureModeAllow();
-
- /**
- * Determines if the {@code x-envoy-auth-failure-mode-allowed} header is added to the request when
- * {@link #failureModeAllow()} is true.
- *
- * @see ExtAuthz#getFailureModeAllowHeaderAdd()
- */
- public abstract boolean failureModeAllowHeaderAdd();
-
- /**
- * Specifies if the peer certificate is sent to the external authorization service.
- *
- * @see ExtAuthz#getIncludePeerCertificate()
- */
- public abstract boolean includePeerCertificate();
-
- /**
- * The gRPC status returned to the client when the authorization server returns an error or is
- * unreachable. Defaults to {@code PERMISSION_DENIED}.
- *
- * @see io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz#getStatusOnError()
- */
- public abstract Status statusOnError();
-
- /**
- * Specifies whether to deny requests when the filter is disabled. Defaults to {@code false}.
- *
- * @see ExtAuthz#getDenyAtDisable()
- */
- public abstract boolean denyAtDisable();
-
- /**
- * The fraction of requests that will be checked by the authorization service. Defaults to all
- * requests.
- *
- * @see ExtAuthz#getFilterEnabled()
- */
- public abstract Matchers.FractionMatcher filterEnabled();
-
- /**
- * Specifies which request headers are sent to the authorization service. If empty, all headers
- * are sent.
- *
- * @see ExtAuthz#getAllowedHeaders()
- */
- public abstract ImmutableList allowedHeaders();
-
- /**
- * Specifies which request headers are not sent to the authorization service. This overrides
- * {@link #allowedHeaders()}.
- *
- * @see ExtAuthz#getDisallowedHeaders()
- */
- public abstract ImmutableList disallowedHeaders();
-
- /**
- * Rules for what modifications an ext_authz server may make to request headers.
- *
- * @see ExtAuthz#getDecoderHeaderMutationRules()
- */
- public abstract Optional decoderHeaderMutationRules();
-
- @AutoValue.Builder
- public abstract static class Builder {
- public abstract Builder grpcService(GrpcServiceConfig grpcService);
-
- public abstract Builder failureModeAllow(boolean failureModeAllow);
-
- public abstract Builder failureModeAllowHeaderAdd(boolean failureModeAllowHeaderAdd);
-
- public abstract Builder includePeerCertificate(boolean includePeerCertificate);
-
- public abstract Builder statusOnError(Status statusOnError);
-
- public abstract Builder denyAtDisable(boolean denyAtDisable);
-
- public abstract Builder filterEnabled(Matchers.FractionMatcher filterEnabled);
-
- public abstract Builder allowedHeaders(Iterable allowedHeaders);
-
- public abstract Builder disallowedHeaders(Iterable disallowedHeaders);
-
- public abstract Builder decoderHeaderMutationRules(HeaderMutationRulesConfig rules);
-
- public abstract ExtAuthzConfig build();
- }
-}
diff --git a/xds/src/main/java/io/grpc/xds/internal/grpcservice/CachedChannelManager.java b/xds/src/main/java/io/grpc/xds/internal/grpcservice/CachedChannelManager.java
new file mode 100644
index 00000000000..779cea29e5d
--- /dev/null
+++ b/xds/src/main/java/io/grpc/xds/internal/grpcservice/CachedChannelManager.java
@@ -0,0 +1,138 @@
+/*
+ * Copyright 2026 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds.internal.grpcservice;
+
+import static com.google.common.base.Preconditions.checkNotNull;
+
+import com.google.auto.value.AutoValue;
+import com.google.common.annotations.VisibleForTesting;
+import io.grpc.ManagedChannel;
+import io.grpc.xds.client.ConfiguredChannelCredentials.ChannelCredsConfig;
+import io.grpc.xds.internal.grpcservice.GrpcServiceConfig.GoogleGrpcConfig;
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.function.Function;
+
+/**
+ * Concrete class managing the lifecycle of a single ManagedChannel for a GrpcServiceConfig.
+ */
+public class CachedChannelManager {
+ private final Function channelCreator;
+ private final Object lock = new Object();
+
+ private final AtomicReference channelHolder = new AtomicReference<>();
+ private boolean closed;
+
+ /**
+ * Default constructor for production that creates a channel using the config's target and
+ * credentials.
+ */
+ public CachedChannelManager() {
+ this(config -> {
+ GoogleGrpcConfig googleGrpc = config.googleGrpc();
+ return io.grpc.Grpc.newChannelBuilder(googleGrpc.target(),
+ googleGrpc.configuredChannelCredentials().channelCredentials()).build();
+ });
+ }
+
+ /**
+ * Constructor for testing to inject a channel creator.
+ */
+ @VisibleForTesting
+ public CachedChannelManager(Function channelCreator) {
+ this.channelCreator = checkNotNull(channelCreator, "channelCreator");
+ }
+
+ /**
+ * Returns a ManagedChannel for the given configuration. If the target or credentials config
+ * changes, the old channel is shut down and a new one is created.
+ */
+ public ManagedChannel getChannel(GrpcServiceConfig config) {
+ GoogleGrpcConfig googleGrpc = config.googleGrpc();
+ ChannelKey newChannelKey = ChannelKey.of(
+ googleGrpc.target(),
+ googleGrpc.configuredChannelCredentials().channelCredsConfig());
+
+ // 1. Fast path: Lock-free read
+ ChannelHolder holder = channelHolder.get();
+ if (holder != null && holder.channelKey().equals(newChannelKey)) {
+ return holder.channel();
+ }
+
+ ManagedChannel oldChannel = null;
+ ManagedChannel newChannel;
+
+ // 2. Slow path: Update with locking
+ synchronized (lock) {
+ if (closed) {
+ throw new IllegalStateException("CachedChannelManager is closed");
+ }
+ holder = channelHolder.get(); // Double check
+ if (holder != null && holder.channelKey().equals(newChannelKey)) {
+ return holder.channel();
+ }
+
+ // 3. Create inside lock to avoid creation storms
+ newChannel = channelCreator.apply(config);
+ ChannelHolder newHolder = ChannelHolder.create(newChannelKey, newChannel);
+
+ if (holder != null) {
+ oldChannel = holder.channel();
+ }
+ channelHolder.set(newHolder);
+ }
+
+ // 4. Shutdown outside lock
+ if (oldChannel != null) {
+ oldChannel.shutdown();
+ }
+
+ return newChannel;
+ }
+
+ /** Removes underlying resources on shutdown. */
+ public void close() {
+ synchronized (lock) {
+ closed = true;
+ ChannelHolder holder = channelHolder.getAndSet(null);
+ if (holder != null) {
+ holder.channel().shutdown();
+ }
+ }
+ }
+
+ @AutoValue
+ abstract static class ChannelKey {
+ static ChannelKey of(String target, ChannelCredsConfig credentialsConfig) {
+ return new AutoValue_CachedChannelManager_ChannelKey(target, credentialsConfig);
+ }
+
+ abstract String target();
+
+ abstract ChannelCredsConfig channelCredsConfig();
+ }
+
+ @AutoValue
+ abstract static class ChannelHolder {
+ static ChannelHolder create(ChannelKey channelKey, ManagedChannel channel) {
+ return new AutoValue_CachedChannelManager_ChannelHolder(channelKey, channel);
+ }
+
+ abstract ChannelKey channelKey();
+
+ abstract ManagedChannel channel();
+ }
+}
diff --git a/xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzParseException.java b/xds/src/main/java/io/grpc/xds/internal/grpcservice/ChannelCredsConfig.java
similarity index 58%
rename from xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzParseException.java
rename to xds/src/main/java/io/grpc/xds/internal/grpcservice/ChannelCredsConfig.java
index 78edea5c305..1e7008ca8e2 100644
--- a/xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzParseException.java
+++ b/xds/src/main/java/io/grpc/xds/internal/grpcservice/ChannelCredsConfig.java
@@ -14,21 +14,14 @@
* limitations under the License.
*/
-package io.grpc.xds.internal.extauthz;
+package io.grpc.xds.internal.grpcservice;
/**
- * A custom exception for signaling errors during the parsing of external authorization
- * (ext_authz) configurations.
+ * Configuration for channel credentials.
*/
-public class ExtAuthzParseException extends Exception {
-
- private static final long serialVersionUID = 0L;
-
- public ExtAuthzParseException(String message) {
- super(message);
- }
-
- public ExtAuthzParseException(String message, Throwable cause) {
- super(message, cause);
- }
+public interface ChannelCredsConfig {
+ /**
+ * Returns the type of the credentials.
+ */
+ String type();
}
diff --git a/xds/src/test/java/io/grpc/xds/ExtAuthzConfigParserTest.java b/xds/src/test/java/io/grpc/xds/ExtAuthzConfigParserTest.java
deleted file mode 100644
index fa2718cbe63..00000000000
--- a/xds/src/test/java/io/grpc/xds/ExtAuthzConfigParserTest.java
+++ /dev/null
@@ -1,297 +0,0 @@
-/*
- * Copyright 2025 The gRPC Authors
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package io.grpc.xds;
-
-import static com.google.common.truth.Truth.assertThat;
-import static org.junit.Assert.fail;
-
-import com.google.protobuf.Any;
-import com.google.protobuf.BoolValue;
-import io.envoyproxy.envoy.config.common.mutation_rules.v3.HeaderMutationRules;
-import io.envoyproxy.envoy.config.core.v3.GrpcService;
-import io.envoyproxy.envoy.config.core.v3.HeaderValue;
-import io.envoyproxy.envoy.config.core.v3.RuntimeFeatureFlag;
-import io.envoyproxy.envoy.config.core.v3.RuntimeFractionalPercent;
-import io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz;
-import io.envoyproxy.envoy.extensions.grpc_service.call_credentials.access_token.v3.AccessTokenCredentials;
-import io.envoyproxy.envoy.extensions.grpc_service.channel_credentials.google_default.v3.GoogleDefaultCredentials;
-import io.envoyproxy.envoy.type.matcher.v3.ListStringMatcher;
-import io.envoyproxy.envoy.type.matcher.v3.RegexMatcher;
-import io.envoyproxy.envoy.type.matcher.v3.StringMatcher;
-import io.envoyproxy.envoy.type.v3.FractionalPercent;
-import io.envoyproxy.envoy.type.v3.FractionalPercent.DenominatorType;
-import io.grpc.Status;
-import io.grpc.xds.client.Bootstrapper.BootstrapInfo;
-import io.grpc.xds.client.Bootstrapper.ServerInfo;
-import io.grpc.xds.client.EnvoyProtoData.Node;
-import io.grpc.xds.internal.Matchers;
-import io.grpc.xds.internal.extauthz.ExtAuthzConfig;
-import io.grpc.xds.internal.extauthz.ExtAuthzParseException;
-import io.grpc.xds.internal.headermutations.HeaderMutationRulesConfig;
-import java.util.Collections;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.junit.runners.JUnit4;
-
-@RunWith(JUnit4.class)
-public class ExtAuthzConfigParserTest {
-
- private static final Any GOOGLE_DEFAULT_CHANNEL_CREDS =
- Any.pack(GoogleDefaultCredentials.newBuilder().build());
- private static final Any FAKE_ACCESS_TOKEN_CALL_CREDS =
- Any.pack(AccessTokenCredentials.newBuilder().setToken("fake-token").build());
-
- private static BootstrapInfo dummyBootstrapInfo() {
- return BootstrapInfo.builder()
- .servers(
- Collections.singletonList(ServerInfo.create("test_target", Collections.emptyMap())))
- .node(Node.newBuilder().build()).build();
- }
-
- private static ServerInfo dummyServerInfo() {
- return ServerInfo.create("test_target", Collections.emptyMap(), false, true, false, false);
- }
-
- private ExtAuthz.Builder extAuthzBuilder;
-
- @Before
- public void setUp() {
- extAuthzBuilder = ExtAuthz.newBuilder()
- .setGrpcService(GrpcService.newBuilder().setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
- .setTargetUri("test-cluster")
- .addChannelCredentialsPlugin(GOOGLE_DEFAULT_CHANNEL_CREDS)
- .addCallCredentialsPlugin(FAKE_ACCESS_TOKEN_CALL_CREDS).build())
- .build());
- }
-
- @Test
- public void parse_missingGrpcService_throws() {
- ExtAuthz extAuthz = ExtAuthz.newBuilder().build();
- try {
- ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
- fail("Expected ExtAuthzParseException");
- } catch (ExtAuthzParseException e) {
- assertThat(e).hasMessageThat()
- .isEqualTo("unsupported ExtAuthz service type: only grpc_service is supported");
- }
- }
-
- @Test
- public void parse_invalidGrpcService_throws() {
- ExtAuthz extAuthz = ExtAuthz.newBuilder()
- .setGrpcService(GrpcService.newBuilder().build())
- .build();
- try {
- ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
- fail("Expected ExtAuthzParseException");
- } catch (ExtAuthzParseException e) {
- assertThat(e).hasMessageThat().startsWith("Failed to parse GrpcService config:");
- }
- }
-
- @Test
- public void parse_invalidAllowExpression_throws() {
- ExtAuthz extAuthz = extAuthzBuilder
- .setDecoderHeaderMutationRules(HeaderMutationRules.newBuilder()
- .setAllowExpression(RegexMatcher.newBuilder().setRegex("[invalid").build()).build())
- .build();
- try {
- ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
- fail("Expected ExtAuthzParseException");
- } catch (ExtAuthzParseException e) {
- assertThat(e).hasMessageThat().startsWith("Invalid regex pattern for allow_expression:");
- }
- }
-
- @Test
- public void parse_invalidDisallowExpression_throws() {
- ExtAuthz extAuthz = extAuthzBuilder
- .setDecoderHeaderMutationRules(HeaderMutationRules.newBuilder()
- .setDisallowExpression(RegexMatcher.newBuilder().setRegex("[invalid").build()).build())
- .build();
- try {
- ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
- fail("Expected ExtAuthzParseException");
- } catch (ExtAuthzParseException e) {
- assertThat(e).hasMessageThat().startsWith("Invalid regex pattern for disallow_expression:");
- }
- }
-
- @Test
- public void parse_success() throws ExtAuthzParseException {
- ExtAuthz extAuthz =
- extAuthzBuilder
- .setGrpcService(extAuthzBuilder.getGrpcServiceBuilder()
- .setTimeout(com.google.protobuf.Duration.newBuilder().setSeconds(5).build())
- .addInitialMetadata(
- HeaderValue.newBuilder().setKey("key").setValue("value").build())
- .build())
- .setFailureModeAllow(true).setFailureModeAllowHeaderAdd(true)
- .setIncludePeerCertificate(true)
- .setStatusOnError(
- io.envoyproxy.envoy.type.v3.HttpStatus.newBuilder().setCodeValue(403).build())
- .setDenyAtDisable(
- RuntimeFeatureFlag.newBuilder().setDefaultValue(BoolValue.of(true)).build())
- .setFilterEnabled(RuntimeFractionalPercent.newBuilder()
- .setDefaultValue(FractionalPercent.newBuilder().setNumerator(50)
- .setDenominator(DenominatorType.TEN_THOUSAND).build())
- .build())
- .setAllowedHeaders(ListStringMatcher.newBuilder()
- .addPatterns(StringMatcher.newBuilder().setExact("allowed-header").build()).build())
- .setDisallowedHeaders(ListStringMatcher.newBuilder()
- .addPatterns(StringMatcher.newBuilder().setPrefix("disallowed-").build()).build())
- .setDecoderHeaderMutationRules(HeaderMutationRules.newBuilder()
- .setAllowExpression(RegexMatcher.newBuilder().setRegex("allow.*").build())
- .setDisallowExpression(RegexMatcher.newBuilder().setRegex("disallow.*").build())
- .setDisallowAll(BoolValue.of(true)).setDisallowIsError(BoolValue.of(true)).build())
- .build();
-
- ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
-
- assertThat(config.grpcService().googleGrpc().target()).isEqualTo("test-cluster");
- assertThat(config.grpcService().timeout().get().getSeconds()).isEqualTo(5);
- assertThat(config.grpcService().initialMetadata()).isNotEmpty();
- assertThat(config.failureModeAllow()).isTrue();
- assertThat(config.failureModeAllowHeaderAdd()).isTrue();
- assertThat(config.includePeerCertificate()).isTrue();
- assertThat(config.statusOnError().getCode()).isEqualTo(Status.PERMISSION_DENIED.getCode());
- assertThat(config.statusOnError().getDescription()).isEqualTo("HTTP status code 403");
- assertThat(config.denyAtDisable()).isTrue();
- assertThat(config.filterEnabled()).isEqualTo(Matchers.FractionMatcher.create(50, 10_000));
- assertThat(config.allowedHeaders()).hasSize(1);
- assertThat(config.allowedHeaders().get(0).matches("allowed-header")).isTrue();
- assertThat(config.disallowedHeaders()).hasSize(1);
- assertThat(config.disallowedHeaders().get(0).matches("disallowed-foo")).isTrue();
- assertThat(config.decoderHeaderMutationRules().isPresent()).isTrue();
- HeaderMutationRulesConfig rules = config.decoderHeaderMutationRules().get();
- assertThat(rules.allowExpression().get().pattern()).isEqualTo("allow.*");
- assertThat(rules.disallowExpression().get().pattern()).isEqualTo("disallow.*");
- assertThat(rules.disallowAll()).isTrue();
- assertThat(rules.disallowIsError()).isTrue();
- }
-
- @Test
- public void parse_saneDefaults() throws ExtAuthzParseException {
- ExtAuthz extAuthz = extAuthzBuilder.build();
-
- ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
-
- assertThat(config.failureModeAllow()).isFalse();
- assertThat(config.failureModeAllowHeaderAdd()).isFalse();
- assertThat(config.includePeerCertificate()).isFalse();
- assertThat(config.statusOnError()).isEqualTo(Status.PERMISSION_DENIED);
- assertThat(config.denyAtDisable()).isFalse();
- assertThat(config.filterEnabled()).isEqualTo(Matchers.FractionMatcher.create(100, 100));
- assertThat(config.allowedHeaders()).isEmpty();
- assertThat(config.disallowedHeaders()).isEmpty();
- assertThat(config.decoderHeaderMutationRules().isPresent()).isFalse();
- }
-
- @Test
- public void parse_headerMutationRules_allowExpressionOnly() throws ExtAuthzParseException {
- ExtAuthz extAuthz = extAuthzBuilder
- .setDecoderHeaderMutationRules(HeaderMutationRules.newBuilder()
- .setAllowExpression(RegexMatcher.newBuilder().setRegex("allow.*").build()).build())
- .build();
-
- ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
-
- assertThat(config.decoderHeaderMutationRules().isPresent()).isTrue();
- HeaderMutationRulesConfig rules = config.decoderHeaderMutationRules().get();
- assertThat(rules.allowExpression().get().pattern()).isEqualTo("allow.*");
- assertThat(rules.disallowExpression().isPresent()).isFalse();
- }
-
- @Test
- public void parse_headerMutationRules_disallowExpressionOnly() throws ExtAuthzParseException {
- ExtAuthz extAuthz =
- extAuthzBuilder.setDecoderHeaderMutationRules(HeaderMutationRules.newBuilder()
- .setDisallowExpression(RegexMatcher.newBuilder().setRegex("disallow.*").build())
- .build()).build();
-
- ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
-
- assertThat(config.decoderHeaderMutationRules().isPresent()).isTrue();
- HeaderMutationRulesConfig rules = config.decoderHeaderMutationRules().get();
- assertThat(rules.allowExpression().isPresent()).isFalse();
- assertThat(rules.disallowExpression().get().pattern()).isEqualTo("disallow.*");
- }
-
- @Test
- public void parse_filterEnabled_hundred() throws ExtAuthzParseException {
- ExtAuthz extAuthz = extAuthzBuilder
- .setFilterEnabled(RuntimeFractionalPercent.newBuilder().setDefaultValue(FractionalPercent
- .newBuilder().setNumerator(25).setDenominator(DenominatorType.HUNDRED).build()).build())
- .build();
-
- ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
-
- assertThat(config.filterEnabled()).isEqualTo(Matchers.FractionMatcher.create(25, 100));
- }
-
- @Test
- public void parse_filterEnabled_million() throws ExtAuthzParseException {
- ExtAuthz extAuthz = extAuthzBuilder
- .setFilterEnabled(
- RuntimeFractionalPercent.newBuilder().setDefaultValue(FractionalPercent.newBuilder()
- .setNumerator(123456).setDenominator(DenominatorType.MILLION).build()).build())
- .build();
-
- ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
-
- assertThat(config.filterEnabled())
- .isEqualTo(Matchers.FractionMatcher.create(123456, 1_000_000));
- }
-
- @Test
- public void parse_filterEnabled_unrecognizedDenominator() {
- ExtAuthz extAuthz = extAuthzBuilder.setFilterEnabled(RuntimeFractionalPercent.newBuilder()
- .setDefaultValue(
- FractionalPercent.newBuilder().setNumerator(1).setDenominatorValue(4).build())
- .build()).build();
-
- try {
- ExtAuthzConfigParser.parse(extAuthz,
- dummyBootstrapInfo(),
- dummyServerInfo());
- fail("Expected ExtAuthzParseException");
- } catch (ExtAuthzParseException e) {
- assertThat(e).hasMessageThat().isEqualTo("Unknown denominator type: UNRECOGNIZED");
- }
- }
-}
diff --git a/xds/src/test/java/io/grpc/xds/ExternalProcessorFilterTest.java b/xds/src/test/java/io/grpc/xds/ExternalProcessorFilterTest.java
new file mode 100644
index 00000000000..9c003d37346
--- /dev/null
+++ b/xds/src/test/java/io/grpc/xds/ExternalProcessorFilterTest.java
@@ -0,0 +1,7578 @@
+/*
+ * Copyright 2024 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds;
+
+import static com.google.common.truth.Truth.assertThat;
+
+import com.google.common.util.concurrent.MoreExecutors;
+import com.google.protobuf.Any;
+import com.google.protobuf.ByteString;
+import io.envoyproxy.envoy.config.core.v3.GrpcService;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ExtProcOverrides;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ExtProcPerRoute;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ExternalProcessor;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.HeaderForwardingRules;
+import io.envoyproxy.envoy.extensions.filters.http.ext_proc.v3.ProcessingMode;
+import io.envoyproxy.envoy.service.ext_proc.v3.BodyMutation;
+import io.envoyproxy.envoy.service.ext_proc.v3.BodyResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.CommonResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.ExternalProcessorGrpc;
+import io.envoyproxy.envoy.service.ext_proc.v3.HeaderMutation;
+import io.envoyproxy.envoy.service.ext_proc.v3.HeadersResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.ImmediateResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.ProcessingRequest;
+import io.envoyproxy.envoy.service.ext_proc.v3.ProcessingResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.StreamedBodyResponse;
+import io.envoyproxy.envoy.service.ext_proc.v3.TrailersResponse;
+import io.grpc.CallOptions;
+import io.grpc.Channel;
+import io.grpc.ClientCall;
+import io.grpc.ClientInterceptor;
+import io.grpc.Deadline;
+import io.grpc.ManagedChannel;
+import io.grpc.Metadata;
+import io.grpc.MethodDescriptor;
+import io.grpc.NameResolver;
+import io.grpc.NameResolverProvider;
+import io.grpc.NameResolverRegistry;
+import io.grpc.ServerCall;
+import io.grpc.ServerCallHandler;
+import io.grpc.ServerInterceptor;
+import io.grpc.ServerInterceptors;
+import io.grpc.ServerServiceDefinition;
+import io.grpc.Status;
+import io.grpc.inprocess.InProcessChannelBuilder;
+import io.grpc.inprocess.InProcessServerBuilder;
+import io.grpc.internal.FakeClock;
+import io.grpc.internal.GrpcUtil;
+import io.grpc.stub.ClientCalls;
+import io.grpc.stub.ServerCallStreamObserver;
+import io.grpc.stub.ServerCalls;
+import io.grpc.stub.StreamObserver;
+import io.grpc.testing.GrpcCleanupRule;
+import io.grpc.util.MutableHandlerRegistry;
+import io.grpc.xds.ExternalProcessorFilter.ExternalProcessorFilterConfig;
+import io.grpc.xds.ExternalProcessorFilter.ExternalProcessorFilterOverrideConfig;
+import io.grpc.xds.ExternalProcessorFilter.ExternalProcessorInterceptor;
+import io.grpc.xds.client.Bootstrapper;
+import io.grpc.xds.client.EnvoyProtoData.Node;
+import io.grpc.xds.internal.grpcservice.CachedChannelManager;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.SocketAddress;
+import java.net.URI;
+import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.Executor;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+import org.mockito.Mockito;
+
+/**
+ * Unit tests for {@link ExternalProcessorFilter}.
+ */
+@RunWith(JUnit4.class)
+public class ExternalProcessorFilterTest {
+ @Rule
+ public final GrpcCleanupRule grpcCleanup = new GrpcCleanupRule();
+
+ private MutableHandlerRegistry dataPlaneServiceRegistry;
+
+ private String dataPlaneServerName;
+ private String extProcServerName;
+ private final FakeClock fakeClock = new FakeClock();
+ private ScheduledExecutorService scheduler;
+ private ExternalProcessorFilter.Provider provider;
+ private Filter.FilterContext filterContext;
+ private Bootstrapper.BootstrapInfo bootstrapInfo;
+ private Bootstrapper.ServerInfo serverInfo;
+
+ // Define a simple test service
+ private static final MethodDescriptor METHOD_SAY_HELLO =
+ MethodDescriptor.newBuilder()
+ .setType(MethodDescriptor.MethodType.UNARY)
+ .setFullMethodName("test.TestService/SayHello")
+ .setRequestMarshaller(new StringMarshaller())
+ .setResponseMarshaller(new StringMarshaller())
+ .build();
+
+ private static final MethodDescriptor METHOD_CLIENT_STREAMING =
+ MethodDescriptor.newBuilder()
+ .setType(MethodDescriptor.MethodType.CLIENT_STREAMING)
+ .setFullMethodName("test.TestService/ClientStreaming")
+ .setRequestMarshaller(new StringMarshaller())
+ .setResponseMarshaller(new StringMarshaller())
+ .build();
+
+ private static final MethodDescriptor METHOD_BIDI_STREAMING =
+ MethodDescriptor.newBuilder()
+ .setType(MethodDescriptor.MethodType.BIDI_STREAMING)
+ .setFullMethodName("test.TestService/BidiStreaming")
+ .setRequestMarshaller(new StringMarshaller())
+ .setResponseMarshaller(new StringMarshaller())
+ .build();
+
+ private static class StringMarshaller implements MethodDescriptor.Marshaller {
+ @Override
+ public InputStream stream(String value) {
+ return new ByteArrayInputStream(value.getBytes(StandardCharsets.UTF_8));
+ }
+
+ @Override
+ public String parse(InputStream stream) {
+ try {
+ ByteArrayOutputStream buffer = new ByteArrayOutputStream();
+ int nRead;
+ byte[] data = new byte[1024];
+ while ((nRead = stream.read(data, 0, data.length)) != -1) {
+ buffer.write(data, 0, nRead);
+ }
+ buffer.flush();
+ return new String(buffer.toByteArray(), StandardCharsets.UTF_8);
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+ }
+
+ private static class InProcessNameResolverProvider extends NameResolverProvider {
+ @Override
+ public NameResolver newNameResolver(URI targetUri, NameResolver.Args args) {
+ if ("in-process".equals(targetUri.getScheme())) {
+ return new NameResolver() {
+ @Override
+ public String getServiceAuthority() {
+ return "localhost";
+ }
+
+ @Override
+ public void start(Listener2 listener) {
+ }
+
+ @Override
+ public void shutdown() {
+ }
+ };
+ }
+ return null;
+ }
+
+ @Override
+ protected boolean isAvailable() {
+ return true;
+ }
+
+ @Override
+ protected int priority() {
+ return 5;
+ }
+
+ @Override
+ public String getDefaultScheme() {
+ return "in-process";
+ }
+
+ @Override
+ public Collection> getProducedSocketAddressTypes() {
+ return Collections.emptyList();
+ }
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ NameResolverRegistry.getDefaultRegistry().register(new InProcessNameResolverProvider());
+
+ dataPlaneServiceRegistry = new MutableHandlerRegistry();
+ dataPlaneServerName = InProcessServerBuilder.generateName();
+ extProcServerName = InProcessServerBuilder.generateName();
+ scheduler = fakeClock.getScheduledExecutorService();
+ provider = new ExternalProcessorFilter.Provider();
+
+ bootstrapInfo =
+ Bootstrapper.BootstrapInfo.builder()
+ .node(Node.newBuilder().build())
+ .servers(
+ Collections.singletonList(
+ Bootstrapper.ServerInfo.create(
+ "test_target", Collections.emptyMap())))
+ .build();
+
+ serverInfo =
+ Bootstrapper.ServerInfo.create(
+ "test_target", Collections.emptyMap(), false, true, false, false);
+
+ filterContext = Filter.FilterContext.builder()
+ .bootstrapInfo(bootstrapInfo)
+ .serverInfo(serverInfo)
+ .build();
+
+ grpcCleanup.register(InProcessServerBuilder.forName(dataPlaneServerName)
+ .fallbackHandlerRegistry(dataPlaneServiceRegistry)
+ .directExecutor()
+ .build().start());
+ }
+
+
+
+ private ExternalProcessor.Builder createBaseProto(String targetName) {
+ return ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///" + targetName)
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build());
+ }
+
+ // --- Category 1: Configuration Parsing & Provider ---
+
+ @Test
+ public void givenValidConfig_whenParsed_thenReturnsFilterConfig() throws Exception {
+ ExternalProcessor proto = createBaseProto(extProcServerName).build();
+
+ ConfigOrError result =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+
+ assertThat(result.errorDetail).isNull();
+ assertThat(result.config).isNotNull();
+ assertThat(result.config.typeUrl()).isEqualTo(ExternalProcessorFilter.TYPE_URL);
+ }
+
+ @Test
+ public void givenUnsupportedBodyMode_whenParsed_thenReturnsError() throws Exception {
+ ExternalProcessor proto = createBaseProto(extProcServerName)
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestBodyMode(ProcessingMode.BodySendMode.BUFFERED) // Unsupported
+ .build())
+ .build();
+
+ ConfigOrError result =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+
+ assertThat(result.errorDetail).contains("Invalid request_body_mode");
+ }
+
+ @Test
+ public void givenInvalidGrpcService_whenParsed_thenReturnsError() throws Exception {
+ ExternalProcessor proto = ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder().build()) // Invalid: no GoogleGrpc
+ .build();
+
+ ConfigOrError result =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+
+ assertThat(result.errorDetail).contains("GrpcService must have GoogleGrpc");
+ }
+
+ @Test
+ public void givenInvalidDeferredCloseTimeout_whenParsed_thenReturnsError() throws Exception {
+ ExternalProcessor proto = createBaseProto(extProcServerName)
+ .setDeferredCloseTimeout(
+ com.google.protobuf.Duration.newBuilder().setSeconds(315576000001L).build())
+ .build();
+
+ ConfigOrError result =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+
+ assertThat(result.errorDetail).contains("Invalid deferred_close_timeout");
+ }
+
+ @Test
+ public void givenNegativeDeferredCloseTimeout_whenParsed_thenReturnsError() throws Exception {
+ ExternalProcessor proto = createBaseProto(extProcServerName)
+ .setDeferredCloseTimeout(
+ com.google.protobuf.Duration.newBuilder().setSeconds(0).setNanos(0).build())
+ .build();
+
+ ConfigOrError result =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+
+ assertThat(result.errorDetail).contains("deferred_close_timeout must be positive");
+ }
+
+
+ @Test
+ public void provider_registeredInFilterRegistry_basedOnFlag() {
+ // Test with flag true
+ System.setProperty("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT", "true");
+ try {
+ FilterRegistry registry = FilterRegistry.newRegistry().register(
+ new FaultFilter.Provider(),
+ new RouterFilter.Provider(),
+ new RbacFilter.Provider(),
+ new GcpAuthenticationFilter.Provider());
+ if (GrpcUtil.getFlag("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT", false)) {
+ registry.register(new ExternalProcessorFilter.Provider());
+ }
+ assertThat(registry.get(ExternalProcessorFilter.TYPE_URL)).isNotNull();
+ } finally {
+ System.clearProperty("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT");
+ }
+
+ // Test with flag false
+ System.setProperty("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT", "false");
+ try {
+ FilterRegistry registry = FilterRegistry.newRegistry().register(
+ new FaultFilter.Provider(),
+ new RouterFilter.Provider(),
+ new RbacFilter.Provider(),
+ new GcpAuthenticationFilter.Provider());
+ if (GrpcUtil.getFlag("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT", false)) {
+ registry.register(new ExternalProcessorFilter.Provider());
+ }
+ assertThat(registry.get(ExternalProcessorFilter.TYPE_URL)).isNull();
+ } finally {
+ System.clearProperty("GRPC_EXPERIMENTAL_XDS_EXT_PROC_ON_CLIENT");
+ }
+ }
+
+ // --- Category 2: Configuration Override ---
+
+ @Test
+ public void givenOverrideConfig_whenGrpcServiceOverridden_thenUsesNewService() throws Exception {
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///parent")
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build())
+ .build();
+
+ GrpcService overrideService = GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///override")
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder()
+ .setGrpcService(overrideService)
+ .build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ assertThat(interceptor.getFilterConfig().getExternalProcessor().getGrpcService()
+ .getGoogleGrpc().getTargetUri()).isEqualTo("in-process:///override");
+ }
+
+ @Test
+ public void givenOverrideConfig_whenOverridesMissing_thenFallsBackToDefaultInstance()
+ throws Exception {
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder().build();
+
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ assertThat(overrideConfig.hasProcessingMode()).isFalse();
+ assertThat(overrideConfig.hasRequestAttributes()).isFalse();
+ assertThat(overrideConfig.hasResponseAttributes()).isFalse();
+ assertThat(overrideConfig.hasGrpcService()).isFalse();
+ assertThat(overrideConfig.hasFailureModeAllow()).isFalse();
+ assertThat(overrideConfig.getGrpcServiceConfig()).isNull();
+ }
+
+ @Test
+ public void givenOverrideConfig_whenFailureModeAllowOverridden_thenTakesEffect()
+ throws Exception {
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setFailureModeAllow(false)
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder()
+ .setFailureModeAllow(com.google.protobuf.BoolValue.of(true))
+ .build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ assertThat(interceptor.getFilterConfig().getFailureModeAllow()).isTrue();
+ }
+
+
+
+ @Test
+ public void givenOverrideConfig_whenOtherFieldsOverridden_thenReplaced() throws Exception {
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .addRequestAttributes("attr1")
+ .addResponseAttributes("attr2")
+ .setFailureModeAllow(false)
+ .build();
+
+ GrpcService overrideService = GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///overridden")
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder()
+ .addRequestAttributes("attr3")
+ .addResponseAttributes("attr4")
+ .setGrpcService(overrideService)
+ .setFailureModeAllow(com.google.protobuf.BoolValue.of(true))
+ .build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+ ExternalProcessor mergedProto = interceptor.getFilterConfig().getExternalProcessor();
+
+ assertThat(mergedProto.getRequestAttributesList()).containsExactly("attr3");
+ assertThat(mergedProto.getResponseAttributesList()).containsExactly("attr4");
+ assertThat(mergedProto.getGrpcService()).isEqualTo(overrideService);
+ assertThat(interceptor.getFilterConfig().getFailureModeAllow()).isTrue();
+ }
+
+ @Test
+ public void givenOverrideConfig_whenProcessingModeOverridden_thenReplacesWholeMode()
+ throws Exception {
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestHeaderMode(ProcessingMode.HeaderSendMode.SKIP)
+ .setRequestBodyMode(ProcessingMode.BodySendMode.NONE)
+ .setResponseHeaderMode(ProcessingMode.HeaderSendMode.SKIP)
+ .setResponseBodyMode(ProcessingMode.BodySendMode.GRPC).build())
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder()
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestBodyMode(ProcessingMode.BodySendMode.GRPC).build())
+ .build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ ProcessingMode mergedMode =
+ interceptor.getFilterConfig().getExternalProcessor().getProcessingMode();
+ // Full replacement: requestBodyMode becomes GRPC, others become defaults (0/DEFAULT/NONE)
+ assertThat(mergedMode.getRequestBodyMode()).isEqualTo(ProcessingMode.BodySendMode.GRPC);
+ assertThat(mergedMode.getRequestHeaderMode()).isEqualTo(ProcessingMode.HeaderSendMode.DEFAULT);
+ assertThat(mergedMode.getResponseHeaderMode()).isEqualTo(ProcessingMode.HeaderSendMode.DEFAULT);
+ assertThat(mergedMode.getResponseBodyMode()).isEqualTo(ProcessingMode.BodySendMode.NONE);
+ }
+
+ @Test
+ public void givenOverrideConfig_whenAllFieldsOverridden_thenAllTakeEffect() throws Exception {
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setFailureModeAllow(false)
+ .build();
+
+ GrpcService overrideService = GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///override")
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder()
+ .setFailureModeAllow(com.google.protobuf.BoolValue.of(true))
+ .setGrpcService(overrideService)
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestBodyMode(ProcessingMode.BodySendMode.GRPC).build())
+ .addRequestAttributes("attr-over")
+ .build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ ExternalProcessorFilterConfig mergedConfig = interceptor.getFilterConfig();
+ assertThat(mergedConfig.getFailureModeAllow()).isTrue();
+ assertThat(mergedConfig.getExternalProcessor().getGrpcService()).isEqualTo(overrideService);
+ assertThat(mergedConfig.getExternalProcessor().getProcessingMode().getRequestBodyMode())
+ .isEqualTo(ProcessingMode.BodySendMode.GRPC);
+ assertThat(mergedConfig.getExternalProcessor().getRequestAttributesList())
+ .containsExactly("attr-over");
+ }
+
+ @Test
+ public void givenOverrideConfig_whenSomeFieldsOverridden_thenMergedCorrectly() throws Exception {
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setFailureModeAllow(false)
+ .addRequestAttributes("attr-parent")
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder()
+ .setFailureModeAllow(com.google.protobuf.BoolValue.of(true))
+ // requestAttributes NOT set in override
+ .build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ ExternalProcessorFilterConfig mergedConfig = interceptor.getFilterConfig();
+ assertThat(mergedConfig.getFailureModeAllow()).isTrue();
+ assertThat(mergedConfig.getExternalProcessor().getRequestAttributesList())
+ .containsExactly("attr-parent");
+ }
+
+
+ @Test
+ public void givenOverrideConfig_whenDisableImmediateResponseOverridden_thenInheritedFromParent()
+ throws Exception {
+ // disable_immediate_response is NOT in ExtProcOverrides.
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setDisableImmediateResponse(true)
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder().build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ assertThat(interceptor.getFilterConfig().getDisableImmediateResponse()).isTrue();
+ }
+
+ @Test
+ public void givenOverrideConfig_whenMutationRulesOverridden_thenInheritedFromParent()
+ throws Exception {
+ // mutation_rules is NOT in ExtProcOverrides.
+ io.envoyproxy.envoy.config.common.mutation_rules.v3.HeaderMutationRules rules =
+ io.envoyproxy.envoy.config.common.mutation_rules.v3.HeaderMutationRules.newBuilder()
+ .setDisallowAll(com.google.protobuf.BoolValue.newBuilder().setValue(true).build())
+ .build();
+
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setMutationRules(rules)
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder().build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ assertThat(interceptor.getFilterConfig().getMutationRulesConfig().get().disallowAll())
+ .isTrue();
+ }
+
+ @Test
+ public void givenOverrideConfig_whenDeferredCloseTimeoutOverridden_thenInheritedFromParent()
+ throws Exception {
+ // deferred_close_timeout is NOT in ExtProcOverrides.
+ ExternalProcessor parentProto = createBaseProto(extProcServerName)
+ .setDeferredCloseTimeout(com.google.protobuf.Duration.newBuilder().setSeconds(10).build())
+ .build();
+ ExtProcPerRoute perRoute = ExtProcPerRoute.newBuilder()
+ .setOverrides(ExtProcOverrides.newBuilder().build())
+ .build();
+
+ ConfigOrError parentResult =
+ provider.parseFilterConfig(Any.pack(parentProto), filterContext);
+ assertThat(parentResult.errorDetail).isNull();
+ ExternalProcessorFilterConfig parentConfig = parentResult.config;
+ ConfigOrError overrideResult =
+ provider.parseFilterConfigOverride(Any.pack(perRoute), filterContext);
+ assertThat(overrideResult.errorDetail).isNull();
+ ExternalProcessorFilterOverrideConfig overrideConfig = overrideResult.config;
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test");
+ ExternalProcessorInterceptor interceptor = (ExternalProcessorInterceptor)
+ filter.buildClientInterceptor(parentConfig, overrideConfig, scheduler);
+
+ assertThat(interceptor.getFilterConfig().getDeferredCloseTimeoutNanos())
+ .isEqualTo(TimeUnit.SECONDS.toNanos(10));
+ }
+
+ // --- Category 3: Client Interceptor & Lifecycle ---
+
+ @Test
+ @SuppressWarnings("unchecked")
+ public void givenInterceptor_whenCallIntercepted_thenExtProcStubUsesSerializingExecutor()
+ throws Exception {
+ String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+ ExternalProcessor proto = ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///" + uniqueExtProcServerName)
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build())
+ .build();
+ ConfigOrError configOrError =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+ assertThat(configOrError.errorDetail).isNull();
+ ExternalProcessorFilterConfig filterConfig = configOrError.config;
+
+ // External Processor Server
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ @SuppressWarnings("unchecked")
+ public StreamObserver process(
+ StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ responseObserver.onCompleted();
+ }
+ };
+ }
+ };
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(extProcImpl)
+ .directExecutor()
+ .build().start());
+
+ final AtomicReference capturedExecutor = new AtomicReference<>();
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName)
+ .directExecutor()
+ .intercept(new ClientInterceptor() {
+ @Override
+ public ClientCall interceptCall(
+ MethodDescriptor method, CallOptions callOptions, Channel next) {
+ if (method.equals(ExternalProcessorGrpc.getProcessMethod())) {
+ capturedExecutor.set(callOptions.getExecutor());
+ }
+ return next.newCall(method, callOptions);
+ }
+ })
+ .build());
+ });
+
+ ExternalProcessorInterceptor interceptor = new ExternalProcessorInterceptor(
+ filterConfig, channelManager, scheduler);
+
+ MutableHandlerRegistry uniqueRegistry = new MutableHandlerRegistry();
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueDataPlaneServerName)
+ .fallbackHandlerRegistry(uniqueRegistry)
+ .directExecutor()
+ .build().start());
+
+ ManagedChannel dataPlaneChannel =
+ grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+
+ CallOptions callOptions = CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor());
+ ClientCall proxyCall =
+ interceptor.interceptCall(METHOD_SAY_HELLO, callOptions, dataPlaneChannel);
+ proxyCall.start(new ClientCall.Listener() {}, new Metadata());
+
+ assertThat(capturedExecutor.get()).isNotNull();
+ assertThat(capturedExecutor.get().getClass().getName()).contains("SerializingExecutor");
+
+ proxyCall.cancel("Cleanup", null);
+ channelManager.close();
+ }
+
+ @Test
+ @SuppressWarnings("unchecked")
+ public void givenGrpcServiceWithTimeout_whenCallIntercepted_thenExtProcStubHasCorrectDeadline()
+ throws Exception {
+ String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+ ExternalProcessor proto = ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///" + uniqueExtProcServerName)
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .setTimeout(com.google.protobuf.Duration.newBuilder().setSeconds(5).build())
+ .build())
+ .build();
+ ConfigOrError configOrError =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+ assertThat(configOrError.errorDetail).isNull();
+ ExternalProcessorFilterConfig filterConfig = configOrError.config;
+
+ // External Processor Server
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ @SuppressWarnings("unchecked")
+ public StreamObserver process(
+ StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ responseObserver.onCompleted();
+ }
+ };
+ }
+ };
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(extProcImpl)
+ .directExecutor()
+ .build().start());
+
+ final AtomicReference capturedDeadline = new AtomicReference<>();
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName)
+ .directExecutor()
+ .intercept(new ClientInterceptor() {
+ @Override
+ public ClientCall interceptCall(
+ MethodDescriptor method, CallOptions callOptions, Channel next) {
+ if (method.equals(ExternalProcessorGrpc.getProcessMethod())) {
+ capturedDeadline.set(callOptions.getDeadline());
+ }
+ return next.newCall(method, callOptions);
+ }
+ })
+ .build());
+ });
+
+ ExternalProcessorInterceptor interceptor = new ExternalProcessorInterceptor(
+ filterConfig, channelManager, scheduler);
+
+ MutableHandlerRegistry uniqueRegistry = new MutableHandlerRegistry();
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueDataPlaneServerName)
+ .fallbackHandlerRegistry(uniqueRegistry)
+ .directExecutor()
+ .build().start());
+
+ ManagedChannel dataPlaneChannel =
+ grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+
+ CallOptions callOptions = CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor());
+ ClientCall proxyCall =
+ interceptor.interceptCall(METHOD_SAY_HELLO, callOptions, dataPlaneChannel);
+ proxyCall.start(new ClientCall.Listener() {}, new Metadata());
+
+ assertThat(capturedDeadline.get()).isNotNull();
+ assertThat(capturedDeadline.get().timeRemaining(TimeUnit.SECONDS)).isAtLeast(4);
+
+ proxyCall.cancel("Cleanup", null);
+ channelManager.close();
+ }
+
+ @Test
+ @SuppressWarnings("unchecked")
+ public void givenGrpcServiceWithInitialMetadata_whenCallIntercepted_thenSendsMetadata()
+ throws Exception {
+ String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+ ExternalProcessor proto = ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///" + uniqueExtProcServerName)
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .addInitialMetadata(io.envoyproxy.envoy.config.core.v3.HeaderValue.newBuilder()
+ .setKey("x-init-key").setValue("init-val").build())
+ .addInitialMetadata(
+ io.envoyproxy.envoy.config.core.v3.HeaderValue.newBuilder()
+ .setKey("x-bin-key-bin")
+ .setRawValue(ByteString.copyFrom(new byte[] {1, 2, 3}))
+ .build())
+ .build())
+ .build();
+ ConfigOrError configOrError =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+ assertThat(configOrError.errorDetail).isNull();
+ ExternalProcessorFilterConfig filterConfig = configOrError.config;
+
+ // External Processor Server
+ final AtomicReference capturedHeaders = new AtomicReference<>();
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ @SuppressWarnings("unchecked")
+ public StreamObserver process(
+ StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ responseObserver.onCompleted();
+ }
+ };
+ }
+ };
+
+ ServerServiceDefinition interceptedExtProc = ServerInterceptors.intercept(
+ extProcImpl,
+ new ServerInterceptor() {
+ @Override
+ public ServerCall.Listener interceptCall(
+ ServerCall call, Metadata headers, ServerCallHandler next) {
+ capturedHeaders.set(headers);
+ return next.startCall(call, headers);
+ }
+ });
+
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(interceptedExtProc)
+ .directExecutor()
+ .build().start());
+
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName).directExecutor().build());
+ });
+
+ ExternalProcessorInterceptor interceptor = new ExternalProcessorInterceptor(
+ filterConfig, channelManager, scheduler);
+
+ MutableHandlerRegistry uniqueRegistry = new MutableHandlerRegistry();
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueDataPlaneServerName)
+ .fallbackHandlerRegistry(uniqueRegistry)
+ .directExecutor()
+ .build().start());
+
+ ManagedChannel dataPlaneChannel =
+ grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+
+ CallOptions callOptions = CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor());
+ ClientCall proxyCall =
+ interceptor.interceptCall(METHOD_SAY_HELLO, callOptions, dataPlaneChannel);
+ proxyCall.start(new ClientCall.Listener() {}, new Metadata());
+
+ assertThat(capturedHeaders.get()).isNotNull();
+ assertThat(
+ capturedHeaders
+ .get()
+ .get(Metadata.Key.of("x-init-key", Metadata.ASCII_STRING_MARSHALLER)))
+ .isEqualTo("init-val");
+ assertThat(
+ capturedHeaders
+ .get()
+ .get(Metadata.Key.of("x-bin-key-bin", Metadata.BINARY_BYTE_MARSHALLER)))
+ .isEqualTo(new byte[] {1, 2, 3});
+
+ proxyCall.cancel("Cleanup", null);
+ channelManager.close();
+ }
+
+ // --- Category 4: Request Header Processing ---
+
+ @Test
+ public void givenProcessingMode_whenRequestHeadersSent_thenProtocolConfigIsPopulated()
+ throws Exception {
+ String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+
+ final CountDownLatch sidecarLatch = new CountDownLatch(2);
+ final List capturedRequests =
+ Collections.synchronizedList(new ArrayList<>());
+
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ public StreamObserver process(
+ final StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ capturedRequests.add(request);
+ if (request.hasRequestHeaders()) {
+ responseObserver.onNext(ProcessingResponse.newBuilder()
+ .setRequestHeaders(HeadersResponse.newBuilder().build())
+ .build());
+ }
+ sidecarLatch.countDown();
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ responseObserver.onCompleted();
+ }
+ };
+ }
+ };
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(extProcImpl).directExecutor().build().start());
+
+ ExternalProcessor proto = createBaseProto(uniqueExtProcServerName)
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestBodyMode(ProcessingMode.BodySendMode.GRPC)
+ .setResponseBodyMode(ProcessingMode.BodySendMode.GRPC)
+ .build())
+ .build();
+ ExternalProcessorFilterConfig filterConfig =
+ provider.parseFilterConfig(Any.pack(proto), filterContext).config;
+
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName).directExecutor().build());
+ });
+ ExternalProcessorInterceptor interceptor =
+ new ExternalProcessorInterceptor(filterConfig, channelManager, scheduler);
+
+ dataPlaneServiceRegistry.addService(ServerServiceDefinition.builder("test.TestService")
+ .addMethod(METHOD_SAY_HELLO, ServerCalls.asyncUnaryCall((request, responseObserver) -> {
+ responseObserver.onNext("Hello");
+ responseObserver.onCompleted();
+ })).build());
+ ManagedChannel dataPlaneChannel =
+ grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+
+ ClientCall proxyCall =
+ interceptor.interceptCall(
+ METHOD_SAY_HELLO,
+ CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor()),
+ dataPlaneChannel);
+ proxyCall.start(new ClientCall.Listener() {}, new Metadata());
+
+ proxyCall.request(1);
+ proxyCall.sendMessage("test");
+
+ assertThat(sidecarLatch.await(5, TimeUnit.SECONDS)).isTrue();
+
+ assertThat(capturedRequests).hasSize(3);
+
+ // First request (RequestHeaders) should have protocol_config
+ ProcessingRequest firstReq = capturedRequests.get(0);
+ assertThat(firstReq.hasRequestHeaders()).isTrue();
+ assertThat(firstReq.hasProtocolConfig()).isTrue();
+ assertThat(firstReq.getProtocolConfig().getRequestBodyMode())
+ .isEqualTo(ProcessingMode.BodySendMode.GRPC);
+ assertThat(firstReq.getProtocolConfig().getResponseBodyMode())
+ .isEqualTo(ProcessingMode.BodySendMode.GRPC);
+
+ // Second request (ResponseHeaders) should NOT have protocol_config
+ ProcessingRequest secondReq = capturedRequests.get(1);
+ assertThat(secondReq.hasResponseHeaders()).isTrue();
+ assertThat(secondReq.hasProtocolConfig()).isFalse();
+
+ // Third request (RequestBody) should NOT have protocol_config
+ ProcessingRequest thirdReq = capturedRequests.get(2);
+ assertThat(thirdReq.hasRequestBody()).isTrue();
+ assertThat(thirdReq.hasProtocolConfig()).isFalse();
+
+ proxyCall.cancel("Cleanup", null);
+ channelManager.close();
+ }
+
+ @Test
+ @SuppressWarnings("FutureReturnValueIgnored")
+ public void givenPendingData_whenImmediateResponseReceived_thenDeliversDataBeforeStatus()
+ throws Exception {
+ final String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ final String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+ final List appEvents = Collections.synchronizedList(new ArrayList<>());
+ final CountDownLatch finishLatch = new CountDownLatch(1);
+ final CountDownLatch extProcCompletedLatch = new CountDownLatch(1);
+ final ExecutorService sidecarResponseExecutor = Executors.newSingleThreadExecutor();
+ final Metadata.Key immediateKey =
+ Metadata.Key.of("x-immediate-header", Metadata.ASCII_STRING_MARSHALLER);
+ final AtomicReference appTrailers = new AtomicReference<>();
+
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ public StreamObserver process(
+ final StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ sidecarResponseExecutor.submit(() -> {
+ synchronized (responseObserver) {
+ if (request.hasRequestHeaders()) {
+ responseObserver.onNext(ProcessingResponse.newBuilder()
+ .setRequestHeaders(HeadersResponse.newBuilder()
+ .setResponse(CommonResponse.newBuilder().build())
+ .build())
+ .build());
+ } else if (request.hasResponseHeaders()) {
+ try {
+ Thread.sleep(500);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ responseObserver.onNext(ProcessingResponse.newBuilder()
+ .setImmediateResponse(ImmediateResponse.newBuilder()
+ .setGrpcStatus(
+ io.envoyproxy.envoy.service.ext_proc.v3.GrpcStatus.newBuilder()
+ .setStatus(Status.UNAUTHENTICATED.getCode().value())
+ .build())
+ .setDetails("Immediate Auth Failure")
+ .setHeaders(
+ io.envoyproxy.envoy.service.ext_proc.v3.HeaderMutation.newBuilder()
+ .addSetHeaders(
+ io.envoyproxy.envoy.config.core.v3.HeaderValueOption
+ .newBuilder()
+ .setHeader(
+ io.envoyproxy.envoy.config.core.v3.HeaderValue
+ .newBuilder()
+ .setKey("x-immediate-header")
+ .setValue("true")
+ .build())
+ .build())
+ .build())
+ .build())
+ .build());
+ responseObserver.onCompleted();
+ }
+ }
+ });
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ extProcCompletedLatch.countDown();
+ }
+ };
+ }
+ };
+
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(extProcImpl).directExecutor().build().start());
+
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName).directExecutor().build());
+ });
+
+ ExternalProcessorFilter filter = new ExternalProcessorFilter("test-filter", channelManager);
+ ExternalProcessor proto = createBaseProto(extProcServerName)
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestBodyMode(ProcessingMode.BodySendMode.NONE)
+ .setResponseHeaderMode(ProcessingMode.HeaderSendMode.SEND)
+ .build())
+ .build();
+ ConfigOrError configOrError =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+ ExternalProcessorFilterConfig filterConfig = configOrError.config;
+
+ ClientInterceptor interceptor = filter.buildClientInterceptor(filterConfig, null, scheduler);
+
+ MutableHandlerRegistry dataPlaneRegistry = new MutableHandlerRegistry();
+ dataPlaneRegistry.addService(ServerServiceDefinition.builder("test.TestService")
+ .addMethod(METHOD_SAY_HELLO, (call, headers) -> {
+ call.sendHeaders(new Metadata());
+ call.request(1);
+ return new ServerCall.Listener() {
+ @Override
+ public void onMessage(String message) {
+ call.sendMessage("server-response");
+ call.close(Status.OK, new Metadata());
+ }
+ };
+ })
+ .build());
+
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueDataPlaneServerName)
+ .fallbackHandlerRegistry(dataPlaneRegistry)
+ .executor(Executors.newSingleThreadExecutor())
+ .build().start());
+
+ ManagedChannel channel =
+ grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+ Channel interceptedChannel = io.grpc.ClientInterceptors.intercept(channel, interceptor);
+
+ ClientCall call =
+ interceptedChannel.newCall(
+ METHOD_SAY_HELLO,
+ CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor()));
+ call.start(new ClientCall.Listener() {
+ @Override
+ public void onHeaders(Metadata headers) {
+ appEvents.add("HEADERS");
+ }
+
+ @Override
+ public void onMessage(String message) {
+ appEvents.add("MESSAGE");
+ }
+
+ @Override
+ public void onClose(Status status, Metadata trailers) {
+ appEvents.add("CLOSE:" + status.getCode());
+ appTrailers.set(trailers);
+ finishLatch.countDown();
+ }
+ }, new Metadata());
+
+ call.request(1);
+ call.sendMessage("request-body");
+ call.halfClose();
+
+ assertThat(finishLatch.await(5, TimeUnit.SECONDS)).isTrue();
+ assertThat(appEvents).containsExactly("HEADERS", "MESSAGE", "CLOSE:UNAUTHENTICATED");
+ assertThat(appTrailers.get().get(immediateKey)).isEqualTo("true");
+ assertThat(extProcCompletedLatch.await(5, TimeUnit.SECONDS)).isTrue();
+
+ sidecarResponseExecutor.shutdown();
+ channelManager.close();
+ }
+
+ @Test
+ @SuppressWarnings("unchecked")
+ public void givenRequestHeaderModeSend_whenStartCalled_thenCallIsBuffered()
+ throws Exception {
+ String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+ ExternalProcessor proto = ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///" + uniqueExtProcServerName)
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build())
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestHeaderMode(ProcessingMode.HeaderSendMode.SEND).build())
+ .build();
+ ConfigOrError configOrError =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+ assertThat(configOrError.errorDetail).isNull();
+ ExternalProcessorFilterConfig filterConfig = configOrError.config;
+
+ final CountDownLatch requestSentLatch = new CountDownLatch(1);
+ final AtomicReference capturedRequest = new AtomicReference<>();
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ @SuppressWarnings("unchecked")
+ public StreamObserver process(
+ StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ capturedRequest.set(request);
+ requestSentLatch.countDown();
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ responseObserver.onCompleted();
+ }
+ };
+ }
+ };
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(extProcImpl)
+ .directExecutor()
+ .build().start());
+
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName).directExecutor().build());
+ });
+
+ ExternalProcessorInterceptor interceptor = new ExternalProcessorInterceptor(
+ filterConfig, channelManager, scheduler);
+
+ final AtomicBoolean dataPlaneStarted = new AtomicBoolean(false);
+ MutableHandlerRegistry uniqueRegistry = new MutableHandlerRegistry();
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueDataPlaneServerName)
+ .fallbackHandlerRegistry(uniqueRegistry)
+ .directExecutor()
+ .build().start());
+ uniqueRegistry.addService(ServerServiceDefinition.builder("test.TestService")
+ .addMethod(METHOD_SAY_HELLO, ServerCalls.asyncUnaryCall(
+ (request, responseObserver) -> {
+ dataPlaneStarted.set(true);
+ responseObserver.onNext("Hello " + request);
+ responseObserver.onCompleted();
+ }))
+ .build());
+
+ ManagedChannel dataPlaneChannel =
+ grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+
+ CallOptions callOptions = CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor());
+ ClientCall proxyCall =
+ interceptor.interceptCall(METHOD_SAY_HELLO, callOptions, dataPlaneChannel);
+ proxyCall.start(new ClientCall.Listener() {}, new Metadata());
+
+ assertThat(requestSentLatch.await(5, TimeUnit.SECONDS)).isTrue();
+ assertThat(capturedRequest.get().hasRequestHeaders()).isTrue();
+
+ // Verify main call NOT yet started
+ assertThat(dataPlaneStarted.get()).isFalse();
+
+ proxyCall.cancel("Cleanup", null);
+ channelManager.close();
+ }
+
+ @Test
+ @SuppressWarnings("unchecked")
+ public void givenRequestHeaderModeSend_whenExtProcRespondsWithMutations_thenCallIsActivated()
+ throws Exception {
+ String uniqueExtProcServerName = InProcessServerBuilder.generateName();
+ String uniqueDataPlaneServerName = InProcessServerBuilder.generateName();
+ ExternalProcessor proto = ExternalProcessor.newBuilder()
+ .setGrpcService(GrpcService.newBuilder()
+ .setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
+ .setTargetUri("in-process:///" + uniqueExtProcServerName)
+ .addChannelCredentialsPlugin(Any.newBuilder()
+ .setTypeUrl("type.googleapis.com/envoy.extensions.grpc_service."
+ + "channel_credentials.insecure.v3.InsecureCredentials")
+ .build())
+ .build())
+ .build())
+ .setProcessingMode(ProcessingMode.newBuilder()
+ .setRequestHeaderMode(ProcessingMode.HeaderSendMode.SEND).build())
+ .build();
+ ConfigOrError configOrError =
+ provider.parseFilterConfig(Any.pack(proto), filterContext);
+ assertThat(configOrError.errorDetail).isNull();
+ ExternalProcessorFilterConfig filterConfig = configOrError.config;
+
+ // External Processor Server
+ ExternalProcessorGrpc.ExternalProcessorImplBase extProcImpl;
+ extProcImpl = new ExternalProcessorGrpc.ExternalProcessorImplBase() {
+ @Override
+ @SuppressWarnings("unchecked")
+ public StreamObserver process(
+ final StreamObserver responseObserver) {
+ ((ServerCallStreamObserver) responseObserver).request(100);
+ return new StreamObserver() {
+ @Override
+ public void onNext(ProcessingRequest request) {
+ new Thread(() -> {
+ if (request.hasRequestHeaders()) {
+ responseObserver.onNext(ProcessingResponse.newBuilder()
+ .setRequestHeaders(HeadersResponse.newBuilder()
+ .setResponse(CommonResponse.newBuilder()
+ .setHeaderMutation(HeaderMutation.newBuilder()
+ .addSetHeaders(
+ io.envoyproxy.envoy.config.core.v3.HeaderValueOption
+ .newBuilder()
+ .setHeader(
+ io.envoyproxy.envoy.config.core.v3.HeaderValue
+ .newBuilder()
+ .setKey("x-mutated")
+ .setValue("true")
+ .build())
+ .build())
+ .build())
+ .build())
+ .build())
+ .build());
+ }
+ }).start();
+ }
+
+ @Override
+ public void onError(Throwable t) {
+ }
+
+ @Override
+ public void onCompleted() {
+ new Thread(() -> responseObserver.onCompleted()).start();
+ }
+ };
+ }
+ };
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueExtProcServerName)
+ .addService(extProcImpl)
+ .directExecutor()
+ .build().start());
+
+ CachedChannelManager channelManager = new CachedChannelManager(config -> {
+ return grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueExtProcServerName).directExecutor().build());
+ });
+
+ ExternalProcessorInterceptor interceptor = new ExternalProcessorInterceptor(
+ filterConfig, channelManager, scheduler);
+
+ final AtomicReference capturedHeaders = new AtomicReference<>();
+ final CountDownLatch dataPlaneLatch = new CountDownLatch(1);
+ MutableHandlerRegistry uniqueRegistry = new MutableHandlerRegistry();
+ grpcCleanup.register(InProcessServerBuilder.forName(uniqueDataPlaneServerName)
+ .fallbackHandlerRegistry(uniqueRegistry)
+ .directExecutor()
+ .build().start());
+ uniqueRegistry.addService(ServerInterceptors.intercept(
+ ServerServiceDefinition.builder("test.TestService")
+ .addMethod(METHOD_SAY_HELLO, ServerCalls.asyncUnaryCall(
+ (request, responseObserver) -> {
+ responseObserver.onNext("Hello " + request);
+ responseObserver.onCompleted();
+ dataPlaneLatch.countDown();
+ }))
+ .build(),
+ new ServerInterceptor() {
+ @Override
+ public ServerCall.Listener interceptCall(
+ ServerCall call, Metadata headers, ServerCallHandler next) {
+ capturedHeaders.set(headers);
+ return next.startCall(call, headers);
+ }
+ }));
+
+ ManagedChannel dataPlaneChannel = grpcCleanup.register(
+ InProcessChannelBuilder.forName(uniqueDataPlaneServerName).directExecutor().build());
+
+ CallOptions callOptions = CallOptions.DEFAULT.withExecutor(MoreExecutors.directExecutor());
+ ClientCall