search

envoyproxy / envoy

Cloud-native high-performance edge/middle/service proxy
https://www.envoyproxy.io
Apache License 2.0
25.1k stars 4.82k forks source link

Implement a Token Introspection (RFC 7662) HTTP Filter #36931

Open supercairos opened 3 weeks ago

supercairos commented 3 weeks ago

Token Introspection (RFC 7662): Implement an HTTP Filter to verify external token

Description:

Allow external OAuth2/OIDC token to be valided via the Token Introspection api in order for envoy to act as a Identity Aware Proxy (IAP)

Relevant Links:

https://datatracker.ietf.org/doc/html/rfc7662 https://www.oauth.com/oauth2-servers/token-introspection-endpoint/

nezdolik commented 3 weeks ago

Please get familiar with our extension policy: https://github.com/envoyproxy/envoy/blob/main/EXTENSION_POLICY.md

nezdolik commented 3 weeks ago

cc @tyxia @mattklein123 @TAOXUY (as oauth, jwt extension owners who may be interested in this proposal)