Skip to content

CFP: Support JWT Verification for HTTPRoute of Gateway-APIΒ #35824

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
CFP: Support JWT Verification for HTTPRoute of Gateway-API#35824
Labels
kind/cfpkind/featureThis introduces new functionality.
@chaunceyjiang

Description

@chaunceyjiang
chaunceyjiang
opened on Nov 7, 2024

Cilium Feature Proposal

Thanks for taking time to make a feature proposal for Cilium! If you have usage questions, please try the slack channel and see the FAQ first.

Is your proposed feature related to a problem?

Currently, we are using gateway-api to provide external services, but now Cilium seems not to support JWT verification. Similar to other gateway-api providers, they all provide such functionality.

istio:

https://istio.io/latest/docs/tasks/security/authentication/authn-policy/#end-user-authentication

envoy gateway:

https://gateway.envoyproxy.io/docs/tasks/security/jwt-authentication/
https://github.com/envoyproxy/gateway/blob/main/examples/kubernetes/jwt/jwt.yaml

contour:

https://projectcontour.io/docs/1.23/config/jwt-verification/

Describe the feature you'd like

Hope that Cilium can also provide similar functionality.

(Optional) Describe your proposed solution

It can be implemented through the jwt_authn HTTP filter.

Metadata

Assignees

No one assigned

    Labels

    kind/cfpkind/featureThis introduces new functionality.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions