How to use Custom Response Filter or Local Reply Modification Config to modify response based on upstream service response body or using command operator such as %RESPONSE_CODE_DETAILS% in Envoy?

[darshak-patel]

I want to modify the response return by envoy either based on upstream service response body or using command operator such as %RESPONSE_CODE_DETAILS% in envoy, but I am not able to find appropriate example for it.

In case of expired jwt, envoy returns "jwt is expired" response body from codec api, but I don't want to return the body as it is and want to modify before sending it to client. Example, 401 is very generic error code and expired token and invalid token both can have separate error message for better understanding.

[RyanTheOptimist]

CC: @yanavlasov @zuercher

[zuercher]

Presuming that this is a local reply generated by Envoy's jwt_authn filter, some kinds of modifications can be made with local_reply_config. If that's not sufficient, you're left with using some other filter to inspect and modify the response. Possibilities include the lua filter, writing a custom WASM filter, or writing a custom C++ filter.

[darshak-patel]

Let's say if response is generated by jwt_auth filter of envoy then it will always set status code as 401 and response body will be based on the fault name such as "Jwt is expired" or "signature is invalid" something like that. My question here is how local_reply_config can understand if the error is "jwt is expired" then go and pick this error format and if error is "invalid signature" go and pick this error message.I know one way is to write lua filter that can extract the body and check if body is this then add this header so local_reply_config filter can do check based on header and status code, but I don't want to go this way because it can add some latency. Is there any other way possible?

[darshak-patel]

Anyone can help on this please?

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

[github-actions]

This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.