英文:
How can I implement custom user authentication provider/service and forward response to backend using gRPC in API Gateway on Google Cloud?
问题
抱歉,我只会为您提供中文翻译,以下是您提供的内容的翻译:
我正在阅读有关API GATEWAY的文档,但我找不到解决问题的方法:
我正在努力实现的目标是,我在Cloud Run上有多个服务,其中一个服务是身份验证服务,我希望所有访问API GATEWAY的客户端请求都被重定向到这个自定义身份验证服务,我将在那里访问令牌和会话ID,并根据需要使用它们验证从会话数据中获取用户数据,并将这些数据转发到调用它的适当服务。
我在API调用中使用gRPC,因此我想知道如何使用GCP API Gateway来实现这一目标。
谢谢!
我在文档中找不到任何可以解释如何实现这一目标的信息。
英文:
I was reading the docs on API GATEWAY, but I couldn't find the solution for the problem:
What I am struggling to achieve is, I have multiple services on cloud run, and one service is the authentication, I want all the requests from clients that hit API GATEWAY to be redirected to this custom authentication service where I will access a token and session Id and use them accordingly to validate get user data from session data and froward these data to appropriate service it was calling.
I use gRPC in my API calls, so I would like to know how I can achieve this using GCP API Gateway.
Thanks!
I couldn't find anything in the docs that would explain me how I could achieve this.
答案1
得分: 0
Posting DazWilkin's answer in the comments as a community wiki for everyone's visibility.
gRPC doesn't give a redirect mechanism. Your gRPC client should
-
Invoke an authentication request method on your auth service and receive an auth response;
-
Invoke the other gRPC service passing the credentials;
-
Each gRPC service will authenticate the incoming credentials, pass through if valid and reject if invalid/expired.
-
gRPC clients will need to deal with invalid and expired credentials.
You can check the official documentation of gRPC for more information.
英文:
Posting DazWilkin's answer in the comments as a community wiki for everyone's visibility. <br><br>gRPC doesn't give a redirect mechanism. Your gRCP client should<br><br>1. Invoke an authentication request method on your auth service and receive an auth response; <br>2. Invoke the other gRPC service passing the credentials; <br>3. Each gRCP service will authenticate the incoming credentials, pass through if valid and reject if invalid/expired. <br>4. gRCP clients will need to deal with invalid and expired credentials.<br><br>You can check the official documentation of gRPC for more information.<br><br>
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论